[Snyk] Fix for 1 vulnerabilities

[baby636]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	698/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @storybook/addon-docs

The new version differs by 250 commits.

• 05070ca v6.5.0
• 88c6a62 Update root, peer deps, version.ts/json to 6.5.0 [ci skip]
• ca93284 6.5.0 changelog
• ff28cd9 6.5.0-rc.1 next.json version file
• 9e1f519 Update git head to 6.5.0-rc.1, update yarn.lock
• 3f09d4e v6.5.0-rc.1
• 82b7ac1 Update root, peer deps, version.ts/json to 6.5.0-rc.1 [ci skip]
• 4b50e28 6.5.0-rc.1 changelog
• 0a6e347 Merge pull request #18220 from storybookjs/improve/detection-webpack5
• 95a5c80 move nextjs detection up
• 152e441 Merge pull request #18248 from storybookjs/18177-fix-conditional-args-fail-gracefully
• 2948cae ArgsTable: Gracefully handle conditional args failures
• f837e31 Merge pull request #18246 from storybookjs/chore_docs_adds_mdx2_steps
• 73cf6ba adds MDX 2 docs and gotchas
• 64b07fe Merge pull request #18244 from storybookjs/chore_docs_cleanup_broken_links
• fef1a32 Fixes broken links
• 82ce9de Merge pull request #18231 from Tomastomaslol/issue-18143-reset-button-broken-for-URL-values
• ebf9341 Merge pull request #18038 from bisubus/fix-vue3-tsx
• 9583cea remove repeated test
• 1b396fd 6.5.0-rc.0 next.json version file
• 6cc69b5 Update git head to 6.5.0-rc.0, update yarn.lock
• c27fd9e v6.5.0-rc.0
• b56b1ce re add reset of args that was not set initially. Extend tests for onResetArgs
• 19ba77b Update root, peer deps, version.ts/json to 6.5.0-rc.0 [ci skip]

See the full diff

Package name: @storybook/addon-essentials

The new version differs by 250 commits.

• 05070ca v6.5.0
• 88c6a62 Update root, peer deps, version.ts/json to 6.5.0 [ci skip]
• ca93284 6.5.0 changelog
• ff28cd9 6.5.0-rc.1 next.json version file
• 9e1f519 Update git head to 6.5.0-rc.1, update yarn.lock
• 3f09d4e v6.5.0-rc.1
• 82b7ac1 Update root, peer deps, version.ts/json to 6.5.0-rc.1 [ci skip]
• 4b50e28 6.5.0-rc.1 changelog
• 0a6e347 Merge pull request #18220 from storybookjs/improve/detection-webpack5
• 95a5c80 move nextjs detection up
• 152e441 Merge pull request #18248 from storybookjs/18177-fix-conditional-args-fail-gracefully
• 2948cae ArgsTable: Gracefully handle conditional args failures
• f837e31 Merge pull request #18246 from storybookjs/chore_docs_adds_mdx2_steps
• 73cf6ba adds MDX 2 docs and gotchas
• 64b07fe Merge pull request #18244 from storybookjs/chore_docs_cleanup_broken_links
• fef1a32 Fixes broken links
• 82ce9de Merge pull request #18231 from Tomastomaslol/issue-18143-reset-button-broken-for-URL-values
• ebf9341 Merge pull request #18038 from bisubus/fix-vue3-tsx
• 9583cea remove repeated test
• 1b396fd 6.5.0-rc.0 next.json version file
• 6cc69b5 Update git head to 6.5.0-rc.0, update yarn.lock
• c27fd9e v6.5.0-rc.0
• b56b1ce re add reset of args that was not set initially. Extend tests for onResetArgs
• 19ba77b Update root, peer deps, version.ts/json to 6.5.0-rc.0 [ci skip]

See the full diff

Package name: @storybook/react

The new version differs by 250 commits.

• 4f2afa6 v7.0.0
• 03292b0 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• b2dc5cf Revert "Update root, peer deps, version.ts/json to 7.0.0 [ci skip]"
• 7f391a3 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• f0b53cb 7.0.0 changelog
• 930917d Merge pull request #21856 from storybookjs/docs/interactions-addon-migration
• f1c13da 7.0.0-rc.11 next.json version file [skip ci]
• 512a2ae Update git head to 7.0.0-rc.11, update yarn.lock [ci skip]
• 908c324 v7.0.0-rc.11
• 5edc7c0 Update root, peer deps, version.ts/json to 7.0.0-rc.11 [ci skip]
• 324d9bb 7.0.0-rc.11 changelog
• 37d9737 interactions debugger is now default
• 9682f7c Merge pull request #21833 from storybookjs/kasper/fix-strict-args-decorator-with-interface
• a08ffc7 Put @ storybook/csf version back into next
• 2cc1d36 Merge pull request #21850 from storybookjs/fix/tone-down-dependency-alerts
• 941103b Merge pull request #21851 from storybookjs/valentin/export-application-config-decorator
• 31700c0 Export applicationConfig decorator and adjust documentation for usage
• 3d9544f Merge pull request #21846 from storybookjs/chore_docs_webpack_tweaks
• 79b590b Tweaks to the Webpack docs
• d193be5 Merge pull request #21836 from storybookjs/fix/downgrade-remark-deps
• 79b1fde Merge pull request #21832 from storybookjs/fix/polyfill-global
• 590f053 downgrade remark related dependencies
• b421d95 only provide critical duplicated dependency warning on major version difference
• acace30 Merge pull request #21724 from jungpaeng/docs/fix-controls

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)