New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details
Socket
Book a DemoSign in
Socket
Book a DemoSign in

svelma

Package Overview
Dependencies
Maintainers
2
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

svelma

Bulma components for Svelte

latest
Source
npmnpm
Version
0.4.5
Version published
Weekly downloads
57
-69.35%
Maintainers
2
Weekly downloads
 
Created
Source

Svelma

Svelma is a set of UI components for Svelte based on the Bulma CSS framework.

Change Log

Documentation

See docs + demos site here

Quick Start

1. Import svelma and dependencies via npm to your project

$ npm install --save bulma svelma
$ npm install node-sass svelte-preprocess rollup-plugin-postcss --save-dev

2. Add the postcss plugin to your rollup config

// rollup.config.js
import postcss from 'rollup-plugin-postcss'
import preprocess from 'svelte-preprocess'

// ...

export default {
  // ...
  plugins: [
    svelte({
      // ...
      preprocess: preprocess()
    }),

    postcss(),
  }
}

3. Import Bulma's CSS and Svelma components

<!-- App.svelte -->
<script>
  import 'bulma/css/bulma.css'
  import { Button } from 'svelma'
</script>

<button type="is-primary">I'm a Button!</button>

4. Include Font Awesome icons

From CDN in your HTML page:

<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.3.1/css/all.css" />

Or as an npm package imported into your root component:

$ npm install --save @fortawesome/fontawesome-free

<!-- App.svelte -->
<script>
  import 'bulma/css/bulma.css'
  import '@fortawesome/fontawesome-free/css/all.css'
</script>

SSR

If you are doing server-side rendering with Sapper, you'll need to import the .svelte files directly so that your app can compile them, rather than importing from the compiled module.

i.e.:

import Button from 'svelma/src/components/Button.svelte'

instead of

import { Button } from 'svelma'

Inspiration

Much thanks to the Buefy and Svelma2 projects! It provided the inspiration and lots of code examples for this version of Svelma.

Keywords

svelte
svelte.js
sveltejs
bulma
component
components

FAQs

Package last updated on 14 Apr 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure

Research

/

Security News

108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure

Campaign of 108 extensions harvests identities, steals sessions, and adds backdoors to browsers, all tied to the same C2 infrastructure.

By Kush Pandya  -  Apr 13, 2026
Don't Kill the Goose That Lays the Golden Eggs

Security News

Don't Kill the Goose That Lays the Golden Eggs

Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.

By Sarah Gooding  -  Apr 10, 2026