Fix: Add vite-plus vendored libraries version detection

[huang-julien]

Closes #34234

What I did

This PR uses vite-plus/versions to detect the version of vite-plus vendored dependencies.

SInce vite-plus use override, vite-plus vendored version has a higher priority over the package.json from the actual dependency.

• USer package.json (pnpm)
  • vitest: 4,0,1
• pnpm.workspace
  • override:
    • vitest: npm:@voidzero-dev/vite-plus-test@latest
• node_modules
  • vitest
    • package.json
      • "name": "@voidzero-dev/vite-plus-test",
      • "version": "0.1.16",

Checklist for Contributors

Testing

The changes in this PR are covered in the following automated tests:

• stories
• unit tests
• integration tests
• end-to-end tests

Manual testing

• Verify that storybook init with vite-plus doesn't crash

Caution

This section is mandatory for all contributions. If you believe no manual test is necessary, please state so explicitly. Thanks!

Documentation

• Add or update documentation reflecting your changes
• If you are deprecating/removing a feature, make sure to update
  MIGRATION.MD

Checklist for Maintainers

• When this PR is ready for testing, make sure to add ci:normal, ci:merged or ci:daily GH label to it to run a specific set of sandboxes. The particular set of sandboxes can be found in code/lib/cli-storybook/src/sandbox-templates.ts

• Make sure this PR contains one of the labels below:

  Available labels

  • bug: Internal changes that fixes incorrect behavior.
  • maintenance: User-facing maintenance tasks.
  • dependencies: Upgrading (sometimes downgrading) dependencies.
  • build: Internal-facing build tooling & test updates. Will not show up in release changelog.
  • cleanup: Minor cleanup style change. Will not show up in release changelog.
  • documentation: Documentation only changes. Will not show up in release changelog.
  • feature request: Introducing a new feature.
  • BREAKING CHANGE: Changes that break compatibility in some way with current major version.
  • other: Changes that don't fit in the above categories.

🦋 Canary release

This PR does not have a canary release associated. You can request a canary release of this pull request by mentioning the @storybookjs/core team here.

core team members can create a canary release here or locally with gh workflow run --repo storybookjs/storybook publish.yml --field pr=<PR_NUMBER>

Summary by CodeRabbit

• New Features

  • Enhanced package version detection to prefer vite-plus vendored versions when available.
  • Added optional vite-plus peer dependency support.

• Tests

  • Added tests covering detection, fallback behavior, caching, and cache clearing.

• Chores

  • Added vite-plus to devDependencies to support local testing.

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 23f253a

Command	Status	Duration	Result
nx run-many -t compile,check,knip,test,lint,fmt...	❌ Failed	8m 7s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-04-13 08:23:22 UTC

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a vite-plus versions detector and cache, uses it to prefer vendored package versions during JS package version lookups, integrates it into outdated-package detection, updates exports, and declares vite-plus as an optional peer/dev dependency.

Changes

Cohort / File(s)	Summary
Vite-Plus version module & tests code/core/src/common/js-package-manager/vite-plus-versions.ts, code/core/src/common/js-package-manager/vite-plus-versions.test.ts	New VitePlusVersions interface, getVitePlusVersions() with tri-state memoization and dynamic import of vite-plus/versions, clearVitePlusCache() and tests covering import success/failure, caching, and cache clearing.
Package manager integration code/core/src/common/js-package-manager/JsPackageManager.ts, code/core/src/common/js-package-manager/index.ts	JsPackageManager version lookup now queries getVitePlusVersions() first and falls back to findInstallations() if no vendored version found. Barrel file now re-exports vite-plus-versions module.
Outdated-package detection code/lib/cli-storybook/src/autoblock/utils.ts	findOutdatedPackage() now prefers versions from getVitePlusVersions() when determining installed package versions, falling back to package.json-derived versions.
Dependency declarations code/package.json, code/core/package.json	Declared vite-plus as an optional peer dependency in code/package.json and added vite-plus to code/core devDependencies.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@code/package.json`:
- Line 127: Remove "vite-plus" from the dependencies list and instead declare it
as a peer dependency marked optional: add "vite-plus" to "peerDependencies" with
the same version constraint and add a "peerDependenciesMeta" entry setting
"vite-plus" optional. This aligns with the dynamic import behavior in
vite-plus-versions.ts (the try/catch returning null) so consumers who don't
install vite-plus won't be forced to; update the package.json sections
accordingly and remove the existing dependency entry for "vite-plus".

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 979802e5-99d8-48b9-b94b-ddfa07a2dd15

📥 Commits

Reviewing files that changed from the base of the PR and between aae6c95 and e4c5b15.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (6)

• code/core/src/common/js-package-manager/JsPackageManager.ts
• code/core/src/common/js-package-manager/index.ts
• code/core/src/common/js-package-manager/vite-plus-versions.test.ts
• code/core/src/common/js-package-manager/vite-plus-versions.ts
• code/lib/cli-storybook/src/autoblock/utils.ts
• code/package.json

[coderabbitai]

🧹 Nitpick comments (1)

code/lib/cli-storybook/src/autoblock/utils.ts (1)

33-38: Fetch vitePlusVersions once per function call.

getVitePlusVersions() is currently awaited per package entry. Hoisting it outside the map keeps behavior the same and avoids repeated async lookups.

♻️ Proposed refactor

 export async function findOutdatedPackage<M extends Record<string, string>>(
   minimalVersionsMap: M,
   options: {
     packageManager: JsPackageManager;
   }
 ): Promise<false | Result<M>> {
+  const vitePlusVersions = await getVitePlusVersions();
   const list = await Promise.all(
     typedKeys(minimalVersionsMap).map(async (packageName) => {
@@
-      const vitePlusVersions = await getVitePlusVersions();
       let installedVersion = vitePlusVersions?.[packageName] ?? null;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@code/lib/cli-storybook/src/autoblock/utils.ts` around lines 33 - 38, The code
calls await getVitePlusVersions() inside the typedKeys(minimalVersionsMap).map
callback causing repeated async calls; hoist the call out of the map so
getVitePlusVersions() is awaited once at the start of the function (e.g., const
vitePlusVersions = await getVitePlusVersions()), then use that vitePlusVersions
variable inside the typedKeys(...).map(async (packageName) => { ... }) callback
to determine installedVersion (vitePlusVersions?.[packageName] ?? null) so
behavior remains identical but avoids per-iteration awaits.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@code/lib/cli-storybook/src/autoblock/utils.ts`:
- Around line 33-38: The code calls await getVitePlusVersions() inside the
typedKeys(minimalVersionsMap).map callback causing repeated async calls; hoist
the call out of the map so getVitePlusVersions() is awaited once at the start of
the function (e.g., const vitePlusVersions = await getVitePlusVersions()), then
use that vitePlusVersions variable inside the typedKeys(...).map(async
(packageName) => { ... }) callback to determine installedVersion
(vitePlusVersions?.[packageName] ?? null) so behavior remains identical but
avoids per-iteration awaits.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9cd3c7eb-55ff-4a5d-8dc5-b8117ae76009

📥 Commits

Reviewing files that changed from the base of the PR and between b26499c and 4f68063.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (6)

• code/core/src/common/js-package-manager/JsPackageManager.ts
• code/core/src/common/js-package-manager/index.ts
• code/core/src/common/js-package-manager/vite-plus-versions.test.ts
• code/core/src/common/js-package-manager/vite-plus-versions.ts
• code/lib/cli-storybook/src/autoblock/utils.ts
• code/package.json

✅ Files skipped from review due to trivial changes (2)

• code/core/src/common/js-package-manager/index.ts
• code/package.json

🚧 Files skipped from review as they are similar to previous changes (2)

• code/core/src/common/js-package-manager/vite-plus-versions.test.ts
• code/core/src/common/js-package-manager/vite-plus-versions.ts

[JReinhold]

Everything looks good except for the peer dependency thing 👍

[storybook-app-bot]

Package Benchmarks

^{Commit: 23f253a, ran on 13 April 2026 at 08:25:49 UTC}

The following packages have significant changes to their size or dependencies:

@storybook/nextjs-vite

	Before	After	Difference
Dependency count	93	93	0
Self size	1.12 MB	1.12 MB	0 B
Dependency size	23.32 MB	23.61 MB	🚨 +289 KB 🚨
Bundle Size Analyzer	Link	Link

@storybook/react-native-web-vite

	Before	After	Difference
Dependency count	122	122	0
Self size	30 KB	30 KB	🎉 -18 B 🎉
Dependency size	24.39 MB	24.68 MB	🚨 +289 KB 🚨
Bundle Size Analyzer	Link	Link

@storybook/react-vite

	Before	After	Difference
Dependency count	83	83	0
Self size	36 KB	36 KB	🚨 +18 B 🚨
Dependency size	21.10 MB	21.39 MB	🚨 +289 KB 🚨
Bundle Size Analyzer	Link	Link