Product
Introducing Supply Chain Attack Campaigns Tracking in the Socket Dashboard
Campaign-level threat intelligence in Socket now shows when active supply chain attacks affect your repositories and packages.
By Philipp Burckhardt - Jan 21, 2026
🚀 Launch Week Day 3:Introducing Supply Chain Attack Campaigns Tracking.Learn More →
@tanstack/create-start
Advanced tools
@tanstack/create-start
CLI tool for creating and modifying TanStack Start projects.
pnpm create @tanstack/start
Run
pnpm create @tanstack/start --help
to see all options.
Until peer dependency issues are worked out, npm create @tanstack/start doesn't work.
Use pnpm or maybe a bundled version could be published instead.
Contributing
Modules
Modules represent templates and functionality that can be added later to a TanStack Start project. A module is created using a chain of methods specifying callbacks which receives arguments from the previous step.
-
createModule(schema): Set the schema of values that will be passed in from command line options. -
.init((configFromSchema) => { ... }): Crawl the filesystem to infer configuration, for example detecting the current package manager -
.prompt((configFromInit) => { ... }): Prompt the user for configuration, skipping config that has already been specified. -
.validateAndApply({ validate, apply })-
validate({ cfg, targetPath }): check if preconditions met (is there a package.json? is a library already installed?) and return an array of strings that are issues to address -
apply({ cfg, targetPath }): modify the filesystem: install libraries, modify files
-
FAQs
Tanstack Start Builder
The npm package @tanstack/create-start receives a total of 6,034 weekly downloads. As such, @tanstack/create-start popularity was classified as popular.
We found that @tanstack/create-start demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 13 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
PyPI Package Impersonates SymPy to Deliver Cryptomining Malware
Malicious PyPI package sympy-dev targets SymPy users, a Python symbolic math library with 85 million monthly downloads.
By Kirill Boychenko - Jan 21, 2026
Security News
Node.js 25.4.0 Ships with Stable require(esm)
Node.js 25.4.0 makes require(esm) stable, formalizing CommonJS and ESM compatibility across supported Node versions.
By Sarah Gooding - Jan 21, 2026