Product
Introducing GitHub Actions Scanning Support
Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.
By Rakesh Chatrath, Greg Tystahl - Oct 23, 2025
🚀 DAY 3 OF LAUNCH WEEK: Introducing Webhook Events for Pull Request Scans.Learn more →
@aklinker1/aframe
Advanced tools
@aklinker1/aframe
aframe
Simple wrapper around Vite for creating pre-rendered, client-side web apps with a backend.
Project Structure
📂 {rootDir}/
📁 app/
📄 index.html
📄 main.ts
📁 public/
📄 favicon.ico
📁 server/
📄 env.d.ts
📄 main.ts
📄 .env
📄 aframe.config.ts
// aframe.config.ts
export default defineConfig({
// See https://vite.dev/config/
vite: {
// ...
},
// List of routes to pre-render.
prerenderedRoutes: ["/"],
// See https://github.com/Tofandel/prerenderer?tab=readme-ov-file#prerenderer-options
prerenderer: {
// ...
},
});
// server/env.d.ts
/// <reference types="@aklinker1/aframe/env" />
// server/main.ts
import { Elysia } from "elysia";
// You don't have to use `elysia`, the default export just needs to have a
// `listen(port)` function.
const app = new Elysia()
.get("/", "Hello Elysia")
.get("/user/:id", ({ params }) => params.id)
.post("/form", ({ body }) => body);
export default app;
<!-- app/index.html -->
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Hello Aframe</title>
</head>
<body></body>
<script type="module" src="./main.ts"></script>
</html>
bun add elysia @aklinker1/aframe
bun add -D puppeteer vite
// package.json
{
"name": "my-app",
"version": "1.0.0",
"packageManager": "bun@1.2.2",
"scripts": {
"aframe": "bun node_modules/@aklinker1/aframe/bin/aframe.ts",
"dev": "bun --silent aframe",
"build": "bun --silent aframe build",
"preview": "bun .output/server-entry.js",
},
"dependencies": {
"@aklinker1/aframe": "latest",
"elysia": "latest",
},
"devDependencies": {
"vite": "latest",
"puppeteer": "latest",
},
}
Usage
Environment
Create a single .env file in your project root. app secrets must be prefixed with APP_, whereas server secrets don't need any prefix:
# {rootDir}/.env
APP_DEFAULT_MODEL=gemini-2.0-flash
OPENAI_API_KEY=...
In this case, you could use import.meta.env.VITE_DEFAULT_MODEL in your app code and process.env.OPENAI_API_KEY in your server code.
Import files as text
When importing a file as text, like an HTML template or a .gql schema, you should use with { type: "text" }:
// server/main.ts
import welcomeEmailTemplate from "./assets/email-templates/welcome.html" with { type: "text" };
Detecting Prerender
Aframe provides a helper for checking if the app is being prerendered, isPrerendering():
<!-- ClientOnly.vue -->
<script setup lang="ts">
import { isPrerendering } from "@aklinker1/aframe/app";
const visible = !isPrerendering();
</script>
<template>
<slot v-if="visible" />
<slot v-else name="fallback" />
</template>
Publish Update to NPM
bun run release patch
FAQs
Unknown package
We found that @aklinker1/aframe demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Jul 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
By Jeppe Hasseriis - Oct 22, 2025
Research
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
By Kirill Boychenko - Oct 22, 2025