Tooling: Use pkg.pr.new for canary releases

[JReinhold]

Closes #

What I did

Checklist for Contributors

Testing

The changes in this PR are covered in the following automated tests:

• stories
• unit tests
• integration tests
• end-to-end tests

Manual testing

Caution

This section is mandatory for all contributions. If you believe no manual test is necessary, please state so explicitly. Thanks!

Documentation

• Add or update documentation reflecting your changes
• If you are deprecating/removing a feature, make sure to update
  MIGRATION.MD

Checklist for Maintainers

• When this PR is ready for testing, make sure to add ci:normal, ci:merged or ci:daily GH label to it to run a specific set of sandboxes. The particular set of sandboxes can be found in code/lib/cli-storybook/src/sandbox-templates.ts

• Make sure this PR contains one of the labels below:

  Available labels

  • bug: Internal changes that fixes incorrect behavior.
  • maintenance: User-facing maintenance tasks.
  • dependencies: Upgrading (sometimes downgrading) dependencies.
  • build: Internal-facing build tooling & test updates. Will not show up in release changelog.
  • cleanup: Minor cleanup style change. Will not show up in release changelog.
  • documentation: Documentation only changes. Will not show up in release changelog.
  • feature request: Introducing a new feature.
  • BREAKING CHANGE: Changes that break compatibility in some way with current major version.
  • other: Changes that don't fit in the above categories.

🦋 Canary Release - 💥 Failed

This PR does not have a canary release associated. Canary releases are automatically created when one of ci:normal, ci:merged, or ci:daily labels are added to the PR.

Summary by CodeRabbit

• Chores

  • Added an automated workflow to build and publish preview packages for qualifying pull requests, update PR bodies with preview release info, and comment on failures.
  • Added a dependency to support the preview-package publishing process.

• New Features

  • CLI and generator flows now recognize and propagate PR-specific Storybook version specifiers (preview URLs), so upgrade/install commands can target preview packages when available.

[github-actions]

	Fails
🚫	The "#### Manual testing" section must be filled in. Please describe how to test the changes you've made, step by step, so that reviewers can confirm your PR works as intended.

Generated by 🚫 dangerJS against c115b7f

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow that, when labeled, checks out PR head, sets up Node, builds publishable packages, publishes preview packages via pkg-pr-new, updates the PR's canary release section, and posts a failure comment on errors. Also introduces utilities and plumbing to detect pkg.pr.new create-storybook invocations and propagate per-package pkg.pr.new specifiers through upgrade, generator, and package-resolution paths.

Changes

Preview Package Publishing Workflow

Layer / File(s)	Summary
Workflow triggers and global configuration .github/workflows/publish-preview.yml	Workflow runs on pull_request events (opened, synchronize, reopened, labeled), sets Playwright/Puppeteer skip env vars, permissions (contents: read, pull-requests: write), and PR-scoped concurrency with cancellation.
Job definition, label gating, and setup steps .github/workflows/publish-preview.yml	Adds the publish-preview job (runs on ubuntu-latest) gated by PR labels; checks out the PR head SHA and runs the local composite action to set up Node and install code deps, then compiles publishable packages.
Publish preview packages and scripts dependency .github/workflows/publish-preview.yml, scripts/package.json	Enumerates workspace package locations and runs yarn pkg-pr-new publish, aggregates JSON output, asserts non-empty output. Adds pkg-pr-new ^0.0.72 to scripts/package.json.
Generate PR body, replace section, and failure handling .github/workflows/publish-preview.yml	Builds a formatted preview release section from published package metadata, replaces the PR CANARY_RELEASE_SECTION using find-and-replace-pull-request-body, and posts a failure comment via gh pr comment on workflow failure (fork-safe with continue-on-error).

pkg.pr.new Specifier Propagation

Layer / File(s)	Summary
Core util and re-export code/core/src/common/utils/get-pkg-pr-new-package-specifier.ts, code/core/src/common/index.ts	Adds getPkgPrNewPackageSpecifier which parses pkg.pr.new create-storybook URLs and re-exports it from core common index.
JsPackageManager parsing and pkg.pr.new mapping code/core/src/common/js-package-manager/JsPackageManager.ts, code/core/src/common/js-package-manager/JsPackageManager.test.ts	Refactors package parsing for scoped names, extends getVersionedPackages(..., { storybookVersionSpecifier }), and maps Storybook packages to per-package pkg.pr.new specifiers when present; adds test validating the mapping and avoiding latestVersion.
CLI ancestry detection and upgrade spec generation code/lib/cli-storybook/src/upgrade.ts, code/lib/cli-storybook/src/util.ts, code/lib/cli-storybook/package.json, code/lib/cli-storybook/src/upgrade.test.ts	Imports process-ancestry, derives storybookVersionSpecifier from process ancestry (errors ignored), passes the specifier into upgrade flows, uses getPkgPrNewPackageSpecifier when generating upgrade specs, and adds tests plus dev dependency process-ancestry.
Generator options, context, and base generator wiring code/lib/create-storybook/src/generators/types.ts, code/lib/create-storybook/src/generators/baseGenerator.ts, code/lib/create-storybook/src/generators/REACT_NATIVE/index.ts, code/lib/create-storybook/src/commands/PreflightCheckCommand.ts, code/lib/create-storybook/src/commands/GeneratorExecutionCommand.ts, code/lib/create-storybook/src/services/VersionService.test.ts	Adds storybookVersionSpecifier to GeneratorOptions/Context/CommandOptions, threads the specifier through Preflight/GeneratorExecutionCommand/baseGenerator and generators so package resolution can use the specifier, and adds tests for ancestry-based extraction.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• storybookjs/storybook#34612: Also modifies code/lib/cli-storybook/src/upgrade.ts and upgrade() control flow; changes are related to CLI upgrade/option handling.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

storybook

npm i https://pkg.pr.new/storybookjs/storybook@34799 -D

@storybook/addon-a11y

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-a11y@34799 -D

@storybook/addon-docs

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-docs@34799 -D

@storybook/addon-links

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-links@34799 -D

@storybook/addon-onboarding

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-onboarding@34799 -D

storybook-addon-pseudo-states

npm i https://pkg.pr.new/storybookjs/storybook/storybook-addon-pseudo-states@34799 -D

@storybook/addon-themes

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-themes@34799 -D

@storybook/addon-vitest

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/addon-vitest@34799 -D

@storybook/builder-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/builder-vite@34799 -D

@storybook/builder-webpack5

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/builder-webpack5@34799 -D

@storybook/angular

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/angular@34799 -D

@storybook/ember

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/ember@34799 -D

@storybook/html-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/html-vite@34799 -D

@storybook/nextjs

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/nextjs@34799 -D

@storybook/nextjs-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/nextjs-vite@34799 -D

@storybook/preact-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/preact-vite@34799 -D

@storybook/react-native-web-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/react-native-web-vite@34799 -D

@storybook/react-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/react-vite@34799 -D

@storybook/react-webpack5

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/react-webpack5@34799 -D

@storybook/server-webpack5

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/server-webpack5@34799 -D

@storybook/svelte-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/svelte-vite@34799 -D

@storybook/sveltekit

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/sveltekit@34799 -D

@storybook/tanstack-react

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/tanstack-react@34799 -D

@storybook/vue3-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/vue3-vite@34799 -D

@storybook/web-components-vite

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/web-components-vite@34799 -D

sb

npm i https://pkg.pr.new/storybookjs/storybook/sb@34799 -D

@storybook/cli

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/cli@34799 -D

@storybook/codemod

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/codemod@34799 -D

@storybook/core-webpack

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/core-webpack@34799 -D

create-storybook

npm i https://pkg.pr.new/storybookjs/storybook/create-storybook@34799 -D

@storybook/csf-plugin

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/csf-plugin@34799 -D

eslint-plugin-storybook

npm i https://pkg.pr.new/storybookjs/storybook/eslint-plugin-storybook@34799 -D

@storybook/react-dom-shim

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/react-dom-shim@34799 -D

@storybook/preset-create-react-app

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/preset-create-react-app@34799 -D

@storybook/preset-react-webpack

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/preset-react-webpack@34799 -D

@storybook/preset-server-webpack

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/preset-server-webpack@34799 -D

@storybook/html

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/html@34799 -D

@storybook/preact

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/preact@34799 -D

@storybook/react

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/react@34799 -D

@storybook/server

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/server@34799 -D

@storybook/svelte

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/svelte@34799 -D

@storybook/vue3

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/vue3@34799 -D

@storybook/web-components

npm i https://pkg.pr.new/storybookjs/storybook/@storybook/web-components@34799 -D

commit: 829bacc

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/publish-preview.yml:
- Line 6: The workflow currently retriggers on any label addition because it
checks all PR labels; change the labeled-event gating to inspect only the newly
added label (github.event.label.name) instead of the full labels array. Update
the trigger/conditional that currently references pull_request.labels (or
similar) to use a condition like checking github.event.action == 'labeled' &&
contains(['ci:normal','ci:merged','ci:daily'], github.event.label.name) so the
job runs only when the new label is one of the eligible ci labels.
- Around line 106-128: Give the "Replace Pull Request Body" step an id (e.g.,
id: replace-pr-body) and change the conditional on the "Create failing comment
on PR" step to only run when the job failed for reasons other than the PR-body
update (for example: if: ${{ failure() && steps.replace-pr-body.outcome !=
'failure' }}), and update the gh pr comment body text to say it failed to
publish preview packages or update the PR body (so it covers both failure
modes); reference the step names "Replace Pull Request Body" (id:
replace-pr-body) and "Create failing comment on PR" when making these edits.
- Around line 47-53: Replace the weak "non-empty file" check for
pkg-pr-new-output.json with a structural jq validation that fails the step
unless the JSON has a non-empty .packages array and each package object contains
the fields used later when generating the PR body (e.g., "name" and "version" —
whatever keys lines that extract values expect); use jq's exit-on-false behavior
(jq -e) so the workflow step exits non‑zero on validation failure, ensuring you
only proceed when pkg-pr-new-output.json has the required structure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7e030b12-0d00-4e25-85ca-8e1312ac5d1e

📥 Commits

Reviewing files that changed from the base of the PR and between 829bacc and 65e43f9.

📒 Files selected for processing (1)

• .github/workflows/publish-preview.yml

[github-actions]

Failed to publish preview packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/25853849266

[github-actions]

Failed to publish preview packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26122477222

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/publish-preview.yml:
- Around line 32-35: Update the "Checkout pull request HEAD" step that currently
uses actions/checkout@v4 to pin the action to a specific full commit SHA
(replace actions/checkout@v4 with the exact commit SHA for the checkout action)
and add the checkout input persist-credentials: false under the with: block
(next to ref: ${{ github.event.pull_request.head.sha }}) so credentials are not
carried forward to later steps.

In `@code/lib/cli-storybook/package.json`:
- Line 59: Move the "process-ancestry" entry out of devDependencies and into
runtime dependencies in package.json so it's available when the CLI is
installed; specifically remove "process-ancestry": "^0.0.2" from devDependencies
and add the same key/version under "dependencies". Also verify imports in
upgrade.ts still resolve (no code changes needed there) and run a local
pack/install to ensure no ERR_MODULE_NOT_FOUND at runtime.

In `@code/lib/cli-storybook/src/upgrade.ts`:
- Line 84: The use of toReversed() on getProcessAncestry() is Node‑20+ only and
can throw on older Node versions; replace that call with a compatibility-safe
reversal such as converting the iterable to an array and calling reverse (e.g.,
[...getProcessAncestry()].reverse()) or iterate the array backwards with an
index-based loop; update the for loop that currently reads for (const ancestor
of getProcessAncestry().toReversed()) to use the array-reverse approach (or
manual reverse iteration) so it works on Node 18 and earlier.

In `@code/lib/create-storybook/src/commands/PreflightCheckCommand.ts`:
- Around line 41-43: The code in PreflightCheckCommand is unconditionally
overwriting options.storybookVersionSpecifier with
versionService.getStorybookVersionFromAncestry(getProcessAncestry()); change the
logic so you only set options.storybookVersionSpecifier from
getStorybookVersionFromAncestry when it is not already provided by the caller
(i.e., if options.storybookVersionSpecifier is falsy/undefined). Locate the
assignment in PreflightCheckCommand and guard it with a check against the
existing options.storybookVersionSpecifier so callers' explicit specifiers are
preserved.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 60bdfd49-8f2f-4150-ac0f-001ce3f80040

📥 Commits

Reviewing files that changed from the base of the PR and between 65e43f9 and 2913f62.

📒 Files selected for processing (15)

• .github/workflows/publish-preview.yml
• code/core/src/common/index.ts
• code/core/src/common/js-package-manager/JsPackageManager.test.ts
• code/core/src/common/js-package-manager/JsPackageManager.ts
• code/core/src/common/utils/get-pkg-pr-new-package-specifier.ts
• code/lib/cli-storybook/package.json
• code/lib/cli-storybook/src/upgrade.test.ts
• code/lib/cli-storybook/src/upgrade.ts
• code/lib/cli-storybook/src/util.ts
• code/lib/create-storybook/src/commands/GeneratorExecutionCommand.ts
• code/lib/create-storybook/src/commands/PreflightCheckCommand.ts
• code/lib/create-storybook/src/generators/REACT_NATIVE/index.ts
• code/lib/create-storybook/src/generators/baseGenerator.ts
• code/lib/create-storybook/src/generators/types.ts
• code/lib/create-storybook/src/services/VersionService.test.ts

✅ Files skipped from review due to trivial changes (1)

• code/lib/create-storybook/src/generators/REACT_NATIVE/index.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Preserve explicit storybookVersionSpecifier instead of always overriding it.

Line 42 currently overwrites any user-provided version specifier. That can force an unintended version/source when callers explicitly set one.

Suggested fix

-    try {
-      options.storybookVersionSpecifier =
-        this.versionService.getStorybookVersionFromAncestry(getProcessAncestry());
+    try {
+      if (options.storybookVersionSpecifier === undefined) {
+        options.storybookVersionSpecifier =
+          this.versionService.getStorybookVersionFromAncestry(getProcessAncestry());
+      }
     } catch {
       // Ignore ancestry lookup failures and fall back to the embedded release versions.
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	try {
	options.storybookVersionSpecifier =
	this.versionService.getStorybookVersionFromAncestry(getProcessAncestry());
	try {
	if (options.storybookVersionSpecifier === undefined) {
	options.storybookVersionSpecifier =
	this.versionService.getStorybookVersionFromAncestry(getProcessAncestry());
	}
	} catch {
	// Ignore ancestry lookup failures and fall back to the embedded release versions.
	}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@code/lib/create-storybook/src/commands/PreflightCheckCommand.ts` around lines
41 - 43, The code in PreflightCheckCommand is unconditionally overwriting
options.storybookVersionSpecifier with
versionService.getStorybookVersionFromAncestry(getProcessAncestry()); change the
logic so you only set options.storybookVersionSpecifier from
getStorybookVersionFromAncestry when it is not already provided by the caller
(i.e., if options.storybookVersionSpecifier is falsy/undefined). Locate the
assignment in PreflightCheckCommand and guard it with a check against the
existing options.storybookVersionSpecifier so callers' explicit specifiers are
preserved.

[storybook-app-bot]

Package Benchmarks

^{Commit: c115b7f, ran on 20 May 2026 at 12:44:02 UTC}

The following packages have significant changes to their size or dependencies:

storybook

	Before	After	Difference
Dependency count	72	60	🎉 -12 🎉
Self size	20.30 MB	20.52 MB	🚨 +219 KB 🚨
Dependency size	36.17 MB	32.84 MB	🎉 -3.34 MB 🎉
Bundle Size Analyzer	Link	Link

@storybook/nextjs

	Before	After	Difference
Dependency count	534	534	0
Self size	662 KB	651 KB	🎉 -12 KB 🎉
Dependency size	61.35 MB	61.35 MB	🎉 -276 B 🎉
Bundle Size Analyzer	Link	Link

@storybook/nextjs-vite

	Before	After	Difference
Dependency count	93	93	0
Self size	1.38 MB	1.37 MB	🎉 -13 KB 🎉
Dependency size	24.78 MB	24.78 MB	🎉 -662 B 🎉
Bundle Size Analyzer	Link	Link

@storybook/cli

	Before	After	Difference
Dependency count	203	194	🎉 -9 🎉
Self size	908 KB	912 KB	🚨 +4 KB 🚨
Dependency size	87.59 MB	84.57 MB	🎉 -3.02 MB 🎉
Bundle Size Analyzer	Link	Link

@storybook/codemod

	Before	After	Difference
Dependency count	196	187	🎉 -9 🎉
Self size	32 KB	32 KB	🎉 -12 B 🎉
Dependency size	86.08 MB	83.06 MB	🎉 -3.02 MB 🎉
Bundle Size Analyzer	Link	Link

create-storybook

	Before	After	Difference
Dependency count	73	61	🎉 -12 🎉
Self size	1.08 MB	1.08 MB	🎉 -2 KB 🎉
Dependency size	56.48 MB	53.36 MB	🎉 -3.12 MB 🎉
Bundle Size Analyzer	node	node

[github-actions]

Failed to publish preview packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26125027066

[github-actions]

Failed to publish canary packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26148303832

[github-actions]

Failed to publish canary packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26161770373

[github-actions]

Failed to publish canary packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26161770373

[github-actions]

Failed to publish canary packages for this pull request, triggered by @JReinhold. See the failed workflow run at: https://github.com/storybookjs/storybook/actions/runs/26162172935