We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug
Could we upgrade react-syntax-highlighter to its latest version 15.4.5? It is causing security issues in our repository with prismjs CVE-2021-3801
We need prismjs major to 1.25.0
The text was updated successfully, but these errors were encountered:
I also need the prismjs upgrade, so I have been investigating.
These PRs are necessary but not sufficient:
In addition, 5.3 @storybook#addon-storysource needs to upgrade the version of react-syntax-highlighter. I have added that to 17116.
Also, the @storybook/design-system used in both the next branch and 5.3 branch needs an upgrade.
Sorry, something went wrong.
yarn upgrade react-syntax-highlighter@^15.4.2 in addons/storysource/ …
6b30034
…in order to bump prismjs. Fixes storybookjs#16848
Crikey!! I just released https://github.com/storybookjs/storybook/releases/tag/v6.5.0-alpha.11 containing PR #17127 that references this issue. Upgrade today to the @next NPM tag to try it out!
@next
npx sb upgrade --prerelease
Closing this issue. Please re-open if you think there's still more to do.
ndelangen
No branches or pull requests
Describe the bug
Could we upgrade react-syntax-highlighter to its latest version 15.4.5?
It is causing security issues in our repository with prismjs CVE-2021-3801
We need prismjs major to 1.25.0
The text was updated successfully, but these errors were encountered: