New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@drop-in/new

Package Overview
Dependencies
Maintainers
1
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@drop-in/new

A SvelteKit Svelte 5 PocketBase Starter Kit with a CLI

latest
npmnpm
Version
0.1.0
Version published
Maintainers
1
Created
Source

Drop In 🛹

Drop-in to your new local first app. Get started in no time, your framework should do more for you.

NOTE

This is a WIP. In the near future, the primary template will be local first via Zero. The most usable and available template is the

Getting Started

  • npx @drop-in/new your-app-name || pnpx @drop-in/new your-app-name
  • cd ./your-app-name
  • pnpm install || npm install
  • Set ENV credentials
  • (optional). npm run typegen || pnpm typegen must have all env credentials set to work

Templates

  • Lofi -> The default template

Features & Packages

  • Easy start for local first, Zero based sites
  • Base CSS @drop-in/graffiti
    • Basic typography system
    • Grid System
  • Elements @drop-in/decks
    • Standards based simple toast system
    • Dialog based modals and drawers
    • Popover base menues
  • Elements @drop-in/ramps
    • Customizable tmeplates that you can pull into your project
  • Aliases and structure
  • Drizzle based server schema / migrations with Zero Drizzle connection for a one time schema authoring experience.
  • Auth via @drop-in/pass
  • Email via @drop-in/beeper

Included Aliases

$lib: 'src/lib';
$routes: 'src/routes';
$state: 'src/state';
$types: 'src/types';
$utils: 'src/utilities';

FAQ

What is Zero?

Zero Sync is the local first platform of your dreams. https://zero.rocicorp.dev/ utilizing Zero Svelte, Drop In is able to load data locally while syncing to your database in the backend.

Why no authenticated SSR?

The base template has two main route paths. SSR based with no auth or app code with auth. While you could have authenticated user data there are enough major differences in approach (ie not using server actions, cookie for auth token, .server.ts files, ect..) that having both in this codebase felt like it would make it too complex. Might make a 2nd template with full SSR.

Why no (insert styling library) included?

It's pretty trivial to add those yourself and I wanted to keep this as bare as possible style wise. Many projects have their own CSS needs and I want to respect that. I'd like to add a cli with alternate builds of this with more baked in UI if anyone is interested in helping.

Inspirations

  • Svelte Kit CLI code
  • Meteor

Keywords

Svelte
Svelte Kit
Starter Kit

FAQs

Package last updated on 05 May 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Security News

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

By Sarah Gooding  -  Apr 02, 2026