Initialize Wallet Framework documentation by mcmire · Pull Request #8927 · MetaMask/core

mcmire · 2026-05-28T21:59:20Z

Explanation

We want to give engineers comprehensive resources they can use to understand the Wallet Framework — what it is, how it works, and how to use it effectively when working on features.

At the moment, we have a sparse collection of docs which include best practices for controllers and a tutorial for data services. We could certainly expand them: we could add more explanations about architecture of the framework and its concepts, and we could add more guides that cover specific use cases.

But they are stored as plain Markdown files in this repo, and it's not clear that they receive a lot of visibility (as it's easy to confuse them for maintainer-specific docs). We want the Wallet Framework to function more as an opensource project, and one of the ways that opensource projects can serve their users well is by having attractive documentation sites (think React, Redux, etc.). If we create such a site, then not only can we use it to "market" the Wallet Framework across MetaMask, but we can also better track adoption and even ask engineers for direct feedback through the site itself.

To this end, this commit initializes a new package, @metamask/wallet-framework-docs, which we can use to write a new set of docs and deploy them to a site, which will be deployed under https://metamask.github.io/core/wallet-framework-docs.

For now, the package is private, and the docs contain some initial dummy content, but you can run the site locally by saying:

yarn workspace @metamask/wallet-framework-docs run start-dev

References

https://consensyssoftware.atlassian.net/browse/WPC-1003

Screenshots

Checklist

I've updated the test suite for new or updated code as appropriate
I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
I've communicated my changes to consumers by updating changelogs for packages I've changed
I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

Note

Low Risk
Documentation-only scaffolding with no runtime wallet or auth changes; risk is limited to build/lint config and new dev dependencies.

Overview
Adds a new private monorepo package @metamask/wallet-framework-docs so Wallet Framework documentation can live in a Docusaurus site (local start-dev / build-prod) aimed at https://metamask.github.io/core/wallet-framework-docs, with placeholder home content and stubs for future topics.

Repo wiring assigns Core Platform ownership, registers the package in root TypeScript project references, ignores **/.docusaurus, and extends ESLint for docusaurus.config.ts (including allowing process.env for deploy commit metadata). The site config enables strict broken-link checks, local search, and custom Prism styling for diff highlights.

^{Reviewed by Cursor Bugbot for commit bf20447. Bugbot is set up for automated code reviews on this repo. Configure here.}

The Wallet Framework is a complex system, and we want to give engineers comprehensive resources they can use to understand what it is, how it works, and how to use it effectively when working on features. To this end, this commit initializes a new package, `@metamask/wallet-framework-docs`, where we can keep documentation for the Wallet Framework. This package not only holds the content, but also a site that can be deployed. For now, the package is private, and the docs contain some initial dummy content. You can run the site locally by saying: yarn workspace @metamask/wallet-framework-docs run start-dev

socket-security · 2026-05-28T21:59:58Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Vulnerability	Quality
@docusaurus/preset-classic@3.10.1
@docusaurus/types@3.10.1
@easyops-cn/docusaurus-search-local@0.55.1
@docusaurus/theme-common@3.10.1
raw-loader@4.0.2
@docusaurus/core@3.10.1
@docusaurus/plugin-content-docs@3.10.1
@types/react@19.2.15
@babel/runtime@7.25.4 ⏵ 7.29.7	⁺¹	⁺²
nanoid@3.3.11 ⏵ 3.3.12	⁺¹		⁺¹
react@19.2.6
@mdx-js/react@3.1.1
prism-react-renderer@2.4.1
semver@7.7.4 ⏵ 7.8.1	⁺¹		⁺¹
react-dom@19.2.6

View full report

socket-security · 2026-05-28T22:00:00Z

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring alerts on:

schema-utils@3.3.0
schema-utils@4.3.3
@types/express-serve-static-core@4.19.8
@types/express-serve-static-core@5.1.1
postcss-selector-parser@6.1.2
postcss-selector-parser@7.1.1
domhandler@4.3.1
domhandler@5.0.3
domutils@2.8.0
domutils@3.2.2
dom-serializer@1.4.1
dom-serializer@2.0.0
@jsonjoy.com/codegen@17.67.0
@jsonjoy.com/codegen@1.0.0
react@19.2.6
react-dom@19.2.6
@types/react@19.2.15
@mdx-js/react@3.1.1
@docusaurus/core@3.10.1
webpack-merge@6.0.1
webpack-merge@5.10.0
@docusaurus/plugin-content-docs@3.10.1
@docusaurus/preset-classic@3.10.1
@docusaurus/theme-common@3.10.1
@docusaurus/types@3.10.1
@easyops-cn/docusaurus-search-local@0.55.1
cheerio@1.2.0
cheerio@1.0.0-rc.12
htmlparser2@10.1.0
htmlparser2@8.0.2
htmlparser2@6.1.0
prism-react-renderer@2.4.1
raw-loader@4.0.2
wsl-utils@0.1.0
scheduler@0.27.0
csstype@3.2.3
@types/mdx@2.0.13
@docusaurus/babel@3.10.1
@docusaurus/bundler@3.10.1
@docusaurus/logger@3.10.1
@docusaurus/mdx-loader@3.10.1
@docusaurus/utils@3.10.1
@docusaurus/utils-common@3.10.1
@docusaurus/utils-validation@3.10.1
boxen@6.2.1
boxen@7.1.1
chokidar@3.6.0
cli-table3@0.6.5
combine-promises@1.2.0
detect-port@1.6.1
eta@2.2.0
eval@0.1.8
html-tags@3.3.1
webpack@5.107.2
html-webpack-plugin@5.6.7
html-minifier-terser@6.1.0
html-minifier-terser@7.2.0
react-helmet-async@1.3.0
react-loadable@6.0.0
react-loadable-ssr-addon-v5-slorber@1.0.3
react-router@5.3.4
react-router-config@5.1.1
react-router-dom@5.3.4
serve-handler@6.1.7
update-notifier@6.0.2
webpack-bundle-analyzer@4.10.2
webpack-dev-server@5.2.4
clone-deep@4.0.1
flat@5.0.2
wildcard@2.0.1
@docusaurus/module-type-aliases@3.10.1
@types/react-router-config@5.0.11
schema-dts@1.1.5
utility-types@3.11.0
@docusaurus/plugin-content-blog@3.10.1
@docusaurus/plugin-content-pages@3.10.1
@docusaurus/plugin-css-cascade-layers@3.10.1
@docusaurus/plugin-debug@3.10.1
@docusaurus/plugin-google-analytics@3.10.1
@docusaurus/plugin-google-gtag@3.10.1
@docusaurus/plugin-google-tag-manager@3.10.1
@docusaurus/plugin-sitemap@3.10.1
@docusaurus/plugin-svgr@3.10.1
@docusaurus/theme-classic@3.10.1
@docusaurus/theme-search-algolia@3.10.1
@types/history@4.7.11
clsx@2.1.1
parse-numeric-range@1.3.0
@mdx-js/mdx@3.1.1
@types/mdast@4.0.4
joi@17.13.3
@docusaurus/theme-translations@3.10.1
@easyops-cn/autocomplete.js@0.38.1
@node-rs/jieba@1.10.4
comlink@4.4.2
klaw-sync@6.0.0
lunr-languages@1.20.0
mark.js@8.11.1
cheerio-select@2.1.0
encoding-sniffer@0.2.1
parse5-htmlparser2-tree-adapter@7.1.0
parse5-parser-stream@7.1.2
undici@7.26.0
domelementtype@2.3.0
@types/prismjs@1.26.6
loader-utils@2.0.4
@babel/plugin-syntax-dynamic-import@7.8.3
@babel/plugin-transform-runtime@7.29.7
@babel/preset-env@7.29.7
babel-plugin-polyfill-corejs3@0.14.2
babel-plugin-polyfill-corejs3@0.13.0
@babel/preset-react@7.29.7
@babel/preset-typescript@7.29.7
babel-plugin-dynamic-import-node@2.3.3
@docusaurus/cssnano-preset@3.10.1
babel-loader@9.2.1
clean-css@5.3.3
copy-webpack-plugin@11.0.0
css-loader@6.11.0
css-minimizer-webpack-plugin@5.0.1
cssnano@6.1.2
file-loader@6.2.0
mini-css-extract-plugin@2.10.2
null-loader@4.0.1
postcss-loader@7.3.4
postcss-preset-env@10.6.1
terser-webpack-plugin@5.6.0
url-loader@4.1.1
webpackbar@7.0.0
@slorber/remark-comment@1.0.0
micromark-factory-space@1.1.0
micromark-factory-space@2.0.1
micromark-util-character@1.2.0
micromark-util-character@2.1.1
micromark-util-symbol@1.1.0
micromark-util-symbol@2.0.1
micromark-util-types@1.1.0
micromark-util-types@2.0.2
estree-util-value-to-estree@3.5.0
image-size@2.0.2
mdast-util-mdx@3.0.0
mdast-util-to-string@4.0.0
rehype-raw@7.0.0
remark-directive@3.0.1
remark-emoji@4.0.1
remark-frontmatter@5.0.0
remark-gfm@4.0.1
stringify-object@3.3.0
unified@11.0.5
unist-util-visit@5.1.0
vfile@6.0.3
github-slugger@1.5.0
gray-matter@4.0.3
jiti@1.21.7
p-queue@6.6.2
resolve-pathname@3.0.0
ansi-align@3.0.1
cli-boxes@3.0.0
widest-line@4.0.1
is-binary-path@2.1.0
@colors/colors@1.5.0
address@1.2.2
require-like@0.1.2
@webassemblyjs/ast@1.14.1
@webassemblyjs/wasm-edit@1.14.1
@webassemblyjs/wasm-parser@1.14.1
acorn-import-phases@1.0.4
chrome-trace-event@1.0.4
glob-to-regexp@0.4.1
loader-runner@4.3.2
ajv-formats@2.1.1
ajv-keywords@5.1.0
ajv-keywords@3.5.2
watchpack@2.5.1
webpack-sources@3.5.0
@types/html-minifier-terser@6.1.0
pretty-error@4.0.0
camel-case@4.1.2
he@1.2.0
param-case@3.0.4
relateurl@0.2.7
terser@5.48.0
invariant@2.2.4
prop-types@15.8.1
react-fast-compare@3.2.2
shallowequal@1.1.0
history@4.10.1
hoist-non-react-statics@3.3.2
loose-envify@1.4.0
tiny-invariant@1.3.3
tiny-warning@1.0.3
path-is-inside@1.0.2
configstore@6.0.0
has-yarn@3.0.0
import-lazy@4.0.0
is-installed-globally@0.4.0
is-npm@6.1.0
is-yarn-global@0.4.1
latest-version@7.0.0
pupa@3.3.0
semver-diff@4.0.0
xdg-basedir@5.1.0
@discoveryjs/json-ext@0.5.7
debounce@1.2.1
gzip-size@6.0.0
opener@1.5.2
sirv@2.0.4
@types/bonjour@3.5.13
@types/connect-history-api-fallback@1.5.4
@types/express@4.17.25
@types/express@5.0.6
@types/serve-index@1.9.4
@types/serve-static@2.2.0
@types/serve-static@1.15.10
@types/send@0.17.6
@types/send@1.2.1
@types/sockjs@0.3.36
ansi-html-community@0.0.8
bonjour-service@1.4.0
colorette@2.0.20
compression@1.8.1
connect-history-api-fallback@2.0.0
http-proxy-middleware@2.0.9
launch-editor@2.13.2
p-retry@6.2.1
selfsigned@5.5.0
serve-index@1.9.2
sockjs@0.3.24
spdy@4.0.2
webpack-dev-middleware@7.4.5
@types/qs@6.15.1
@types/range-parser@1.2.7
is-plain-object@2.0.4
shallow-clone@3.0.1
@types/react-router-dom@5.3.3
@types/react-router@5.1.20
feed@4.2.2
srcset@4.0.0
react-json-view-lite@2.5.0
@types/gtag.js@0.0.20
sitemap@7.1.3
@svgr/core@8.1.0
@svgr/webpack@8.1.0
copy-text-to-clipboard@3.2.2
infima@0.2.0-alpha.45
nprogress@0.2.0
prismjs@1.30.0
rtlcss@4.3.0
@algolia/autocomplete-core@1.19.8
@algolia/autocomplete-core@1.19.2
@docsearch/react@4.6.3
@algolia/autocomplete-plugin-algolia-insights@1.19.2
@algolia/autocomplete-plugin-algolia-insights@1.19.8
@algolia/autocomplete-shared@1.19.2
@algolia/autocomplete-shared@1.19.8
algoliasearch@5.52.1
algoliasearch-helper@3.29.1
@types/estree-jsx@1.0.5
@types/hast@3.0.4
collapse-white-space@2.1.0
devlop@1.1.0
estree-util-is-identifier-name@3.0.0
estree-util-scope@1.0.0
hast-util-to-jsx-runtime@2.3.6
markdown-extensions@2.0.0
recma-build-jsx@1.0.0
recma-jsx@1.0.1
recma-stringify@1.0.0
rehype-recma@1.0.0
remark-mdx@3.1.1
remark-parse@11.0.0
remark-rehype@11.1.2
unist-util-position-from-estree@2.0.0
unist-util-stringify-position@4.0.0
@types/unist@3.0.3
@types/unist@2.0.11
@hapi/hoek@9.3.0
@hapi/topo@5.1.0
@sideway/address@4.1.5
@sideway/formula@3.0.1
@sideway/pinpoint@2.0.0
cssesc@3.0.0
immediate@3.3.0
@node-rs/jieba-android-arm-eabi@1.10.4
@node-rs/jieba-android-arm64@1.10.4
@node-rs/jieba-darwin-arm64@1.10.4
@node-rs/jieba-darwin-x64@1.10.4
@node-rs/jieba-freebsd-x64@1.10.4
@node-rs/jieba-linux-arm-gnueabihf@1.10.4
@node-rs/jieba-linux-arm64-gnu@1.10.4
@node-rs/jieba-linux-arm64-musl@1.10.4
@node-rs/jieba-linux-x64-gnu@1.10.4
@node-rs/jieba-linux-x64-musl@1.10.4
@node-rs/jieba-wasm32-wasi@1.10.4
@node-rs/jieba-win32-arm64-msvc@1.10.4
@node-rs/jieba-win32-ia32-msvc@1.10.4
@node-rs/jieba-win32-x64-msvc@1.10.4
boolbase@1.0.0
css-select@5.2.2
css-select@4.3.0
css-what@6.2.2
big.js@5.2.2
emojis-list@3.0.0
side-channel-list@1.0.1
side-channel-map@1.0.1
side-channel-weakmap@1.0.2
babel-plugin-polyfill-corejs2@0.4.17
babel-plugin-polyfill-regenerator@0.6.8
@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.29.7
@babel/plugin-bugfix-safari-class-field-initializer-scope@7.29.7
@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.29.7
@babel/plugin-bugfix-safari-rest-destructuring-rhs-array@7.29.7
@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.29.7
@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.29.7
@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2
@babel/plugin-syntax-import-assertions@7.29.7
@babel/plugin-syntax-unicode-sets-regex@7.18.6
@babel/plugin-transform-arrow-functions@7.29.7
@babel/plugin-transform-async-generator-functions@7.29.7
@babel/plugin-transform-async-to-generator@7.29.7
@babel/plugin-transform-block-scoped-functions@7.29.7
@babel/plugin-transform-block-scoping@7.29.7
@babel/plugin-transform-class-properties@7.29.7
@babel/plugin-transform-class-static-block@7.29.7
@babel/plugin-transform-classes@7.29.7
@babel/plugin-transform-computed-properties@7.29.7
@babel/plugin-transform-destructuring@7.29.7
@babel/plugin-transform-dotall-regex@7.29.7
@babel/plugin-transform-duplicate-keys@7.29.7
@babel/plugin-transform-duplicate-named-capturing-groups-regex@7.29.7
@babel/plugin-transform-dynamic-import@7.29.7
@babel/plugin-transform-explicit-resource-management@7.29.7
@babel/plugin-transform-exponentiation-operator@7.29.7
@babel/plugin-transform-export-namespace-from@7.29.7
@babel/plugin-transform-for-of@7.29.7
@babel/plugin-transform-function-name@7.29.7
@babel/plugin-transform-json-strings@7.29.7
@babel/plugin-transform-literals@7.29.7
@babel/plugin-transform-logical-assignment-operators@7.29.7
@babel/plugin-transform-member-expression-literals@7.29.7
@babel/plugin-transform-modules-amd@7.29.7
@babel/plugin-transform-modules-commonjs@7.29.7
@babel/plugin-transform-modules-systemjs@7.29.7
@babel/plugin-transform-modules-umd@7.29.7
@babel/plugin-transform-named-capturing-groups-regex@7.29.7
@babel/plugin-transform-new-target@7.29.7
@babel/plugin-transform-nullish-coalescing-operator@7.29.7
@babel/plugin-transform-numeric-separator@7.29.7
@babel/plugin-transform-object-rest-spread@7.29.7
@babel/plugin-transform-object-super@7.29.7
@babel/plugin-transform-optional-catch-binding@7.29.7
@babel/plugin-transform-optional-chaining@7.29.7
@babel/plugin-transform-parameters@7.29.7
@babel/plugin-transform-private-methods@7.29.7
@babel/plugin-transform-private-property-in-object@7.29.7
@babel/plugin-transform-property-literals@7.29.7
@babel/plugin-transform-regenerator@7.29.7
@babel/plugin-transform-regexp-modifiers@7.29.7
@babel/plugin-transform-reserved-words@7.29.7
@babel/plugin-transform-shorthand-properties@7.29.7
@babel/plugin-transform-spread@7.29.7
@babel/plugin-transform-sticky-regex@7.29.7
@babel/plugin-transform-template-literals@7.29.7
@babel/plugin-transform-typeof-symbol@7.29.7
@babel/plugin-transform-unicode-escapes@7.29.7
@babel/plugin-transform-unicode-property-regex@7.29.7
@babel/plugin-transform-unicode-regex@7.29.7
@babel/plugin-transform-unicode-sets-regex@7.29.7
@babel/preset-modules@0.1.6-no-external-plugins
core-js-compat@3.49.0
@babel/helper-define-polyfill-provider@0.6.8
@babel/plugin-transform-react-display-name@7.29.7
@babel/plugin-transform-react-jsx@7.29.7
@babel/plugin-transform-react-jsx-development@7.29.7
@babel/plugin-transform-react-pure-annotations@7.29.7
@babel/plugin-transform-typescript@7.29.7
object.assign@4.1.7
cssnano-preset-advanced@6.1.2
postcss-sort-media-queries@5.2.0
find-cache-dir@4.0.0
serialize-javascript@6.0.2
icss-utils@5.1.0
postcss-modules-extract-imports@3.1.0
postcss-modules-local-by-default@4.2.0
postcss-modules-scope@3.2.1
postcss-modules-values@4.0.0
postcss-value-parser@4.2.0
cssnano-preset-default@6.1.2
lilconfig@3.1.3
@csstools/postcss-alpha-function@1.0.1
@csstools/postcss-cascade-layers@5.0.2
@csstools/postcss-color-function@4.0.12
@csstools/postcss-color-function-display-p3-linear@1.0.1
@csstools/postcss-color-mix-function@3.0.12
@csstools/postcss-color-mix-variadic-function-arguments@1.0.2
@csstools/postcss-content-alt-text@2.0.8
@csstools/postcss-contrast-color-function@2.0.12
@csstools/postcss-exponential-functions@2.0.9
@csstools/postcss-font-format-keywords@4.0.0
@csstools/postcss-gamut-mapping@2.0.11
@csstools/postcss-gradients-interpolation-method@5.0.12
@csstools/postcss-hwb-function@4.0.12
@csstools/postcss-ic-unit@4.0.4
@csstools/postcss-initial@2.0.1
@csstools/postcss-is-pseudo-class@5.0.3
@csstools/postcss-light-dark-function@2.0.11
@csstools/postcss-logical-float-and-clear@3.0.0
@csstools/postcss-logical-overflow@2.0.0
@csstools/postcss-logical-overscroll-behavior@2.0.0
@csstools/postcss-logical-resize@3.0.0
@csstools/postcss-logical-viewport-units@3.0.4
@csstools/postcss-media-minmax@2.0.9
@csstools/postcss-media-queries-aspect-ratio-number-values@3.0.5
@csstools/postcss-nested-calc@4.0.0
@csstools/postcss-normalize-display-values@4.0.1
@csstools/postcss-oklab-function@4.0.12
@csstools/postcss-position-area-property@1.0.0
@csstools/postcss-progressive-custom-properties@4.2.1
@csstools/postcss-property-rule-prelude-list@1.0.0
@csstools/postcss-random-function@2.0.1
@csstools/postcss-relative-color-syntax@3.0.12
@csstools/postcss-scope-pseudo-class@4.0.1
@csstools/postcss-sign-functions@1.1.4
@csstools/postcss-stepped-value-functions@4.0.9
@csstools/postcss-syntax-descriptor-syntax-production@1.0.1
@csstools/postcss-system-ui-font-family@1.0.0
@csstools/postcss-text-decoration-shorthand@4.0.3
@csstools/postcss-trigonometric-functions@4.0.9
@csstools/postcss-unset-value@4.0.0
autoprefixer@10.5.0
css-blank-pseudo@7.0.1
css-has-pseudo@7.0.3
css-prefers-color-scheme@10.0.0
cssdb@8.9.0
postcss-attribute-case-insensitive@7.0.1
postcss-clamp@4.1.0
postcss-color-functional-notation@7.0.12
postcss-color-hex-alpha@10.0.0
postcss-color-rebeccapurple@10.0.0
postcss-custom-media@11.0.6
postcss-custom-properties@14.0.6
postcss-custom-selectors@8.0.5
postcss-dir-pseudo-class@9.0.1
postcss-double-position-gradients@6.0.4
postcss-focus-visible@10.0.1
postcss-focus-within@9.0.1
postcss-font-variant@5.0.0
postcss-gap-properties@6.0.0
postcss-image-set-function@7.0.0
postcss-lab-function@7.0.12
postcss-logical@8.1.0
postcss-nesting@13.0.2
postcss-opacity-percentage@3.0.0
postcss-overflow-shorthand@6.0.0
postcss-page-break@3.0.4
postcss-place@10.0.0
postcss-pseudo-class-any-link@10.0.1
postcss-replace-overflow-wrap@4.0.0
postcss-selector-not@8.0.1
ansis@3.17.0
consola@3.4.2
pretty-time@1.1.0
std-env@3.10.0
mdast-util-from-markdown@2.0.3
mdast-util-mdx-expression@2.0.1
mdast-util-mdx-jsx@3.2.0
mdast-util-mdxjs-esm@2.0.1
mdast-util-to-markdown@2.1.2
hast-util-raw@9.1.0
mdast-util-directive@3.1.0
micromark-extension-directive@3.0.2
emoticon@4.1.0
mdast-util-find-and-replace@3.0.2
node-emoji@2.2.0
mdast-util-frontmatter@2.0.1
micromark-extension-frontmatter@2.0.0
mdast-util-gfm@3.1.0
micromark-extension-gfm@3.0.0
remark-stringify@11.0.0
get-own-enumerable-property-symbols@3.0.2
is-obj@1.0.1
is-obj@2.0.0
is-regexp@1.0.0
bail@2.0.2
extend@3.0.2
trough@2.2.0
unist-util-is@6.0.1
unist-util-visit-parents@6.0.2
vfile-message@4.0.3
section-matter@1.0.0
strip-bom-string@1.0.0
p-timeout@3.2.0
binary-extensions@2.3.0
@webassemblyjs/helper-numbers@1.13.2
@webassemblyjs/helper-wasm-bytecode@1.13.2
@webassemblyjs/helper-buffer@1.14.1
@webassemblyjs/helper-wasm-section@1.14.1
@webassemblyjs/wasm-gen@1.14.1
@webassemblyjs/wasm-opt@1.14.1
@webassemblyjs/wast-printer@1.14.1
@webassemblyjs/helper-api-error@1.13.2
@webassemblyjs/ieee754@1.13.2
@webassemblyjs/leb128@1.13.2
@webassemblyjs/utf8@1.13.2
baseline-browser-mapping@2.10.32
fast-uri@3.1.2
require-from-string@2.0.2
renderkid@3.0.0
pascal-case@3.1.2
dot-case@3.0.4
@jridgewell/source-map@0.3.11
object-assign@4.1.1
value-equal@1.0.1
dot-prop@6.0.1
unique-string@3.0.0
is-typedarray@1.0.0
typedarray-to-buffer@3.1.5
global-dirs@3.0.1
is-path-inside@3.0.3
package-json@8.1.1
escape-goat@4.0.0
duplexer@0.1.2
@polka/url@1.0.0-next.29
mrmime@2.0.1
totalist@3.0.1
@types/body-parser@1.19.6
@types/http-errors@2.0.5
@types/mime@1.3.5
multicast-dns@7.2.5
compressible@2.0.18
on-headers@1.1.0
@types/http-proxy@1.17.17
http-proxy@1.18.1
shell-quote@1.8.4
@types/retry@0.12.2
is-network-error@1.3.2
@peculiar/x509@1.14.3
pkijs@3.4.0
batch@0.6.1
handle-thing@2.0.1
http-deceiver@1.2.7
select-hose@2.0.0
spdy-transport@3.0.0
memfs@4.57.2
@jsonjoy.com/json-pack@1.21.0
@jsonjoy.com/json-pack@17.67.0
@jsonjoy.com/util@1.9.0
@jsonjoy.com/util@17.67.0
@jsonjoy.com/base64@1.1.2
@jsonjoy.com/base64@17.67.0
@jsonjoy.com/buffers@1.2.1
@jsonjoy.com/buffers@17.67.0
@jsonjoy.com/json-pointer@1.0.2
@jsonjoy.com/json-pointer@17.67.0
isobject@3.0.1
xml-js@1.6.11
@types/sax@1.2.7
arg@5.0.2
sax@1.6.0
@svgr/babel-preset@8.1.0
snake-case@3.0.4
@babel/plugin-transform-react-constant-elements@7.29.7
@svgr/plugin-jsx@8.1.0
@svgr/plugin-svgo@8.1.0
@docsearch/core@4.6.3
@docsearch/css@4.6.3
@algolia/abtesting@1.18.1
@algolia/client-abtesting@5.52.1
@algolia/client-analytics@5.52.1
@algolia/client-common@5.52.1
@algolia/client-insights@5.52.1
@algolia/client-personalization@5.52.1
@algolia/client-query-suggestions@5.52.1
@algolia/client-search@5.52.1
@algolia/ingestion@1.52.1
@algolia/monitoring@1.52.1
@algolia/recommend@5.52.1
@algolia/requester-browser-xhr@5.52.1
@algolia/requester-fetch@5.52.1
@algolia/requester-node-http@5.52.1
@algolia/events@4.0.1
dequal@2.0.3
comma-separated-tokens@2.0.3
hast-util-whitespace@3.0.0
property-information@7.1.0
space-separated-tokens@2.0.2
style-to-js@1.1.21
unist-util-position@5.0.0
estree-util-build-jsx@3.0.1
estree-util-to-js@2.0.0
recma-parse@1.0.0
hast-util-to-estree@3.1.3
micromark-extension-mdxjs@3.0.0
mdast-util-to-hast@13.2.1
@napi-rs/wasm-runtime@0.2.12
nth-check@2.1.1
call-bound@1.0.4
@babel/helper-skip-transparent-expression-wrappers@7.29.7
@babel/helper-create-regexp-features-plugin@7.29.7
@babel/helper-remap-async-to-generator@7.29.7
@babel/helper-create-class-features-plugin@7.29.7
@babel/helper-annotate-as-pure@7.29.7
@babel/helper-replace-supers@7.29.7
lodash.debounce@4.0.8
define-properties@1.2.1
object-keys@1.1.1
postcss-discard-unused@6.0.5
postcss-merge-idents@6.0.3
postcss-reduce-idents@6.0.3
postcss-zindex@6.0.2
sort-css-media-queries@2.2.0
common-path-prefix@3.0.0
css-declaration-sorter@7.4.0
cssnano-utils@4.0.2
postcss-calc@9.0.1
postcss-colormin@6.1.0
postcss-convert-values@6.1.0
postcss-discard-comments@6.0.2
postcss-discard-duplicates@6.0.3
postcss-discard-empty@6.0.3
postcss-discard-overridden@6.0.2
postcss-merge-longhand@6.0.5
postcss-merge-rules@6.1.1
postcss-minify-font-values@6.1.0
postcss-minify-gradients@6.0.3
postcss-minify-params@6.1.0
postcss-minify-selectors@6.0.4
postcss-normalize-charset@6.0.2
postcss-normalize-display-values@6.0.2
postcss-normalize-positions@6.0.2
postcss-normalize-repeat-style@6.0.2
postcss-normalize-string@6.0.2
postcss-normalize-timing-functions@6.0.2
postcss-normalize-unicode@6.1.0
postcss-normalize-url@6.0.2
postcss-normalize-whitespace@6.0.2
postcss-ordered-values@6.0.2
postcss-reduce-initial@6.1.0
postcss-reduce-transforms@6.0.2
postcss-svgo@6.0.3
postcss-unique-selectors@6.0.4
@csstools/css-tokenizer@3.0.4
@csstools/css-parser-algorithms@3.0.5
@csstools/css-color-parser@3.1.0
@csstools/utilities@2.0.0
@csstools/selector-specificity@5.0.0
@csstools/css-calc@2.1.4
@csstools/media-query-list-parser@4.0.3
@csstools/color-helpers@5.1.0
fraction.js@5.3.4
@csstools/cascade-layer-name-parser@2.0.5
@csstools/selector-resolve-nested@3.1.0
decode-named-character-reference@1.3.0
micromark@4.0.2
micromark-util-decode-numeric-character-reference@2.0.2
micromark-util-decode-string@2.0.1
micromark-util-normalize-identifier@2.0.1
ccount@2.0.1
parse-entities@4.0.2
stringify-entities@4.0.4
longest-streak@3.1.0
mdast-util-phrasing@4.1.0
micromark-util-classify-character@2.0.1
zwitch@2.0.4
@ungap/structured-clone@1.3.1
hast-util-from-parse5@8.0.3
hast-util-to-parse5@8.0.1
html-void-elements@3.0.0
web-namespaces@2.0.1
micromark-factory-whitespace@2.0.1
@sindresorhus/is@4.6.0
@sindresorhus/is@5.6.0
emojilib@2.4.0
skin-tone@2.0.0
fault@2.0.1
mdast-util-gfm-autolink-literal@2.0.1
mdast-util-gfm-footnote@2.1.0
mdast-util-gfm-strikethrough@2.0.0
mdast-util-gfm-table@2.0.0
mdast-util-gfm-task-list-item@2.0.0
micromark-extension-gfm-autolink-literal@2.1.0
micromark-extension-gfm-footnote@2.1.0
micromark-extension-gfm-strikethrough@2.1.0
micromark-extension-gfm-table@2.1.1
micromark-extension-gfm-tagfilter@2.0.0
micromark-extension-gfm-task-list-item@2.1.0
micromark-util-combine-extensions@2.0.1
extend-shallow@2.0.1
p-finally@1.0.0
@webassemblyjs/floating-point-hex-parser@1.13.2
@xtuc/long@4.2.2
@xtuc/ieee754@1.2.0
dom-converter@0.2.0
no-case@3.0.4
crypto-random-string@4.0.0
got@12.6.1
registry-auth-token@5.1.1
registry-url@6.0.1
@types/connect@3.4.38
dns-packet@5.6.1
thunky@1.1.0
@peculiar/asn1-cms@2.7.0
@peculiar/asn1-csr@2.7.0
@peculiar/asn1-ecc@2.7.0
@peculiar/asn1-pkcs9@2.7.0
@peculiar/asn1-rsa@2.7.0
@peculiar/asn1-schema@2.7.0
@peculiar/asn1-x509@2.7.0
pvtsutils@1.3.6
reflect-metadata@0.2.2
tsyringe@4.10.0
asn1js@3.0.10
bytestreamjs@2.0.1
pvutils@1.1.5
hpack.js@2.1.6
obuf@1.1.2
wbuf@1.7.3
@jsonjoy.com/fs-core@4.57.2
@jsonjoy.com/fs-fsa@4.57.2
@jsonjoy.com/fs-node@4.57.2
@jsonjoy.com/fs-node-builtins@4.57.2
@jsonjoy.com/fs-node-to-fsa@4.57.2
@jsonjoy.com/fs-node-utils@4.57.2
@jsonjoy.com/fs-print@4.57.2
@jsonjoy.com/fs-snapshot@4.57.2
glob-to-regex.js@1.2.0
thingies@2.6.0
tree-dump@1.1.0
hyperdyperid@1.2.0
@svgr/babel-plugin-add-jsx-attribute@8.0.0
@svgr/babel-plugin-remove-jsx-attribute@8.0.0
@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0
@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0
@svgr/babel-plugin-svg-dynamic-title@8.0.0
@svgr/babel-plugin-svg-em-dimensions@8.0.0
@svgr/babel-plugin-transform-react-native-svg@8.1.0
@svgr/babel-plugin-transform-svg-component@8.0.0
@svgr/hast-util-to-babel-ast@8.0.0
svg-parser@2.0.4
svgo@3.3.3
style-to-object@1.0.14
astring@1.9.0
esast-util-from-js@2.0.1
estree-util-attach-comments@3.0.0
micromark-extension-mdx-expression@3.0.1
micromark-extension-mdx-jsx@3.0.2
micromark-extension-mdx-md@2.0.0
micromark-extension-mdxjs-esm@3.0.0
micromark-util-sanitize-uri@2.0.1
trim-lines@3.0.1
@emnapi/core@1.10.0
@emnapi/runtime@1.10.0
@tybys/wasm-util@0.10.2
regexpu-core@6.4.0
@babel/helper-wrap-function@7.29.7
@babel/helper-member-expression-to-functions@7.29.7
@babel/helper-optimise-call-expression@7.29.7
caniuse-api@3.0.0
colord@2.9.3
stylehacks@6.1.1
character-entities@2.0.2
micromark-core-commonmark@2.0.3
micromark-util-chunked@2.0.1
micromark-util-encode@2.0.1
micromark-util-resolve-all@2.0.1
micromark-util-subtokenize@2.1.0
character-entities-legacy@3.0.0
character-reference-invalid@2.0.1
is-alphanumerical@2.0.1
is-decimal@2.0.1
is-hexadecimal@2.0.1
character-entities-html4@2.1.0
hastscript@9.0.1
vfile-location@5.0.3
unicode-emoji-modifier-base@1.0.0
format@0.2.2
markdown-table@3.0.4
is-extendable@0.1.1
utila@0.4.0
lower-case@2.0.2
@szmarczak/http-timer@5.0.1
cacheable-lookup@7.0.0
cacheable-request@10.2.14
decompress-response@6.0.0
mimic-response@3.1.0
mimic-response@4.0.0
form-data-encoder@2.1.4
http2-wrapper@2.2.1
lowercase-keys@3.0.0
p-cancelable@3.0.0
responselike@3.0.0
@pnpm/npm-conf@3.0.2
rc@1.2.8
@leichtgewicht/ip-codec@2.0.5
@peculiar/asn1-x509-attr@2.7.0
@peculiar/asn1-pfx@2.7.0
@peculiar/asn1-pkcs8@2.7.0
@peculiar/utils@2.0.3
css-tree@2.3.1
css-tree@2.2.1
csso@5.0.5
mdn-data@2.0.28
mdn-data@2.0.30
inline-style-parser@0.2.7
esast-util-from-estree@2.0.0
micromark-factory-mdx-expression@2.0.3
micromark-util-events-to-acorn@2.0.3
@emnapi/wasi-threads@1.2.1
regenerate@1.4.2
regenerate-unicode-properties@10.2.2
regjsgen@0.8.0
regjsparser@0.13.1
unicode-match-property-ecmascript@2.0.0
unicode-match-property-value-ecmascript@2.2.1
lodash.uniq@4.5.0
micromark-factory-destination@2.0.1
micromark-factory-label@2.0.1
micromark-factory-title@2.0.1
micromark-util-html-tag-name@2.0.1
is-alphabetical@2.0.1
hast-util-parse-selector@4.0.0
defer-to-connect@2.0.1
@types/http-cache-semantics@4.2.0
normalize-url@8.1.1
resolve-alpn@1.2.1
@pnpm/config.env-replace@1.1.0
@pnpm/network.ca-file@1.0.2
config-chain@1.1.13
deep-extend@0.6.0
estree-util-visit@2.0.0
unicode-canonical-property-names-ecmascript@2.0.1
unicode-property-aliases-ecmascript@2.2.0
proto-list@1.2.4
camelcase@7.0.1
find-up@6.3.0
escape-string-regexp@5.0.0
locate-path@7.2.0
path-exists@5.0.0
@types/node@17.0.45
cosmiconfig@8.3.6
graceful-fs@4.2.10
p-limit@4.0.0
content-disposition@0.5.2
depd@1.1.2
range-parser@1.2.0
strip-json-comments@2.0.1
json-schema-traverse@1.0.0
estraverse@4.3.0
p-locate@6.0.0
type-fest@2.19.0
type-fest@1.4.0
slash@4.0.0
pkg-dir@7.0.0
yocto-queue@1.2.2
globby@13.2.2
mime-types@2.1.18
mime-types@3.0.2
negotiator@0.6.4
bytes@3.0.0
ipaddr.js@2.4.0
source-map@0.7.6
isarray@0.0.1
mime-db@1.33.0
mime-db@1.54.0
ini@2.0.0
tinypool@1.1.1
eslint-scope@5.1.1
tslib@1.14.1
is-ci@3.0.1
write-file-atomic@3.0.3
define-lazy-prop@2.0.0
is-wsl@2.2.0
es-module-lexer@2.1.0
commander@7.2.0
commander@5.1.0
commander@8.3.0
commander@10.0.1
commander@2.20.3
react-is@16.13.1
entities@2.2.0
entities@7.0.1
estree-walker@3.0.3
is-docker@2.2.1
jest-worker@27.5.1
source-map-support@0.5.21
core-js@3.49.0
whatwg-encoding@3.1.1
whatwg-mimetype@4.0.0
quick-lru@5.1.1
is-plain-obj@4.1.0
is-plain-obj@3.0.0
eventemitter3@4.0.7
retry@0.13.1
chalk@5.6.2
minimatch@3.1.5
semver@7.8.1
resolve@1.22.12
@types/estree@1.0.9
nanoid@3.3.12
fs-extra@11.3.5
cookie@0.7.2
cookie-signature@1.0.7
path-to-regexp@0.1.13
path-to-regexp@1.9.0
path-to-regexp@3.3.0
statuses@2.0.2
statuses@1.5.0
tapable@2.3.3
@babel/helper-globals@7.29.7
source-map-js@1.2.1
@babel/helper-string-parser@7.29.7
@babel/helper-validator-identifier@7.29.7
follow-redirects@1.16.0
object-inspect@1.13.4
@babel/helper-plugin-utils@7.29.7
@babel/compat-data@7.29.7
@babel/helper-validator-option@7.29.7
caniuse-lite@1.0.30001793
electron-to-chromium@1.5.361
node-releases@2.0.46
express@4.22.2
open@10.2.0
open@8.4.2
@types/debug@4.1.13
ajv@6.15.0
ajv@8.20.0
enhanced-resolve@5.22.0
ws@8.21.0
ws@7.5.11
@babel/parser@7.29.7
@babel/traverse@7.29.7
is-core-module@2.16.2
@babel/runtime@7.29.7
body-parser@1.20.5
finalhandler@1.3.2
http-errors@2.0.1
http-errors@1.8.1
qs@6.15.2
send@0.19.2
serve-static@1.16.3
import-fresh@3.3.1
@babel/core@7.29.7
@babel/types@7.29.7
@babel/code-frame@7.29.7
@babel/generator@7.29.7
@babel/template@7.29.7
postcss@8.5.15
hasown@2.0.3
raw-body@2.5.3
side-channel@1.1.0
@babel/plugin-syntax-jsx@7.29.7
@babel/plugin-syntax-typescript@7.29.7
@babel/helper-compilation-targets@7.29.7
@babel/helper-module-transforms@7.29.7
@babel/helpers@7.29.7
call-bind@1.0.9
@babel/plugin-syntax-import-attributes@7.29.7
browserslist@4.28.2
@babel/helper-module-imports@7.29.7
acorn-walk@8.3.5
update-browserslist-db@1.2.3

View full report

cursor · 2026-05-28T22:13:59Z

+    "rootDir": "./src"
+  },
+  "references": [],
+  "include": ["../../types", "./src"]


Missing src/index.ts breaks monorepo build

High Severity

The package's tsconfig.build.json sets rootDir to ./src and includes ./src, but no src/ directory or src/index.ts file exists in this package. The typedoc.json also references ./src/index.ts. Since the root tsconfig.build.json includes this package as a project reference, running yarn build at the monorepo level will fail because TypeScript cannot find any input files for this project.

Additional Locations (2)

packages/wallet-framework-docs/typedoc.json#L1-L2

tsconfig.build.json#L258-L261

^{Reviewed by Cursor Bugbot for commit 9aaf8c8. Configure here.}

Yeah, none of these properties related to exports are valid. I have left them in to appease the Yarn constraints for now. I could remove them though if it's confusing.

mcmire · 2026-05-29T14:41:48Z

@SocketSecurity ignore npm/lunr-languages@1.20.0 - False positive. The file in question does not seem to be obfuscated: https://npmfs.com/package/lunr-languages/1.20.0/lunr.ko.js

@SocketSecurity ignore npm/svgo@3.3.3 - This file is minified, it's not obfuscated. This is a common practice in some libraries.

@SocketSecurity ignore npm/@algolia/client-personalization@5.52.1 - Network access is OK. This package talks to the Algolia API.

@SocketSecurity ignore npm/@algolia/requester-fetch@5.52.1 - Network access makes sense for this package.

@SocketSecurity ignore npm/@algolia/requester-node-http@5.52.1 - Network access makes sense for this package.

@SocketSecurity ignore npm/@docsearch/react@4.6.3 - Network access is OK. This package talks to Algolia.

mcmire · 2026-05-29T14:52:34Z

@SocketSecurity ignore npm/@emnapi/core@1.10.0 - Network access is misleading. This is a WASM package.

@SocketSecurity ignore npm/@node-rs/jieba@1.10.4 - Shell access is OK. This is a compiled package. It looks like it runs ldd to determine support for musl.

@SocketSecurity ignore npm/@pnpm/npm-conf@3.0.2 - False positive, this does not actually call fetch.

mcmire · 2026-05-29T14:55:20Z

@SocketSecurity ignore npm/@tybys/wasm-util@0.10.2 - Network access is misleading - this is a WASM package.

@SocketSecurity ignore npm/address@1.2.2 - Shell access is OK. This library is network-related and uses ifconfig to find local interfaces.

mcmire · 2026-05-29T14:55:34Z

@SocketSecurity ignore npm/svgo@3.3.3 - This file is minified, it's not obfuscated. This is a common practice in some libraries.

mcmire · 2026-05-29T14:56:52Z

@SocketSecurity ignore npm/clean-css@5.3.3 - This is a false positive, this does not access the network.

mcmire · 2026-05-29T14:58:48Z

@SocketSecurity ignore npm/config-chain@1.1.13 - Network access is legit. I don't know why, but this package says it's used directly by npm, so it seems OK.

mcmire · 2026-05-29T15:00:07Z

@SocketSecurity ignore npm/eta@2.2.0 - False positive, this does not access the network.

mcmire · 2026-05-29T15:02:49Z

@SocketSecurity ignore npm/htmlparser2@6.1.0
@SocketSecurity ignore npm/parse5-parser-stream@7.1.2
@SocketSecurity ignore npm/postcss-calc@9.0.1

None of these are legit.

mcmire · 2026-05-29T15:06:35Z

@SocketSecurity ignore-all

I've gone through the remaining alerts (a lot of which are "AI anomalies"). Nothing stands out to me as problematic. There are some changes to authorship but I double-checked them and they all seem OK.

mcmire · 2026-05-29T15:08:21Z

+  border-left: 4px solid transparent;
+}
+
+.code-block-diff-added-line {


This will be useful in a future commit, when I start adding a tutorial for data services.

cursor

Cursor Bugbot has reviewed your changes and found 1 potential issue.

There are 2 total unresolved issues (including 1 from previous review).

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit bf20447. Configure here.}

mcmire added 2 commits May 28, 2026 16:00

Fix tsconfig.json

f25b768

Update README

9aaf8c8

mcmire marked this pull request as ready for review May 28, 2026 22:08

mcmire requested a review from a team as a code owner May 28, 2026 22:08

mcmire temporarily deployed to default-branch May 28, 2026 22:08 — with GitHub Actions Inactive

cursor Bot reviewed May 28, 2026

View reviewed changes

mcmire added 2 commits May 29, 2026 09:09

Quick update to tagline

2edb4fd

Remove the swizzle script for now

bf20447

mcmire commented May 29, 2026

View reviewed changes

cursor Bot reviewed May 29, 2026

View reviewed changes

Comment thread packages/wallet-framework-docs/site/docusaurus.config.ts

Uh oh!

Conversation

mcmire commented May 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Explanation

References

Screenshots

Checklist

Uh oh!

socket-security Bot commented May 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security Bot commented May 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

cursor Bot May 28, 2026

Choose a reason for hiding this comment

Missing src/index.ts breaks monorepo build

Uh oh!

mcmire May 28, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

mcmire commented May 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire commented May 29, 2026

Uh oh!

mcmire May 29, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

cursor Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

mcmire commented May 28, 2026 •

edited

Loading

socket-security Bot commented May 28, 2026 •

edited

Loading

socket-security Bot commented May 28, 2026 •

edited

Loading

Missing `src/index.ts` breaks monorepo build

mcmire commented May 29, 2026 •

edited

Loading