Dependency: backbone-undo is deprecated (npm) β any plan to replace/remove?
The deprecation warning for [email protected] when installing GrapesJS is a valid concern regarding dependency maintenance. Let's break down the situation and what it means for GrapesJS users. Root Cause: Deprecated Dependency GrapesJS currently utilizes backbone-undo for its core undo/redo functionality. This libra...
Read full answer below βQuestion
GrapesJS version 0.22.14 (latest release as of 2025-11-20) What's the expected behavior? No deprecated dependencies in the GrapesJS install tree (or guidance/roadmap on replacing them). What's the current behavior? Installing [email protected] emits an npm/pnpm deprecation warning because it depends on [email protected] (deprecated on npm). Steps to reproduce pnpm add [email protected] (or npm i [email protected]) Observe the deprecation warning for [email protected] Additional context This is not a vulnerability report by itself; it's a maintenance/support risk (supply-chain concern). Relat...
Answers (1)
The deprecation warning for [email protected] when installing GrapesJS is a valid concern regarding dependency maintenance. Let's break down the situation and what it means for GrapesJS users. Root Cause: Deprecated Dependency GrapesJS currently utilizes backbone-undo for its core undo/redo funct...
Related Questions and Answers
Continue research with similar issue discussions.
Issue #3443
Backbone-undo/underscore security advisory
Version: v0.17.3 Are you able to reproduce the bug from the demo?[x] Yes[ ] No What is the expected behavior? See below What is the current...
Issue #5742
Building on Windows 10+
GrapesJS version [X] I confirm to use the latest version of GrapesJS What browser are you using? Chrome v122 Reproducible demo link N/A Des...
Issue #6723
Dependency: grapesjs >=0.21.13 Depends on vulnerable versions of underscore
GrapesJS version [x] I confirm to use the latest version of GrapesJS What browser are you using? Edge, mozilla Reproducible demo link NA De...
Issue #5743
XSS vulnerability in iframe attribute src
GrapesJS version [X] I confirm to use the latest version of GrapesJS What browser are you using? Edge v122 Reproducible demo link https://j...
Paid Plugins That Match This Issue
Curated by issue keywords and label relevance to help you ship faster.
Loading paid plugin recommendations...
Check the open-source GrapesJS plugins on GitHub or run a quick search in our free catalog.
Browse free plugins βPremium plugins ship with support, regular updates, and production-ready features β save days of integration work.
Browse premium plugins βRelated tutorials
In-depth guides on the same topic.
Tutorial
Lighthouse for GrapesJS: Audit Accessibility and SEO Without Leaving the Editor
Live WCAG 2.1/2.2 accessibility auditor + SEO manager for GrapesJS. Every finding is bound to the exact component β click to select, then one-click fix.
Tutorial
GrapesJS DevTools: A Developer Panel Inside Your Editor
If you've ever debugged GrapesJS with console.log(editor.getSelected()) and a dozen throwaway event listeners β this post is for you.
Tutorial
Find the Right GrapesJS Plugin in Seconds: Smarter Discovery Is Live
We're shipping a set of discovery upgrades. New label filters, a proper compatibility switch for GrapesJS vs Studio, one-click and a smarter sort bar.
Browse Plugin Categories
Jump directly to plugin category pages on the marketplace.