Svelte
@svelte.dev
Web development for the rest of us. See also:
- community: @sveltesociety.dev
- starter pack: https://bsky.app/starter-pack/did:plc:nlvjelw3dy3pddq7qoglleko/3l6ucetngs423
- feed: https://bsky.app/profile/paolo.ricciuti.me/feed/svelte-feed
- community: @sveltesociety.dev
- starter pack: https://bsky.app/starter-pack/did:plc:nlvjelw3dy3pddq7qoglleko/3l6ucetngs423
- feed: https://bsky.app/profile/paolo.ricciuti.me/feed/svelte-feed
(You can also use these features in SvelteKit, of course! Work continues apace on the final pieces of the puzzle)
bsky.app/profile/benm...
bsky.app/profile/benm...
SvelteKit async SSR has landed! The future of Svelte is now here. Try it out along with the new remote functions!
See the PR for some unfinished rough edges. Work continues on it while it's behind an experimental flag, but you can now play around with it!
github.com/sveltejs/kit...
See the PR for some unfinished rough edges. Work continues on it while it's behind an experimental flag, but you can now play around with it!
github.com/sveltejs/kit...
feat: async SSR by Rich-Harris · Pull Request #14447 · sveltejs/kit
This adds asynchronous SSR to an app that's using the latest version of Svelte (^5.39.3) and has opted in to the Svelte experimental.async option (and, ideally, the SvelteKit experimental.remot...
github.com
September 24, 2025 at 12:55 PM
(You can also use these features in SvelteKit, of course! Work continues apace on the final pieces of the puzzle)
bsky.app/profile/benm...
bsky.app/profile/benm...
4. This is one of the reasons we keep our dependency graph small and you should too!
September 8, 2025 at 7:58 PM
4. This is one of the reasons we keep our dependency graph small and you should too!
3. It's still _possible_ that you have these packages in your dependency graph (including transitively). The compromised packages have now been unpublished, but if you updated deps earlier today then it's possible your users are affected. List of affected packages here: socket.dev/blog/npm-aut...
npm Author Qix Compromised via Phishing Email in Major Suppl...
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
socket.dev
September 8, 2025 at 7:58 PM
3. It's still _possible_ that you have these packages in your dependency graph (including transitively). The compromised packages have now been unpublished, but if you updated deps earlier today then it's possible your users are affected. List of affected packages here: socket.dev/blog/npm-aut...
2. The attack works by targeting users of browser extensions like MetaMask, patching `fetch` and `XMLHttpRequest` to steal crypto (excellent write-up here: jdstaerk.substack.com/p/we-just-fo...)
Anatomy of a Billion-Download NPM Supply-Chain Attack
A massive NPM supply chain attack has compromised foundational packages like Chalk, affecting over 1 billion weekly downloads. We dissect the crypto-stealing malware and show you how to protect your p...
jdstaerk.substack.com
September 8, 2025 at 7:58 PM
2. The attack works by targeting users of browser extensions like MetaMask, patching `fetch` and `XMLHttpRequest` to steal crypto (excellent write-up here: jdstaerk.substack.com/p/we-just-fo...)