Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@melt-ui/svelte
Advanced tools
Melt UI is a set of headless, accessible component builders for Svelte.
Melt UI is meant to be used as a base for your own styles and components. It offers:
Run our installer script to get started:
npx @melt-ui/cli@latest init
Import the builders to your code and start using them:
<script>
import { createCollapsible, melt } from '@melt-ui/svelte'
const {
elements: { root, content, trigger },
states: { open }
} = createCollapsible()
</script>
<div use:melt="{$root}">
<button use:melt="{$trigger}">{$open ? 'Close' : 'Open'}</button>
<div use:melt="{$content}">Obi-Wan says: Hello there!</div>
</div>
Contributions are welcome and encouraged!
Melt UI is under active development. Currently planned features can be found in the issues tab, alongside bug reports.
We work on this project on a volunteer basis in our free time. If you notice something that hasn't been implemented yet or could be improved, do consider contributing to the project! The goal is to enhance the experience of building with Svelte and improve the ecosystem for everyone.
Check out our Contributing guide to learn more.
Got any questions? Want to talk to the maintainers?
Our Discord community is a great place to get in touch with us, and we'd love to have you there.
Looking for more? Check out the other component library projects available for Svelte.
FAQs
![](static/banner.png)
The npm package @melt-ui/svelte receives a total of 72,070 weekly downloads. As such, @melt-ui/svelte popularity was classified as popular.
We found that @melt-ui/svelte demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.