Security News
PEP 810 Proposes Explicit Lazy Imports for Python 3.15
An opt-in lazy import keyword aims to speed up Python startups, especially CLIs, without the ecosystem-wide risks that sank PEP 690.
By Sarah Gooding - Oct 04, 2025
Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More →
attractions
Advanced tools
Attractions
A pretty cool UI kit for Svelte.
Refer to the main documentation: https://illright.github.io/attractions
Installation
Step 1. Install the library with your favorite package manager:
npm install --save-dev attractions
# -- or --
yarn add --dev attractions
# -- or --
pnpm add --save-dev attractions
Step 2. Install svelte-preprocess, Dart Sass and PostCSS:
npm install --save-dev svelte-preprocess sass postcss
# -- or --
yarn add --dev svelte-preprocess sass postcss
# -- or --
pnpm add --save-dev svelte-preprocess sass postcss
Step 3. Add svelte-preprocess to your preprocessor chain (as shown here):
// rollup.config.js
import sveltePreprocess from 'svelte-preprocess';
export default {
// ...,
plugins: [
svelte({
preprocess: sveltePreprocess(),
}),
],
};
Step 4. Import the desired components as named imports and use wherever you like!
<script>
import { Button } from 'attractions';
</script>
<Button>click me</Button>
For more information on how to customize/theme your installation, see the docs.
Alternatively, the library can be used from a CDN, such as unpkg, and then the components will be registered as custom elements. This is especially useful for quick prototypes that do not need all the features provided.
Example usage:
<head>
<script src="https://unpkg.com/attractions"></script>
</head>
<body>
<a-button filled="filled">My button</a-button>
</body>
For more details, check out the docs.
License
This project is MIT licensed.
[3.7.2] - 2024-03-01
Fixed
- On touch devices, the slider would throw errors on release, not anymore (Thanks to @naranjamecanica for #380)
FAQs
A UI kit for Svelte
The npm package attractions receives a total of 150 weekly downloads. As such, attractions popularity was classified as not popular.
We found that attractions demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 01 Mar 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PodRocket Podcast: Inside the Recent npm Supply Chain Attacks
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
By Sarah Gooding - Oct 02, 2025
Security News
Package Maintainers Call for Improvements to GitHub’s New npm Security Plan
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
By Sarah Gooding - Sep 30, 2025