npmpackage.info

Gathering detailed insights and metrics for svelte

Other packages similar to svelte

@cspell/dict-svelte

1.0.7

Svelte dictionary for cspell.

prettier-plugin-svelte

3.4.0

Svelte plugin for prettier

@sveltejs/vite-plugin-svelte

6.0.0

The official [Svelte](https://svelte.dev) plugin for [Vite](https://vitejs.dev).

svelte-check

4.2.2

Svelte Code Checker Terminal Interface

Gathering detailed insights and metrics for svelte

svelte - 5.35.5 | npmpackage.info

svelte

web development for the rest of us

5.35.5

83,354

MIT

JavaScript

2.40 MB

5.1

Installations

npm install svelte

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Min. Node Version

>=18

Node Version

18.20.8

NPM Version

10.8.2 Score

98.5

Supply Chain

84.8

Quality

97.6

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

45

Total

7,153

Closed

1,251

Merged

5,857

Issues

Open

767

Total

8,363

Closed

7,596

Releases

484

svelte@5.35.5

Updated on Jul 09, 2025

svelte@5.35.4

Updated on Jul 07, 2025

svelte@5.35.3

Updated on Jul 07, 2025

svelte@5.35.2

Updated on Jul 03, 2025

svelte@5.35.1

Updated on Jul 02, 2025

svelte@5.35.0

Updated on Jul 02, 2025

View All 484 releases

Languages

JavaScript

Svelte

TypeScript

CSS

HTML

JavaScript (72.25%)

Svelte (22.02%)

TypeScript (3.94%)

CSS (1.32%)

HTML (0.47%)

Developer

sveltejs

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

83,354 Stars

10,383 Commits

4,559 Forks

852 Watchers

144 Branches

789 Contributors

Updated on Jul 10, 2025

Maintainers

View All 789 Contributors

Package Meta Information

Latest Version

5.35.5

Package Id

svelte@5.35.5

Unpacked Size

2.40 MB

Size

614.82 kB

File Count

363

NPM Version

10.8.2

Node Version

18.20.8

Published on

Jul 09, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Svelte - web development for the rest of us

What is Svelte?

Svelte is a new way to build web applications. It's a compiler that takes your declarative components and converts them into efficient JavaScript that surgically updates the DOM.

Learn more at the Svelte website, or stop by the Discord chatroom.

Getting started

You can play around with Svelte in the tutorial, examples, and REPL.

When you're ready to build a full-fledge application, we recommend using SvelteKit:

1npx sv create my-app
2cd my-app
3npm install
4npm run dev

See the SvelteKit documentation to learn more.

Changelog

The Changelog for this package is available on GitHub.

Supporting Svelte

Svelte is an MIT-licensed open source project with its ongoing development made possible entirely by fantastic volunteers. If you'd like to support their efforts, please consider:

Becoming a backer on Open Collective.

Funds donated via Open Collective will be used for compensating expenses related to Svelte's development.

Moderate

5.4/10

Summary

Svelte has a potential mXSS vulnerability due to improper HTML escaping

Affected Versions

< 4.2.19

Patched Versions

4.2.19

Moderate

6.1/10

Summary

Svelte vulnerable to XSS when using objects during server-side rendering

Affected Versions

< 3.49.0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin
Info: 0 out of 17 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 10 third-party GitHubAction dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

5.1

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to svelte

Other packages similar to svelte

svelte

Installations

Developer Guide

Yes

ESM

>=18

18.20.8

10.8.2

Score

Pull Requests

45

7,153

1,251

5,857

Issues

767

8,363

7,596

Releases

Languages

Developer

Download Statistics

GitHub Statistics

Maintainers

Package Meta Information

Total Downloads

NaN

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

What is Svelte?

Getting started

Changelog

Supporting Svelte

10

10

10

10

9

7

0

0

0

0

0

0

5.1

/10