npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@source-wire/contracts

v0.1.0

Published

Public Source-Wire contract package skeleton for agent-first memory systems.

Readme

Source-Wire

Package Checks

Source-Wire is an agent-first memory architecture skeleton.

It is designed for systems where AI agents need to search, cite, update, and reason over source-backed context without turning every imported note or chat message into trusted memory automatically.

Current public status: Source-Wire is Apache-2.0 licensed as a source package. It is unreleased, unpublished to npm, undeployed, and not a hosted runtime. Read Public Status before npm, release, deployment, hosted-runtime, production-use, or contribution assumptions.

Share for review: use Share For Technical Review for safe invite copy, first commands, feedback routing, and review-only boundaries.

Public share kit: use World Share Kit for YouTube, Substack, social, Discord, and direct-review copy that preserves release, runtime, data, and contribution boundaries.

World share packet: use World Share Packet or npm run world:share-packet for the exact safe copy, first reviewer commands, owner preflight, feedback route, and blocked launch channels in one place.

Share-readiness audit: Source-Wire is ready for technical review and source package reuse under Apache-2.0, but not npm publishing, GitHub release publishing, deployment, hosted runtime use, production runtime use, or code contribution acceptance. Read the First-Time Visitor Share-Readiness Audit.

Current owner-decision issues:

First Reviewer Quickstart

Use Node.js 22 with npm. For complete setup details, read Quickstart.

git clone https://github.com/DanielJD1216/Source-Wire.git
cd Source-Wire
npm install
npm run readiness:report

To prove the same first-reviewer path from a temporary clean checkout-style copy:

npm run reviewer:smoke

For the full local verification gate:

npm run publish:readiness

Despite the command name, publish:readiness does not publish npm.

Use World Share Packet, Share For Technical Review, and Reviewer Feedback Guide when sharing the repo or sending feedback.

Still Blocked

  • npm publishing,
  • GitHub release publishing,
  • release tags,
  • package version change,
  • branch governance enforcement,
  • hosted runtime,
  • production runtime use,
  • code contribution acceptance.

What This Public Skeleton Includes

  • Source Graph Adapter Contract.
  • Source Connection Contract.
  • second-brain.v1 response contract.
  • MCP tool behavior contract.
  • Synthetic fixtures for notes, chat exports, project context, and /2nd-brain examples.
  • A public extraction checklist for future safety reviews.
  • A lightweight TypeScript package boundary.
  • A minimal synthetic in-memory runtime boundary for owner-hosted API plus MCP policy proof.

What Is Intentionally Not Included Yet

  • Hosted runtime backend code.
  • Mission Control UI.
  • Real user data.
  • Real Memory Records or Sources.
  • Private proof history.
  • Screenshots.
  • Database values or migrations.
  • Memory-engine fork code.
  • Live connectors.
  • Tokens, local paths, domains, emails, account IDs, client names, or private project history.

Documentation

Contracts

Decision Prototypes

Package Boundary

This repo is currently a contract package skeleton with a minimal synthetic runtime boundary.

It can define public shapes, validate public fixtures, and execute synthetic in-memory policy proof cases. It does not run a memory backend, database, MCP server, Mission Control UI, memory-engine integration, or live connector.

Schema Exports

Source-Wire exposes its current JSON schemas through stable package subpaths and a typed schema registry.

Validation CLI

Source-Wire includes a tiny local CLI for validating explicit files against explicit schema names.

CI Checks

Source-Wire runs package checks and public-safety scanning on push and pull request.

The CI docs include a stable log marker map for reading GitHub Actions Package Checks output.

Publish Readiness

Source-Wire can run a full local publish readiness gate with package dry-run, installed package smokes, runtime-boundary smokes, docs links, command-doc setup checks, and public-safety checks, but it is not published to npm yet.

The publish-readiness docs include a local success marker map for npm run publish:readiness.

Run the license implementation check before any future publishing, release, hosted runtime, or contribution work:

npm run license:rehearsal

It verifies the current Apache-2.0 license implementation and confirms publishing, release, deployment, hosted runtime, and code contribution acceptance remain blocked.

Fixtures

All fixtures are fictional and synthetic.

The owner-hosted API plus MCP boundary fixture contains synthetic proof cases only. It is schema-backed and validated by the current CLI.

Minimal Synthetic Runtime Boundary

The minimal synthetic runtime boundary exports in-memory TypeScript policy code and validates it against the owner-hosted API plus MCP boundary proof cases.

Use Node.js 22 with npm from the repository root. For the complete local setup path, read the Quickstart.

Install dependencies first:

npm install

Run it with:

npm run minimal-runtime:smoke

It does not start a server, connect to a database, run a real MCP server, store memory, or imply Source-Wire hosts memory.

Runtime Boundary Example

The synthetic runtime boundary example is a local and installed-package smoke proof for the future owner-hosted API plus MCP boundary.

Use Node.js 22 with npm from the repository root. For the complete local setup path, read the Quickstart.

Install dependencies first:

npm install

Run it with:

npm run runtime-boundary:smoke

Run the installed package proof with:

npm run runtime-boundary:installed-smoke

Run the diagnostic regression proof with:

npm run runtime-boundary:diagnostics-smoke

It does not start a server, connect to a database, or imply Source-Wire hosts memory.

Safety Rule

Imported source text is evidence, not trusted memory.

Source-Wire examples should preserve citations, source identity, stale state, and review boundaries. Trusted Memory Records should require an explicit owner or application approval path.

Public Extraction Checklist

Before adding new public examples or docs, review: