build(deps-dev): bump eslint-plugin-storybook from 0.9.0 to 10.3.5

[dependabot]

Bumps eslint-plugin-storybook from 0.9.0 to 10.3.5.

Changelog

Sourced from eslint-plugin-storybook's changelog.

10.3.5

• Core: Disable component manifest by default - #34408, thanks @​yannbf!

[!NOTE] Version >=0.5.0 of @storybook/addon-mcp enables component manifests again. If you're upgrading Storybook from version >= 10.3.0 to >= 10.3.5 and are using the MCP addon, you should also upgrade @storybook/addon-mcp to keep the docs toolset in the MCP server.

10.3.4

• Addon-a11y: Clear status transition timer on unmount to prevent test flake - #34203, thanks @​mixelburg!
• Bug: Skip re-processing already transformed config files for CSF factories - #34273, thanks @​huang-julien!
• Builder-Vite: Use djb2 hash to prevent variable name collisions in builder-vite - #34274, thanks @​chida09!
• CLI: Prompt for init crash reports - #34316, thanks @​JReinhold!
• CSF4: Fix duplicate preview loading issue in Vitest - #34361, thanks @​valentinpalkovic!
• Core: Fix WebSocket connection for StackBlitz/WebContainers - #34281, thanks @​ghengeveld!
• React-Docgen: Try .tsx fallback when resolving .js ESM imports in docgen resolvers - #34393, thanks @​mixelburg!
• React-Vite: Upgrade @​joshwooding/vite-plugin-react-docgen-typescript to 0.7.0 - #34335, thanks @​beeswhacks!

10.3.3

• Addon-Vitest: Streamline vite(st) config detection across init and postinstall - #34193, thanks @​valentinpalkovic!

10.3.2

• CLI: Shorten CTA link messages - #34236, thanks @​shilman!
• React Native Web: Fix vite8 support by bumping vite-plugin-rnw - #34231, thanks @​dannyhw!

10.3.1

• CLI: Use npm info to fetch versions in repro command - #34214, thanks @​yannbf!
• Core: Prevent story-local viewport from persisting in URL - #34153, thanks @​ghengeveld!

10.3.0

> Improved developer experience, AI-assisting tools, and broader ecosystem support

Storybook 10.3 contains hundreds of fixes and improvements including:

• 🤖 Storybook MCP: Agentic component dev, docs, and test (Preview release for React)
• ⚡ Vite 8 support
• ▲ Next.js 16.2 support
• 📝 ESLint 10 support
• 〰️ Addon Pseudo-States: Tailwind v4 support
• 🔧 Addon-Vitest: Simplified configuration - no more setup files required
• ♿ Numerous accessibility improvements across the UI

... (truncated)

Commits

• e486d38 Bump version from "10.3.4" to "10.3.5" [skip ci]
• 4eff9cd Bump version from "10.3.3" to "10.3.4" [skip ci]
• 7a820b1 Merge pull request #34245 from storybookjs/chore/root_oxfmt
• 4eb227b Build: Move prettier to oxfmt
• b0acfb4 Bump version from "10.3.2" to "10.3.3" [skip ci]
• 308656f Bump version from "10.3.1" to "10.3.2" [skip ci]
• 24c2c2c Bump version from "10.3.0" to "10.3.1" [skip ci]
• 06cb6a6 Bump version from "10.3.0-beta.3" to "10.3.0" [skip ci]
• df32a33 Merge branch 'next-release' into next
• 94b9430 Bump version from "10.3.0-beta.2" to "10.3.0-beta.3" [skip ci]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for eslint-plugin-storybook since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

What: The import statement for types from @storybook/react-webpack5 appears to be outdated. It might cause confusion as the rest of the file refers to the react-vite version.

Why: Using the correct imports is essential for clarity and to prevent potential type mismatches, which can lead to runtime errors or misconfigurations.

How: Update the import statement to match the current intended framework. Verify that all references are consistent with the target version @storybook/react-vite.

[github-actions]

What: Consider removing the outdated comment regarding the importing of the Storybook config from react-webpack5. It's irrelevant since you're now using react-vite.

Why: Maintaining clean code with relevant comments improves readability and prevents confusion for future developers.

How: Delete or update the comment to reflect the new framework and any necessary context that might be useful.

[github-actions]

What: Ensure proper error handling in the asynchronous viteFinal function. Currently, all errors are silently ignored which can lead to debugging challenges.

Why: Failing to handle errors appropriately can lead to hard-to-trace bugs during the configuration merging process.

How: Wrap the mergeConfig call in a try-catch block and log any errors appropriately.

[github-actions]

What: Prioritize the organization of alias paths to ensure clear and logical structure, especially when adding new paths in the future.

Why: A well-organized configuration improves maintainability and makes it easier for developers to understand and modify the project.

How: Consider structuring these alias entries in a commented section or grouping similar paths together, possibly using a mapping function.

[github-actions]

What: Imports should use consistent line endings. In this PR, it looks like line endings were changed to . This can create inconsistencies across environments and affect readability.

Why: Consistent line endings are critical in collaborative environments to prevent issues with version control systems and improve code readability across different platforms and editors.

How: It’s recommended to keep the line endings consistent with the existing style. If you are developing on a system that uses as the default, consider configuring your editor settings to maintain for this file, as it was originally.

[github-actions]

What: Consider removing or commenting on the disabling of color-contrast checks for accessibility.

Why: Disabling accessibility checks can lead to non-compliance with accessibility standards, making the application less usable for individuals with visual impairments or other disabilities. It's crucial to maintain accessibility as a priority in development.

How: If there are specific reasons for the requirement to disable this check (e.g., UI experimentation), it should be briefly documented in a comment, or you might want to explore if there are alternative methods to address your needs without compromising accessibility.

[github-actions]

What: There are duplicate code segments that lead to confusion about adjustment significance.

Why: Streamlining the code structure improves readability and maintainability, which is crucial for buffer development processes and future modifications.

How: Consider implementing specific comments to clarify changes or remove commented-out code to avoid confusion.

[github-actions]

What: Three authentication methods are visible in the code, which can create potential security vulnerabilities or unexpected behavior.

Why: Properly handling responses and potential errors is important to prevent exposure to security risks, especially in user-facing environments.

How: Consider adding additional error checking or response validation on methods that hold potential to interact with external dependencies.

[github-actions]

What: The method checkA11y checks accessibilities, but there is no error handling if an accessibility failure occurs.

Why: Not implementing error handling may lead to unhandled Promise rejections, which can cause the application to fail silently rather than providing useful feedback on what went wrong.

How: Add a try-catch block around the checkA11y call to capture and handle potential errors that can ensure the process handles failures more gracefully.

[github-actions]

What: The usage of optional chaining (?.) is well implemented; however, verify that all environments that run this code support ECMAScript 2020 features.

Why: In case the runtime doesn't support ECMAScript 2020 features, it will likely throw errors, leading to possible application crash.

How: If you're targeting older environments, consider adding a compatibility layer or polyfill for optional chaining or refactoring the logic to be compatible.

[github-actions]

What: Ensure that required modules (axe-playwright and @storybook/test-runner) are properly updated to avoid discrepancies.

Why: When upgrading libraries or plugins, especially those related to testing and accessibility, staying current is vital to maintain features and address security vulnerabilities.

How: Review the changelogs for both dependencies and ensure that their features match the requirements of your implementation before finalizing the upgrade.