template-framework7 Svelte Themes

Template Framework7

SwapLab Framework7 Monorepo (All Frameworks)

#framework7#framework7-android#framework7-ios#framework7-svelte#framework7-template
Demo Download

SwapLab: Framework7 Svelte Templates (Monorepo)

This repository hosts a collection of Framework7 (Svelte) starter templates optimized for building high-performance hybrid mobile applications.

These templates are Production Ready. They come pre-configured with the necessary structure to be built instantly using SwapLab Build Services, supporting both Android (APK/AAB) and iOS (Xcode Export) workflows.

šŸŽÆ Supported Project Types

This engine is designed to be intelligent. It automatically detects your project structure and applies the correct build strategy.

Project Source Support Level How it works
Framework7 (CLI) ā­ļø Native Detects framework7.json or F7 directory structure. builds UI assets, then compiles Native.
Standard Cordova āœ… Full Support Detects config.xml at the root. Builds exactly like the classic Cordova CLI.
Construct 3 (Games) āœ… Full Support Seamlessly builds C3 mobile exports. Just export your game as "Cordova" and upload.
Pure Web Apps āš” Auto-Wrap If you upload a plain HTML/JS/CSS project (Svelte/Vue/React) without Cordova config, the engine will auto-initialize a native wrapper for you.

āš” Quick Start: Try Without Signing In (Public)

Want to test if this works immediately? You don't need an account or a GitHub repository to start. Use our Public Builder for a secure, anonymous test drive.

šŸš€ Go to Public Builder (public.swaplab.net)

  • šŸ›”ļø No Sign-In Required: We don't ask for your GitHub account or email.
  • šŸ“¦ Unlimited Plugins: Supports ANY Capacitor Plugin or NPM package (including custom git URLs). We do not enforce a whitelist restrictions.
  • šŸ”’ Zero-Retention: Upload your Zip, get your APK, and we delete your files instantly.
  • šŸ¤ Transparent & Unlimited: Builds are executed on our Public Engine Runner. It is fully audit-able and does NOT consume your personal GitHub Action minutes.

How to test these templates in 30 seconds:

  1. Click the green <> Code button above -> Download ZIP.
  2. Extract the file and open the folder of the template you want (e.g., /framework7-svelte).
  3. Zip that specific folder and upload it to public.swaplab.net.

šŸ” Ready for Production? Unlock Full Power (Sign-In)

While the Public Builder is perfect for quick testing, the Authenticated Dashboard unlocks professional features required for app store publishing and advanced development.

Why Sign In?

  • āœ… Release Builds (Signed APK/AAB): Securely inject your Keystore to generate production-ready binaries signed and ready for the Google Play Store.
  • šŸ› ļø Export Android Studio Project: Download the fully generated native Android source code. Perfect if you want to inspect the code or compile locally.
  • šŸŽ Export Xcode Project: Download the complete native iOS source code to compile on your Mac using Xcode (Essential for Apple App Store publishing).

šŸ‘‰ Go to Main Dashboard (swaplab.net)

āš ļø CRITICAL: Privacy & Billing Guide (Sign-In)

Before using these templates, please read these rules to ensure your code is safe and your billing is managed correctly.

šŸ”’ 1. Privacy Rule: Make Your Fork PRIVATE

When you fork this repository to your account, you must change the visibility to PRIVATE immediately to protect your source code.

  • Why? To prevent leaking your App ID, API Keys, or proprietary app logic to the internet.
  • Compatibility: You do not need a public repo to use SwapLab. Our public build images can be pulled into your Private Repository without any limits.

šŸ’° 2. Billing & Service Model

It is important to distinguish between GitHub Costs and SwapLab Service Costs.

A. GitHub Actions Quota (Compute) The build process runs inside your GitHub account.

  • Free Accounts: GitHub typically provides 2,000 free minutes/month.
  • Capacity: ~300-400 builds/month.
  • Upgrade: If you exceed this, you pay GitHub directly via GitHub Actions Billing.

B. SwapLab Subscription (Orchestration) We offer a Free Tier (Unlimited Debug builds) and Paid Tiers (Release builds).

  • Philosophy: Our fees are not for reselling GitHub minutes. They cover our physical resources (vCPU, RAM, NVMe, Storage) and security infrastructure.
  • How to Upgrade: You can view plans and upgrade your account directly within the SwapLab Dashboard after signing in. šŸ‘‰ View Pricing & Plans

šŸš€ Build Support & Pricing

Build Type Availability
Debug APK āœ… Free Forever (Unlimited, No Subscription)
Release APK / AAB šŸŽ Free PROMO (Ends Jan 1, 2026)
Export Xcode (iOS) šŸŽ Free PROMO (Ends Jan 1, 2026)

[!TIP] šŸ›”ļø Security & Trial Options (Zero-Trust)

If you are hesitant about uploading your Keystore/Signing Keys to a cloud service, you have a safe alternative:

  • Local Signing: Choose Export Android Studio or Export Xcode as your build type. We will compile the native project structure for you, and you can sign the final app locally on your own machine.
  • Plugin Devs & Testing: Use Debug APK (Unlimited/Free). It requires no keys and is perfect for testing native functionality or evaluating the service without a subscription.

šŸ“‚ Available Templates

Choose your preferred project type below. Each folder represents a complete, isolated application.

Folder Name Description Framework
/framework7-svelte HackerNews7 Clone (Real-world App) F7 + Svelte

Note: The framework7-svelte template is a fully functional Hacker News reader. It demonstrates advanced F7 concepts like Virtual Lists, API data fetching, and native-like navigation transitions.

[!WARNING] ā›”ļø CRITICAL: DO NOT DELETE THE .github/workflows DIRECTORY

This directory is the digital bridge connecting your repository to the SwapLab Service.

  • How it works: SwapLab acts as the Trigger, but the build runs on YOUR GitHub Account using your Action Minutes.
  • Consequence: Removing these files will sever the connection, and the Service will be unable to trigger the build process.

šŸŒ Service Compatibility

These templates are unique because they can be built on ANY of our platforms. Choose the engine that fits your needs:

Builder Service Engine Used Best For
framework7.swaplab.net Framework7 Engine Optimized specifically for F7 projects. Auto-detects Cordova config or injects it for pure web projects.
cordova.swaplab.net Cordova Engine Standard builder. Requires a valid config.xml in the root.
repository.swaplab.net CI/CD Pipeline Automated builds triggered by git commits.

šŸ›”ļø Security Philosophy: Freedom & Safety

At SwapLab, we believe developers should have the freedom to build without restrictions. We do not rely on a manually managed "whitelist" of allowed plugins. You are free to use any npm package or Cordova plugin required for your project.

To make this "Unlimited Ecosystem" safe, we employ a rigorous Automated Security Gate instead of manual reviews.

āš™ļø Build Configuration Guide

SwapLab offers advanced build settings to customize your security and performance.

1. šŸ› ļø Build Provider

Select the CI/CD infrastructure to run your build process.

  • GitHub (Default): Uses standard GitHub Actions runners.

2. šŸ›”ļø Vulnerability Scan (NPM Audit)

Status: MANDATORY Checks your project's dependencies against the CVE database. Legacy dependencies are common sources of security leaks.

3. šŸ” Semgrep (SAST)

Status: MANDATORY Static Application Security Testing. Scans your Svelte/JS source code for insecure patterns (XSS, Injection, etc.).

4. šŸ“¦ Trivy (SCA)

Status: MANDATORY Scans third-party libraries for deep supply chain vulnerabilities.

5. šŸ”’ NPM Script Security

Status: Optional (Default: Off)

  • Enabled: Adds --ignore-scripts.
  • Warning: Many F7/Cordova plugins REQUIRE scripts to install properly. We recommend keeping this OFF.

6. šŸ’Š Auto-Heal Vulnerabilities

Status: Optional (Default: Off)

  • Function: Runs npm audit fix automatically.
  • Benefit: Can fix minor dependency issues in package.json automatically.

7. šŸ”¬ Final Artifact Scan

Status: Optional (Default: Off)

  • Enabled: Runs clamscan (Anti-virus) on the final APK/AAB file.

āš” How to Build

Choose the method that suits your workflow. Both options utilize your GitHub Action minutes for the build execution.

Option A: Repository Builder (CI/CD Automation)

Best for automated builds directly from your GitHub repository.

Requirement: Since this repository is a Monorepo, you must specify the project folder (e.g., framework7-svelte).

  1. Create Repository: Click Use this template (top right) > Create a new repository (Select Private).
  2. Access Service: Log in to repository.swaplab.net.
  3. Start Build:
    • Select your newly created repository.
    • Select Framework7 as the Framework Type.
    • Project Folder Name: āœļø framework7-svelte (or your custom folder name).
    • Click Build from Repository.

Option B: Manual Builder (Zip Upload)

Best for quick builds without setting up a git repo.

  1. Prepare:
    • Open the framework7-svelte folder on your computer.
    • Zip the contents of that specific folder (e.g., my-app.zip).
  2. Build: Go to framework7.swaplab.net.
  3. Configure:
    • Upload your project zip file.
    • Select Framework7 as the Framework Type.
    • Click Build.

šŸ” Signing Production Builds (Repository Builder Only)

Important: This section applies ONLY to users using Option A (Repository Builder). If you are using Option B (Manual Upload), you do not need to configure these secrets.

To generate signed Release APKs or AAB (Android App Bundle) automatically via GitHub Actions, you MUST configure the following Secrets in your GitHub Repository settings.

1. Add Secrets to GitHub

Go to Settings > Secrets and variables > Actions > New repository secret.

Secret Name Description
KEYSTORE_BASE64 Your .jks or .keystore file converted to a Base64 string.
KEYSTORE_PASSWORD The password for your Keystore.
KEY_ALIAS The alias name of your key.
KEY_PASSWORD The password for your specific key alias.

2. How to generate KEYSTORE_BASE64

You cannot upload the binary keystore file directly to GitHub Secrets. You must convert it to a text string first.

Mac/Linux:

base64 -i your-keystore.jks > base64-keystore.txt
# Open base64-keystore.txt, copy the content, and paste it into the Secret value.

Windows (PowerShell):

[Convert]::ToBase64String([IO.File]::ReadAllBytes("your-keystore.jks")) | Out-File base64-keystore.txt

3. šŸ” Transparency: How Secrets are Used (Secure & Ephemeral)

We prioritize security by using Just-In-Time (JIT) Processing.

Your signing keys and passwords are handled with strict isolation rules to ensure they cannot be leaked or retrieved:

  1. Memory-Only: Your secrets are processed entirely in Volatile Memory (RAM).
  2. No Disk IO: We strictly do not write your passwords to any persistent configuration files or logs on the server.
  3. Zero Trace: The build environment is ephemeral. Once the build process finishes, the isolated container is immediately destroyed, wiping all data from memory.
# From the .yml workflow (Inputs):
-e INPUT_KEYSTORE_BASE64=${{ secrets.KEYSTORE_BASE64 }} \
-e INPUT_KEYSTORE_PASSWORD=${{ secrets.KEYSTORE_PASSWORD }} \
-e INPUT_KEY_ALIAS=${{ secrets.KEY_ALIAS }} \
-e INPUT_KEY_PASSWORD=${{ secrets.KEY_PASSWORD }} \
  • Security Note (Silent Mode): To guarantee zero leakage, the GitHub Actions log output is intentionally restricted.
    • Where to watch: A secure, sanitized log stream is transmitted exclusively to your SwapLab Live Dashboard.

šŸ—ļø Infrastructure & Ecosystem

The build engine used to process these templates is part of the SwapLab Open Ecosystem. Our architecture prioritizes Zero-Knowledge Storage and Just-In-Time (JIT) Security.

You can audit our infrastructure components here:


šŸ” Transparency: GitHub Permissions & API Usage (Click to expand)
GitHub-Permissions

In this workflow, SwapLab acts as a Digital Bridge (Trigger). It connects your SwapLab dashboard to your private GitHub Workspace, allowing you to trigger builds that run inside your own repository using standard GitHub Actions.

We believe in radical transparency. Here is the exact technical breakdown of why we request specific permissions and which GitHub APIs are triggered:

1. šŸ”‘ Authentication

We use Firebase Authentication (GitHub OAuth) to verify your identity. We never see, store, or access your GitHub password.

2. āš” Workflows (Actions: Write)

Why it's required: To act as a "Remote Control" for your build button. This allows the SwapLab Dashboard to start a build or cancel a hanging process.

API Endpoints Used:

  • Trigger Build: POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches
  • Cancel Build: POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel

3. šŸ“‚ Contents (Read & Write)

Why it's required: repository.swaplab.net

  • (Read) To Check Out Code: This allows the GitHub Actions runner to securely checkout your source code into the temporary, isolated build environment so it can be compiled.
  • (Write) To Upload Build Artifacts: This permission supports our Artifact Storage feature. If you select the "GitHub Repository (Releases)" option, we use this permission to automatically create a new GitHub Release and upload your finished build file (e.g., .apk or .aab) as an asset to that release.

āš ļø Note: We only use this permission to Create releases. We do not automate the deletion of your files. Full control to delete old releases or assets remains manually in your hands via: https://github.com/{owner}/{repo}/releases

4. ā„¹ļø Metadata (Read-only)

Why it's required: This is a default permission. We use it to read basic information about your repository (like its name and visibility) to display it correctly in your Dashboard list.


šŸ”— Legal & Support

By using this service, you agree to our policies regarding repository access and data handling.

šŸ™ Credits & Acknowledgements

The templates in this repository are adapted from the official Framework7 examples and community contributions.

Project Original Source / Inspiration
Framework7 Svelte (HackerNews) GuillaumeBiton/hackernews7-svelte

šŸ‘Øā€šŸ’» About the Creator

SwapLab is built and maintained by EMI (EMI-INDO), a dedicated developer in the Hybrid Mobile App ecosystem.

This service was built to solve the real-world build problems I faced while developing plugins and games.

Maintained by SwapLab Engineering Team

Top categories

tailwinddaisyuiadmin templatepopupmdsvexportfolioblogformecommerceuicarouselauthdarkseoimagerouting
Loading Svelte Themes