@storybook/addon-actions is a valuable tool for Storybook developers, enabling them to log and display actions performed within their stories, simplifying debugging and UI testing. Versions 6.1.6 and 6.1.7 offer similar core functionality, providing action logging and display capabilities. Examining the provided data, the noticeable distinction lies primarily in the internal dependencies rather than user-facing features. The update from version 6.1.6 to 6.1.7 involves synchronization across Storybook packages. All Storybook internal packages, such as @storybook/api, @storybook/addons, @storybook/theming, @storybook/client-api, @storybook/components, and @storybook/core-events were updated from version 6.1.6 to 6.1.7. This suggests a coordinated release aimed at ensuring compatibility and potentially incorporating bug fixes or minor improvements across the Storybook ecosystem. While the code size (unpackedSize) and file count (fileCount) remains the same between the versions, a critical change is the releaseDate. Version 6.1.7 was released a day after 6.1.6, which usually suggests a bug fix in the previous release that prompted a new release. For developers already using @storybook/addon-actions, upgrading to 6.1.7 is recommended to leverage the latest refinements and maintain consistency with other Storybook components. The peer dependencies, like React and React DOM, remain the same so no breaking change is expected from the upgrade.
All the vulnerabilities related to the version 6.1.7 of the package
Cross site scripting in markdown-to-jsx
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
