@vitus-labs/tools-storybook
Preconfigured [Storybook 10](https://storybook.js.org) setup for React projects with Vite, Next.js, or React Native.
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:vite | AI (phantom-deps): Storybook config package; vite referenced in config files, not direct imports. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Scoped internal tool with stable history; missing description is low-risk. | ai | |
| phantom-deps | phantom-dep:@storybook/nextjs | AI (phantom-deps): Storybook config dependency; referenced in config files, not direct imports. | ai | |
| dependencies | unvetted-dep:@chromatic-com/storybook | AI (dependencies): Official Chromatic Storybook addon; expected dep for a Storybook tooling wrapper. | ai | |
| dependencies | unvetted-dep:@storybook/addon-designs | AI (dependencies): Known Storybook addon; expected dep for a Storybook tooling wrapper. | ai | |
| dependencies | unvetted-dep:@vueless/storybook-dark-mode | AI (dependencies): Known Storybook dark-mode addon; expected dep for a Storybook tooling wrapper. | ai | |
| phantom-deps | phantom-dep:@storybook/addon-a11y | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storybook/addon-docs | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storybook/nextjs-vite | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| dependencies | unvetted-dep:@storybook/react-vite | AI (dependencies): Official Storybook package; expected dep for a Storybook tooling wrapper. | ai | |
| phantom-deps | phantom-dep:@storybook/addon-vitest | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storybook/react-native | AI (phantom-deps): Platform-specific binary package; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@chromatic-com/storybook | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storybook/addon-designs | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@vueless/storybook-dark-mode | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:storybook-addon-pseudo-states | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@storybook/addon-themes | AI (phantom-deps): Storybook addons are referenced in config files, not directly imported; stable false positive for this package. | ai | |
| dependencies | unvetted-dep:@storybook/nextjs-vite | AI (dependencies): Official Storybook package; expected dep for a Storybook tooling wrapper. | ai | |
| dependencies | unvetted-dep:@storybook/react-native | AI (dependencies): Official Storybook package; expected dep for a Storybook tooling wrapper. | ai |
Versions (showing 16 of 16)
| Version | Deps | Published |
|---|---|---|
| 2.4.0 | 17 / 2 | |
| 2.3.1 | 17 / 2 | |
| 2.3.0 | 17 / 2 | |
| 2.2.0 | 17 / 2 | |
| 2.1.0 | 17 / 2 | |
| 1.15.5 | 17 / 2 | |
| 1.15.4 | 17 / 2 | |
| 1.14.0 | 17 / 2 | |
| 1.13.0 | 17 / 2 | |
| 1.12.0 | 17 / 2 | |
| 1.11.0 | 17 / 2 | |
| 1.10.0 | 17 / 2 | |
| 1.9.0 | 16 / 5 | |
| 1.8.0 | 16 / 5 | |
| 1.7.0 | 15 / 5 | |
| 1.6.0 | 15 / 5 |
v2.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.15.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.