Gathering detailed insights and metrics for @exodus/walletconnect-safe-json
Gathering detailed insights and metrics for @exodus/walletconnect-safe-json
Installations
npm install @exodus/walletconnect-safe-jsonScore
65.4
Supply Chain
55.1
Quality
83.1
Maintenance
100
Vulnerability
100
License
Contributors
30
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4){kind=avatar}
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4){kind=avatar}
Developer
walletconnect
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
16.17.1
NPM Version
8.15.0
Statistics
114 Stars
390 Commits
76 Forks
26 Watching
55 Branches
30 Contributors
Updated on 27 Nov 2024
Bundle Size
12.33 kB
Minified
4.37 kB
Minified + Gzipped
Languages
TypeScript (96.67%)
JavaScript (3.33%)
Total Downloads
Cumulative downloads
Total Downloads
43,049
Last day
-48.6%
142
Compared to previous day
Last week
-4.7%
546
Compared to previous week
Last month
-38.1%
2,966
Compared to previous month
Last year
120.5%
29,616
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
7
Versions
WalletConnect Utils
Monorepo of JS utility packages for WalletConnect
Setup
- Clone the repository:
1git clone https://github.com/WalletConnect/walletconnect-utils.git
- Install all dependencies:
1npm install
- Ensure all packages lint, build, and test successfully:
For all tests to pass in the following command, you will need your own
TEST_PROJECT_IDvalue, which will be generated for you when you set up a new project on WalletConnect Cloud.
1# `check` will call `turbo run prettier lint build test` under the hood. 2TEST_PROJECT_ID=YOUR_PROJECT_ID npm run check
Publishing a package
- To register a change relevant for a package's release, call
changeset:
1npm run changeset
In the interactive shell:
- select the relevant package(s) with the
<space>bar where changes have been made - select (via
<space>) which packages should receive a major/minor/patch version bump. To simply skip a version level, hit<enter>without selecting anything. - Confirm the changes, which will auto-create a changeset file inside the
.changesetdirectory
- Version and publish the changeset of the affected packages:
1# will run `changeset version && turbo pre-publish && changeset publish` under the hood. 2npm run npm-publish
License
MIT
No vulnerabilities found.
Reason
30 commit(s) out of 30 and 0 issue activity out of 5 found in the last 90 days -- score normalized to 10
Reason
no vulnerabilities detected
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: : LICENSE:1
Reason
no binaries found in the repo
Reason
dependency not pinned by hash detected -- score normalized to 9
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/WalletConnect/walletconnect-utils/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/WalletConnect/walletconnect-utils/build.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:31
- Info: Third-party GitHubActions are pinned
- Info: Dockerfile dependencies are pinned
- Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles
- Info: no insecure (not pinned by hash) dependency downloads found in shell scripts
Reason
GitHub code reviews found for 15 commits out of the last 30 -- score normalized to 5
Details
- Warn: no reviews found for commit: f2a331f63ab133c48c93a19baf44a43b73e6b9fc
- Warn: no reviews found for commit: d33e8f4e9625a8d393239750aebbf9c653bf5d53
- Warn: no reviews found for commit: c19b1fe1bca195fe7b97a9edd4a8dcb38168beae
- Warn: no reviews found for commit: 9de54a0e77b26ed44b935156f541cca09de3efc6
- Warn: no reviews found for commit: 51fa5b12a5d5a6a3279867a36a9d6d0819901926
- Warn: no reviews found for commit: 3c22a2ffc22f3681d621e525c389ba3464b65d58
- Warn: no reviews found for commit: 717386056b0e3858c17a006d7c769289f58dbb1c
- Warn: no reviews found for commit: dd038caa98c2c343b8da4a8d2e83aa42017f6153
- Warn: no reviews found for commit: 3b442a4148aecd18a0a58507b3e77b7882061261
- Warn: no reviews found for commit: 0c8ea0202298732832b20e76709dc8b9fbaffddc
- Warn: no reviews found for commit: 91daec9ff08f696e2a16f89098136e6872486664
- Warn: no reviews found for commit: 79392228693ab9d3b4f261a304f7a339826cc087
- Warn: no reviews found for commit: 19092bfa1bf844dd915add6bc4d252808ddc02f2
- Warn: no reviews found for commit: b51e25c1769d97ecb8a843a1644a21f3d45a9f28
- Warn: no reviews found for commit: 6cb4da714c50739255984dd052363113aca7f2cd
Reason
no badge detected
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
non read-only tokens detected in GitHub workflows
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1: update your workflow using https://app.stepsecurity.io/secureworkflow/WalletConnect/walletconnect-utils/build.yml/master?enable=permissions
Reason
no update tool detected
Details
- Warn: dependabot config file not detected in source location. We recommend setting this configuration in code so it can be easily verified by others.
- Warn: renovatebot config file not detected in source location. We recommend setting this configuration in code so it can be easily verified by others.
Reason
security policy file not detected
Reason
project is not fuzzed
Score
5.2
/10
Last Scanned on 2022-08-15
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More