Description
After cloning the repository and running a fresh install, many dependencies are outdated and contain known vulnerabilities. Running npm audit fix or manually updating the dependencies in package.json resolves the security warnings but breaks the Admin Panel completely — it no longer loads or functions as expected.
Steps to Reproduce
-
Clone the repository
git clone https://github.com/tinacms/tinasaurus.git
cd tinasaurus-main
npm install
-
Run npm audit fix or manually update dependencies. For example my new package.json contains the following deps:
"dependencies": {
"@docusaurus/core": "^3.9.2",
"@docusaurus/preset-classic": "^3.9.2",
"@mdx-js/react": "^3.1.1",
"@tinacms/cli": "^1.12.0",
"clsx": "^2.1.1",
"prism-react-renderer": "^2.4.1",
"react": "^18.3.1",
"react-dom": "^18.3.1",
"tinacms": "^2.1.1",
"title": "^4.0.1"
},
"devDependencies": {
"@docusaurus/module-type-aliases": "3.3.2"
},
"overrides": {
"dompurify": "^3.3.0",
"mermaid": "^10.9.5",
"jsonpath-plus": "^10.3.0",
"esbuild": "^0.25.1",
"vite": "^6.2.6",
"@vitejs/plugin-react": "^5.1.0",
"lodash.set": "github:minorbug/lodash-set#4.3.3",
"@tinacms/graphql": {
"lodash.set": "github:minorbug/lodash-set#4.3.3"
},
"@tinacms/search": {
"lodash.set": "github:minorbug/lodash-set#4.3.3"
},
"tinacms": {
"lodash.set": "github:minorbug/lodash-set#4.3.3"
}
}
-
Start the development environment.
-
Observe that the Admin Panel becomes non-functional.
Expected Behavior
The Admin Panel should continue to work after updating dependencies to recent stable versions.
Actual Behavior
After updating dependencies, the Admin Panel fails to initialize or display correctly.
Environment
- Node.js version: 22.19.0
- NPM version: 11.6.2
- OS: Windows 11 (using Ubuntu via WSL2)
- Browser: Chrome
Would you consider publishing an updated dependency map or guidelines on compatible package versions?
Description
After cloning the repository and running a fresh install, many dependencies are outdated and contain known vulnerabilities. Running
npm audit fixor manually updating the dependencies inpackage.jsonresolves the security warnings but breaks the Admin Panel completely — it no longer loads or functions as expected.Steps to Reproduce
Clone the repository
git clone https://github.com/tinacms/tinasaurus.git cd tinasaurus-main npm installRun
npm audit fixor manually update dependencies. For example my new package.json contains the following deps:Start the development environment.
Observe that the Admin Panel becomes non-functional.
Expected Behavior
The Admin Panel should continue to work after updating dependencies to recent stable versions.
Actual Behavior
After updating dependencies, the Admin Panel fails to initialize or display correctly.
Environment
Would you consider publishing an updated dependency map or guidelines on compatible package versions?