
Security News
Cline CLI npm Package Compromised via Suspected Cache Poisoning Attack
A compromised npm publish token was used to push a malicious postinstall script in cline@2.3.0, affecting the popular AI coding agent CLI with 90k weekly downloads.
@storybook/docs-tools
Advanced tools
React Docgen automatically parses React component files to extract prop types and descriptions. It's similar to @storybook/docs-tools in that it helps generate documentation for components, but it does not integrate directly with Storybook or support MDX.
Docusaurus is a static site generator that can be used for creating project documentation. Unlike @storybook/docs-tools, which is specifically tailored for Storybook and UI components, Docusaurus provides a more general approach to documentation across different frameworks and libraries.
FAQs
Shared utility functions for frameworks to implement docs
The npm package @storybook/docs-tools receives a total of 1,369,874 weekly downloads. As such, @storybook/docs-tools popularity was classified as popular.
We found that @storybook/docs-tools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
A compromised npm publish token was used to push a malicious postinstall script in cline@2.3.0, affecting the popular AI coding agent CLI with 90k weekly downloads.

Product
Socket is now scanning AI agent skills across multiple languages and ecosystems, detecting malicious behavior before developers install, starting with skills.sh's 60,000+ skills.

Product
Socket now supports PHP with full Composer and Packagist integration, enabling developers to search packages, generate SBOMs, and protect their PHP dependencies from supply chain threats.