Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@sveltejs/kit

Ecosystem:
npm
Package URL:
pkg:npm/@sveltejs/kit
Total PRs:
6,309 Dependabot PRs
Latest PR:
about 4 hours ago
Unique Repositories:
1,072 repositories
Unique Repos (30 days):
136 repositories
Security Advisories
@sveltejs/kit vulnerable to XSS on dev mode 404 page
GHSA-rjjv-87mx-6x3h CVE-2024-53261 LOW published 12 months ago • updated 3 months ago
### Summary "Unsanitized input from *the request URL* flows into `end`, where it is used to render an HTML page returned to the user. This may res...
Sending a GET or HEAD request with a body crashes SvelteKit
GHSA-g5m6-hxpp-fc49 CVE-2024-23641 HIGH published almost 2 years ago • updated 5 months ago
### Summary In SvelteKit 2 sending a GET request with a body eg `{}` to a SvelteKit app in preview or with `adapter-node` throws `Request with GET/...
@sveltejs/kit has unescaped error message included on error page
GHSA-mh2x-fcqh-fmqv CVE-2024-53262 LOW published 12 months ago • updated 3 months ago
### Summary The static error.html template for errors contains placeholders that are replaced without escaping the content first. ### Details Fr...
SvelteKit framework has Insufficient CSRF protection for CORS requests
GHSA-gv7g-x59x-wf8f CVE-2023-29008 HIGH published over 2 years ago • updated 5 months ago
### Summary The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a `+server.js` file, containin...
@sveltejs/kit vulnerable to Cross-site Scripting via tracked search_params
GHSA-6q87-84jw-cjhp CVE-2025-32388 MODERATE published 7 months ago • updated 3 months ago
### Summary Unsanitized search param names cause XSS vulnerability. You are affected if you iterate over all entries of `event.url.searchParams` i...
View all 6 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
chore(deps): bump the npm group across 1 directory with 11 updates

jordanshatford/youtube-downloader #440

2.48.0 → 2.48.4 Patch PR
Open about 4 hours ago 1 comment
jordanshatford
deps(dev): bump @sveltejs/kit from 2.48.1 to 2.48.4

arcjet/arcjet-js #5387

2.48.1 → 2.48.4 Patch PR
Open 3 days ago 1 comment
arcjet
deps(dev): bump @sveltejs/kit from 2.48.1 to 2.48.3

arcjet/arcjet-js #5377

2.48.1 → 2.48.3 Patch PR
Open 4 days ago 3 comments
arcjet
deps(dev): bump @sveltejs/kit from 2.48.1 to 2.48.2

arcjet/arcjet-js #5372

2.48.1 → 2.48.2 Patch PR
Open 5 days ago 2 comments
arcjet
Bump @sveltejs/kit from 2.48.0 to 2.48.4

Spacexplorer11/Rust-Is-The-Best #41

2.48.0 → 2.48.4 Patch PR
Open 6 days ago 2 comments
Spacexplorer11
chore(deps-dev): bump the development-dependencies group with 3 updates

maxGraph/maxgraph-integration-examples #259

2.48.0 → 2.48.4 Patch PR
Open 7 days ago 1 comment
maxGraph
chore(deps): bump the dependencies group with 8 updates

Robin-w151/coffee-pal #130

2.48.0 → 2.48.4 Patch PR
Open 7 days ago 4 comments
Robin-w151
chore(deps): bump the all-dependencies group across 1 directory with 8 updates

zfixler/naparc #78

2.48.0 → 2.48.4 Patch PR
Open 7 days ago 1 comment
zfixler
build(deps): bump the npm-updates group with 29 updates

Tsuzat/Nota #42

2.48.3 → 2.48.4 Patch PR
Closed 7 days ago 1 comment
Tsuzat
Bump the minor group with 8 updates

CyberCup/2025.cybercup.it #90

2.48.0 → 2.48.4 Patch PR
Closed 7 days ago 1 comment
CyberCup
chore(deps-dev): bump the dev-deps group with 15 updates

alexanderczigler/middag #29

2.48.0 → 2.48.4 Patch PR
Open 7 days ago 1 comment
alexanderczigler
Bump @sveltejs/kit from 2.48.0 to 2.48.4

Spacexplorer11/Trafalgar-to-Trenches #29

2.48.0 → 2.48.4 Patch PR
Open 7 days ago 2 comments
Spacexplorer11
chore(deps-dev): Bump the dev-dependencies group across 1 directory with 7 updates

yanneves/browser.icu #372

2.48.3 → 2.48.4 Patch PR
Closed 10 days ago 3 comments
yanneves
Bump @sveltejs/kit from 2.48.3 to 2.48.4

Quaint-Studios/playreia-cdn #180

2.48.3 → 2.48.4 Patch PR
Closed 10 days ago 1 comment
Quaint-Studios
chore(deps): bump the all-dependencies group across 1 directory with 6 updates

zfixler/naparc #77

2.48.0 → 2.48.3 Patch PR
Closed 11 days ago 2 comments
zfixler
Build(deps-dev): Bump @sveltejs/kit from 2.48.2 to 2.48.3 in /webapp

nickbrett1/ftn #2781

2.48.2 → 2.48.3 Patch PR
Open 11 days ago 1 comment
nickbrett1
chore(deps-dev): bump @sveltejs/kit from 2.48.2 to 2.48.3

Arlind-dev/sulej.ch #40

2.48.2 → 2.48.3 Patch PR
Open 11 days ago 1 comment
Arlind-dev
Bump @sveltejs/kit from 2.48.0 to 2.48.2

Quaint-Studios/playreia-cdn #178

2.48.0 → 2.48.2 Patch PR
Closed 12 days ago 1 comment
Quaint-Studios
build(deps-dev): bump the nodejs-dependencies group with 3 updates

locusts-r-us/locusts #307

2.48.0 → 2.48.2 Patch PR
Closed 12 days ago 1 comment
locusts-r-us
dependabot-npm(deps-dev): bump @sveltejs/kit from 2.47.1 to 2.47.3

stylescape/example-svelte #195

2.47.1 → 2.47.3 Patch PR
Closed 15 days ago 1 comment
stylescape
Bump the all group with 16 updates

FrederikNorlyk/svelte-budget-planner #200

2.47.1 → 2.47.3 Patch PR
Open 16 days ago 1 comment
FrederikNorlyk
chore(deps-dev): bump the prod-dependencies group with 2 updates

ofkm/arcane-website #104

2.47.2 → 2.47.3 Patch PR
Open 18 days ago 2 comments
ofkm
chore(deps-dev): bump the prod-dependencies group with 3 updates

ofkm/arcane #765

2.47.2 → 2.47.3 Patch PR
Open 18 days ago 2 comments
ofkm
chore(deps-dev): bump @sveltejs/kit from 2.47.2 to 2.47.3

Arlind-dev/sulej.ch #31

2.47.2 → 2.47.3 Patch PR
Open 18 days ago 1 comment
Arlind-dev
Bump the all-typescript-dependencies group across 1 directory with 7 updates

demhadais/scamplers #289

2.47.2 → 2.47.3 Patch PR
Closed 19 days ago 1 comment
demhadais
chore(deps)(deps-dev): bump the dev-dependencies group across 1 directory with 4 updates

justanotherspy/rssy #15

2.47.0 → 2.47.2 Patch PR
Open 19 days ago 2 comments
justanotherspy
build(deps-dev): bump the nodejs-dependencies group with 7 updates

locusts-r-us/locusts #300

2.47.1 → 2.47.2 Patch PR
Closed 20 days ago 1 comment
locusts-r-us
chore(deps): bump the svelte group with 4 updates

AXYNUK/axyn-homepage #4

2.47.1 → 2.47.2 Patch PR
Open 21 days ago 1 comment
AXYNUK
chore(deps-dev): bump @sveltejs/kit from 2.47.1 to 2.47.2

afspeirs/speirs.dev #142

2.47.1 → 2.47.2 Patch PR
Closed 21 days ago 1 comment
afspeirs
chore(deps-dev): bump @sveltejs/kit from 2.47.0 to 2.47.2

ic3software/murmurations-aggregator #119

2.47.0 → 2.47.2 Patch PR
Open 21 days ago 1 comment
ic3software
build(deps-dev): bump @sveltejs/kit from 2.47.1 to 2.47.2

GaryB432/accomplishedh #19

2.47.1 → 2.47.2 Patch PR
Open 21 days ago 1 comment
GaryB432
chore(deps)(deps-dev): bump the dev-dependencies group in /frontend with 3 updates

justanotherspy/rssy #11

2.47.0 → 2.47.2 Patch PR
Open 21 days ago 2 comments
justanotherspy
Bump the all group with 8 updates

hamvocke/root-loops #109

2.47.0 → 2.47.2 Patch PR
Open 21 days ago 3 comments
hamvocke
build(deps-dev): bump the nodejs-dependencies group with 4 updates

locusts-r-us/locusts #299

2.47.0 → 2.47.1 Patch PR
Closed 23 days ago 1 comment
locusts-r-us
ci: bump @sveltejs/kit from 2.46.4 to 2.46.5

Attacktive/witchspring-r-editor #985

2.46.4 → 2.46.5 Patch PR
Closed 27 days ago 1 comment
Attacktive
chore(deps-dev): bump @sveltejs/kit from 2.46.4 to 2.46.5 in /frontend

rscarvalho/glp1-diary #7

2.46.4 → 2.46.5 Patch PR
Closed 28 days ago 1 comment
rscarvalho
Bump @sveltejs/kit from 2.46.4 to 2.46.5

humanspeak/svelte-headless-table #121

2.46.4 → 2.46.5 Patch PR
Closed 28 days ago 2 comments
humanspeak
Bump @sveltejs/kit from 2.46.2 to 2.46.4

TeddiO/teddieu #203

2.46.2 → 2.46.4 Patch PR
Open about 1 month ago
TeddiO
deps(dev): bump @sveltejs/kit from 2.43.5 to 2.43.6

arcjet/arcjet-js #5277

2.43.5 → 2.43.6 Patch PR
Open about 1 month ago
arcjet
Bump @sveltejs/kit from 2.46.1 to 2.46.2

fynntang/XAuthenticator #1

2.46.1 → 2.46.2 Patch PR
Merged about 1 month ago
fynntang
chore(deps-dev): bump @sveltejs/kit from 2.43.5 to 2.43.8

RMalik777/LinkBook #458

2.43.5 → 2.43.8 Patch PR
Open about 1 month ago
RMalik777
chore(deps-dev): bump @sveltejs/kit from 2.43.5 to 2.43.8

RMalik777/FontCalc #464

2.43.5 → 2.43.8 Patch PR
Merged about 1 month ago 1 comment
RMalik777
chore: bump the patch group across 1 directory with 9 updates

mxz7/nypsi-website #1052

2.43.7 → 2.43.8 Patch PR
Open about 1 month ago 1 comment
mxz7
dependabot-npm(deps-dev): bump @sveltejs/kit from 2.43.5 to 2.43.8

stylescape/example-svelte #180

2.43.5 → 2.43.8 Patch PR
Open about 1 month ago 1 comment
stylescape
chore(deps-dev): bump @sveltejs/kit from 2.43.7 to 2.43.8 in /pkg/web

Damillora/phoebe #134

2.43.7 → 2.43.8 Patch PR
Open about 1 month ago
Damillora
Bump the all group with 19 updates

FrederikNorlyk/svelte-budget-planner #191

2.43.5 → 2.43.8 Patch PR
Merged about 1 month ago 1 comment
FrederikNorlyk
Bump the functional-minor-patch group with 3 updates

phy25/notrains-today #112

2.43.7 → 2.43.8 Patch PR
Merged about 1 month ago
phy25
Bump @sveltejs/kit from 2.43.5 to 2.43.8

fiftyfactor/sunscreen #239

2.43.5 → 2.43.8 Patch PR
Merged about 1 month ago
fiftyfactor
Build(deps-dev): Bump @sveltejs/kit from 2.43.7 to 2.43.8 in /webapp

nickbrett1/ftn #2673

2.43.7 → 2.43.8 Patch PR
Merged about 1 month ago
nickbrett1
Bump @sveltejs/kit from 2.43.5 to 2.43.8

codyatwork/svelte-stock-watcher #769

2.43.5 → 2.43.8 Patch PR
Closed about 1 month ago 1 comment
codyatwork
Package Details
Name: @sveltejs/kit
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@sveltejs/kit
JSON API: View JSON
Security Advisories

6

Active advisories
HIGH 3
MODERATE 1
LOW 2
View All npm Advisories
Package Information
Description:

SvelteKit is the fastest way to build Svelte apps

Repository: https://github.com/sveltejs/kit
Homepage: https://svelte.dev
Latest Release: 2.21.2
5 months ago
Dependent Repos: 17,842
Dependent Packages: 3,630
Downloads: 2,265,474
Ranking: Top 0.2122% by dependent repos Top 0.2722% by downloads Top 0.0325% by dependent pkgs
PR Status
Open 2,646 (41.9%)
Merged 1,416 (22.4%)
Closed 1,744 (27.6%)
PR Types
Minor 4,169 (66.1%)
Major 271 (4.3%)
Patch 1,360 (21.6%)