Closed nad182 closed 1 month ago
github-actions[bot]
commented
2 months ago Published Pre-release for 02740c34146105977332ef53f29c4e6abd9ba637 with versions:
- @jobber/components@5.36.1-update-sto-02740c3.4+02740c34To install the new version(s) for Web run:
npm install @jobber/components@5.36.1-update-sto-02740c3.4+02740c34
cloudflare-workers-and-pages[bot]
commented
2 months ago 
Cloudflare Pages| Latest commit: |
c50aef5
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://a78fb2ae.atlantis.pages.dev |
| Branch Preview URL: | https://update-storybook-to-latest-p.atlantis.pages.dev |
nad182
commented
1 month ago To install the pre-release version in JO or JF, please run npm install @jobber/components@5.36.1-update-sto-02740c3.4 (or pnpm install).
Motivations
The Storybook package version in
package.jsonwas listed as fixed (7.6.7). This meant that we didn't allow any minor version updates, as well as patch version updates, which often include security vulnerabilities/patches. The latter is actually exactly the case, since version7.6.7hadws@6.2.2package listed as a dependency, which in turn has a known high risk vulnerability.In regards to above, here's the console output of
npm list wsAFTER updating StorybookChanges
Added
Changed
7.6.20(same minor version, but latest patch)^(carret) was added in front of the version to allow future minor and patch updatesDeprecated
Removed
Fixed
Security
Testing
As long as CI passes successfully, I think we should give Storybook a quick smoke test (i.e. check a couple of stories, docs, actions, controls, links etc) to verify that nothing broke (technically, everything should be intact, since it's just a patch version update).
Changes can be tested via Pre-release
In Atlantis we use Github's built in pull request reviews.