Uif/cl 208/add import to stories

[BryanCunningham]

🎟️ Tracking

📔 Objective

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[willmartian]

Thoughts on combining these to make the usage something like:

<bit-banner ${prettifyArgs(args)}>

[willmartian]

(Something with that usage could totally merged in upstream Storybook imo.)

[BryanCunningham]

I'm fine with this approach. Less manual copy/paste in the actual implementation as well

[github-actions]

Checkmarx One – Scan Summary & Details – d0ac318b-1de3-48df-a275-993cd8886730

New Issues (5)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2024-53382	Npm-prismjs-1.29.0	details Recommended version: 1.30.0 Description: Prism (aka PrismJS) allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), bec... Attack Vector: NETWORK Attack Complexity: HIGH ID: rqxE3d0nbeAe3nADsieIZWZyguJo3Dt%2FLrThoQVyPCY%3D Vulnerable Package
	CVE-2025-32996	Npm-http-proxy-middleware-2.0.7	details Recommended version: 2.0.9 Description: In http-proxy-middleware v1.3.0 through v2.0.7 and v3.x through v3.0.3, "writeBody" function can be called twice because "else if" is not used. Attack Vector: NETWORK Attack Complexity: HIGH ID: VdqPt2KTVEl9%2F%2BvxCLQz1WXBctIIEQDBZdxrKxbr%2B%2F4%3D Vulnerable Package
	CVE-2025-32997	Npm-http-proxy-middleware-2.0.7	details Recommended version: 2.0.9 Description: In http-proxy-middleware versions 1.3.0 through 2.0.8 and 3.x through 3.0.4, the "fixRequestBody" function proceeds even if "bodyParser" has failed. Attack Vector: NETWORK Attack Complexity: HIGH ID: 6ZRO1S5Z%2Fm0nNdlWG90pPa0uNgRrbkm28s9NfBh0t7A%3D Vulnerable Package
	Insecure_Storage_of_Sensitive_Data	/apps/cli/src/commands/get.command.ts: 380	details The application takes sensitive, personal data cipher, found at line 380 of /apps/cli/src/commands/get.command.ts, and stores it in an unprotecte... ID: tl7kTfqlNhtkiOLy4ntykc%2FwVtY%3D Attack Vector
	Insecure_Storage_of_Sensitive_Data	/apps/cli/src/commands/get.command.ts: 330	details The application takes sensitive, personal data cipher, found at line 330 of /apps/cli/src/commands/get.command.ts, and stores it in an unprotecte... ID: OBWW4nprBk%2FOnHBdgKy26RfA%2Fzw%3D Attack Vector

Fixed Issues (2)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Insecure_Storage_of_Sensitive_Data	/apps/cli/src/commands/get.command.ts: 378
	Insecure_Storage_of_Sensitive_Data	/apps/cli/src/commands/get.command.ts: 377

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud