Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@storybook/cli
Advanced tools
The @storybook/cli package, also known as Storybook CLI, is a command-line tool that helps developers to quickly set up and configure Storybook in their project. Storybook is an open-source tool for developing UI components in isolation for React, Vue, Angular, and many other frameworks. The CLI automates many of the initial setup and configuration processes, making it easier to integrate Storybook into a project.
Initialize Storybook
This command sets up Storybook in your project by detecting the project type (e.g., React, Vue, Angular) and installing the necessary dependencies and adding default configurations and examples.
npx -p @storybook/cli sb init
Add Storybook support for a specific type of project
This command explicitly sets up Storybook for a React project. You can replace 'react' with 'vue', 'angular', etc., depending on the project type you are working on.
npx -p @storybook/cli sb init --type react
Addons installation
This command helps in adding specific Storybook addons to enhance its functionality, such as '@storybook/addon-essentials' which includes a set of essential addons.
npx -p @storybook/cli sb add @storybook/addon-essentials
Similar to @storybook/cli, react-scripts is used in the setup and configuration of React applications created with Create React App. It abstracts complex configurations for Babel, Webpack, and other tools. However, it does not specifically focus on component development environments like Storybook.
Angular CLI is a command-line interface tool that is used to initialize, develop, scaffold, and maintain Angular applications directly. It provides a similar ease of setup for Angular projects as @storybook/cli does for setting up Storybook in Angular projects.
Vue CLI is a full system for rapid Vue.js development, similar to Angular CLI for Angular. It provides project scaffolding, development tools, and build optimizations. It is similar to @storybook/cli in that it helps in setting up a development environment but is focused on Vue.js applications rather than component libraries.
Storybook CLI (Command Line Interface) is the easiest way to add Storybook to your project.
Go to your project and run:
cd my-app
npx storybook@latest init
In addition to init
, the CLI also has other commands:
add
- add an addon and register itinfo
- print out system information for bug reportsupgrade
- upgrade to the latest version of Storybook (or a specific version)migrate
- run codemods to migrate your codeSee the command-line help with -h
(including other useful commands) for details.
This package has multiple sub-exports to can be used to gain access to storybook's APIs.
storybook/components
This export contains a list of components very useful for building out addons. We recommend addon-authors to use these components to ensure a consistent look and feel, and to reduce the amount of code they need to write.
storybook/theming
This export exposes a few utility functions to help writing components that automatically adapt to the current theme. Useful for addon authors who want to make their addons theme-aware.
storybook/preview-api
This export contains the API that is available in the preview iframe.
storybook/manager-api
This export contains the API that is available in the manager iframe.
storybook/types
This export exposes a lot of TypeScript interfaces used throughout storybook, including for storybook configuration, addons etc.
FAQs
Storybook CLI
The npm package @storybook/cli receives a total of 1,866,042 weekly downloads. As such, @storybook/cli popularity was classified as popular.
We found that @storybook/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.