Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

svelte

Ecosystem:
npm
Package URL:
pkg:npm/svelte
Total PRs:
22,340 Dependabot PRs
Latest PR:
2 days ago
Unique Repositories:
4,201 repositories
Unique Repos (30 days):
210 repositories
Security Advisories
Svelte SSR does not validate dynamic element tag names in `<svelte:element>`
GHSA-m56q-vw4c-c2cp CVE-2026-27122 MODERATE published 4 months ago • updated about 2 months ago
When using `<svelte:element this={tag}>` in server-side rendering, the provided tag name is not validated or sanitized before being emitted into th...
Svelte affected by XSS in SSR `<option>` element
GHSA-h7h7-mm68-gmrc CVE-2026-27119 MODERATE published 4 months ago • updated about 2 months ago
In certain circumstances, the server-side rendering output of an `<option>` element does not properly escape its content, potentially allowing HTML...
Svelte: SSR XSS via Insecure Promise Serialization in hydratable
GHSA-f3cj-j4f6-wq85 MODERATE published about 1 month ago • updated about 1 month ago
Contents of `hydratable` promises were not properly stringified, potentially leading to an XSS exploit. You are vulnerable if all of the following ...
Svelte: ReDoS in `<svelte:element>` Tag Validation
GHSA-9rmh-mm8f-r9h6 CVE-2026-42567 MODERATE published about 1 month ago • updated 6 days ago
An internal regex in the Svelte runtime can take exponential time to test in `<svelte:element this={tag}></svelte:element>`. You are only vulnerabl...
svelte vulnerable to Cross-site Scripting
GHSA-6738-r8g5-qwp3 CVE-2025-15265 MODERATE published 5 months ago • updated 5 days ago
## Summary An XSS vulnerability exists in Svelte 5.46.0-2 resulting from improper escaping of `hydratable` keys. If these keys incorporate untrust...
View all 14 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
dependabot-npm(deps-dev): bump svelte from 5.56.2 to 5.56.3

stylescape/example-svelte #284

5.56.2 → 5.56.3 Patch PR
Open 5 days ago 1 comment
stylescape
chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates

conveyor/superdoc #1

5.55.3 → 5.55.7 Patch PR
Closed 6 days ago 1 comment
conveyor
Bump the npm_and_yarn group across 1 directory with 8 updates

georgyo/ipfs-hls #21

5.55.5 → 5.55.7 Patch PR
Closed 10 days ago 2 comments
georgyo
Bump the js-minor-patch group in /webapp/frontend with 5 updates

Sinsemilila/academIA #58

5.56.1 → 5.56.3 Patch PR
Closed 10 days ago 1 comment
Sinsemilila
chore(deps): bump svelte from 5.56.2 to 5.56.3

arlac77/svelte-command #3642

5.56.2 → 5.56.3 Patch PR
Open 11 days ago 2 comments
arlac77
dependabot: bump the minor-and-patch group across 1 directory with 4 updates

kt-npm-modules/svelte-adapter-azure-swa #242

5.56.1 → 5.56.3 Patch PR
Open 11 days ago 5 comments
kt-npm-modules
deps(dev)(deps-dev): bump svelte from 5.56.2 to 5.56.3

zarishsphere/zs-note #8

5.56.2 → 5.56.3 Patch PR
Closed 11 days ago 3 comments
zarishsphere
chore(deps-dev): bump the npm group across 1 directory with 8 updates

litestar-org/litestar-vite #274

5.56.1 → 5.56.2 Patch PR
Closed 12 days ago 2 comments
litestar-org
build(deps): bump the all-dependencies group with 7 updates

tenkoma/blog.tenkoma.dev #41

5.56.0 → 5.56.2 Patch PR
Open 12 days ago 1 comment
tenkoma
dependabot: bump the minor-and-patch group across 1 directory with 2 updates

mirasen-io/cloudflare-site #18

5.56.1 → 5.56.2 Patch PR
Closed 14 days ago 3 comments
mirasen-io
chore(deps-dev): bump the svelte group with 2 updates

kellenmurphy/samlguy #104

5.56.1 → 5.56.2 Patch PR
Open 14 days ago 1 comment
kellenmurphy
chore(deps-dev): bump the dev-dependencies group across 1 directory with 11 updates

shadowresearch/auto-geo #29

5.56.1 → 5.56.2 Patch PR
Closed 14 days ago 2 comments
shadowresearch
build(deps): bump svelte from 5.56.1 to 5.56.2 in the patch-updates group

naranyinyun/NalanyinyunsLibrary #92

5.56.1 → 5.56.2 Patch PR
Open 14 days ago 1 comment
naranyinyun
Bump the all-npm-dependencies group across 1 directory with 7 updates

oleanders/ulik.no #14

5.56.0 → 5.56.1 Patch PR
Closed 14 days ago 1 comment
oleanders
Bump svelte from 5.56.0 to 5.56.1

aetherien/svelte-i18n #69

5.56.0 → 5.56.1 Patch PR
Closed 16 days ago 1 comment
aetherien
chore(deps-dev): bump svelte from 5.55.7 to 5.55.8 in the sveltekit-and-build group

Signal-Lynx/sveltekit-saas-starter #65

5.55.7 → 5.55.8 Patch PR
Closed 16 days ago 2 comments
Signal-Lynx
chore(deps): bump the npm_and_yarn group across 2 directories with 10 updates

danielbodnar/ext-apps #2

5.55.1 → 5.55.7 Patch PR
Open 17 days ago 3 comments
danielbodnar
chore(deps-dev): bump svelte from 5.55.0 to 5.55.10 in /frontend

xt0n1-t3ch/Pulse-Claude-Code-Analytics #24

5.55.0 → 5.55.10 Patch PR
Closed 21 days ago 2 comments
xt0n1-t3ch
Bump the prod-minor-patch group across 1 directory with 4 updates

dupontcyborg/flightyco2 #6

5.55.7 → 5.55.10 Patch PR
Open 21 days ago 1 comment
dupontcyborg
dependabot: bump the minor-and-patch group across 2 directories with 5 updates

mirasen-io/chessboard #100

5.55.9 → 5.55.10 Patch PR
Closed 21 days ago 4 comments
mirasen-io
build(deps): bump the patch-updates group across 1 directory with 8 updates

FengGJSNW/My-blog-web #25

5.55.7 → 5.55.10 Patch PR
Closed 21 days ago 2 comments
FengGJSNW
dependabot: bump the minor-and-patch group across 1 directory with 13 updates

kt-npm-modules/svelte-adapter-azure-swa #227

5.55.8 → 5.55.10 Patch PR
Closed 21 days ago 6 comments
kt-npm-modules
build(deps): bump the patch-updates group across 1 directory with 10 updates

woI0706/Firefly123 #10

5.55.5 → 5.55.10 Patch PR
Closed 21 days ago 2 comments
woI0706
chore(deps-dev): bump the svelte-modules group across 2 directories with 3 updates

arielsrv/recipes #306

5.55.2 → 5.55.10 Patch PR
Open 21 days ago 1 comment
arielsrv
build(deps): bump the patch-updates group across 1 directory with 2 updates

nairain233/blog #12

5.55.9 → 5.55.10 Patch PR
Closed 22 days ago 1 comment
nairain233
chore(deps-dev): bump svelte from 5.55.9 to 5.55.10

231tr0n/231tr0n.github.io #607

5.55.9 → 5.55.10 Patch PR
Closed 22 days ago 2 comments
231tr0n
build(deps-dev): bump the nodejs-dependencies group with 2 updates

locusts-r-us/locusts #471

5.55.9 → 5.55.10 Patch PR
Closed 22 days ago 1 comment
locusts-r-us
build(deps): bump the actions-deps group across 1 directory with 18 updates

ardatan/graphql-tools #8206

5.55.9 → 5.55.10 Patch PR
Open 22 days ago 2 comments
ardatan
Bump svelte from 5.55.7 to 5.55.9 in /web

shiftedx/dualsense-command #9

5.55.7 → 5.55.9 Patch PR
Closed 22 days ago 2 comments
shiftedx
chore(deps): bump the npm group in /frontend/app with 5 updates

PyPSA/pypsa-app #39

5.55.5 → 5.55.8 Patch PR
Closed 23 days ago 1 comment
PyPSA
build(deps): bump the patch-updates group across 1 directory with 11 updates

W-zeke/my_blog #10

5.55.5 → 5.55.9 Patch PR
Closed 23 days ago 2 comments
W-zeke
deps: bump the svelte group with 2 updates

shenghaoc/prediction-tool-svelte #40

5.55.8 → 5.55.9 Patch PR
Closed 23 days ago 1 comment
shenghaoc
chore(deps-dev): bump the dev-dependencies group across 1 directory with 10 updates

tamimbinhakim/causeway #30

5.55.5 → 5.55.9 Patch PR
Closed 23 days ago 1 comment
tamimbinhakim
Bump the patch-updates group across 1 directory with 12 updates

StrideNotStrike/memory-gallery #14

5.55.4 → 5.55.9 Patch PR
Closed 23 days ago 2 comments
StrideNotStrike
Build(deps): Bump the patch-updates group across 1 directory with 7 updates

Yamrc/RC-Blog #138

5.55.5 → 5.55.9 Patch PR
Open 23 days ago 3 comments
Yamrc
build(deps): bump the patch-updates group across 1 directory with 12 updates

hugoz00/blog #10

5.55.5 → 5.55.9 Patch PR
Closed 23 days ago 2 comments
hugoz00
Bump the patch-updates group across 1 directory with 13 updates

coldairboys/firefly-replica #16

5.55.4 → 5.55.9 Patch PR
Closed 23 days ago 1 comment
coldairboys
Bump the patch-updates group across 1 directory with 8 updates

wwwaaa123122/Starlr_blog #6

5.55.4 → 5.55.9 Patch PR
Open 23 days ago 2 comments
wwwaaa123122
Bump the patch-updates group across 1 directory with 8 updates

Hailuo4ever/Hailuo_blog #18

5.55.5 → 5.55.9 Patch PR
Open 23 days ago 1 comment
Hailuo4ever
Bump the patch-updates group across 1 directory with 7 updates

snap-star/JTM020-Docs #12

5.55.5 → 5.55.9 Patch PR
Open 23 days ago 1 comment
snap-star
build(deps): bump the patch-updates group across 1 directory with 6 updates

qwc-ch/Firefly #24

5.55.8 → 5.55.9 Patch PR
Closed 24 days ago 3 comments
qwc-ch
chore(deps-dev): bump svelte from 5.55.7 to 5.55.9 in /web

cacack/my-family #514

5.55.7 → 5.55.9 Patch PR
Open 24 days ago 1 comment
cacack
Bump svelte from 5.55.8 to 5.55.9

mgrsskls/convert #573

5.55.8 → 5.55.9 Patch PR
Open 24 days ago 1 comment
mgrsskls
Bump the frontend-tooling group with 6 updates

MONKE2525E/Open-Flow #77

5.55.7 → 5.55.9 Patch PR
Open 24 days ago 1 comment
MONKE2525E
chore(deps-dev): bump the minor-and-patch group across 1 directory with 13 updates

twangodev/twangodev #91

5.55.4 → 5.55.9 Patch PR
Closed 24 days ago 3 comments
twangodev
chore(deps): bump the frontend-minor-patch group across 1 directory with 17 updates

seheart/raven #112

5.55.3 → 5.55.9 Patch PR
Closed 24 days ago 2 comments
seheart
chore(deps): bump the dependencies group across 1 directory with 15 updates

Robin-w151/orfarchiv-ui #220

5.55.8 → 5.55.9 Patch PR
Open 25 days ago 2 comments
Robin-w151
chore(deps)(deps): bump svelte from 5.55.7 to 5.55.9 in the svelte group

datascry/openroles #72

5.55.7 → 5.55.9 Patch PR
Open 25 days ago 1 comment
datascry
deps: bump the svelte group in /dashboard with 2 updates

vladkesler/initrunner #131

5.55.7 → 5.55.9 Patch PR
Open 25 days ago 1 comment
vladkesler
Bump the patch-updates group across 1 directory with 4 updates

TinyZzh/TinyZzh.github.io #22

5.55.8 → 5.55.9 Patch PR
Closed 25 days ago 1 comment
TinyZzh
Package Details
Name: svelte
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/svelte
JSON API: View JSON
Security Advisories

14

Active advisories
HIGH 1
MODERATE 13
View All npm Advisories
Package Information
Description:

Cybernetically enhanced web apps

Repository: https://github.com/sveltejs/svelte
Homepage: https://svelte.dev
Latest Release: 5.2.11
over 1 year ago
Dependent Repos: 56,439
Dependent Packages: 8,815
Downloads: 7,230,385
Ranking: Top 0.1279% by dependent repos Top 0.1344% by downloads Top 0.0104% by dependent pkgs
PR Status
Open 9,426 (42.2%)
Merged 3,038 (13.6%)
Closed 8,120 (36.3%)
PR Types
Major 2,059 (9.2%)
Minor 10,611 (47.5%)
Patch 7,903 (35.4%)
Removal 7 (0.0%)