{"id":13403549,"url":"https://github.com/sveltejs/svelte","last_synced_at":"2026-04-07T21:02:43.454Z","repository":{"id":37264493,"uuid":"74293321","full_name":"sveltejs/svelte","owner":"sveltejs","description":"web development for the rest of us","archived":false,"fork":false,"pushed_at":"2026-04-02T15:59:43.000Z","size":120477,"stargazers_count":86146,"open_issues_count":975,"forks_count":4841,"subscribers_count":834,"default_branch":"main","last_synced_at":"2026-04-02T16:32:26.277Z","etag":null,"topics":["compiler","template","ui"],"latest_commit_sha":null,"homepage":"https://svelte.dev","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sveltejs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"open_collective":"svelte"}},"created_at":"2016-11-20T18:13:05.000Z","updated_at":"2026-04-02T16:02:07.000Z","dependencies_parsed_at":"2026-02-04T19:02:45.127Z","dependency_job_id":null,"html_url":"https://github.com/sveltejs/svelte","commit_stats":{"total_commits":8290,"total_committers":784,"mean_commits":"10.573979591836734","dds":0.5972255729794933,"last_synced_commit":"1d773ef3a471adb36eb3c992168b21fbaf349562"},"previous_names":[],"tags_count":1011,"template":false,"template_full_name":null,"purl":"pkg:github/sveltejs/svelte","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Fsvelte","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Fsvelte/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Fsvelte/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Fsvelte/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sveltejs","download_url":"https://codeload.github.com/sveltejs/svelte/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sveltejs%2Fsvelte/sbom","scorecard":{"id":65041,"data":{"date":"2025-08-04","repo":{"name":"github.com/sveltejs/svelte","commit":"d2ba2589fee2ec6985c0fe0fbd800ab34518378e"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":6.1,"checks":[{"name":"Code-Review","score":9,"reason":"Found 24/25 approved changesets -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ecosystem-ci-trigger.yml:15","Info: jobLevel 'actions' permission set to 'read': .github/workflows/ecosystem-ci-trigger.yml:14","Info: found token with 'none' permissions: .github/workflows/pkg.pr.new.yml:1","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:7","Warn: no topLevel permission defined: .github/workflows/ecosystem-ci-trigger.yml:1","Warn: no topLevel permission defined: .github/workflows/pkg.pr.new.yml:1","Info: found token with 'none' permissions: .github/workflows/release.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"SAST","score":7,"reason":"SAST tool is not run on all commits -- score normalized to 7","details":["Warn: 22 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/ecosystem-ci-trigger.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new-comment.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new-comment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg.pr.new.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/pkg.pr.new.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/sveltejs/svelte/release.yml/main?enable=pin","Info:   0 out of  22 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  11 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":0,"reason":"12 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-x574-m823-4x7w","Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8","Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x","Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4","Warn: Project is vulnerable to: GHSA-859w-5945-r5v3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-15T02:25:15.886Z","repository_id":37264493,"created_at":"2025-08-15T02:25:15.888Z","updated_at":"2025-08-15T02:25:15.888Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31519357,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T03:10:19.677Z","status":"ssl_error","status_checked_at":"2026-04-07T03:10:13.982Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compiler","template","ui"],"created_at":"2024-07-30T19:01:31.482Z","updated_at":"2026-04-07T21:02:43.436Z","avatar_url":"https://github.com/sveltejs.png","language":"JavaScript","funding_links":["https://opencollective.com/svelte"],"categories":["JavaScript","HarmonyOS","TypeScript","compiler","Recursos Oficiais","JavaScript (71)","前端相关","official links","前端开发框架及项目","Web Development","MVC Frameworks and Libraries","Resources","MVC Frameworks and Libraries [🔝](#readme)","Awesome Tools","武器库","ui","目录","Repository",":file_folder: Browser","Uncategorized","MVC 框架和库","Web Frontend","Libraries","🌐 Web Development - Frontend"],"sub_categories":["Windows Manager","其他_文本生成、文本对话","svelte","Runner","Official Resources","Languages","前端","Misc","JavaScript Framework","MVVM Framework","Uncategorized","运行器","Svelte","运行器e2e测试","JavaScript"],"readme":"\u003ca href=\"https://svelte.dev\"\u003e\n\t\u003cpicture\u003e\n\t\t\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets/banner_dark.png\"\u003e\n\t\t\u003cimg src=\"assets/banner.png\" alt=\"Svelte - web development for the rest of us\" /\u003e\n\t\u003c/picture\u003e\n\u003c/a\u003e\n\n[![License](https://img.shields.io/npm/l/svelte.svg)](LICENSE.md) [![Chat](https://img.shields.io/discord/457912077277855764?label=chat\u0026logo=discord)](https://svelte.dev/chat)\n\n## What is Svelte?\n\nSvelte is a new way to build web applications. It's a compiler that takes your declarative components and converts them into efficient JavaScript that surgically updates the DOM.\n\nLearn more at the [Svelte website](https://svelte.dev), or stop by the [Discord chatroom](https://svelte.dev/chat).\n\n## Supporting Svelte\n\nSvelte is an MIT-licensed open source project with its ongoing development made possible entirely by fantastic volunteers. If you'd like to support their efforts, please consider:\n\n- [Becoming a backer on Open Collective](https://opencollective.com/svelte).\n\nFunds donated via Open Collective will be used for compensating expenses related to Svelte's development such as hosting costs. If sufficient donations are received, funds may also be used to support Svelte's development more directly.\n\n## Roadmap\n\nYou may view [our roadmap](https://svelte.dev/roadmap) if you'd like to see what we're currently working on.\n\n## Contributing\n\nPlease see the [Contributing Guide](CONTRIBUTING.md) and the [`svelte`](packages/svelte) package for information on contributing to Svelte.\n\n## Is svelte.dev down?\n\nProbably not, but it's possible. If you can't seem to access any `.dev` sites, check out [this SuperUser question and answer](https://superuser.com/q/1413402).\n\n## License\n\n[MIT](LICENSE.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsveltejs%2Fsvelte","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsveltejs%2Fsvelte","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsveltejs%2Fsvelte/lists"}