{"id":13485177,"url":"https://github.com/sveltejs/language-tools","last_synced_at":"2026-04-02T19:19:12.778Z","repository":{"id":36972163,"uuid":"247540022","full_name":"sveltejs/language-tools","owner":"sveltejs","description":"The Svelte Language Server, and official extensions which use it","archived":false,"fork":false,"pushed_at":"2026-02-13T17:00:37.000Z","size":8186,"stargazers_count":1395,"open_issues_count":278,"forks_count":230,"subscribers_count":11,"default_branch":"master","last_synced_at":"2026-02-14T17:19:03.452Z","etag":null,"topics":["language-server","svelte","vscode-extension"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sveltejs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"svelte"}},"created_at":"2020-03-15T19:49:32.000Z","updated_at":"2026-02-13T22:35:43.000Z","dependencies_parsed_at":"2024-01-13T11:56:13.928Z","dependency_job_id":"f1d07280-fe4b-4446-8a5f-2f0e92bc884a","html_url":"https://github.com/sveltejs/language-tools","commit_stats":{"total_commits":1519,"total_committers":126,"mean_commits":"12.055555555555555","dds":0.5450954575378539,"last_synced_commit":"4c8c0db10455367c486a3e03555da5290050bf48"},"previous_names":[],"tags_count":628,"template":false,"template_full_name":null,"purl":"pkg:github/sveltejs/language-tools","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Flanguage-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Flanguage-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Flanguage-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Flanguage-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sveltejs","download_url":"https://codeload.github.com/sveltejs/language-tools/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Flanguage-tools/sbom","scorecard":{"id":860989,"data":{"date":"2025-08-11","repo":{"name":"github.com/sveltejs/language-tools","commit":"2c99c58a62b9f1d0d6c4736d171692f2ba226c73"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.5,"checks":[{"name":"Code-Review","score":7,"reason":"Found 23/30 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"22 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/CI.yml:1","Warn: no topLevel permission defined: .github/workflows/DeployExtensionsProd.yml:1","Warn: no topLevel permission defined: .github/workflows/DeploySvelte2tsxProd.yml:1","Warn: no topLevel permission defined: .github/workflows/DeploySvelteCheckProd.yml:1","Warn: no topLevel permission defined: .github/workflows/DeploySvelteLanguageServerProd.yml:1","Warn: no topLevel permission defined: .github/workflows/DeployTypescriptPluginProd.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployExtensionsProd.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployExtensionsProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelte2tsxProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteCheckProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeploySvelteLanguageServerProd.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/language-tools/DeployTypescriptPluginProd.yaml/master?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:39","Warn: npmCommand not pinned by hash: .github/workflows/DeployExtensionsProd.yml:28","Warn: npmCommand not pinned by hash: .github/workflows/DeployExtensionsProd.yml:42","Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelte2tsxProd.yml:30","Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelteCheckProd.yml:31","Warn: npmCommand not pinned by hash: .github/workflows/DeploySvelteLanguageServerProd.yml:30","Warn: npmCommand not pinned by hash: .github/workflows/DeployTypescriptPluginProd.yaml:30","Info:   0 out of  16 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   7 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/DeploySvelte2tsxProd.yml:9"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T01:15:00.117Z","repository_id":36972163,"created_at":"2025-08-24T01:15:00.117Z","updated_at":"2025-08-24T01:15:00.117Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29455002,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-14T15:52:44.973Z","status":"ssl_error","status_checked_at":"2026-02-14T15:52:11.208Z","response_time":53,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["language-server","svelte","vscode-extension"],"created_at":"2024-07-31T17:01:49.184Z","updated_at":"2026-02-18T18:05:53.591Z","avatar_url":"https://github.com/sveltejs.png","language":"TypeScript","funding_links":["https://opencollective.com/svelte"],"categories":["TypeScript","Languages","Svelte Tools, Libraries, and Frameworks"],"sub_categories":["JavaScript Libraries for Machine Learning"],"readme":"\u003cp\u003e\n  \u003ca href=\"https://svelte.dev\"\u003e\n\t\u003cimg alt=\"Cybernetically enhanced web apps: Svelte\" src=\"https://user-images.githubusercontent.com/49038/76711598-f0b39180-66e7-11ea-9501-37f6e1edf8a6.png\"\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://www.npmjs.com/package/svelte\"\u003e\n    \u003cimg src=\"https://img.shields.io/npm/v/svelte.svg\" alt=\"npm version\"\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://github.com/sveltejs/svelte/blob/master/LICENSE\"\u003e\n    \u003cimg src=\"https://img.shields.io/npm/l/svelte.svg\" alt=\"license\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n[IDE docs and troubleshooting](docs)\n\n## What is Svelte Language Tools?\n\nSvelte Language Tools contains a library implementing the Language Server Protocol (LSP). LSP powers the [VSCode extension](https://marketplace.visualstudio.com/items?itemName=svelte.svelte-vscode), which is also hosted in this repository. Additionally, LSP is capable of powering plugins for [numerous other IDEs](https://microsoft.github.io/language-server-protocol/implementors/tools/).\n\nA `.svelte` file would look something like this:\n\n```html\n\u003cscript\u003e\n    let count = $state(1);\n\n    let doubled = $derived(count * 2);\n    let quadrupled = $derived(doubled * 2);\n\n    function handleClick() {\n        count += 1;\n    }\n\u003c/script\u003e\n\n\u003cbutton onclick=\"{handleClick}\"\u003eCount: {count}\u003c/button\u003e\n\n\u003cp\u003e{count} * 2 = {doubled}\u003c/p\u003e\n\u003cp\u003e{doubled} * 2 = {quadrupled}\u003c/p\u003e\n```\n\nWhich is a mix of [HTMLx](https://github.com/htmlx-org/HTMLx) and vanilla JavaScript (but with additional runtime behavior coming from the svelte compiler).\n\nThis repo contains the tools which provide editor integrations for Svelte files like this.\n\n## Contributing\n\nContributions are encouraged and always welcome. [Read the contribution guide for more info](CONTRIBUTING.md) and help us out!\n\n## Supporting Svelte\n\nSvelte is an MIT-licensed open source project with its ongoing development made possible entirely by the support of awesome volunteers. If you'd like to support their efforts, please consider:\n\n-   [Becoming a backer on Open Collective](https://opencollective.com/svelte).\n\nFunds donated via Open Collective will be used for compensating expenses related to Svelte's development such as hosting costs. If sufficient donations are received, funds may also be used to support Svelte's development more directly.\n\n## License\n\n[MIT](LICENSE)\n\n## Credits\n\n-   [James Birtles](https://github.com/jamesbirtles) for creating the foundation which this language server, and the extensions are built on\n-   Vue's [Vetur](https://github.com/vuejs/vetur) language server which heavily inspires this project\n-   [halfnelson](https://github.com/halfnelson) for creating `svelte2tsx`\n-   [jasonlyu123](https://github.com/jasonlyu123) for his ongoing work in all areas of the language-tools\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsveltejs%2Flanguage-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsveltejs%2Flanguage-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsveltejs%2Flanguage-tools/lists"}