This month we got a bunch of improvements in SvelteKit's forms and remote functions. Plus, a new query function (.live(...)) that makes accessing real-time data from the server easier.

Keep an eye out for a few breaking changes in remote functions, if you're using those. Otherwise, enjoy all the new SvelteKit features and bug fixes in the latest versions of Svelte.

Let's dive in!

What's new in SvelteKit

• Form submit now returns a boolean to indicate submission validity for enhanced remote forms (2.57.0, Docs, #15530)
• Breaking: requested(...) now requires limit and yields { arg, query } entries instead of returning the validated argument directly (2.58.0, Docs, #15739)
• requested(...) now supports query.batch(...), which makes batch remote query workflows easier to inspect in request-time logic (2.59.0, Docs, #15751)
• submit and hidden remote form fields can now accept booleans and numbers directly (2.60.0, Docs, #15802)
• SvelteKit now warns when remote form validation issues are never read, helping catch missed UX paths earlier (2.60.0, Docs, #15653)
• Breaking: .run() was removed from remote queries - use await query() directly in all contexts instead (2.61.0, Docs, #15779)
• Remote queries can now be awaited in event handlers, async callbacks and module scope, with cache deduping shared across reactive and non-reactive consumers (2.61.0, Docs, #15779)
• query.live(...) makes working with long-lived remote query subscriptions easier and are now async-iterable (experimental 2.59.0, async in 2.61.0, Docs, #15878)
• Breaking: Enhance callbacks now receive a copy of the form remote function instance, rather than a { form, data, submit } object. Plus, remote form instances now expose a programmatic submit() API and can be passed into enhance callbacks (2.61.0, Docs, #15657)

For all the features and bugfixes that landed this month, check out the SvelteKit / Adapter CHANGELOGs.

What's new in Svelte and the Svelte ecosystem

• Templates now allow declarations directly in markup, making it easier to define values close to where they're used (svelte@5.56.0, #18282)
• Svelte language-tools now support TypeScript 6.0 across the language server, svelte2tsx and svelte-check packages (svelte-language-server@0.18.0/svelte2tsx@0.7.55/svelte-check@4.4.8/svelte-preprocess@6.0.4, Docs, #2985 / #675)
• Svelte MCP's stdio mode can now read file content directly, reducing round trips in local tool workflows (mcp@0.1.23, Docs, #198)
• vite-plugin-svelte now enables the optimizer for server environments during development (vite-plugin-svelte@7.1.0, #1328)

Want to dive deep into everything new this month? Check out the language-tools, ai-tools and vite-plugin-svelte releases.

For all the minor changes and bugfixes that came out in the Svelte compiler this month, you can read the full Svelte CHANGELOG.

---

Community Showcase

Apps & Sites built with Svelte

• asciidia.com is an ASCII-style browser game experiment built with Svelte
• Bingewatcher.org is a daily movie guessing game based on data from Wikipedia and word vectors for 157 languages
• Delcard is an open source peer-to-peer card game platform built with SvelteKit (GitHub)
• Dialyma is an open source canvas builder that can export production-ready code (GitHub)
• Exort is a local workspace for writing microcontroller code, compiling and uploading projects, and monitoring live serial output on supported boards (GitHub)
• Heavy Duty Inc is a turn-based tactics game built with Svelte (Reddit)
• hope-art.app applies protection filters to artwork images before sharing them online to prevent unauthorized AI training and style mimicry (GitHub)
• Image Palette Studio turns images into UI themes with generated CSS variables (GitHub)
• Pad is a local-first collaboration tool that combines a Go CLI with an embedded Svelte web app for human-agent workflows (GitHub)
• Serverwat.ch is a SvelteKit dashboard for monitoring Hetzner-hosted projects
• Trezur is a privacy-preserving browser-side 2FA authenticator with PWA support and cloud sync (GitHub)
• Splitwave is a free node-based audio router for macOS built with Tauri + Svelte (GitHub)
• Tank Supremo is a multiplayer 3D tank game built with Svelte
• Vivix is a JavaScript execution visualizer that uses a worker-based interpreter for smooth timeline scrubbing (GitHub)
• Zenos is a stealth startup from SvelteKit maintainer Ben McCann that is bringing software productivity to the physical world.

Learning Resources

This Week in Svelte

• Ep. 140 - Changelog, Imperative interfaces
• Ep. 141 - Changelog
• Ep. 142 - Changelog

To Read

• Why Svelte Is Better Than React in the Agentic Era by Zack Webster
• Automate LinkedIn Carousels with SvelteKit Remote Functions by Rishi Raj Jain
• Tank Supremo: From a Teenage Dream to a Multiplayer Game by Eyal Azulay

Libraries, Tools & Components

UI Components and Visual Effects

• Huey provides a composable color picker for Svelte 5 (GitHub)
• Svelte Dot Matrix Loaders provides 50+ animated dot-matrix loaders for Svelte projects (GitHub)
• Paper Shaders for Svelte provides paper-style shader effects in an open source Svelte package (GitHub)
• EmbedPDF for Svelte provides a headless PDF viewer for Svelte apps built on PDFium instead of PDF.js (GitHub)
• Svelte Event Calendar is a Google-like event calendar component for Svelte with drag-and-drop editing and multiple calendar support (GitHub)

App Building and Product Tooling

• Convex Better Auth UI for SvelteKit provides self-hosted auth and organization UI components powered by Convex + Better Auth (GitHub)
• Aphex CMS is an open source Sanity-inspired CMS that runs inside a single SvelteKit app (GitHub)
• svelte-visual-builder is an Elementor-style visual builder for SvelteKit projects
• SvelteESP32 v3.0 lets you wire Svelte frontends to ESP32 workflows with an updated Vite plugin flow

Developer Tools and Utilities

• Svelte Hero is a new JetBrains plugin focused on better Svelte support
• jscpd v4.2.0 now supports Svelte projects for duplicate code detection (Changelog)
• Svelte Use provides a collection of composable utilities for Svelte apps (GitHub)

Plugins and Runtime Integrations

• vite-plugin-svelte-tailwind-auto-reference automatically injects Tailwind CSS @reference in Svelte style blocks when @apply is used
• SvelteKit Proxy provides a simple way to proxy requests in production using SvelteKit's hooks.server.ts
• svelte-ws adds WebSocket support across SvelteKit runtimes with an adapter and Vite plugin

That's it for this month! Let us know if we missed anything on Reddit or Discord.

Until next time 👋🏼!

I don’t post to or visit the social network formerly known as Twitter, but as a very early Twitter user, I can’t quite bring myself to delete all my old posts. There’s so much history there, not just personal history but the stories of a lot of the work I’ve done. This is the problem with social networks, we use them to document our lives but we don’t own that data. The platform can become a place we aren’t welcome or don’t want to be, or simply vanish, taking all our data with it.

This doesn’t happen if you post to your own website, with a domain that you own and control. If your host goes bad, you move your content elsewhere, point your domain to it, and your visitors won’t even know that you’ve moved. However, on your own website you don’t have the social aspect of posting to the place where everyone else is. At best you can publish on your own site and syndicate elsewhere.

AT Protocol (often referred to as atproto) solves this problem by allowing you to own your social media posts, linked to a domain that you own. For an explanation of how this works read Open Social. AT Protocol was created by Bluesky, and seems to have generated a lot of momentum in a relatively short time. This week, Bluesky announced that links to posts using the standard.site lexicons would display an enhanced link card. I’d been intending to explore atproto for a while, this helped push me over the edge.

Adding the standard.site lexicons to this site was straightforward, thanks to the ATmosphere plugin for WordPress, which installed as described. I updated my Bluesky handle to my own domain rachelandrew.co.uk.

I also set up a profile on Sifa ID, which is a place to store a professional profile. As with all atproto sites, you register using OAuth with your atproto identity, and my profile immediately populated with my Bluesky posts. The site lets you import a LinkedIn profile export to start your Sifa profile, which makes getting set up really quick. I found a few contacts from Bluesky—if you are on Sifa, connect with me.

I can now be found in a few places in the atmosphere. I was curious what this looked like in the records, and discovered that I can put my domain into the search at https://pdsls.dev/ and explore my data.

None of this took me very long at all, any complexity was due to the off-the-shelf theme I’m using with WordPress rather than anything to do with atproto. I’m now itching to properly redesign this site, but also to explore more of the atmosphere ecosystem.

If you find that your ASP.NET authentication cookies expire every time your IIS application pool restarts or recycles, the culprit is likely the DataProtection API not finding the previously stored keys. This post describes one gotcha I ran into with the default storage location on IIS in the user profile due to a default Application Pool setting.

A practical look at the path from developer to architect, what the role really involves, and the tools that help teams stay aligned.

As companies adopt AI tools, a lot of time is spent on thinking about AI policies from a security, compliance, or even cost-focused angle. But many leaders are neglecting to address how their teams should work with AI in the context of the team as a whole. This creates a lot of unresolved tension, and it’s time for leaders to step up and set some guidelines not just for how to use AI in an “approved” sense, but how to use it respectfully.

When I say respectfully, I am not talking about the baseline appropriate workplace behavior (bullying, abuse, harassment, etc). Instead, I’m concerned that many of us haven’t considered that the ways AI can make an individual more productive (literally enabling them to produce more outputs) can have an overall negative impact on the team’s productivity. Leaders can’t just sit around and expect that their teams will know that they can’t just produce slop and send it to others; if you haven’t set up a thorough policy yet, here are some suggestions on what to cover.

Elements of Respectful AI Use

Don’t ask someone to read/review what you haven’t read or reviewed yourself.

This is one of the most common frustrations I hear amongst people working on AI-heavy teams. Whether it’s code that the owner didn’t really bother to understand before submitting for review, or documents that they generated and didn’t bother to read, too often people try to steal productivity from their colleagues by streamlining their production of work while asking their colleagues to do all of the quality control themselves. It’s great to have a loop of AI code generation -> AI code review -> AI fixes -> final human review, but if the person prompting the AI doesn’t bother to review that code first, they’re putting a huge validation tax onto their teammate, who has to trust both that you prompted well AND that the AI understood the context and problem well enough to get a sustainable solution.

Documents are an even bigger temptation than code, because AI is so verbose and most of us hate writing and editing. It’s easy to get into a loop where you ask the AI some questions, skim the answers, output a document and send it to others. I’m guilty of this myself! But what makes sense when you’re skimming one answer at a time may not make for a good overall document, and there is a big difference between answering individual questions and writing for a human reader. In particular, the context that you have in your own head as you are talking to the AI may not come out at all in the document; if you don’t bother to read it thoroughly before sending it out, you won’t catch the gap in framing.

Even worse, sometimes people don’t even understand what the document they prompted is trying to say. Can you describe this document, and have a conversation about the concepts it presents with others and why it makes sense? If not, you have no business sending it along without at minimum the huge caveat this is AI-generated and I still don’t really understand this space, please help me.

Many people have reached the point where they won’t read something a person didn’t bother to write themselves, and who can blame them when so many don’t even bother to read their output before sending it on?

Shorter is better.

Part of the annoyance of reviewing AI-generated work is that the AI can be painfully long-winded. AI code often looks like tutorial code, with much more verbosity than human developers would bother with. Add in the temptation to one-shot big changes rather than thinking about how to break the code down into pieces, and you can end up with stacks of thousand line pull requests. The documents AI produces are so thorough that something that should be 3 pages turns into 10 or 20. And for those who have fully embraced AI for all of their text-based interactions, you start to see the LLM-generated wall of text chat messages or emails.

This is, frankly, just rude. It goes hand in hand with not bothering to review your own work, but even if for some reason you convince yourself that you really did read and edit that giant PR/document/message, you’re still asking so much more of the audience than you probably put into the exercise in the first place. When it comes to code, I encourage you to honestly ask yourself: if this broke at 3am and none of the AI tools were working, would you be able to look at the PR context and the change and debug it? If not, it is probably too much. When it comes to a big document, at a minimum, have you at least summarized the important points up-front? If someone is just going to ask an AI to summarize the document themselves, you should probably do more work to provide that value before handing it off.

Finally, if you’re writing long-winded emails or chat messages with AI-assistance in order to painstakingly try to explain something, perhaps you actually need to have a meeting or call instead. Increasingly long text exchanges have always been a sign that people need to stop and talk face-to-face, and AI logorrhea hasn’t changed that.

AI is not an excuse to turn off your brain, or your heart.

Signs we’ve switched off our brains and our hearts include: not reviewing the AI-generated work, not taking the time to do human editing, not breaking the changes down into chunks, and avoiding real conversations through AI-mediated text exchange. This guidance is about respectful use of AI because if you have empathy for your colleagues and respect for their time and skills, you will show them the courtesy of giving them work that you are proud of, that you stand behind, that you have thought through and can explain. The AI may have produced a lot of the output, but you thought about all of the pieces that needed to be done, and used the extra productivity to make something better: more reliable, simpler, well tested, whatever. If you find yourself not thinking at all and just mindlessly prompting, accepting output, and moving forward, it’s a warning sign that something is wrong. Perhaps take some advice from Vicki Boykis on adding friction to your development process (or whatever the equivalent is of your day to day work).

Framing these guidelines

If you decide to do this, one final tip from me: assuming your company has some sort of company values, it’s always a good idea to call back to these values when you create policies and guidelines like this. It’s one thing to abstractly say that shorter is better, but if you can tie that to a value for your company, it will resonate more strongly. As an example, if I were at Amazon I might consider tying “shorter is better” to the leadership principle Invent and Simplify. And since shorter is better and this is already too long, I leave you here.

This post is 100% human-generated except that I needed a spell-checker to spell logorrhea. Maybe I should’ve used an AI editor, feel free to tell me if you think so!

Enjoy this post? You might like my books: The Manager’s Path, and Platform Engineering: A Guide for Technical, Product, and People Leaders, available on Amazon and Safari Online.