@storybook/addon-actions provides UI feedback when users interact with your Storybook components, making it easier to verify that events are being triggered correctly. Comparing versions 6.1.14 and 6.1.12, the core functionality remains consistent: developers can still use the addon to display action triggers within the Storybook UI, enhancing component testing and documentation. Both versions share the same dependencies for crucial packages like uuid, lodash, core-js, polished, ts-dedent, prop-types,fast-deep-equal, react-inspector, and regenerator-runtime, ensuring stability and compatibility across projects. They also rely on core Storybook packages like @storybook/api, @storybook/addons, @storybook/theming, @storybook/client-api, @storybook/components, and @storybook/core-events, maintaining integration within the Storybook ecosystem. Notably, the devDependencies and peerDependencies are identical, indicating no breaking changes or updates to required development tools or React versions. The most significant difference lies in the internal Storybook package versions; version 6.1.14 utilizes updated versions of these internal packages (e.g. @storybook/api, @storybook/addons, @storybook/theming, @storybook/client-api, @storybook/components, @storybook/core-events). Developers upgrading from 6.1.12 to 6.1.14 can expect incremental improvements and bug fixes within the Storybook environment, fostering a smoother development experience. The underlying API for using the addon remains the same, so the integration is expected to be smooth.
All the vulnerabilities related to the version 6.1.14 of the package
Cross site scripting in markdown-to-jsx
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
