Closed nadia-reinertsen closed 3 months ago
@GuillaumeVix Please cancel this review, if you accept it as is it will break the build of storybook. This is not the proper way to upgrade Storybook to newest version 8.
I am working on the side to properly migrate it using
npx storybook@latest upgrade
and npx storybook@8.0.0 automigrate
I am currently QC-ing the migration.
We probably want to migrate the whole storybook stack to v 8, not one by one.
Actually there will be a merge conflict with Fabien's work which already updated to storybook v 8.
BTW, is there any chance that I could be granted reviewer rights ?
BTW, is there any chance that I could be granted reviewer rights ?
I will bring it up @t0oF-azpn
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - examples/storybook/package.json - examples/storybook/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **141/1000****Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 102, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @storybook/addon-essentials
The new version differs by 250 commits.Package name: storybook
The new version differs by 250 commits.