1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-22 09:57:02 +01:00
Commit Graph

247 Commits

Author SHA1 Message Date
ricky
0fd1cea1fe
Feature/remove bitmask (#14489)
* remove bitmask

* add --fail-on-missing-exclusions

* add .iyarc
2022-04-21 17:58:57 -04:00
kumavis
0f4417684b
unblock ci: update vuln deps + fix npm registry for snaps firefox (#14437)
* dep-audit-fix for async@2.6.3

* deps - update async for vuln fix and remove patch

* deps/ci-yarn-audit - remove outdated ignored vulns

* deps/lock - deduplicate async@2

* deps/lock - deduplicate async@2 + remove indirectly used dep

* Use regular NPM registry for snaps on Firefox (#14439)

* Use regular NPM registry for snaps on FF

* Fix linting

* Update app/scripts/metamask-controller.js

Co-authored-by: Shane <jonas.shane@gmail.com>

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Shane <jonas.shane@gmail.com>

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Shane <jonas.shane@gmail.com>
2022-04-13 17:28:03 -10:00
PeterYinusa
1582efdc06
update chromedriver and chrome binary to v100 (#14337) 2022-04-04 16:02:54 +01:00
PeterYinusa
c07e477c13
E2e metrics (#13904)
* remove metrics build

* remove segment server from tests

* enable cors

* mock segment globally

* metrics e2e test

* running test builds

* move file

* destructuring
2022-03-15 13:17:48 -03:00
Mark Stacey
6aaeab2f24
Automate the Flask release process (#13898)
* Automate the Flask release

A Flask release will now be published alongside each main extension
release. The version of each Flask release will be the same as the
extension version except it will have the suffix `-flask.0`.

* Programmatically remove build prefix

The create GH release Bash script derives the Flask version from the
Flask build filename by removing the build prefix, leaving just the
version. Rather than hard-coding the prefix size to remove, it is now
calculated programmatically so that it is easier to read and update.

* Fix tag publishing

The tab publishing step used the wrong credentials, and didn't properly
identify the commit author. This has now been fixed.
2022-03-15 08:54:37 -02:30
Shane
1f55af3151
Fixed firefox Snaps + add initial end-to-end tests (#13671)
* Changed registryUrl for snaps only in firefox
Fixed getPlatform to only be imported into metamask-controller in flask
Removed snaps specific testrunner script and use run-all with a cli option

* Fixed flakey tests

* Removed unneeded await

* Added delay

* Fixed linting
2022-03-10 14:01:55 -08:00
PeterYinusa
4f6eb02854
update chromedriver (#13854) 2022-03-07 19:05:58 +00:00
PeterYinusa
2b1256faf4
Update to latest ChromeDriver (#13616) 2022-02-14 17:06:10 +00:00
PeterYinusa
2b010710ae
update chromedriver to v97 (#13502) 2022-02-03 15:02:56 +00:00
Brad Decker
022f0efcd7
Update vulnerability ignore list (#13390) 2022-01-25 14:34:50 -06:00
Erik Marks
31cf7c10a4
Permission System 2.0 (#12243)
# Permission System 2.0

## Background

This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.

With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.

Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.

The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.

## Changes in Detail

First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.

- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.

Reviewers should focus their attention on the following files:

- `app/scripts/`
  - `metamask-controller.js`
    - This is where most of the integration work for the new `PermissionController` occurs.
      Some functions that were internal to the original controller were moved here.
  - `controllers/permissions/`
    - `selectors.js`
      - These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
    - `specifications.js`
      - The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
        See the `PermissionController` readme for details.
  - `migrations/068.js`
    - The new state should be cross-referenced with the controllers that manage it.
      The accompanying tests should also be thoroughly reviewed.

Some files may appear new but have just moved and/or been renamed:

- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
  - This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
  - A truncated version of `test/mocks/permission-controller.js`.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-12-06 19:16:49 -08:00
PeterYinusa
9babc8b804
update chromedriver to v96 (#12921) 2021-12-01 18:21:29 +00:00
Dan J Miller
76158bf26b
Use node-browsers-medium-plus executor for validate-lavamoat-config job (#12884) 2021-11-29 17:34:51 -03:30
Etienne Dusseault
5a14a1a54a
Add storybook render tests with CI integration (#12477)
* add storybook unit tests with CI integration

* fix command and fix casing for test

* change ci ordering for storybook tasks

* fix syntax error

* fix jest

* lint

* Add transaction-total-banner render test to Storybook (#12517)

* transaction-total-banner

* lint

* confirm to spec

* lint

* fix jest ocnfig for snapshot test failure
2021-11-23 16:41:30 -08:00
kumavis
d9d1a831a6
ci - enforce yarn lock deduplications (#12737)
* ci - test for yarn lock deduplications

* deps - update yarn.lock and patches

* lavamoat - update policy

* test - ui/helpers/utils/optimism/buildUnserializedTransaction - test against json obj

* lint fix

* patch-package - patch @babel/runtime for lavamoat support

* patch-package - fix additional @babel/runtime lockdown incompats

* patch-package - cleanup sass patch
2021-11-23 09:17:27 -10:00
Mark Stacey
fb6375472e
Update improved-yarn-audit and ignore 2 advisories (#12765)
`improved-yarn-audit` has been updated so that it supports GitHub
advisories. Two new GitHub advisories have been ignored, as they are
both moderate RegExp DoS vulnerabilities that don't affect us, and they
are embedded deep within our dependency graph and are difficult to
update.
2021-11-19 11:53:19 -03:30
kumavis
1ec2af0337
ci - update shellcheck (#12739) 2021-11-18 14:58:31 -10:00
kumavis
f5f2f38ea5
ci - fix yarn-audit (#12738)
* ci/yarn-audit - ensure error propagation

* ci/yarn-audit - ensure dependencies are installed first
2021-11-18 10:57:47 -10:00
PeterYinusa
c0f0e1cfc4
update chromedriver to v95 (#12603) 2021-11-05 15:52:24 +00:00
Mark Stacey
690144a480
Add beta and Flask builds to CI (#12572)
The beta and Flask builds are now built on CI and included in the
metamask bot comment alongside the main builds. The same sourcemap
linter and mozilla linter used for the prod builds is also run on the
beta and Flask builds.

Closes #12426
2021-11-04 16:14:48 -02:30
Alex Donesky
3b5e33bc4c
use improved-yarn-audit and exclude 1002401 and 1002581 (#12310)
* use improved-yarn-audit and exclude 1002401
2021-10-08 12:18:38 -05:00
kumavis
a174d50ba5
ci - improve lavamoat validation debug info (#12259)
* ci - improve lavamoat validation debug info

* Update validate-allow-scripts.sh

* Update validate-lavamoat-policy.sh
2021-10-01 09:39:28 -10:00
kumavis
d9d20160d6
LavaMoat Node update and various small enhancements (#12239)
* lavamoat - update lavamoat-node and relevant policy + two handy patches

* test/e2e - add timeout known to be flaky

* lavamoat-viz - rename npm script
2021-09-28 20:56:08 -10:00
kumavis
d3f7464333
Ci test config improvement (#12223)
* ci - use same resource class for chrome and ff e2e tests

* e2e:chrome - enable logging by default

* lint fix
2021-09-27 12:39:31 -10:00
Elliot Winkler
bbe972ca46
Upgrade chromedriver to 93 (#11990)
This allows developers to run the Chrome e2e tests locally without
having to have a custom version of Chrome installed.
2021-09-08 14:54:31 -06:00
Elliot Winkler
8ffebb294b
Fix 'yarn setup' on M1 Macs (#11887)
There are a few issues encountered when running `yarn setup` on new
Apple Silicon (aka M1, aka arm64) Macs:

* The script halts when attempting to run the install step for
  the `chromedriver` package with the message "Only Mac 64 bits
  supported". This is somewhat misleading as it seems to indicate that
  chromedriver can only be installed on a 64-bit Mac. However, what I
  think is happening is that the installation script for `chromedriver`
  is not able to detect that an arm64 CPU *is* a 64-bit CPU. After
  looking through the `chromedriver` repo, it appears that 87.0.1 is the
  first version that adds a proper check ([1]).

  Note that upgrading chromedriver caused the Chrome-specific tests to
  fail intermittently on CI. I was not able to 100% work out the reason
  for this, but ensuring that X (which provides a way for Chrome to run
  in a GUI setting from the command line) is available seems to fix
  these issues.

* The script also halts when attempting to run the install step for
  the `electron` package. This happens because for the version of
  `electron` we are using (9.4.2), there is no available binary for
  arm64. It appears that Electron 11.x was the first version to support
  arm64 Macs ([2]). This is a bit trickier to resolve because we don't
  explicitly rely on `electron` — that's brought in by `react-devtools`.
  The first version of `react-devtools` that relies on `electron` 11.x
  is 4.11.0 ([3]).

[1]: 469dd0a6ee
[2]: https://www.electronjs.org/blog/apple-silicon
[3]: https://github.com/facebook/react/blob/main/packages/react-devtools/CHANGELOG.md#4110-april-9-2021
2021-09-01 10:40:40 -06:00
ryanml
a44d863093
Adding yarn scripts for changelog validation (#11868) 2021-08-18 08:59:48 -07:00
kumavis
984b78730f
CI - enforce dep usage with depcheck (#11518)
* deps - validate with depcheck

* ci - add depcheck + fixes for missing/extra deps

* ci - run depcheck after deps prep install

* deps - add yarn-deduplicate development tool

* Update .circleci/config.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update .circleci/config.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Removing @lavamoat/preinstall-always-fail

* [depcheck] removing unused dependencies

* Update .depcheckrc.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ryanml <ryanlanese@gmail.com>
2021-07-27 20:03:03 -07:00
Mark Stacey
6416a1ef98
Add logs for Google Chrome binary checksum verification (#11366)
The Chrome installation script now has logs explaining whether the
checksum verification succeeded or failed.
2021-06-23 17:17:16 -02:30
Mark Stacey
cc90fca2f6
Add retries to the benchmark script (#11319)
The benchmark script can now be set to retry upon failure, like the E2E
tests do. The default is zero, just as with the E2E tests. A retry of 2
has been set in CI to match the E2E tests as well.

The `retry` module had to be adjusted to throw an error in the case of
failure. Previously it just set the exit code, but that only worked
because it was the last thing called before the process ended. That is
no longer the case.
2021-06-21 12:46:18 -02:30
Brad Decker
7cc747c792
change download location of chrome file (#11346)
* change download location of chrome file

* Update .circleci/scripts/chrome-install.sh

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-06-18 11:45:58 -05:00
Mark Stacey
7535d63466
Add run-e2e-test.js script (#11301)
This script makes it easier to run an individual E2E test. In the past
I've run individual scripts by editing `run-all.sh` manually, but now
that can be done more easily with this script. It also allows setting
the number of retries to use and the browser to use from the CLI.

This script has been added as an npm script as well, called
'test:e2e:single'.

The `run-all.sh` script was rewritten in JavaScript to make it easier
to pass through a `--retries` argument.

The default number of retries has been set to zero to make local
testing easier. It has been set to 2 on CI.

This was mainly done to consolidate the code used to run an E2E test in
one place, to make later improvements easier.
2021-06-15 15:21:25 -02:30
Mark Stacey
37dc19a352
Migrate Sentry settings to environment variables (#11085)
Sentry is now configured with environment variables, rather than with
hard-coded values. This makes it easier to test Sentry functionality
using a different Sentry account, as we did recently during QA of
v9.5.1.

The only change for the normal build process is the introduction of the
`SENTRY_DSN_DEV` variable, which can be set via `.metamaskrc` or via an
environment variable. This determines where error reports are sent. It
still defaults to our team Sentry account's `metamask-testing` project.

The `sentry:publish` script now requires SENTRY_ORG and SENTRY_PROJECT
to be set in order to publish release artifacts. The CircleCI
configuration has been updated with these values, so it should act the
same as it did before. Previously we had used a CLI flag to specify the
organization and project, but Sentry already natively supports these
environment variables [1].

[1]: https://docs.sentry.io/product/cli/configuration/#configuration-values
2021-05-18 13:56:22 -02:30
Mark Stacey
36869a4350
Migrate version from _base manifest to package.json (#11029)
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.

This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
2021-05-10 14:16:03 -07:00
Mark Stacey
efb0d12404
Add changelog validation (#10999)
Add changelog validation to CI, ensuring that the changelog follows the
KeepAChangelog format. Additionally, this will also ensure that all of
the auto-generated "Uncategorized" changelog entries on release
branches get categorized.
2021-05-06 16:25:50 -02:30
Mark Stacey
3d952536d8
Migrate check for GITHUB_TOKEN (#10958)
The check for the GITHUB_TOKEN environment variable was being done in
the wrong release script. It has been migrated to the relevant script.

A second check for the username has also been added, as it is also
required.
2021-05-03 11:54:39 -02:30
Mark Stacey
7c602266cc
Update deploy key used for Storybook (#10966)
The SSH key used for Storybook deployments to `metamask-storybook` has
been updated. This new key is associated with `metamaskbot` rather than
a specific team member.
2021-04-30 18:49:07 -02:30
Thomas Huang
253efc6f8c
Jest config (#10855)
* Setup jest config

* Adjust test for jest.

* Adjust lint config

* Omit swaps ui folder for unit testing

* Omit swaps from test:unit:lax

* Add jest.config.js to script files

* Restore mocks rather than clearing them.

* Update jest config and adjust lint to include subdirs

* Convert view-quote-price-difference test to jest

* Add jest ci and ci coverage scripts. Add jest unit test to general test command

* Add test coverage to ci

* Use --ignore flag

* Fixup

* Add @metamask/eslint-config-jest

* Update .eslintrc.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Adds jest-coverage/

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-04-09 10:20:32 -07:00
Mark Stacey
482cbfe929
Add --rc flag to changelog script (#10839)
The changelog script now accepts an `--rc` flag to tell it whether to
add new changes to `Unreleased` or to the header for the current
version.

Previously this was inferred from whether the current version matched
the most recent tag. However this method only works for the first
update. Using a flag simplifies this logic, and makes it possible to
manually re-run this for further updates to a release candidate.
2021-04-07 16:47:41 -02:30
Mark Stacey
b18161c066
Remove unused CI script (#10840)
This script has not been used since #10795. It is now gone.
2021-04-07 15:46:01 -02:30
Mark Stacey
687803539f
Update the changelog when creating an RC (#10795)
The changelog will now be automatically updated when a release branch
is created. A new release header along with changelog entries for any
new commits will be added.

Note that this changelog will still need to be manually cleaned up, but
it's one less manual step at least.

The old Bash script for adding a new release header to the changelog
has been removed, as that functionality is now built into the changelog
update script.

A new script has been added to commit any changes made to the manifest
and changelog. This step used to happen at the end of the bump manifest
version script, but now the changelog update relies upon the manifest
version bump happening first, so it needed to be re-ordered. The
changes should only be committed on the first run of the branch, as
it's contingent upon the manifest changing (due to the version bump).
Further changelog updates won't trigger new automatic commits.
2021-04-02 18:41:51 -02:30
Mark Stacey
358fec049b
Remove script for creating master sync PR (#10791)
The script responsible for creating the "Sync `master` with `develop`"
PR has been removed. We will soon be eliminating the need for a
`master` branch altogether, so we don't need this anymore. Also, this
script hasn't been running correctly in a long time. We've been
creating this PR manually.
2021-03-31 19:54:52 -02:30
Mark Stacey
6aee658ca2
Remove date from changelog release header (#10790)
New changelog release headers now omit the date. These headers are
added automatically when a new release branch is created, and that
rarely ends up being the actual date of the release, so these dates
have all been inaccurate anyway.

The date will be re-added to the changelog later as part of a new
script, after a release has been published.
2021-03-31 19:54:29 -02:30
kumavis
b668a90303
ci - cache deps before patch-package (#10735)
* ci - cache deps before patch-package

* ci - bump dep cache number (cache break)
2021-03-26 11:55:03 +08:00
Mark Stacey
20b2c5f004
Fix LavaMoat config check (#10514)
The CI script to ensure no LavaMoat policy changes are required has
been failing despite there being no changes. It turns out that the
command used to check for changes (`git diff-index`) was failing
despite the lack of changes because the file was written again by
`yarn lavamoat:auto` but git hadn't gotten around to updating its index
since the write occurred, so it was considering it as changed until it
verified it wasn't [1].

The command has been replaced by `git diff --exit-code --quiet`, which
should do exactly the same thing except that it forces git to update
its internal cache to verify whether changes are present.

[1]: https://stackoverflow.com/questions/34807971/why-does-git-diff-index-head-result-change-for-touched-files-after-git-diff-or-g
2021-02-25 11:13:47 -03:30
Mark Stacey
681db78ff8
Add CI check to ensure LavaMoat policy is updated (#10493)
A CI job has been added to ensure the `allow-scripts` config and the
LavaMoat auto-generated policy is up-to-date. This will only run on
release branches and the `master` branch, because it's too difficult a
requirement to meet for each PR for contributors on macOS, due to
differences in the dependency graph caused by optional dependencies.

The `allow-scripts` and LavaMoat policy have both been updated using
`yarn allow-scripts auto` and `yarn lavamoat:auto`.
2021-02-24 12:22:28 -03:30
Mark Stacey
73e0fdddd0
Use .sh file extension for all Bash scripts (#10499)
The `.sh` file extension is now used for all Bash scripts. This ensures
the files are recognized as Bash scripts by the ShellCheck CI job, and
by editors/IDEs for improved syntax highlighting.
2021-02-23 12:56:41 -03:30
Etienne Dusseault
f196c9feb8
Add Lavamoat to build system (#9939)
* lavamoat - run build system in lavamoat

* lavamoat/allow-scripts - add missing policy entry

* update viz and lavvamoat

* trim policy file

* bump viz

* prue policy override

* regen policy file

* Update package.json

* Update package.json

* Apply suggestions from code review

Co-authored-by: kumavis <kumavis@users.noreply.github.com>

* update policy, remove redundant patches

* use yarn setup in CI

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-22 22:43:29 +08:00
kumavis
efd280172f
ci - run storybook and add to build-artifacts (#10360)
* ci - run storybook and add to build-artifacts

* ci/storybook - rename storybook build path and fix artifact upload

* ci/storybook - rename link text

* clean - remove accidently committed storybook build dir

* storybook - fix image path to relative (#10364)
2021-02-04 22:30:22 +08:00
kumavis
b52d82ac27
ci/benchmark - increase executor size to medium+ (#10361) 2021-02-04 21:13:00 +08:00