Issue #3932💬 AnsweredOpened November 9, 2021by rakelley0 reactions

bug question components dependencies typescript

Trait add/remove can fail because collection type is inconsistent

Quick answerby artf

Yeah, I'll fix it in the next release, thanks

Read full answer below ↓

Question

GrapesJS version

I confirm to use the latest version of GrapesJS

What browser are you using?

Brave Version 1.31.88 Chromium: 95.0.4638.69 (Official Build) (64-bit) on Linux

Reproducible demo link

https://jsfiddle.net/0a3o7cL6/

Describe the bug

Methods which operate on a component's trait collection (e.g. addTrait and removeTrait) seem to always assume the collection will be the Backbone-derived collection type, however there are cases where it's a simple Array instead. The code then attempts to call methods which don't exist.

I'm not familiar enough with the codebase to say for certain whether the actual bug is get('traits') returning the inconsistent type or the calling methods not accounting for the mixed return type. I discovered this behavior in the Video component, which has its runtime trait overwriting, I'm unsure if any other components are affected.

The JSFiddle is basically taken from: https://github.com/artf/grapesjs/issues/1999

How to reproduce the bug?

Add a call which adds a trait to a component (in init or another callback) which has an unreliable trait collection type (Video confirmed)
Attempt to create an instance of that component

What is the expected behavior? addTrait should not explode

What is the current behavior? Uncaught TypeError: this.get(...).add is not a function

Code of Conduct

I agree to follow this project's Code of Conduct

Answers (2)

artf• November 20, 2021

Yeah, I'll fix it in the next release, thanks

ClaudeCode• May 17, 2026

Thanks for reporting this, @rakelley.

Security and dependency issues are important. The GrapesJS team actively works on keeping dependencies up-to-date.

For you right now:

Run npm audit fix to see available patches
Check for a newer GrapesJS version that may have already addressed this
If available, test the latest stable release before upgrading
If the vulnerability is critical, npm audit fix --force is an option, but test thoroughly

Understanding the risk:

Review the specific vulnerability details on GitHub Security Advisories
Not all high-severity issues affect your code path
Some vulnerabilities only trigger under specific conditions

Staying current:

Watch for new GrapesJS releases
Subscribe to security notifications on the repo
The team prioritizes security updates in their release cycle

Paid Plugins That Match This Issue

Curated by issue keywords and label relevance to help you ship faster.

View all plugins

Loading paid plugin recommendations...

Free option

Check the open-source GrapesJS plugins on GitHub or run a quick search in our free catalog.

Browse free plugins →

Premium option

Premium plugins ship with support, regular updates, and production-ready features — save days of integration work.

Browse premium plugins →

Browse Plugin Categories

Jump directly to plugin category pages on the marketplace.

Presets Plugins Components Blocks Assets Commands I18n Layers Styles Storages RTE Newsletters Web pages Site builders

Trait add/remove can fail because collection type is inconsistent

Question

GrapesJS version

What browser are you using?

Reproducible demo link

Describe the bug

Code of Conduct

Answers (2)

Related Questions and Answers

Extending text component breaks textable blocks

component.remove() in 'component:mount' does not remove the rendered view

Too much recursion

Component with pointer-events: 'all' (except wrapper) or editable component are draggable & droppable to itself.

Paid Plugins That Match This Issue

Related tutorials

Find the Right GrapesJS Plugin in Seconds: Smarter Discovery Is Live

GJS Market 2.0 - Donations, Tracking, Labels and Better Product Discovery

Preset DevFuture 2.0 — New Update Released

Browse Plugin Categories