1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 12:29:06 +01:00
Commit Graph

930 Commits

Author SHA1 Message Date
seaona
e50d94104c
Bump test-dapp to v7.1.0 (#20665)
* Bump test-dapp to v7.1.0

* Update erc721 tests with new dapp layout

---------

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-08-31 12:55:49 +02:00
Brad Decker
92ad4bc35f
use @blockaid/ppom_release vs @blockaid/ppom (#20669)
* use @blockaid/ppom_release vs @blockaid/ppom

* build system file
2023-08-31 06:20:01 +09:00
cryptodev-2s
656b7878c2
Use getEncryptionPublicKey from Core KeyringController (#20646) 2023-08-30 18:10:37 +01:00
weizman
982a1b2c51
Bump @metamask/post-message-stream and extension-port-stream core libs (#20659) 2023-08-30 18:32:17 +03:00
Frederik Bolding
6254fbb98d
Bump snaps packages to 1.0.2 (#20643) 2023-08-29 15:33:10 +02:00
Howard Braham
d3d30fd373
fix(settings): fixed two IPFS gateway issues (#19700)
* fix(settings): fixed two IPFS gateway issues

- adds back in two bugfixes that were originally in #19283
  - fixes #16871
  - fixes #18140

- achieves 100% code coverage for /ui/pages/settings/security-tab
- removes the npm package `valid-url`, which has not been updated in 10 years

* changes after #20172 was merged

* improved URL validation (specifically spaces)

* better Jest coverage

* response to legobeat review

* fixing lint and Jest
2023-08-22 22:13:13 -07:00
Dan J Miller
b8525566f2
Enable legacy HD paths for trezor users (#19552)
* Update eth-trezor-keyring to v1.1.0

* Revert "Revert "feature: Add legacy derivation path to Trezor (#19443)" (#19451)"

This reverts commit b5ef94b9f0.

* Fix trezor import

* Update lavamoat policies

* Remove accidentally committed code

* Fix type in previous commit
2023-08-22 16:11:52 -04:00
Albert Olivé
a712298f18
updated mmi packages version (#20545)
* updated mmi packages version

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-08-21 15:49:54 +02:00
Jyoti Puri
861c30de29
Updating blockaid related packages (#20480) 2023-08-17 20:50:07 +05:30
Frederik Bolding
8f178bcc26
Enable snaps in stable (#19134)
* Enable Snaps feature flag in stable

* Run snaps E2Es in stable

* Fix CI config indentation

* Fix CI paths

* Update LavaMoat policies

* Update iframe URL

* Exclude some tests from running in stable e2e

* Disable another test on stable

* Bump to 1.0.1

* Fix config.yml issue due to staleness

* Stop running newly added test

* Update snapshots used for E2E

* Use shallow-git-clone
2023-08-17 15:43:01 +02:00
Albert Olivé
486ade85f3
[MMI] Fixed connect mmi button several issues (#20455)
* fixed connect mmi button several issues

* Fixed snapshot

* Improved multiple things

* running yarn dedupe

* Update LavaMoat policies

* For some reason, this.mmiConfigurationController.store.mmiConfiguration?.portfolio sometimes is undefined, added [] if null.
Moved the || {} outside the find method

* minor improvements

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-08-17 14:50:40 +02:00
Michele Esposito
3aa5b7d362
Use importAccountWithStrategy from core KeyringController (#19815)
* refactor: use new importaccount from keyring controller

* Update LavaMoat policies

* Update LavaMoat policies

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-08-17 09:11:51 +02:00
Mark Stacey
9e302ea84e
Update protobufjs (#20469)
Update `protobufjs` to the latest version. This resolves a security
advisory for this package. The advisory is concerning prototype
pollution, so it likely never affected us due to LavaMoat protections.
2023-08-16 08:33:18 -02:30
Frederik Bolding
260962402b
snaps@1.0.0 (#20450) 2023-08-15 09:38:38 +02:00
Frederik Bolding
e0a6435f62
Bump SES to fix audit failure (#20434)
* Bump SES to fix audit failure

* Freeze Symbol
2023-08-14 16:30:34 -02:30
Jyoti Puri
2550eaa9ac
PPOM dependency updates (#20342) 2023-08-14 21:48:40 +05:30
Alex Donesky
6594f7074e
adapt to use networksMetadata state instead of single networkStatus and networksDetails state (#20219) 2023-08-03 12:31:35 -05:00
Alex Donesky
bf9311555d
bump @metamask/network-controller from v10.3.1 to v11.0.0 (#20367)
* bump @metamask/network-controller from v10.3.0 to v11.0.0

* add lavamoat policy files

* fix

* tweak
2023-08-02 16:22:35 -05:00
Brad Decker
038eb63eb0
Upgrade to yarn 4 (#20249) 2023-08-01 17:19:19 -05:00
Brad Decker
4e083017d6
fix weird lockfile irregularities (#20333)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-08-01 16:10:52 -05:00
Mark Stacey
990dc33fc6
Remove fallback phishing warning configuration (#20327)
* Remove fallback phishing warning configuration

The package `@metamask/phishing-controller` has been updated from v4
v6. The only breaking changes are a minimum Node.js version bump, and
the removal of the fallback phishing configuration.

The fallback phishing configuration was resulting in MetaMask being
incorrectly flagged as malware, and the stale config was causing
problems for sites that had been blocked in the past but have since
been unblocked. This should substantially reduce the bundle size as
well.

* Update LavaMoat policies

* Update test state to include example blocked site

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-31 22:26:40 -02:30
Nicholas Ellul
b76875ac69
Update @metamask/phishing-controller to v4.0.0 (#18840)
* Update phishing controller to v4.0.0

* Move phishing e2e test utilities into its own helper.js

* Update phishing detection e2e test

* Update MetaMask Controller test mocks

* Update mv3 phishing tests

* Fix test for 500 error on warning page

* Allow for directories in test folder

* Update migration number

* Linting fixes

* Remove fail on console error

* Separate mocks from helpers

* Have migration delete PhishingController state entirely

* Remove phishing detection directory

* Only delete the listState in migration

* Bump migration version
2023-07-31 10:18:48 -02:30
Brad Decker
05b1b19c6f
Lockfile lint is now compatible with yarn v3 (#20247)
* Lockfile lint is now compatible with yarn v3

* remove the patch
2023-07-28 09:13:04 -05:00
Maarten Zuidhoorn
01a3a5d2c1
[FLASK] Bump Snaps packages (#20230)
* Bump Snaps packages

* Add endowment:lifecycle-hooks permission

* Run yarn lint:fix

* Fix unit test

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-28 11:52:32 +02:00
legobeat
7013b60259
deps: Bump semver (#20235)
* devDeps: minor semver bump

* devDeps/resolutions: bump @storybook/cli->simple-update-notifier

simple-update-notifier@2.0.0 breaking change: deprectae nodejs v10.
Dedupes semver.

* update lavamoat browserify policies
2023-07-28 10:58:22 +02:00
legobeat
811d25c636
devDeps: @lavamoat/allow-scripts@2.0.3->2.3.1 (#20018)
* devDeps: @lavamoat/allow-scripts@2.0.3->2.3.1

Note: As of right now, this causes depcheck script to fail under yarn due to a server error in NPM registry triggered by https://github.com/yarnpkg/berry/issues/4117. As can be seen in that issue, the results from this script have already been invalid since the upgrade from yarnv1 to yarnv3 and a change of package manager version or dependency-auditing script will have to be made.
2023-07-27 07:52:48 +09:00
legobeat
41f66271db
Dedupe bn.js (#20199)
* force latest version of dependency bn.js to @5.2.1
* test - fix broken standin data given to bn.js
---------

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-07-27 07:01:31 +09:00
legobeat
9441c0fb7d
Remove redundant polyfill @formatjs/intl-relativetimeformat (#20204) 2023-07-27 00:22:44 +09:00
legobeat
6c294ba006
deps: react-inspector@2.3.0->6.0.2 (#19540) 2023-07-26 22:15:10 +09:00
legobeat
59e0f7b506
deps: bump QR utils, copy-to-clipboard (#19225)
* deps: copy-to-clipboard@3.3.1->3.3.3
* deps: @zxing/library->0.20.0, @zxing/browser->0.1.3

Updates to latest. These were misaligned before:
    YN0060: . provides @zxing/library (p7a67d) with version 0.8.0, which doesn't satisfy what @zxing/browser requests
2023-07-26 20:56:36 +09:00
Jyoti Puri
98279b6592
Updating extension for ppom-validator updates (#20000) 2023-07-26 05:28:33 +05:30
Michele Esposito
11b2c425d4
Use @metamask/keyring-controller (#19659)
* refactor: use patched @metamask/keyring-controller

* refactor: run prettier

* Update LavaMoat policies

* refactor: change patch to use EthKeyringController type

* chore: change policies

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-24 20:44:43 +02:00
Dan J Miller
e1722d773a
Fix sentry sourcemaps (#20122)
* Update sentry/cli to 2.19.4

* Ensure sentry files are loaded and referenced with a valid url

* Temp to eliminate errors in sentry (should be split into other PRs)
2023-07-21 16:33:25 -02:30
António Regadas
8ee733c0d5
[MMI] Handle personal sign and sign typed operations (#20087)
* adds listeners for signatureControll and adds the handleSigningEvents method

* clean up

* updates signature request containers files

* adds necessary methods

* wip

* signing flow with core methods

* yarn lint

* updates logic to fit latest signatureCOntroller

* updates mmi extension package

* updates signature-controller and message-manager packages

* checkout develop lock file and run yarn

* checkout develop lock file and package.json to test circleci

* test fix

* adds signature-controller new version

* updates mmi extension package

* tx-list update and runs lavamoat auto

* lint fix

* runs lavamoat auto

* resets lavamoat/build-system/policy.jsono to develop

* Update LavaMoat policies

* adds back the dispatch

* lint

* clean up

* clean up

* applies patch for signature controller

* clean patch file

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-21 16:52:47 +01:00
Frederik Bolding
56481dd875
[FLASK] snaps@0.37.1-flask.1 (#20069)
* snaps@0.37.0-flask.1

* Update LavaMoat policies

* Add support for disabling markdown

* Update execution env URL

* Bump patch version
2023-07-19 14:16:51 +02:00
legobeat
5b6439350e
devDeps: @whitespace/storybook-addon-html@5.1.4->5.1.6 (#19539)
Resolves storybook v7 compatibility
2023-07-19 18:48:35 +09:00
Mark Stacey
fe3e960b62
Fix invalid state persistence error (#20080)
* Fix invalid state persistence error

We have been seeing Sentry errors showing that state persistence has
been failing for some users that have invalid `NetworkController`
state. This has been fixed by updating to
`@metamask/base-controller@v3.2.0`, which is more tolerant of
unexpected state properties.

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-18 20:05:06 -02:30
legobeat
b7da0a98e4
@metamask/smart-transactions-controller@3.1.0->4.0.0 (#20016) 2023-07-19 06:42:50 +09:00
Elliot Winkler
751120bd01
Restore support for Linea networks (#20011)
When the NetworkController in this repo was replaced with
`@metamask/network-controller`, support for Linea networks was lost
as it did not support it at that time. `@metamask/network-controller`
has since been updated, so this commit bumps that package to restore
support.
2023-07-13 16:57:31 -06:00
legobeat
0981509e82
devDeps: jsdom@11.12.0->16.7.0 (#19971)
* bump parse5; port patch

* devDeps: jsdom@11.5.1->16.7.0
  - patch-revert https://github.com/jsdom/jsdom/pull/2076
  - jsdom's storage-overriding does not play well with test suite usage of
localforage:
    $ yarn test:unit:global
    ✖ ERROR: TypeError: Cannot set property localStorage of #<Window> which has only a getter
        at Object.<anonymous> (/app/test/helpers/setup-helper.js:79:32)
        at Module._compile (node:internal/modules/cjs/loader:1198:14)
        at Module.m._compile (/app/node_modules/ts-node/src/index.ts:1459:23)
        at Module._compile (/app/node_modules/pirates/lib/index.js:136:24)
        at Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
        at newLoader (/app/node_modules/pirates/lib/index.js:141:7)
        at Object.require.extensions.<computed> [as .js] (/app/node_modules/ts-node/src/index.ts:1462:12)
        at Module.load (node:internal/modules/cjs/loader:1076:32)
        at Function.Module._load (node:internal/modules/cjs/loader:911:12)
        at Module.require (node:internal/modules/cjs/loader:1100:19)
        at require (node:internal/modules/cjs/helpers:108:18)
        at Object.<anonymous> (/app/test/setup.js:4:1)
        at Module._compile (node:internal/modules/cjs/loader:1198:14)
        at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
        at Module.load (node:internal/modules/cjs/loader:1076:32)
        at Function.Module._load (node:internal/modules/cjs/loader:911:12)
        at ModuleWrap.<anonymous> (node:internal/modules/esm/translators:169:29)
        at ModuleJob.run (node:internal/modules/esm/module_job:193:25)
        at async Promise.all (index 0)
        at ESMLoader.import (node:internal/modules/esm/loader:530:24)
        at importModuleDynamicallyWrapper (node:internal/vm/module:438:15)
        at formattedImport (/app/node_modules/mocha/lib/nodejs/esm-utils.js:7:14)
        at exports.requireOrImport (/app/node_modules/mocha/lib/nodejs/esm-utils.js:48:32)
        at exports.handleRequires (/app/node_modules/mocha/lib/cli/run-helpers.js:94:28)
        at /app/node_modules/mocha/lib/cli/run.js:353:25

* update lavamoat policies

* update lavamoat build policy
2023-07-13 23:06:08 +09:00
Albert Olivé
b5ece42ca1
[MMI] Fix Connect MMI and Deep link Flows (#19881)
* Sending showCustodyConfirmLink as a prop and fixing other issues

* Upgraded MMI extension monrepo and trying to fix the issue

* prevents deeplink from closing

* Fixed styles of Custody view and changed the place of it

* Fixed CI issues

* fixing eslint issues

* Update LavaMoat policies

* fixing tests

* Fixed test

* updated snapshots

* reorder, otherwise it won't make sense

* adds necessary methods

* removes duplicated key value

* updated snapshot

---------

Co-authored-by: Antonio Regadas <antonio.regadas@consensys.net>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: António Regadas <apregadas@gmail.com>
2023-07-13 10:42:08 +02:00
Mark Stacey
70dd9a0254
Prevent controller events from crashing (#19963)
* Prevent controller events from crashing

The package `@metamask/base-controller` has been updated to v3.1, which
includes a change to how event subscriber errors are handled. Errors
thrown in event subscribers will no longer interrupt event publishing.

Subscriber errors are caught and thrown in a timeout handler, ensuring
that they are logged and captured by Sentry. We can find any subscriber
errors by looking at the background console, or at the Sentry
dashboard.

Fixes #19801

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-12 20:05:27 -02:30
Jyoti Puri
73a203f106
Integrating ppom-validator with extension (#19511) 2023-07-12 19:50:55 +05:30
Vinicius Stevam
5736e670f7
Approval flow adding success and error pages (#19778) 2023-07-12 09:29:54 +01:00
Mark Stacey
cc9d87c365
Fix intermittent build error (#19966)
Occasionally our builds have been failing with the error "Unexpected
end of JSON input", with a stack pointing at `lavamoat-core`. The file
in question was reading the policy, reading overrides, merging them,
then writing the policy back to disk.

The intermittent errors can be explained if the policy file was read in
one process while it was being written in another. The extension build
script builds bundles in multiple processes in parallel, so it does
follow that this would happen some of the time. This could result in a
partial policy file being read by the build script, resulting in a JSON
parsing error.

This has been fixed by removing the policy write step using a patch.
We don't need this step. We update the policy using a different
function altogether, and we have a CI job to ensure we never forget to
update it.
2023-07-11 18:27:52 -02:30
Frederik Bolding
a041da7c74
[FLASK] snaps@0.36.1-flask.1 (#19939)
* snaps@0.36.0-flask.1

* Update LavaMoat policies

* snaps@0.36.1-flask.1
2023-07-11 13:50:50 +02:00
Mark Stacey
9c278c3610
Resolve two new security advisories (#19940)
Two new security advisories have been resolved. These advisories are
causing CI to fail on `develop`. Neither presents any risk to us,
as they are prototype pollution issues that are prevented by lockdown.

The first advisory isn't easy for us to patch. It's caused by an
outdated version of `protobufjs` used by `@trezor/transport`. It has
been ignored for now, until Trezor updates that package.

For the second advisory (related to `tough-cookie`), it was resolved
by updating that dependency in our lockfile.
2023-07-10 12:56:34 -02:30
Elliot Winkler
b385cbcbcc
Bump @metamask/network-controller to 10.3.0 (#19903)
In the new version of NetworkController, it will now precreate network
clients for built-in and custom networks and expose those network
clients for consumers. This furthers the multichain UX project by making
it possible for MetaMask to interface with multiple networks
simultaneously.

This commit also upgrades `@metamask/gas-fee-controller` to prevent a
peer dependency warning from showing up as well as
`@metamask/controller-utils` in order to reduce the dependency tree.
There are no user-facing changes to either package.
2023-07-07 12:14:18 -06:00
Matthew Walsh
b70c4a8042
Patch signature controller to catch message promise (#19927) 2023-07-07 13:31:21 -02:30
Matthew Walsh
84c54b75ea
Fix infinite spinner when signing typed messages (#19894)
* Use fixed message-manager

* Remove resolution

* Dedupe

---------

Co-authored-by: Danica Shen <zhaodanica@gmail.com>
2023-07-06 21:20:26 -02:30