From d783966065c37abea24a407478f0a574cdcb8345 Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Wed, 9 Dec 2020 00:55:47 -0330 Subject: [PATCH 1/4] Revert "Add SES lockdown to extension webapp (#9729)" This reverts commit 9f6fa64d675b8330a7f7cee8c51791bce4f90ec9. --- app/manifest/_base.json | 10 +- app/phishing.html | 2 - app/popup.html | 3 - app/scripts/background.js | 8 +- app/scripts/initSentry.js | 7 -- app/scripts/lib/freezeGlobals.js | 37 ++++++ app/scripts/runLockdown.js | 7 -- app/scripts/ui.js | 14 ++- development/build/index.js | 5 + development/build/scripts.js | 12 +- development/build/static.js | 10 -- development/build/task.js | 6 +- package.json | 7 +- test/unit-global/frozenPromise.js | 8 +- test/unit-global/globalPatch.js | 2 - yarn.lock | 182 +++++++++++++++++------------- 16 files changed, 177 insertions(+), 143 deletions(-) delete mode 100644 app/scripts/initSentry.js create mode 100644 app/scripts/lib/freezeGlobals.js delete mode 100644 app/scripts/runLockdown.js delete mode 100644 test/unit-global/globalPatch.js diff --git a/app/manifest/_base.json b/app/manifest/_base.json index e27c3285f..94e340372 100644 --- a/app/manifest/_base.json +++ b/app/manifest/_base.json @@ -1,13 +1,7 @@ { "author": "https://metamask.io", "background": { - "scripts": [ - "initSentry.js", - "lockdown.cjs", - "runLockdown.js", - "bg-libs.js", - "background.js" - ], + "scripts": ["bg-libs.js", "background.js"], "persistent": true }, "browser_action": { @@ -36,7 +30,7 @@ "content_scripts": [ { "matches": ["file://*/*", "http://*/*", "https://*/*"], - "js": ["lockdown.cjs", "runLockdown.js", "contentscript.js"], + "js": ["contentscript.js"], "run_at": "document_start", "all_frames": true }, diff --git a/app/phishing.html b/app/phishing.html index 1c913db2e..583a50140 100644 --- a/app/phishing.html +++ b/app/phishing.html @@ -2,8 +2,6 @@ Ethereum Phishing Detection - MetaMask - - diff --git a/app/popup.html b/app/popup.html index 4d29f6153..0c3d70407 100644 --- a/app/popup.html +++ b/app/popup.html @@ -10,9 +10,6 @@
- - - diff --git a/app/scripts/background.js b/app/scripts/background.js index fa1e48a10..c57710bd2 100644 --- a/app/scripts/background.js +++ b/app/scripts/background.js @@ -3,6 +3,7 @@ */ // these need to run before anything else /* eslint-disable import/first,import/order */ +import './lib/freezeGlobals' import setupFetchDebugging from './lib/setupFetchDebugging' /* eslint-enable import/order */ @@ -28,6 +29,7 @@ import createStreamSink from './lib/createStreamSink' import NotificationManager from './lib/notification-manager' import MetamaskController from './metamask-controller' import rawFirstTimeState from './first-time-state' +import setupSentry from './lib/setupSentry' import getFirstPreferredLangCode from './lib/get-first-preferred-lang-code' import getObjStructure from './lib/getObjStructure' import setupEnsIpfsResolver from './lib/ens-ipfs/setup' @@ -39,16 +41,18 @@ import { } from './lib/enums' /* eslint-enable import/first */ -const { sentry } = global const firstTimeState = { ...rawFirstTimeState } log.setDefaultLevel(process.env.METAMASK_DEBUG ? 'debug' : 'warn') const platform = new ExtensionPlatform() - const notificationManager = new NotificationManager() global.METAMASK_NOTIFIER = notificationManager +// setup sentry error reporting +const release = platform.getVersion() +const sentry = setupSentry({ release }) + let popupIsOpen = false let notificationIsOpen = false const openMetamaskTabsIDs = {} diff --git a/app/scripts/initSentry.js b/app/scripts/initSentry.js deleted file mode 100644 index 70ea7b936..000000000 --- a/app/scripts/initSentry.js +++ /dev/null @@ -1,7 +0,0 @@ -import setupSentry from './lib/setupSentry' - -// setup sentry error reporting -global.sentry = setupSentry({ - release: process.env.METAMASK_VERSION, - getState: () => global.getSentryState?.() || {}, -}) diff --git a/app/scripts/lib/freezeGlobals.js b/app/scripts/lib/freezeGlobals.js new file mode 100644 index 000000000..08b201bee --- /dev/null +++ b/app/scripts/lib/freezeGlobals.js @@ -0,0 +1,37 @@ +/** + * Freezes the Promise global and prevents its reassignment. + */ +import deepFreeze from 'deep-freeze-strict' + +if (process.env.IN_TEST !== 'true' && process.env.METAMASK_ENV !== 'test') { + freeze(global, 'Promise') +} + +/** + * Makes a key:value pair on a target object immutable, with limitations. + * The key cannot be reassigned or deleted, and the value is recursively frozen + * using Object.freeze. + * + * Because of JavaScript language limitations, this is does not mean that the + * value is completely immutable. It is, however, better than nothing. + * + * @param {Object} target - The target object to freeze a property on. + * @param {string} key - The key to freeze. + * @param {any} [value] - The value to freeze, if different from the existing value on the target. + * @param {boolean} [enumerable=true] - If given a value, whether the property is enumerable. + */ +function freeze(target, key, value, enumerable = true) { + const opts = { + configurable: false, + writable: false, + } + + if (value === undefined) { + target[key] = deepFreeze(target[key]) + } else { + opts.value = deepFreeze(value) + opts.enumerable = enumerable + } + + Object.defineProperty(target, key, opts) +} diff --git a/app/scripts/runLockdown.js b/app/scripts/runLockdown.js deleted file mode 100644 index 00bc7658f..000000000 --- a/app/scripts/runLockdown.js +++ /dev/null @@ -1,7 +0,0 @@ -// Freezes all intrinsics -// eslint-disable-next-line no-undef,import/unambiguous -lockdown({ - errorTaming: 'unsafe', - mathTaming: 'unsafe', - dateTaming: 'unsafe', -}) diff --git a/app/scripts/ui.js b/app/scripts/ui.js index f1f4a7b78..5b5932a50 100644 --- a/app/scripts/ui.js +++ b/app/scripts/ui.js @@ -1,9 +1,13 @@ +// this must run before anything else +import './lib/freezeGlobals' + // polyfills import 'abortcontroller-polyfill/dist/polyfill-patch-fetch' import '@formatjs/intl-relativetimeformat/polyfill' import { EventEmitter } from 'events' import PortStream from 'extension-port-stream' + import extension from 'extensionizer' import Dnode from 'dnode' @@ -12,8 +16,9 @@ import EthQuery from 'eth-query' import StreamProvider from 'web3-stream-provider' import log from 'loglevel' import launchMetaMaskUi from '../../ui' -import ExtensionPlatform from './platforms/extension' import { setupMultiplex } from './lib/stream-utils' +import setupSentry from './lib/setupSentry' +import ExtensionPlatform from './platforms/extension' import { ENVIRONMENT_TYPE_FULLSCREEN, ENVIRONMENT_TYPE_POPUP, @@ -26,6 +31,13 @@ async function start() { // create platform global global.platform = new ExtensionPlatform() + // setup sentry error reporting + const release = global.platform.getVersion() + setupSentry({ + release, + getState: () => window.getSentryState?.() || {}, + }) + // identify window type (popup, notification) const windowType = getEnvironmentType() diff --git a/development/build/index.js b/development/build/index.js index facf87b61..cc75d8398 100755 --- a/development/build/index.js +++ b/development/build/index.js @@ -3,6 +3,11 @@ // // run any task with "yarn build ${taskName}" // +global.globalThis = global // eslint-disable-line node/no-unsupported-features/es-builtins +require('lavamoat-core/lib/ses.umd.js') + +lockdown() // eslint-disable-line no-undef + const livereload = require('gulp-livereload') const { createTask, diff --git a/development/build/scripts.js b/development/build/scripts.js index 2f6b577e4..52bedaf32 100644 --- a/development/build/scripts.js +++ b/development/build/scripts.js @@ -9,7 +9,7 @@ const log = require('fancy-log') const { assign } = require('lodash') const watchify = require('watchify') const browserify = require('browserify') -const envify = require('loose-envify/custom') +const envify = require('envify/custom') const sourcemaps = require('gulp-sourcemaps') const sesify = require('sesify') const terser = require('gulp-terser-js') @@ -22,8 +22,6 @@ const conf = require('rc')('metamask', { SEGMENT_LEGACY_WRITE_KEY: process.env.SEGMENT_LEGACY_WRITE_KEY, }) -const baseManifest = require('../../app/manifest/_base.json') - const packageJSON = require('../../package.json') const { createTask, @@ -98,12 +96,7 @@ function createScriptTasks({ browserPlatforms, livereload }) { } function createTasksForBuildJsExtension({ taskPrefix, devMode, testing }) { - const standardBundles = [ - 'background', - 'ui', - 'phishing-detect', - 'initSentry', - ] + const standardBundles = ['background', 'ui', 'phishing-detect'] const standardSubtasks = standardBundles.map((filename) => { return createTask( @@ -356,7 +349,6 @@ function createScriptTasks({ browserPlatforms, livereload }) { envify({ METAMASK_DEBUG: opts.devMode, METAMASK_ENVIRONMENT: environment, - METAMASK_VERSION: baseManifest.version, METAMETRICS_PROJECT_ID: process.env.METAMETRICS_PROJECT_ID, NODE_ENV: opts.devMode ? 'development' : 'production', IN_TEST: opts.testing ? 'true' : false, diff --git a/development/build/static.js b/development/build/static.js index 142f290d1..f00d53d25 100644 --- a/development/build/static.js +++ b/development/build/static.js @@ -44,16 +44,6 @@ const copyTargets = [ pattern: `*.html`, dest: ``, }, - { - src: `./node_modules/ses/dist/`, - pattern: `lockdown.cjs`, - dest: ``, - }, - { - src: `./app/scripts/`, - pattern: `runLockdown.js`, - dest: ``, - }, ] const languageTags = new Set() diff --git a/development/build/task.js b/development/build/task.js index 1ed252413..553a06956 100644 --- a/development/build/task.js +++ b/development/build/task.js @@ -68,9 +68,7 @@ function runInChildProcess(task) { ) } return instrumentForTaskStats(taskName, async () => { - const childProcess = spawn('yarn', ['build', taskName, '--skip-stats'], { - env: process.env, - }) + const childProcess = spawn('yarn', ['build', taskName, '--skip-stats']) // forward logs to main process // skip the first stdout event (announcing the process command) childProcess.stdout.once('data', () => { @@ -87,7 +85,7 @@ function runInChildProcess(task) { if (errCode !== 0) { reject( new Error( - `MetaMask build: runInChildProcess for task "${taskName}" encountered an error ${errCode}`, + `MetaMask build: runInChildProcess for task "${taskName}" encountered an error`, ), ) return diff --git a/package.json b/package.json index f11903fbb..d93ce8230 100644 --- a/package.json +++ b/package.json @@ -60,9 +60,6 @@ "**/knex/minimist": "^1.2.5", "**/optimist/minimist": "^1.2.5", "**/socketcluster/minimist": "^1.2.5", - "**/redux/symbol-observable": "^2.0.3", - "**/redux-devtools-instrument/symbol-observable": "^2.0.3", - "**/rxjs/symbol-observable": "^2.0.3", "3box/ipfs/ipld-zcash/zcash-bitcore-lib/lodash": "^4.17.19", "3box/ipfs/ipld-zcash/zcash-bitcore-lib/elliptic": "^6.5.3", "3box/**/libp2p-crypto/node-forge": "^0.10.0", @@ -219,6 +216,7 @@ "css-loader": "^2.1.1", "del": "^3.0.0", "deps-dump": "^1.1.0", + "envify": "^4.1.0", "enzyme": "^3.10.0", "enzyme-adapter-react-16": "^1.15.1", "eslint": "^7.7.0", @@ -254,8 +252,8 @@ "gulp-zip": "^4.0.0", "jsdom": "^11.2.0", "koa": "^2.7.0", + "lavamoat-core": "^6.1.0", "lockfile-lint": "^4.0.0", - "loose-envify": "^1.4.0", "mocha": "^7.2.0", "nock": "^9.0.14", "node-fetch": "^2.6.1", @@ -278,7 +276,6 @@ "sass-loader": "^7.0.1", "selenium-webdriver": "^4.0.0-alpha.5", "serve-handler": "^6.1.2", - "ses": "0.11.0", "sesify": "^4.2.1", "sesify-viz": "^3.0.10", "sinon": "^9.0.0", diff --git a/test/unit-global/frozenPromise.js b/test/unit-global/frozenPromise.js index 1a1ca18b5..6583e1edf 100644 --- a/test/unit-global/frozenPromise.js +++ b/test/unit-global/frozenPromise.js @@ -1,8 +1,6 @@ -// Should occur before anything else -import './globalPatch' -import 'ses/dist/lockdown.cjs' -import '../../app/scripts/runLockdown' -import assert from 'assert' /* eslint-disable-line import/first,import/order */ +import '../../app/scripts/lib/freezeGlobals' + +import assert from 'assert' describe('Promise global is immutable', function () { it('throws when reassinging promise (syntax 1)', function () { diff --git a/test/unit-global/globalPatch.js b/test/unit-global/globalPatch.js deleted file mode 100644 index 89d392454..000000000 --- a/test/unit-global/globalPatch.js +++ /dev/null @@ -1,2 +0,0 @@ -// eslint-disable-next-line import/unambiguous,node/no-unsupported-features/es-builtins -global.globalThis = global diff --git a/yarn.lock b/yarn.lock index f328d7c05..c78a9c956 100644 --- a/yarn.lock +++ b/yarn.lock @@ -47,21 +47,6 @@ did-resolver "0.0.6" ipfs-did-document "^1.2.3" -"@agoric/babel-standalone@^7.9.5": - version "7.9.5" - resolved "https://registry.yarnpkg.com/@agoric/babel-standalone/-/babel-standalone-7.9.5.tgz#1ca0c17844924199d31e49d6b67e8b2a629b8599" - integrity sha512-1Aa23oPuRi4kywUyZODo8zey9Gq2NpD2xUnNvgJLoT8orMQRlVOtvbG3JeHq5sjJERlF/q6csg4/P8t8/5IABA== - -"@agoric/make-hardener@^0.1.0": - version "0.1.1" - resolved "https://registry.yarnpkg.com/@agoric/make-hardener/-/make-hardener-0.1.1.tgz#9b887da47aeec6637d9db4f0a92a4e740b8262bb" - integrity sha512-3emNc+yWJoFK5JMLoEFPs6rCzkntWQKxpR4gt3jaZYLKoUG4LrTmID3XNe8y40B6SJ3k/wLPodKa0ToQGlhrwQ== - -"@agoric/transform-module@^0.4.1": - version "0.4.1" - resolved "https://registry.yarnpkg.com/@agoric/transform-module/-/transform-module-0.4.1.tgz#9fb152364faf372e1bda535cb4ef89717724f57c" - integrity sha512-4TJJHXeXAWu1FCA7yXCAZmhBNoGTB/BEAe2pv+J2X8W/mJTr9b395OkDCSRMpzvmSshLfBx6wT0D7dqWIWEC1w== - "@babel/code-frame@7.8.3": version "7.8.3" resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.8.3.tgz#33e25903d7481181534e12ec0a25f16b6fcf419e" @@ -119,7 +104,7 @@ dependencies: eslint-rule-composer "^0.3.0" -"@babel/generator@^7.12.5": +"@babel/generator@^7.12.1", "@babel/generator@^7.12.5": version "7.12.5" resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.12.5.tgz#a2c50de5c8b6d708ab95be5e6053936c1884a4de" integrity sha512-m16TQQJ8hPt7E+OS/XVQg/7U184MLXtvuGbCdA7na61vha+ImkyyNM/9DDA0unYCVZn3ZOhng+qz48/KBOT96A== @@ -347,7 +332,12 @@ chalk "^2.0.0" js-tokens "^4.0.0" -"@babel/parser@^7.12.7", "@babel/parser@^7.7.5": +"@babel/parser@^7.10.1", "@babel/parser@^7.7.5": + version "7.12.3" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.12.3.tgz#a305415ebe7a6c7023b40b5122a0662d928334cd" + integrity sha512-kFsOS0IbsuhO5ojF8Hc8z/8vEIOkylVBrjiZUbLTE3XFe0Qi+uu6HjzQixkFaqr0ZPAMZcBVxEwmsnsLPZ2Xsw== + +"@babel/parser@^7.12.1", "@babel/parser@^7.12.7": version "7.12.7" resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.12.7.tgz#fee7b39fe809d0e73e5b25eecaf5780ef3d73056" integrity sha512-oWR02Ubp4xTLCAqPRiNIuMVgNO5Aif/xpXtabhzW2HWUD47XJsAB4Zd/Rg30+XeQA3juXigV7hlquOTmwqLiwg== @@ -1074,7 +1064,22 @@ "@babel/parser" "^7.12.7" "@babel/types" "^7.12.7" -"@babel/traverse@^7.10.4", "@babel/traverse@^7.12.1", "@babel/traverse@^7.12.5", "@babel/traverse@^7.12.9", "@babel/traverse@^7.7.4": +"@babel/traverse@^7.10.1", "@babel/traverse@^7.12.1", "@babel/traverse@^7.7.4": + version "7.12.1" + resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.12.1.tgz#941395e0c5cc86d5d3e75caa095d3924526f0c1e" + integrity sha512-MA3WPoRt1ZHo2ZmoGKNqi20YnPt0B1S0GTZEPhhd+hw2KGUzBlHuVunj6K4sNuK+reEvyiPwtp0cpaqLzJDmAw== + dependencies: + "@babel/code-frame" "^7.10.4" + "@babel/generator" "^7.12.1" + "@babel/helper-function-name" "^7.10.4" + "@babel/helper-split-export-declaration" "^7.11.0" + "@babel/parser" "^7.12.1" + "@babel/types" "^7.12.1" + debug "^4.1.0" + globals "^11.1.0" + lodash "^4.17.19" + +"@babel/traverse@^7.10.4", "@babel/traverse@^7.12.5", "@babel/traverse@^7.12.9": version "7.12.9" resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.12.9.tgz#fad26c972eabbc11350e0b695978de6cc8e8596f" integrity sha512-iX9ajqnLdoU1s1nHt36JDI9KG4k+vmI8WgjK5d+aDTwQbL2fUnzedNedssA645Ede3PM2ma1n8Q4h2ohwXgMXw== @@ -4407,7 +4412,7 @@ async-iterator-to-stream@^1.1.0: dependencies: readable-stream "^3.0.5" -async-limiter@^1.0.0, async-limiter@~1.0.0: +async-limiter@~1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/async-limiter/-/async-limiter-1.0.1.tgz#dd379e94f0db8310b08291f9d64c3209766617fd" integrity sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ== @@ -5431,10 +5436,10 @@ base64-arraybuffer@0.1.5: resolved "https://registry.yarnpkg.com/base64-arraybuffer/-/base64-arraybuffer-0.1.5.tgz#73926771923b5a19747ad666aa5cd4bf9c6e9ce8" integrity sha1-c5JncZI7Whl0etZmqlzUv5xunOg= -base64-js@^1.0.2, base64-js@^1.3.1: - version "1.5.1" - resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a" - integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA== +base64-js@^1.0.2: + version "1.3.1" + resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + integrity sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g== base64id@1.0.0: version "1.0.0" @@ -6228,12 +6233,12 @@ buffer@^4.3.0: isarray "^1.0.0" buffer@^5.0.5, buffer@^5.2.1: - version "5.7.1" - resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.7.1.tgz#ba62e7c13133053582197160851a8f648e99eed0" - integrity sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ== + version "5.4.3" + resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.4.3.tgz#3fbc9c69eb713d323e3fc1a895eee0710c072115" + integrity sha512-zvj65TkFeIt3i6aj5bIvJDzjjQQGs4o/sNoezg1F1kYap9Nu2jcUdpwzRSJTHMMzG0H7bZkn4rNQpImhuxWX2A== dependencies: - base64-js "^1.3.1" - ieee754 "^1.1.13" + base64-js "^1.0.2" + ieee754 "^1.1.4" buffer@~5.2.1: version "5.2.1" @@ -7828,6 +7833,11 @@ cyclist@~0.2.2: resolved "https://registry.yarnpkg.com/cyclist/-/cyclist-0.2.2.tgz#1b33792e11e914a2fd6d6ed6447464444e5fa640" integrity sha1-GzN5LhHpFKL9bW7WRHRkRE5fpkA= +cytoplasm@^3.3.1: + version "3.3.1" + resolved "https://registry.yarnpkg.com/cytoplasm/-/cytoplasm-3.3.1.tgz#6d10099e536b12c642e8375b47cbffac66656a4b" + integrity sha512-38swm2Lr7cmTh0KRYtiUOCT5PT2TPp31Lpp3wcAIm3iGT4KdGGewyTydkFhBEDrKik/umgmG2hVoG5A1fKQY+g== + d64@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/d64/-/d64-1.0.0.tgz#4002a87e850cbfc9f9d9706b60fca613a3336e90" @@ -9015,6 +9025,14 @@ env-paths@^2.2.0: resolved "https://registry.yarnpkg.com/env-paths/-/env-paths-2.2.0.tgz#cdca557dc009152917d6166e2febe1f039685e43" integrity sha512-6u0VYSCo/OW6IoD5WCLLy9JUGARbamfSavcNXry/eu8aHVFei6CD3Sw+VGX5alea1i9pgPHW0mbu6Xj0uBh7gA== +envify@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/envify/-/envify-4.1.0.tgz#f39ad3db9d6801b4e6b478b61028d3f0b6819f7e" + integrity sha512-IKRVVoAYr4pIx4yIWNsz9mOsboxlNXiu7TNBnem/K/uTHdkyzXWDzHCK7UTolqBbgaBz0tQHsD3YNls0uIIjiw== + dependencies: + esprima "^4.0.0" + through "~2.3.4" + enzyme-adapter-react-16@^1.15.1: version "1.15.1" resolved "https://registry.yarnpkg.com/enzyme-adapter-react-16/-/enzyme-adapter-react-16-1.15.1.tgz#8ad55332be7091dc53a25d7d38b3485fc2ba50d5" @@ -13259,10 +13277,10 @@ idna-uts46@^1.0.1: dependencies: punycode "^2.1.0" -ieee754@^1.1.13, ieee754@^1.1.4, ieee754@^1.1.8: - version "1.2.1" - resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" - integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== +ieee754@^1.1.4, ieee754@^1.1.8: + version "1.1.13" + resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.13.tgz#ec168558e95aa181fd87d37f55c32bbcb6708b84" + integrity sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg== iferr@^0.1.5: version "0.1.5" @@ -15761,6 +15779,25 @@ latest-version@^5.0.0: dependencies: package-json "^6.3.0" +lavamoat-core@^6.1.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/lavamoat-core/-/lavamoat-core-6.2.0.tgz#ff1e39c0407f4bf5b94847c5dfaf5b09f28ac77a" + integrity sha512-sY0ddwWou2WGnpEFG/8CGguo6XKq2hc5etIDQ47TYUEJB9BaWGuWulekcrTsTQ0f7EN5r0Y2QtV5ZxxM0fMm8w== + dependencies: + cytoplasm "^3.3.1" + fromentries "^1.2.0" + json-stable-stringify "^1.0.1" + lavamoat-tofu "^5.1.1" + resolve "^1.15.1" + +lavamoat-tofu@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/lavamoat-tofu/-/lavamoat-tofu-5.1.1.tgz#67d3c5775b587dd439c426f1cd86650b10443760" + integrity sha512-LIZTifbbTATA5UClVGI7YGMTOjUXjrVCBOz0DaeUicldLonLlwG81/53/vTIfPM1xV/KA85MIzGPHz4pDdiVkA== + dependencies: + "@babel/parser" "^7.10.1" + "@babel/traverse" "^7.10.1" + lazy-cache@^0.2.3: version "0.2.7" resolved "https://registry.yarnpkg.com/lazy-cache/-/lazy-cache-0.2.7.tgz#7feddf2dcb6edb77d11ef1d117ab5ffdf0ab1b65" @@ -17936,9 +17973,9 @@ nano-json-stream-parser@^0.1.2: integrity sha1-DMj20OK2IrR5xA1JnEbWS3Vcb18= nanoid@^2.0.0, nanoid@^2.1.6: - version "2.1.11" - resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-2.1.11.tgz#ec24b8a758d591561531b4176a01e3ab4f0f0280" - integrity sha512-s/snB+WGm6uwi0WjsZdaVcuf3KJXlfGl2LcxgwkEwJF0D/BWzVWAZW/XY4bFaiR7s0Jk3FPvlnepg1H1b1UwlA== + version "2.1.6" + resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-2.1.6.tgz#0665418f692e54cf44f34d4010761f3240a03314" + integrity sha512-2NDzpiuEy3+H0AVtdt8LoFi7PnqkOnIzYmJQp7xsEU6VexLluHQwKREuiz57XaQC5006seIadPrIZJhyS2n7aw== nanoid@^3.1.12: version "3.1.16" @@ -21587,12 +21624,12 @@ redux-devtools-core@^0.2.1: remotedev-serialize "^0.1.8" redux-devtools-instrument@^1.9.4: - version "1.10.0" - resolved "https://registry.yarnpkg.com/redux-devtools-instrument/-/redux-devtools-instrument-1.10.0.tgz#036caf79fa1e5f25ec4bae38a9af4f08c69e323a" - integrity sha512-X8JRBCzX2ADSMp+iiV7YQ8uoTNyEm0VPFPd4T854coz6lvRiBrFSqAr9YAS2n8Kzxx8CJQotR0QF9wsMM+3DvA== + version "1.9.6" + resolved "https://registry.yarnpkg.com/redux-devtools-instrument/-/redux-devtools-instrument-1.9.6.tgz#6b412595f74b9d48cfd4ecc13e585b1588ed6e7e" + integrity sha512-MwvY4cLEB2tIfWWBzrUR02UM9qRG2i7daNzywRvabOSVdvAY7s9BxSwMmVRH1Y/7QWjplNtOwgT0apKhHg2Qew== dependencies: - lodash "^4.17.19" - symbol-observable "^1.2.0" + lodash "^4.2.0" + symbol-observable "^1.0.2" redux-mock-store@^1.5.4: version "1.5.4" @@ -21878,9 +21915,9 @@ remote-redux-devtools@^0.5.16: socketcluster-client "^14.2.1" remotedev-serialize@^0.1.8: - version "0.1.9" - resolved "https://registry.yarnpkg.com/remotedev-serialize/-/remotedev-serialize-0.1.9.tgz#5e67e05cbca75d408d769d057dc59d0f56cd2c43" - integrity sha512-5tFdZg9mSaAWTv6xmQ7HtHjKMLSFQFExEZOtJe10PLsv1wb7cy7kYHtBvTYRro27/3fRGEcQBRNKSaixOpb69w== + version "0.1.8" + resolved "https://registry.yarnpkg.com/remotedev-serialize/-/remotedev-serialize-0.1.8.tgz#c99cb184e7f71a906162abc404be8ce33810205f" + integrity sha512-3YG/FDcOmiK22bl5oMRM8RRnbGrFEuPGjbcDG+z2xi5aQaNQNZ8lqoRnZTwXVfaZtutXuiAQOgPRrogzQk8edg== dependencies: jsan "^3.1.13" @@ -22144,7 +22181,7 @@ resolve@1.1.7: resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b" integrity sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs= -resolve@^1.1.4, resolve@^1.1.5, resolve@^1.1.6, resolve@^1.1.7, resolve@^1.10.0, resolve@^1.10.1, resolve@^1.11.1, resolve@^1.12.0, resolve@^1.13.1, resolve@^1.17.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.8.1: +resolve@^1.1.4, resolve@^1.1.5, resolve@^1.1.6, resolve@^1.1.7, resolve@^1.10.0, resolve@^1.10.1, resolve@^1.11.1, resolve@^1.12.0, resolve@^1.13.1, resolve@^1.15.1, resolve@^1.17.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.8.1: version "1.18.1" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.18.1.tgz#018fcb2c5b207d2a6424aee361c5a266da8f4130" integrity sha512-lDfCPaMKfOJXjy0dPayzPdF1phampNWr3qFCjAu+rw/qbQmr5jWH5xN2hwh9QKfw9E5v4hwV7A+jrCmL8yjjqA== @@ -22267,9 +22304,9 @@ rlp@^2.0.0, rlp@^2.2.1, rlp@^2.2.2, rlp@^2.2.3: bn.js "^4.11.1" rn-host-detect@^1.1.5: - version "1.2.0" - resolved "https://registry.yarnpkg.com/rn-host-detect/-/rn-host-detect-1.2.0.tgz#8b0396fc05631ec60c1cb8789e5070cdb04d0da0" - integrity sha512-btNg5kzHcjZZ7t7mvvV/4wNJ9e3MPgrWivkRgWURzXL0JJ0pwWlU4zrbmdlz3HHzHOxhBhHB4D+/dbMFfu4/4A== + version "1.1.5" + resolved "https://registry.yarnpkg.com/rn-host-detect/-/rn-host-detect-1.1.5.tgz#fbecb982b73932f34529e97932b9a63e58d8deb6" + integrity sha512-ufk2dFT3QeP9HyZ/xTuMtW27KnFy815CYitJMqQm+pgG3ZAtHBsrU8nXizNKkqXGy3bQmhEoloVbrfbvMJMqkg== roarr@^2.15.3: version "2.15.3" @@ -22498,11 +22535,6 @@ sc-errors@^1.4.1: resolved "https://registry.yarnpkg.com/sc-errors/-/sc-errors-1.4.1.tgz#53e80030fe647e133d73b51eaa7d2b0f7591fd5b" integrity sha512-dBn92iIonpChTxYLgKkIT/PCApvmYT6EPIbRvbQKTgY6tbEbIy8XVUv4pGyKwEK4nCmvX4TKXcN0iXC6tNW6rQ== -sc-errors@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/sc-errors/-/sc-errors-2.0.1.tgz#3af2d934dfd82116279a4b2c1552c1e021ddcb03" - integrity sha512-JoVhq3Ud+3Ujv2SIG7W0XtjRHsrNgl6iXuHHsh0s+Kdt5NwI6N2EGAZD4iteitdDv68ENBkpjtSvN597/wxPSQ== - sc-formatter@^3.0.1, sc-formatter@^3.0.2, sc-formatter@~3.0.1: version "3.0.2" resolved "https://registry.yarnpkg.com/sc-formatter/-/sc-formatter-3.0.2.tgz#9abdb14e71873ce7157714d3002477bbdb33c4e6" @@ -22816,15 +22848,6 @@ servify@^0.1.12: request "^2.79.0" xhr "^2.3.3" -ses@0.11.0: - version "0.11.0" - resolved "https://registry.yarnpkg.com/ses/-/ses-0.11.0.tgz#1e470112ed320d169f0b850525858129c0be0881" - integrity sha512-3HH+23C4bijk9VegfiP+cBMqkGim/TMsj/DK5nh/pJFiNrCMfi5euvVluIV66ry202+uckg7nXKrgrEcBwU8SA== - dependencies: - "@agoric/babel-standalone" "^7.9.5" - "@agoric/make-hardener" "^0.1.0" - "@agoric/transform-module" "^0.4.1" - sesify-tofu@^2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/sesify-tofu/-/sesify-tofu-2.0.4.tgz#b31d4c8d67ea2d61e9c5be4948f085a849f3e632" @@ -23199,9 +23222,9 @@ socket.io@^2.1.1: socket.io-parser "~3.3.0" socketcluster-client@^14.2.1: - version "14.3.1" - resolved "https://registry.yarnpkg.com/socketcluster-client/-/socketcluster-client-14.3.1.tgz#bfc3591c0cad2668e7b3512a102f3844f5f2e84d" - integrity sha512-Sd/T0K/9UlqTfz+HUuFq90dshA5OBJPQbdkRzGtcKIOm52fkdsBTt0FYpiuzzxv5VrU7PWpRm6KIfNXyPwlLpw== + version "14.2.2" + resolved "https://registry.yarnpkg.com/socketcluster-client/-/socketcluster-client-14.2.2.tgz#60b31318abe6828ba7233f5a9a32540263fd23b6" + integrity sha512-vofmFcTaHaIf+MqAR0OZS7e30X4jxbDPJl+taCe8kLGJ5rVOrKeuU0sGyHyHyqW87AIR6jqc4KODl4WQJ4SsAA== dependencies: buffer "^5.2.1" clone "2.1.1" @@ -23209,10 +23232,10 @@ socketcluster-client@^14.2.1: linked-list "0.1.0" querystring "0.2.0" sc-channel "^1.2.0" - sc-errors "^2.0.1" + sc-errors "^1.4.1" sc-formatter "^3.0.1" uuid "3.2.1" - ws "7.1.0" + ws "5.1.1" socketcluster-server@^14.3.2: version "14.4.0" @@ -24207,10 +24230,15 @@ swarm-js@^0.1.40: tar "^4.0.2" xhr-request "^1.0.1" -symbol-observable@1.0.1, symbol-observable@^1.2.0, symbol-observable@^2.0.3: - version "2.0.3" - resolved "https://registry.yarnpkg.com/symbol-observable/-/symbol-observable-2.0.3.tgz#5b521d3d07a43c351055fa43b8355b62d33fd16a" - integrity sha512-sQV7phh2WCYAn81oAkakC5qjq2Ml0g8ozqz03wOGnx9dDlG1de6yrF+0RAzSJD8fPUow3PTSMf2SAbOGxb93BA== +symbol-observable@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/symbol-observable/-/symbol-observable-1.0.1.tgz#8340fc4702c3122df5d22288f88283f513d3fdd4" + integrity sha1-g0D8RwLDEi310iKI+IKD9RPT/dQ= + +symbol-observable@^1.0.2, symbol-observable@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/symbol-observable/-/symbol-observable-1.2.0.tgz#c22688aed4eab3cdc2dfeacbb561660560a00804" + integrity sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ== symbol-tree@^3.2.1: version "3.2.2" @@ -26421,6 +26449,13 @@ write@^0.2.1: dependencies: mkdirp "^0.5.1" +ws@5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/ws/-/ws-5.1.1.tgz#1d43704689711ac1942fd2f283e38f825c4b8b95" + integrity sha512-bOusvpCb09TOBLbpMKszd45WKC2KPtxiyiHanv+H2DE3Az+1db5a/L7sVJZVDPUC1Br8f0SKRr1KjLpD1U/IAw== + dependencies: + async-limiter "~1.0.0" + ws@6.1.2: version "6.1.2" resolved "https://registry.yarnpkg.com/ws/-/ws-6.1.2.tgz#3cc7462e98792f0ac679424148903ded3b9c3ad8" @@ -26428,13 +26463,6 @@ ws@6.1.2: dependencies: async-limiter "~1.0.0" -ws@7.1.0: - version "7.1.0" - resolved "https://registry.yarnpkg.com/ws/-/ws-7.1.0.tgz#0395646c6fcc3ac56abf61ce1a42039637a6bd98" - integrity sha512-Swie2C4fs7CkwlHu1glMePLYJJsWjzhl1vm3ZaLplD0h7OMkZyZ6kLTB/OagiU923bZrPFXuDTeEqaEN4NWG4g== - dependencies: - async-limiter "^1.0.0" - ws@7.2.3, ws@^7: version "7.2.3" resolved "https://registry.yarnpkg.com/ws/-/ws-7.2.3.tgz#a5411e1fb04d5ed0efee76d26d5c46d830c39b46" From 7696de2e4e217231c197639035890d3d1dd96136 Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Wed, 9 Dec 2020 01:07:55 -0330 Subject: [PATCH 2/4] Revert "Remove redundant babelify (#9945)" This reverts commit dd3f728e82af160781e1e6c1cb424f6e09659f41. --- development/build/scripts.js | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/development/build/scripts.js b/development/build/scripts.js index 52bedaf32..d1a2559a0 100644 --- a/development/build/scripts.js +++ b/development/build/scripts.js @@ -326,6 +326,14 @@ function createScriptTasks({ browserPlatforms, livereload }) { let bundler = browserify(browserifyOpts) .transform('babelify') + // Transpile any dependencies using the object spread/rest operator + // because it is incompatible with `esprima`, which is used by `envify` + // See https://github.com/jquery/esprima/issues/1927 + .transform('babelify', { + only: ['./**/node_modules/libp2p'], + global: true, + plugins: ['@babel/plugin-proposal-object-rest-spread'], + }) .transform('brfs') if (opts.buildLib) { From ec1d5f34243acbf17c03e0da24a6b49d28d41551 Mon Sep 17 00:00:00 2001 From: MetaMask Bot Date: Tue, 8 Dec 2020 19:44:52 +0000 Subject: [PATCH 3/4] Version v8.1.7 --- CHANGELOG.md | 2 ++ app/manifest/_base.json | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a716a51ee..b4a4ff634 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## Current Develop Branch +## 8.1.7 Tue Dec 08 2020 + ## 8.1.6 Wed Dec 02 2020 - [#9916](https://github.com/MetaMask/metamask-extension/pull/9916): Fix QR code scans interpretting payment requests as token addresses - [#9847](https://github.com/MetaMask/metamask-extension/pull/9847): Add alt text for images in list items diff --git a/app/manifest/_base.json b/app/manifest/_base.json index 94e340372..e7fcbdf37 100644 --- a/app/manifest/_base.json +++ b/app/manifest/_base.json @@ -65,6 +65,6 @@ "notifications" ], "short_name": "__MSG_appName__", - "version": "8.1.6", + "version": "8.1.7", "web_accessible_resources": ["inpage.js", "phishing.html"] } From 3160b9be7861f844f79d353cfb54e6ba611b6224 Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Wed, 9 Dec 2020 00:58:08 -0330 Subject: [PATCH 4/4] Update v8.1.7 changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4a4ff634..ef9594d51 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## Current Develop Branch ## 8.1.7 Tue Dec 08 2020 +- Revert SES lockdown ## 8.1.6 Wed Dec 02 2020 - [#9916](https://github.com/MetaMask/metamask-extension/pull/9916): Fix QR code scans interpretting payment requests as token addresses