An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.
The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.
The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.
The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.
New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
* Update version parsing to allow rollback release
When we want to rollback a release on Chrome, sometimes we use the
fourth part of the version for the rollback release. This is because
the Chrome web stores does not directly allow rolling back, but instead
requires us to re-submit the release we want to roll back to with a
higher version number.
The manifest version parsing now allows for a fourth version part.
The comments have also been updated to be more descriptive, and to fix
a minor inaccuracy.
* Fix typo in comment
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Adds a new flag, `--apply-lavamoat`, to the main build script. The flag controls whether LavaMoat is actually applied to the output of the build process. The flag defaults to `true`, but we explicitly set it to `false` in the `start` package script. Meanwhile, the `start:lavamoat` script is modified such that it applies LavaMoat to the build output in development mode, but it no longer runs the build process itself under LavaMoat as there aren't very compelling reasons to do so.
This change is motivated by the fact that development builds do not have their own dedicated LavaMoat policies, which causes development builds to fail since #14537. The downside of this change is that LavaMoat-related failures will not be detected when running `yarn start`. @kumavis has plans for fixing this problem in a future major version of the `@lavamoat` suite.
* Rename NotificationController to AnnouncementController
* Fix test
* Add test for missing NotificationController state
* Bump controllers
* Move test to correct file
* Rename config key
* Add migration 71 to list of migrations
* Fix selector after migration
* fix failed off chain tx mismatch with next confirmed transaction
* dont drop failed txs when tx in confirmed
* add comment for reassigning logic
* resolve change requests
We currently store the JSON-RPC request and response objects in the permission activity log. The utility of doing this was always rather dubious, but never problematic. Until now.
In Flask, as the restricted methods have expanded in number, user secrets may be included on JSON-RPC message objects. This PR removes these properties from the permission activity log, and adds a migration which does the same to existing log objects. We don't interact with the log objects anywhere in our codebase, but we don't want unexpected properties to cause errors in the future should any log objects be retained.
This PR also updates relevant tests and test data. It makes a minor functional change to how a request is designated as a success or failure, but this should not change any behavior in practice.
* MetaMetrics: identify number_of_tokens
* MetaMetrics: update number_of_tokens
do not filter by unique addresses.
Each token contract x chain id combo is a unique contract
* MetaMetrics: update MetaMetricsTraits @typedef
- add number_of_tokens
* MetaMetrics: clean up number_of_tokens
* MetaMetrics: alphabetize in test
* segment: instantiate w/out SEGMENT_HOST check
If SEGMENT_HOST is null, then the analytics-node library will usea defaulted host
* Segment: rm IN_TEST check for instantiation
* Add new user trait for 'Number of NFT collections'.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
FIx JS DOC
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Arrange TRAITS in alphabetical order
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Unit Tests for allCollectibles traits tracking.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
change cid to chainId
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* invert condition
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* jsdoc - alphabetical order
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* change {string} to the literal {number_of_nft_collections}
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Optimize _getNumberOfNFTs
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Set up correct timer value for fetching new quotes
* Show red timer in Swaps if quotes fetching will happen in less than 10s (previously it was 30s)
* Fix a UI issue with the notification close button
* Make stx refresh rates optional, since not every network supports them
Certain build steps accidentally omitted the `version` variable. It has
now been restored to all steps, ensuring that all environment variables
are correctly injected into all bundles.
A check has been added to the Sentry setup module to ensure the release
is not omitted in the future.
Certain build steps accidentally omitted the `version` variable. It has
now been restored to all steps, ensuring that all environment variables
are correctly injected into all bundles.
A check has been added to the Sentry setup module to ensure the release
is not omitted in the future.
* Set up correct timer value for fetching new quotes
* Show red timer in Swaps if quotes fetching will happen in less than 10s (previously it was 30s)
* Fix a UI issue with the notification close button
* Make stx refresh rates optional, since not every network supports them
* origin/develop: (210 commits)
Dark Mode: Remove unwanted background for price quote (#14278)
Dark Mode: Fix colors in toggle button (#14280)
Ensure proper color for swaps edit link (#14273)
Dark Mode: Ensure actionable message button colors are the same color as previously (#14271)
Add token standard to Token Added event. (#14253)
Token Aggregators component for Tokens Detected page (#14157)
Ensure Metafox follows cursor on Fetching quotes screen (#14261)
TransactionsControllerTest: catch uncaught errors (#14196)
GasModalPageContainer story: convert knobs and actions to controls / args (#13516)
Show STX switch for wrapping / unwrapping (#14225)
Change over ImportToken stories to use controls instead of knobs, update props in stories (#14246)
Change over FeeCard stories to use controls instead of knobs, update props in stories (#13766)
Update What's new screen with Token Detection information (#14124)
Improvements for multi-layer fee UX (#13547)
metaMetricsEvent -> trackEvent (#14249)
E2e dapp interactions (#14149)
failing contract interaction e2e (#14227)
Removed metrics event (#14042)
Add TypeScript to the build system (#13489)
Build user traits object when metamask state changes (#14192)
...
An array of integers is now used to represent the SRP in three cases:
* In the import wallet flow, the UI uses it to pass the user-provided
SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
SRP from the background.
* When persisting the wallet to state, the background uses it to
serialize the SRP.
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
* Show fiat on confirm screen on multilayer-fee network
* Disable gas editing on optimism
* Fix send max mode on optimism
* Represent layer 2 gas fee as a single value
* Hide gas fee edit UI on optimism
* Improvement multilayer-fee-message styling
* Lint fix
* Fix locales
* Remove unnecessary code change
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
- Don’t call /estimateGas if a user doesn’t have enough funds
- Hardcode block explorer URLs for Swaps
- Track the "stx_prev_user_opt_in" param
- Add fee estimates tracking for regular txs and STX
- Track estimated_gas and estimated_vs_used_gasRatio for STX
- Only track the "Error Smart Transactions" event once
- Don't overwrite "maxGasLimit" for STX on the View Quote page for better "balance needed" estimations
- Update description for Transak
- Fix styles for the input field on the Build Quote page
- Refactor variables for STX error types and add translation for each STX error type
- Do additional logging for the "current_stx_enabled" param
- Add a close icon for an STX notification, update STX content
* Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* This is a combination of 76 commits.
normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
enforce that only the properties for the specific methid can be updated via the method.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Updates transaction user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add more parameters to updateSwapTransaction
approvalTxId
estimatedBaseFee
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add more params to updateTransactionGasFees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update eip1559 method to editableParams.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix Mocha tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
add gasPrice to updateEditableParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove duplicated Params in notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
A few more tests to cover if
transaction status is not unapproved
transaction is passed more parameters than it requires.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update Transaction Gas Fees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update gas fees in edit-gas-popover.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update gas settings and user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix unit tests.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Draft methods to brak updateTransaction into smaller more targeted
methods.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
normalize and validate tx params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Method to normalize tx and check if it's unapproved.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move the methods to controllers/transactions/index.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Flesh out the methods to update transaction with custom notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Test update gas fees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update swap approval transaction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use lodash to remove undefined properties
update swap transaction tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Updates transaction user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add Update Transaction Metrics
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update transaction gas fees actions.js
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update EIP 1559 Params.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint Fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Documentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics from this PR
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes: Removed unused variables
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Add more params to updateTransactionGasFees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update eip1559 method to editableParams.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix Mocha tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
add gasPrice to updateEditableParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove duplicated Params in notes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
A few more tests to cover if
transaction status is not unapproved
transaction is passed more parameters than it requires.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update Transaction Gas Fees.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove metrics.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Update gas settings and user settings.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix unit tests.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove dup;icated method from rebase.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
unrelated change
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Force re-run workflow
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not hideLoading since we're not showing it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
UpdateTransaction should be renamed to updateGasFees
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
updateGasFees in gas-modal-page-container.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
fix:
update previous gas params update method
add types to the jsdoc comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
updateTransactionGasFees should have been updatePreviousGasParams
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Previous gas fees can be updated for confirmed transactions.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
add updatePreviousGasParams to mocked functions.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* we need to await the first dispatch before we call the second
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* update values to make tests pass
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* More changes to make e2e pass
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Need to wait a bit after save for changes to take effect.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove merge comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Await one dispatch before calling another
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* We don't need goHome anymore.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Tests must use async...await syntax too since we have await in the
useTranasctionFunction
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Add delay after button click for values to update
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Wait a moment after clicking save for values to update
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Wait after clicking save...
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Merge update transaction gas fees and transaction user settings
Show loading indicator on edit gas popover
Fix tests.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix JSDoc
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* updatePreviousGasParams should also return updated transaction meta.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
- Don’t call /estimateGas if a user doesn’t have enough funds
- Hardcode block explorer URLs for Swaps
- Track the "stx_prev_user_opt_in" param
- Add fee estimates tracking for regular txs and STX
- Track estimated_gas and estimated_vs_used_gasRatio for STX
- Only track the "Error Smart Transactions" event once
- Don't overwrite "maxGasLimit" for STX on the View Quote page for better "balance needed" estimations
- Update description for Transak
- Fix styles for the input field on the Build Quote page
- Refactor variables for STX error types and add translation for each STX error type
- Do additional logging for the "current_stx_enabled" param
- Add a close icon for an STX notification, update STX content