Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@sveltejs/kit
Advanced tools
@sveltejs/kit is a framework for building web applications using Svelte. It provides a comprehensive set of tools and features for creating highly performant, modern web applications with ease. SvelteKit handles routing, server-side rendering, static site generation, and more.
Routing
SvelteKit provides a file-based routing system. You can create routes by adding files to the `src/routes` directory. Dynamic routes can be created using square brackets.
```javascript
// src/routes/index.svelte
<script>
export let name = 'world';
</script>
<h1>Hello {name}!</h1>
// src/routes/[slug].svelte
<script>
export let params;
</script>
<h1>Post: {params.slug}</h1>
```
Server-side Rendering (SSR)
SvelteKit supports server-side rendering out of the box. You can fetch data on the server and pass it to your components using the `load` function.
```javascript
// src/routes/index.svelte
<script context="module">
export async function load({ page, fetch, session, context }) {
const res = await fetch('/api/data');
const data = await res.json();
return { props: { data } };
}
</script>
<script>
export let data;
</script>
<h1>Data: {data}</h1>
```
Static Site Generation (SSG)
SvelteKit can generate static sites. By using the `@sveltejs/adapter-static` adapter, you can build your site as a collection of static files.
```javascript
// svelte.config.js
import adapterStatic from '@sveltejs/adapter-static';
export default {
kit: {
adapter: adapterStatic()
}
};
```
API Routes
SvelteKit allows you to create API routes by adding JavaScript files to the `src/routes` directory. These routes can handle HTTP requests and return responses.
```javascript
// src/routes/api/data.js
export async function get() {
return {
status: 200,
body: { message: 'Hello from the API' }
};
}
```
Next.js is a React framework for building server-side rendered and statically generated web applications. It offers similar features to SvelteKit, such as file-based routing, SSR, and SSG. However, it uses React instead of Svelte.
Nuxt.js is a framework for building Vue.js applications with server-side rendering, static site generation, and more. It provides a similar set of features to SvelteKit but is built on top of Vue.js.
Gatsby is a React-based framework for building static sites. It focuses on performance and uses GraphQL for data fetching. While it offers static site generation like SvelteKit, it does not provide server-side rendering out of the box.
Here be dragons, etc etc.
This project aims to replicate Sapper's functionality in its entirety, minus building for deployment (which can be handled by 'adapters' that do various opinionated things with the output of snowpack build
).
It's currently missing a ton of stuff but I figured I'd throw it up on GitHub anyway partly for the sake of 'working in the open' but mostly because I need an issue tracker to organise my thoughts.
There are no tests yet or anything like that. Some of the code has just been straight copied over from the existing Sapper repo, but a pleasing amount of it can safely be left behind.
Clone this repo, npm install
, and npm link
. That will create a global link to the svelte
bin. You can then either npm run build
or npm run dev
, if you intend to make changes and see them immediately reflected.
Then, clone the corresponding svelte-app-demo repo and follow the instructions therein.
FAQs
SvelteKit is the fastest way to build Svelte apps
We found that @sveltejs/kit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.