Installations
npm install tinro
Developer Guide
Typescript
Yes
Module System
CommonJS
Node Version
15.14.0
NPM Version
7.7.6
Score
78.7
Supply Chain
98.9
Quality
76.2
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (75.74%)
Svelte (21.47%)
CSS (1.93%)
HTML (0.85%)
Developer
AlexxNB
Download Statistics
Total Downloads
336,739
Last Day
301
Last Week
2,814
Last Month
12,949
Last Year
131,147
GitHub Statistics
679 Stars
243 Commits
30 Forks
15 Watching
4 Branches
11 Contributors
Bundle Size
8.10 kB
Minified
3.45 kB
Minified + Gzipped
Package Meta Information
Latest Version
0.6.12
Package Id
tinro@0.6.12
Unpacked Size
71.43 kB
Size
23.35 kB
File Count
12
NPM Version
7.7.6
Node Version
15.14.0
Total Downloads
Cumulative downloads
Total Downloads
336,739
Last day
-64.3%
301
Compared to previous day
Last week
-10.5%
2,814
Compared to previous week
Last month
6.8%
12,949
Compared to previous month
Last year
71.8%
131,147
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
7
tinro
tinro is a highly declarative, tiny, dependency free router for Svelte web applications.
Features
- Just one component to declare routes in your app
- Links are just common native
<a>
elements - History API, Hash-based, or in-memory navigation
- Simple nested routes
- Routes with parameters (
/hello/:name
) - Redirects
- Fallbacks on any nested level
- Parsing query parameters (
?x=42&hello=world&fruits=apple,banana,orange
) - Manage URL's hash and query parts
- Svelte's REPL compatible
Documentation
- Install
- Getting started
- Nesting
- Links
- Redirects
- Fallbacks
- Route meta
Parameters(Deprecated since 0.5.0)- Navigation method
- Base path
- Manage hash and query
- API
- Recipes
- Troubleshooting
Install
Install tinro as a dev dependency in your Svelte project:
1$ npm i -D tinro
Getting started
tinro is very simple! It provides just one component — <Route>
. A common app structure looks like this:
1<script> 2 import {Route} from 'tinro'; 3 import Contacts from './Contacts.svelte'; // <h1>Contacts</h1> 4</script> 5 6<nav> 7 <a href="/">Home</a> 8 <a href="/portfolio">Portfolio</a> 9 <a href="/contacts">Contacts</a> 10</nav> 11 12<Route path="/"><h1>This is the main page</h1></Route> 13<Route path="/portfolio/*"> 14 <Route path="/"> 15 <h1>Portfolio introduction</h1> 16 <nav> 17 <a href="/portfolio/sites">Sites</a> 18 <a href="/portfolio/photos">Photos</a> 19 </nav> 20 </Route> 21 <Route path="/sites"><h1>Portfolio: Sites</h1></Route> 22 <Route path="/photos"><h1>Portfolio: Photos</h1></Route> 23</Route> 24<Route path="/contacts"><Contacts /></Route>
See the example in action in Svelte's REPL
Nesting
There are two types of routes you can declare in the <Route>
component's path
property:
Exact path
Shows its content only when path
matches the URL of the page exactly. You can't place a nested <Route>
inside these components.
1<Route path="/">...</Route> 2<Route path="/page">...</Route> 3<Route path="/page/subpage">...</Route>
Non-exact path
<Route>
components with a path
property that ends with /*
show their content when a part of the page's URL matches with the path before the /*
. A nested <Route>
can be placed inside routes with a non-exact path only.
1<Route path="/books/*"> 2 Books list: 3 <Route path="/fiction">...</Route> 4 <Route path="/drama">...</Route> 5</Route>
The path
property of a nested <Route>
is relative to its parent. To see the Fiction category in the above example, you would point your browser to http://mysite.com/books/fiction
.
Nested routes also work inside child components. So, we can rewrite the example this way:
1<!-- Bookslist.svelte--> 2... 3Books list: 4<Route path="/fiction">...</Route> 5<Route path="/drama">...</Route> 6 7<!-- App.svelte--> 8... 9<Route path="/books/*"> 10 <Bookslist/> 11</Route>
Show first matched nested route only
Sometimes, you need to show only the first nested route from all those matched with a given URL. Use the firstmatch
property on the parent Route
:
1<Route path="/user/*" firstmatch> 2 3 <!-- Will be open when URL is /user/add --> 4 <Route path="/add">Add new user</Route> 5 6 <!-- Will be open when URL is /user/alex or /user/bob, but not /user/add --> 7 <Route path="/:username" let:meta>Show user {meta.params.username}'s profile</Route> 8 9</Route>
Links
There is no special component for links. Just use native <a>
elements. When the href
attribute starts with a single /
(like /mypage
or just /
), it will be treated as an internal link which will be matched with defined routes. Other cases do not affect the links' behavior.
All internal links will be passed into the tinro router. However, it is possible to prevent this by adding the tinro-ignore
or data-tinro-ignore
attributes:
1<a href="/api/auth" tinro-ignore>Go to API page</a>
If you need to add the active
class to links where the path corresponds to the current URL, use the active
action from the tinro
package:
1<script> 2 import {active} from 'tinro'; 3</script> 4 5<!-- Common usage: 6 class `active` will be added when URL is '/page' or any relative path like '/page/sub/sub' --> 7<a href="/page" use:active>Link</a> 8 9<!-- Exact match: 10 class `active` will be added only when URL exactly equals '/page' (but NOT '/page/sub') --> 11<a href="/page" use:active exact>Link</a> 12 13<!-- Custom class: 14 class `myactive` will be added if link is active --> 15<a href="/page" use:active active-class="myactive">Link</a> 16 17<!-- Valid HTML usage: 18 if you prefer to have valid HTML use `data-` prefix --> 19<a href="/page" use:active data-exact data-active-class="myactive">Link</a>
Redirects
You can redirect the browser to any path by using the redirect
property:
1<!-- Exact redirect --> 2<Route path="/noenter" redirect="/newurl"/> 3 4<!-- Non-exact redirect will also work for any nested path --> 5<Route path="/noenter/*" redirect="/newurl"/>
You can also redirect to a relative path — just write the new URL without /
in front of it:
1<!-- This will redirect to /subpage/newurl --> 2<Route path="/subpage/*"> 3 <Route path="/" redirect="newurl"/> 4</Route>
Fallbacks
Routes with the fallback
property show their content when no matched address was found. Fallbacks may be placed inside a non-exact <Route>
or belong to root routes. Fallbacks bubble, so if there is no fallback on the current level, the router will try to find one on any parent levels. See the example:
1<Route> <!-- same as <Route path="/*"> --> 2 <Route path="/">Root page</Route> 3 <Route path="/page">Page</Route> 4 <Route path="/sub1/*"> 5 <Route path="/subpage">Subpage1</Route> 6 </Route> 7 <Route path="/sub2/*"> 8 <Route path="/subpage">Subpage2</Route> 9 <Route fallback>No subpage found</Route> 10 </Route> 11 <Route fallback>No page found</Route> 12</Route> 13 14<a href="/">...</a> <!-- shows Root page --> 15<a href="/page">...</a> <!-- shows Page --> 16<a href="/blah">...</a> <!-- shows No page found --> 17<a href="/sub1/subpage">...</a> <!-- shows Subpage1 --> 18<a href="/sub1/blah">...</a> <!-- shows No page found --> 19<a href="/sub1/blah/blah">...</a> <!-- shows No page found --> 20<a href="/sub2/subpage">...</a> <!-- shows Subpage2 --> 21<a href="/sub2/blah">...</a> <!-- shows No subpage found --> 22<a href="/sub2/blah/blah">...</a> <!-- shows No subpage found -->
Route meta
You can get useful meta data for each route by importing and calling meta
from the tinro
package. Notice, that meta()
must be called only inside any <Route>
's child component.
1<script> 2 import {meta} from 'tinro'; 3 const route = meta(); 4</script> 5 6<h1>My URL is {route.url}!</h1> 7 8<!-- If you need reactive updates, use it as a store --> 9<h1>My URL is {$route.url}!</h1>
You can also get meta data with the let:meta
directive:
1<Route path="/hello" let:meta> 2 <h1>My URL is {meta.url}!</h1> 3</Route>
meta.url
Current browser URL (includes query).
Example: /books/stanislaw_lem/page2?order=descend
meta.pattern
The pattern of the route path, including parameter placeholders. It is a combination of the path
properties of all parent routes.
Example: /books/:author
meta.match
Part of the browser URL that is matched with the route pattern.
Example: /books/stanislaw_lem
meta.from
If present, the value of the browser URL before navigation to the current page. Useful to make a back button, for example.
Example: /books/stanislaw_lem/page1?order=descend
meta.query
Object containing keys/values from the browser URL query string (if present).
Example: {order: "descend"}
meta.params
If the route pattern has parameters, their values will be in the meta.params
object.
1<!-- Example for URL "/books/stanislaw_lem/solaris"> --> 2<Route path="/books/:author/*" let:meta> 3 4 <!-- meta.params here {author:stanislaw_lem} --> 5 Author: {meta.params.author} 6 7 <Route path="/:title" let:meta> 8 9 <!-- meta.params here {author:stanislaw_lem, title:solaris} --> 10 Book: {meta.params.title} 11 12 </Route> 13</Route>
meta.breadcrumbs
All parent routes that have a breadcrumb
property will add a breadcrumb to the meta.breadcrumbs
array. Each breadcrumb is an object with name
and path
fields.
1<Route path="/*" breadcrumb="Home"> 2 <Route path="/portfolio" breadcrumb="My Portfolio" let:meta> 3 <ul class="breadcrumbs"> 4 {#each meta.breadcrumbs as bc} 5 <li><a href={bc.path}>{bc.name}</a></li> 6 {/each} 7 </ul> 8 9 This is my portfolio 10 </Route> 11</Route>
Parameters
!
route.params
andlet:params
are DEPRECATED since v.0.5.0. and will be deleted in future versions!
See meta.params section
Navigation method
By default, navigation uses the History API
which allows you to have clean page URLs, although it needs some setup on the server side. Instead, you may choose to use hash
or memory
navigation methods. There is no need to change links or paths in your app, everything else will still work the same.
1<!-- Root file of your project, ex. App.svelte --> 2<script> 3 import {Route,router} from 'tinro'; 4 5 router.mode.hash(); // enables hash navigation method 6 7 // - OR - 8 9 router.mode.memory(); // enables in-memory navigation method 10</script> 11 12<!-- Link will point browser to '/#/page/subpage' --> 13<a href="/page/subpage">Subpage</a> 14 15<!-- Route shows content when URL is '/#/page/subpage' --> 16<Route path="/page/subpage">Subpage content</Route>
Note: default navigation method in non-browser environment or inside iframes is memory
Server side setup for History API method
When you use the History API
and point the browser to the root path /
(usually /index.html
) all links and Routes will work properly. But when you start your app on any subpage, like /page/subpage
, you will see the 404 Not found
error. Because of this, you need to setup your server to point all requests to /index.html
.
This is easy if you use the official Svelte template. Just open package.json
and find this NPM script:
1"start": "sirv public"
Replace it with this line:
1"start": "sirv public --single"
Now, start your app with npm run dev
and open a URL like http://localhost:5000/page/subpage
. You should see the app page, instead of the "Not found" error.
For other servers you can read the following links: Nginx, Apache, Caddy
Base path
When you deploy your app in subderictory on the host and use history navigation mode you must use full links and routes for correct navigation. Other way is to set base path, and all links and routes will be treated relatively. For example, if you deploy on https://myserver.com/subdir
, then set base path to /subdir
in root component of your app:
1<script> 2 import {router, Route} from 'tinro'; 3 router.base('/subdir'); 4</script> 5 6<nav> 7 <a href="/foo">Foo</a> 8 <a href="/bar">Bar</a> 9</nav> 10 11<Route path="/foo">This is Foo</Route> 12<Route path="/bar">This is Bar</Route>
Notice: Base path must start but not end with /
Manage hash and query
You can change URL's parts (such as query and hash) using router.location
methods:
1import {router} from 'tinro'; 2 3router.goto('/foo'); //URL: /foo 4router.location.query.set('name','alex'); //URL: /foo?name=alex 5router.location.hash.set('bar'); //URL: /foo?name=alex#bar 6router.location.query.set('page',1); //URL: /foo?name=alex&page=1#bar 7router.location.query.replace({hello: 'world'}); //URL: /foo?hello=world#bar 8router.location.query.clear(); //URL: /foo#bar 9router.location.hash.clear(); //URL: /foo
API
You can import the router
object from the tinro
package:
router.goto(href)
Programmatically change the URL of the current page.
router.mode
Methods to change curent router mode:
history()
- set HistoryAPI navigation methodhash()
- set hash navigation methodmemory()
- set memory navigation method
router.base(path)
Sets base path for router
router.location.hash
Methods, which allows to get or set current value of the URL's hash part:
get()
- get current hash valueset(value)
- set new hash valueclear()
- remove hash from the current URL
router.location.query
Methods, which allows to get or modify current value of the URL's query part:
get(name?)
- get current query object, or its property value whenname
specifiedset(name,value)
- update or add query property byname
delete(name)
- remove property with specifiedname
from the query objectreplace(object)
- replace current query object with new oneclear()
- remove query from the current URL
router.subscribe(func)
The router
object is a valid Svelte store, so you can subscribe to get the changing navigation data. func
gets an object with page data:
url
- current browser URL (with query string)from
- previous URL before navigation to current page (if present)path
- current browser URLhash
- the hash part of the URL, after#
signquery
- object, containing parsed query string
Note: you can use Svelte's auto-subscription to retrieve data from the router
store:
1<script> 2 import {router} from 'tinro'; 3</script> 4 5Current page URL is: {$router.path}
router.mode.[history()|hash()|memory()]
Run this in the app's root file to set the navigation method you need.
router.params()
Deprecated. See router.meta
instead.
Recipes
tinro is not the most powerful router among all those available for Svelte applications. We prefer a smaller footprint in your bundles over having all possible features out of the box. But you can easily code some features yourself using the recipies below:
Lazy loading components
If you want to have code-splitting and load components only when that page is requested, make this little component:
1<!-- Lazy.svelte--> 2<script> 3 export let component; 4</script> 5 6{#await component.then ? component : component()} 7 Loading component... 8{:then Cmp} 9 <svelte:component this={Cmp.default} /> 10{/await}
And use it when you need a lazy loaded component in your routes:
1<Route path="/lazypage"> 2 <Lazy component={()=>import('./mypage.svelte')}/> 3 <!-- OR --> 4 <Lazy component={import('./mypage.svelte')}/> 5</Route>
Transitions
If you want a transiton when the path changes, create a component like this:
1<!-- Transition.svelte --> 2<script> 3 import {router} from 'tinro'; 4 import {fade} from 'svelte/transition'; 5</script> 6 7{#key $router.path} 8 <div in:fade="{{ duration: 700}}"> 9 <slot></slot> 10 </div> 11{/key}
Then, put your routes inside the Transition component:
1<Transition> 2 <Route path="/">...</Route> 3 <Route path="/page1">...</Route> 4 <Route path="/page2">...</Route> 5</Transition>
Guarded routes
You can protect routes from being loaded using only Svelte's logic blocks, like the {#if}
statement:
1{#if user.authed} 2 <Route path="/profile">This is a private page...</Route> 3{:else} 4 <Route path="/profile"><a href="/login">Please sign in first</a></Route> 5 <Route path="/login">This is the sign in form...</Route> 6{/if}
You can also create a special guard component as shown in this example.
Scroll to top
tinro doesn't control scrolling in your app, but sometimes you need to scroll to the top of the page after navigation. To do this, just add the router
store subscription to your root component (ex. App.svelte
). This way you can run any actions (not just scrolling) every time the URL
changes.
1import {router} from `tinro`; 2router.subscribe( _ => window.scrollTo(0, 0));
Navigation announcer
The problem of any SPA router is that it does not use default browser navigation when user click the link. This cause accessability issue for people who use screenreaders, because it won't announce that new page was loaded. You can fix this creating Announce
component:
1<!-- Announcer.svelte--> 2<script> 3 import { router } from 'tinro'; 4 $: current = $router.path === '/' ? 'Home' : $router.path.slice(1); 5</script> 6 7<div aria-live="assertive" aria-atomic="true"> 8 {#key current} 9 Navigated to {current} 10 {/key} 11</div> 12 13<style> 14 div { 15 position: absolute; 16 left: 0; 17 top: 0; 18 clip: rect(0 0 0 0); 19 clip-path: inset(50%); 20 overflow: hidden; 21 white-space: nowrap; 22 width: 1px; 23 height: 1px; 24 } 25</style>
Then place this component somewhere in your App.svelte
root file:
1... 2<Announcer /> 3...
Troubleshooting
If you use Vite to bandle your app(including SvelteKit), you should exclude tinro
from the optimizedDeps
in Vite's config:
1 ... 2 optimizeDeps: { 3 exclude: ['tinro'] 4 }, 5 ...
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
4 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-wv8q-r932-8hc7
- Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/29 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/generate_changelog.yml:1
- Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate_changelog.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/generate_changelog.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate_changelog.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/generate_changelog.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate_changelog.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/generate_changelog.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/AlexxNB/tinro/npm-publish.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:20
- Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:35
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Score
3.1
/10
Last Scanned on 2024-12-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More