Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
create-hono
Advanced tools
Create Hono
Create a Hono application from starter templates.
Quick Start
Starter templates are available for each platform. Use one the following "create-hono" commands.
# npm
npm create hono@latest
# yarn
yarn create hono
# pnpm
pnpm create hono@latest
# bun
bun create hono@latest
# deno
deno run -A npm:create-hono@latest
Options
-t, --template <template>
You can specify the desired template from the command line. This is useful for automation, where you'd like to skip any interactive prompts.
npm create hono@latest ./my-app -- --template cloudflare-pages
-i, --install
Install dependencies after cloning template.
npm create hono@latest ./my-app -- --install
-p, --pm <pnpm|bun|deno|npm|yarn>
Allows you to specify which package manager to use.
npm create hono@latest ./my-app -- --pm pnpm
-o, --offline
Use the local cache instead of fetching the latest templates.
npm create hono@latest ./my-app -- --offline
Author
Yusuke Wada https://github.com/yusukebe
and Hono contributors
License
MIT
This project source code is based on Create Solid MIT Licensed. https://github.com/solidjs/solid-start/tree/main/packages/create-solid
FAQs
Create a Hono application from starter templates.
The npm package create-hono receives a total of 3,383 weekly downloads. As such, create-hono popularity was classified as popular.
We found that create-hono demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025