You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Test-runner has a dep vulnerability related to trim 0.0.1
Force to use trim 0.0.3 breaks the storybook build on my side.
trim <0.0.3
Severity: high
Regular Expression Denial of Service in trim - https://github.com/advisories/GHSA-w5p7-h5w8-2hfq
fix available via `npm audit fix --force`
Will install @storybook/[email protected], which is a breaking change
node_modules/trim
remark-parse <=8.0.3
Depends on vulnerable versions of trim
node_modules/remark-parse
@mdx-js/mdx <=1.6.22
Depends on vulnerable versions of remark-mdx
Depends on vulnerable versions of remark-parse
node_modules/@mdx-js/mdx
@storybook/mdx1-csf *
Depends on vulnerable versions of @mdx-js/mdx
node_modules/@storybook/mdx1-csf
@storybook/csf-tools 6.5.0-alpha.1 - 6.5.17-alpha.0
Depends on vulnerable versions of @storybook/mdx1-csf
node_modules/@storybook/csf-tools
@storybook/test-runner >=0.0.9--canary.107.1b41303.0
Depends on vulnerable versions of @storybook/csf-tools
node_modules/@storybook/test-runner
Hey there! Thanks for opening an issue, but I believe it doesn't have anything to do with the test-runner. It has to do with your @storybook/mdx1-csf dependency. I believe you won't have this issue if you migrate to Storybook 7 which we focused on fixing every security issue, given that lots of them related to mdx1.
Describe the bug
Test-runner has a dep vulnerability related to trim 0.0.1
Force to use trim 0.0.3 breaks the storybook build on my side.
Environment
Additional context
I'm using
The text was updated successfully, but these errors were encountered: