@storybook/addon-actions provides developers with immediate UI feedback within Storybook when users interact with components. This is crucial for visually confirming that interactive elements such as buttons and links are functioning as expected, making it a valuable tool for testing and debugging UI interactions during development.
Comparing version 6.1.20 with the previous stable version 6.1.19, the core functionality remains consistent, focusing on capturing and displaying action events triggered by user interactions within stories. The primary distinction lies in the updated dependency versions for internal Storybook packages. Specifically, @storybook/api, @storybook/addons, @storybook/theming, @storybook/client-api, @storybook/components, and @storybook/core-events are all bumped from version 6.1.19 to 6.1.20. This suggests that the newer version incorporates improvements and bug fixes within Storybook's core architecture, potentially leading to enhanced performance, stability, or compatibility with other Storybook addons and features. The underlying dependencies like uuid, lodash, core-js etc are maintained. Developers upgrading to 6.1.20 can expect a smoother experience and potentially benefit from the latest enhancements within the Storybook ecosystem, without significant changes to existing action handling implementation. The peer dependencies on React and React DOM also remain the same so it is an easy update.
All the vulnerabilities related to the version 6.1.20 of the package
Cross site scripting in markdown-to-jsx
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
