@storybook/addon-actions provides a developer-friendly way to visualize and inspect interactions within Storybook components. It essentially gives real-time feedback when users trigger actions on interactive elements, making debugging and UI testing much easier. Comparing versions 6.1.20 and 6.1.21, the notable distinctions lie primarily in the internal dependencies and the associated release dates.
While the core functionality remains consistent, the update from 6.1.20 to 6.1.21 includes necessary updates to align with other Storybook packages within the ecosystem. Specifically, dependencies like @storybook/api, @storybook/addons, @storybook/theming, @storybook/client-api, @storybook/components, and @storybook/core-events were bumped to version 6.1.21 from 6.1.20. This ensures compatibility and stability within the Storybook environment. Both versions share the same peer dependencies for React and React DOM, supporting versions 16.8.0 and 17.0.0, and rely on the same development dependencies for typing. The file count and unpacked size in the distributed package also remained the same between versions, indicating minimal changes in assets. Developers upgrading should ensure their other Storybook packages are also updated to maintain optimal performance and avoid potential conflicts. While this is a minor version update it is important to keep dependencies updated to enjoy the most recent features and fixes.
All the vulnerabilities related to the version 6.1.21 of the package
Cross site scripting in markdown-to-jsx
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
