npmpackage.info

Gathering detailed insights and metrics for svelte-check

Other packages similar to svelte-check

svelte-check-plugin

1.0.4

Webpack plugin which runs svelte-check before compilation

lexical-svelte-runes

0.1.4-beta.89.1

the main check [test](https://github.com/zhihengGet/lexical-svelte/tree/test) branch

svelte-forms

2.3.1

Check out the new documentation website [here](https://chainlist.github.io/svelte-forms/)

@hexagon6/svelte-solid-webid-check

1.0.0

## Purpose

Gathering detailed insights and metrics for svelte-check

svelte-check - 4.2.2 | npmpackage.info

svelte-check

The Svelte Language Server, and official extensions which use it

4.2.2

1,332

MIT

TypeScript

603.07 kB

47,655,215 4.4

Installations

npm install svelte-check

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>= 18.0.0

Node Version

20.19.2

NPM Version

10.8.2 Score

95.8

Supply Chain

Quality

95.4

Maintenance

100

Vulnerability

99.6

License

Pull Requests

Open

26

Total

1,174

Closed

70

Merged

1,078

Issues

Open

230

Total

1,573

Closed

1,343

Releases

593

extensions-109.9.0

Updated on Jun 19, 2025

svelte-check-4.2.2

Updated on Jun 19, 2025

typescript-plugin-0.3.48

Updated on Jun 19, 2025

language-server-0.17.16

Updated on Jun 19, 2025

svelte2tsx-0.7.40

Updated on Jun 19, 2025

extensions-109.8.1

Updated on May 21, 2025

View All 593 releases

Languages

TypeScript

JavaScript

Svelte

TypeScript (79.42%)

JavaScript (15.54%)

Svelte (5.05%)

Developer

sveltejs

Download Statistics

Total Downloads

47,655,215

Last Day

35,295

Last Week

508,869

Last Month

2,205,844

Last Year

21,655,590

GitHub Statistics

MIT License

1,332 Stars

1,768 Commits

208 Forks

14 Watchers

25 Branches

136 Contributors

Updated on Jun 21, 2025

Bundle Size

2.57 MB

Minified

603.07 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 136 Contributors

Package Meta Information

Latest Version

4.2.2

Package Id

svelte-check@4.2.2

Unpacked Size

5.24 MB

Size

812.48 kB

File Count

NPM Version

10.8.2

Node Version

20.19.2

Published on

Jun 19, 2025

Total Downloads

Cumulative downloads

Total Downloads

47,655,215

Last Day

-2.9%

35,295

Compared to previous day

Last Week

-9.3%

508,869

Compared to previous week

Last Month

-0.3%

2,205,844

Compared to previous month

Last Year

54.2%

21,655,590

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Check your code with svelte-check

Provides CLI diagnostics checks for:

Unused CSS
Svelte A11y hints
JavaScript/TypeScript compiler errors

Requires Node 16 or later.

Usage:

Local / in your project

Installation:

npm i svelte-check --save-dev

Package.json:

1{
2    // ...
3    "scripts": {
4        "svelte-check": "svelte-check"
5        // ...
6    },
7    // ...
8    "devDependencies": {
9        "svelte-check": "..."
10        // ...
11    }
12}

Usage:

npm run svelte-check

Global (not recommended)

Installation:

npm i svelte-check svelte -g

Usage:

Go to folder where to start checking
svelte-check

Args:

Flag	Description
`--workspace <path>`	Path to your workspace. All subdirectories except node_modules and those listed in `--ignore` are checked
`--output <human\|human-verbose\|machine\|machine-verbose>`
`--watch`	Will not exit after one pass but keep watching files for changes and rerun diagnostics
`--preserveWatchOutput`	Do not clear the screen in watch mode
`--tsconfig <path>`	Pass a path to a tsconfig or jsconfig file. The path can be relative to the workspace path or absolute. Doing this means that only files matched by the files/include/exclude pattern of the config file are diagnosed. It also means that errors from TypeScript and JavaScript files are reported. If not given, will do an upwards traversal looking for the next jsconfig/tsconfig.json
`--no-tsconfig`	Use this if you only want to check the Svelte files found in the current directory and below and ignore any JS/TS files (they will not be type-checked)
`--ignore <path1,path2>`	Only has an effect when used in conjunction with `--no-tsconfig`. Files/folders to ignore - relative to workspace root, comma-separated, inside quotes. Example: `--ignore "dist,build"`. When used in conjunction with `--tsconfig`, this will only have effect on the files watched, not on the files that are diagnosed, which is then determined by the `tsconfig.json`
`--fail-on-warnings`	Will also exit with error code when there are warnings
`--compiler-warnings <code1:error\|ignore,code2:error\|ignore>`	A list of Svelte compiler warning codes. Each entry defines whether that warning should be ignored or treated as an error. Warnings are comma-separated, between warning code and error level is a colon; all inside quotes. Example: `--compiler-warnings "css-unused-selector:ignore,unused-export-let:error"`
`--diagnostic-sources <js,svelte,css>`	A list of diagnostic sources which should run diagnostics on your code. Possible values are `js` (includes TS), `svelte`, `css`. Comma-separated, inside quotes. By default all are active. Example: `--diagnostic-sources "js,svelte"`
`--threshold <error\|warning>`	Filters the diagnostics to display. `error` will output only errors while `warning` will output warnings and errors.

FAQ

Why is there no option to only check specific files (for example only staged files)?

svelte-check needs to know the whole project to do valid checks. Imagine you alter a component property export let foo to export let bar, but you don't update any of the component usages. They all have errors now but you would not catch them if you only run checks on changed files.

More docs, preprocessor setup and troubleshooting

See here.

Machine-Readable Output

Setting the --output to machine or machine-verbose will format output in a way that is easier to read by machines, e.g. inside CI pipelines, for code quality checks, etc.

Each row corresponds to a new record. Rows are made up of columns that are separated by a single space character. The first column of every row contains a timestamp in milliseconds which can be used for monitoring purposes. The second column gives us the "row type", based on which the number and types of subsequent columns may differ.

The first row is of type START and contains the workspace folder (wrapped in quotes).

Example:

1590680325583 START "/home/user/language-tools/packages/language-server/test/plugins/typescript/testfiles"

Any number of ERROR or WARNING records may follow. Their structure is identical and depends on the output argoument.

If the argument is machine it will tell us the filename, the starting line and column numbers, and the error message. The filename is relative to the workspace directory. The filename and the message are both wrapped in quotes.

Example:

1590680326283 ERROR "codeactions.svelte" 1:16 "Cannot find module 'blubb' or its corresponding type declarations."
1590680326778 WARNING "imported-file.svelte" 0:37 "Component has unused export property 'prop'. If it is for external reference only, please consider using `export const prop`"

If the argument is machine-verbose it will tell us the filename, the starting line and column numbers, the ending line and column numbers, the error message, the code of diagnostic, the human-friendly description of the code and the human-friendly source of the diagnostic (eg. svelte/typescript). The filename is relative to the workspace directory. Each diagnostic is represented as an ndjson line prefixed by the timestamp of the log.

Example:

1590680326283 {"type":"ERROR","fn":"codeaction.svelte","start":{"line":1,"character":16},"end":{"line":1,"character":23},"message":"Cannot find module 'blubb' or its corresponding type declarations.","code":2307,"source":"js"}
1590680326778 {"type":"WARNING","filename":"imported-file.svelte","start":{"line":0,"character":37},"end":{"line":0,"character":51},"message":"Component has unused export property 'prop'. If it is for external reference only, please consider using `export
const prop`","code":"unused-export-let","source":"svelte"}

The output concludes with a COMPLETED message that summarizes total numbers of files, errors and warnings that were encountered during the check.

Example:

1590680326807 COMPLETED 20 FILES 21 ERRORS 1 WARNINGS 3 FILES_WITH_PROBLEMS

If the application experiences a runtime error, this error will appear as a FAILURE record.

Example:

1590680328921 FAILURE "Connection closed"

Credits

Vue's VTI which laid the foundation for svelte-check

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

1

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:39
Warn: npmCommand not pinned by hash: .github/workflows/DeployExtensionsProd.yml:28
Warn: npmCommand not pinned by hash: .github/workflows/DeployExtensionsProd.yml:42
Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:31
Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:30
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 7 npmCommand dependencies pinned

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

4.4

/10

Last Scanned on 2025-06-09

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to svelte-check

Other packages similar to svelte-check

svelte-check

Installations

Developer Guide

No

CommonJS

>= 18.0.0

20.19.2

10.8.2

Score

Pull Requests

26

1,174

70

1,078

Issues

230

1,573

1,343

Releases

Languages

Developer

sveltejs

Download Statistics

GitHub Statistics

Bundle Size

2.57 MB

603.07 kB

Maintainers

Package Meta Information

Total Downloads

47,655,215

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Peer Dependencies

Dev Dependencies

Check your code with svelte-check

Usage:

Local / in your project

Global (not recommended)

Args:

FAQ

Why is there no option to only check specific files (for example only staged files)?

More docs, preprocessor setup and troubleshooting

Machine-Readable Output

Example:

Example:

Example:

Example:

Example:

Credits

10

10

10

10

10

6

1

0

0

0

0

0

0

0

4.4

/10