m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-10-22 19:26:13 +02:00
Code
13,891 Commits 2 Branches 0 Tags 265 MiB
29e083c4c4
Commit Graph

581 Commits

Author SHA1 Message Date
Mark Stacey
2779756708 Fix dependency audit failure 
The Yarn resolution for `node-forge` has been updated to use a more
recent version of the library that includes fixes for the
vulnerabilities currently causing our audit job to fail. This update
should include no breaking changes.
 2022-03-22 15:50:58 -02:30
PeterYinusa
24222fbed7 update chromedriver (#13854) 2022-03-22 08:57:48 -02:30
Mark Stacey
8b10b85891 Update lockfile 
The lockfile became invalid due to dependencies introduced in cherry-
picked commits.
 2022-03-21 23:07:20 -02:30
Mark Stacey
1eecc59969 Improve unit tests for SrpInput component (#13803) 
The library `@testing-library/user-event` has been updated to the
latest beta version, so that our unit tests better model real user
interactions. In particular, I found that previously the `paste` event
was missing the `clipboardData` API, so it was impossible to implement
any custom handling of paste events (which we will need in later PRs).

See the `v14.0.0-beta.1` release notes for a list of all breaking
changes [1]. The main change is that all methods now return Promises.
The `paste` method has also been dramatically simplified.

The unit tests have also been updated to reset all mocks before each
test. These tests don't have any shared mocks, but this is generally a
good practice, to ensure that tests don't develop accidental inter-
dependencies.

[1]: https://github.com/testing-library/user-event/releases/tag/v14.0.0-beta.1
 2022-03-21 18:51:18 -02:30
Mark Stacey
22f9de9a2c Refactor: Extract SRP input from create vault component (#13720) 
This is a pure refactor that extracts the SRP input from the
`CreateNewVault` component. This is intended to make future changes to
the SRP input easier, and to reduce duplication between the old and new
onboarding flows.

Extensive unit tests have been added for the new SRP input component.

A new test library was added (`@testing-library/user-event`) for
simulating user events with components rendered using the
`@testing-library` library.

A new helper method has been added (`renderWithLocalization`) for
rendering components using `@testing-library` with just our
localization contexts added as a wrapper. The localization contexts
were already added by the `renderWithProviders` helper function, but
there is no need for a Redux provider in these unit tests.
 2022-03-21 18:51:18 -02:30
Dan J Miller
5cc135e5d7 Bump controllers to 27 (#13985) 2022-03-16 13:17:12 -02:30
Erik Marks
a3355d9ca5 @metamask/controllers@26.0.0 (#13867) 
* @metamask/controllers@26.0.0
 2022-03-16 13:12:37 -02:30
Alex Miller
7ec8bd49c7 [GridPlus] Updates Lattice dependencies (#13834) 2022-03-08 15:54:29 -03:30
ryanml
18ac23b516 Merge remote-tracking branch 'origin/master' into Version-v10.11.0 2022-02-24 22:11:56 -07:00
Alex Miller
9d92b20222 [GridPlus] Updates SDK to v0.9.10 (hotfix) (#13691) 
See: https://github.com/GridPlus/gridplus-sdk/releases/tag/v0.9.10-hotfix
 2022-02-23 21:58:17 -03:30
Alex Miller
6dcaa0dd97 [GridPlus] Updates corresponding to Lattice firmware v0.13.2 (#13455) 
This updates `eth-lattice-keyring`, which itself updates `gridplus-sdk`.
These changes are backwards compatible but do unlock functionality in
Lattice firmware v0.13.2

Underlying Changes:
* `gridplus-sdk`: https://github.com/GridPlus/gridplus-sdk/compare/v0.9.2...v0.9.7
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/compare/v0.4.0...v0.4.9
 2022-02-23 21:57:12 -03:30
Dan J Miller
05138da8a7 Add EIP-712 support for Trezor (#13693) 
* Add EIP-712 support for Trezor

Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>

* Update eth-trezor-keyring version

Co-authored-by: Alois Klink <alois.klink@gmail.com>
Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>
 2022-02-22 19:47:33 -07:00
Daniel
2585f45bde
Add support for Smart Transactions (#12676) 2022-02-18 17:48:38 +01:00
ryanml
fe061bb2e6 Merge remote-tracking branch 'origin/master' into Version-v10.10.0 2022-02-16 10:48:22 -07:00
dragana8
5095071083
Make default icons the same on mobile and extension #13264 (#13408) 2022-02-16 11:03:17 -06:00
PeterYinusa
ebeb2668ea
E2e mocking (#13640) 
* mock gas price api

* fix error

* full url

* remove duplicated packages

* full url

* customise mock per test

* customise mock per test

* enable mocking

* enable mocking

* enable mocking by default

* duplicated packages

* update mockttp

* pass through

* pass through
 2022-02-16 14:21:41 +00:00
ryanml
e4e321cc7c Fix lockfile 2022-02-15 12:25:46 -07:00
dependabot[bot]
bcf826772e Bump vm2 from 3.9.5 to 3.9.7 (#13625) 
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.5 to 3.9.7.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.5...3.9.7)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
 2022-02-15 12:18:51 -07:00
dependabot[bot]
1d1752135e Bump follow-redirects from 1.14.7 to 1.14.8 (#13612) 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-15 12:18:35 -07:00
Dan J Miller
2dc9ce71dd Add resolution for engine.io, a nested dependency of 3box (#13589) 2022-02-15 12:16:12 -07:00
dependabot[bot]
3dc60e8e30
Bump vm2 from 3.9.5 to 3.9.7 (#13625) 
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.5 to 3.9.7.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.5...3.9.7)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
 2022-02-15 14:07:20 -03:30
dependabot[bot]
3fb21fee27
Bump follow-redirects from 1.14.7 to 1.14.8 (#13612) 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-15 06:35:30 -03:30
Erik Marks
35ac762e10
Add Snaps via Flask (#13462) 
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.

Closes #11626
 2022-02-14 16:02:51 -08:00
PeterYinusa
2b1256faf4
Update to latest ChromeDriver (#13616) 2022-02-14 17:06:10 +00:00
Dan J Miller
44cb377ec0 Add resolution for engine.io, a nested dependency of 3box (#13589) 2022-02-10 16:55:44 -07:00
Dan J Miller
e84138e2bc
Add resolution for engine.io, a nested dependency of 3box (#13589) 2022-02-10 13:54:36 -03:30
Alex Miller
79e96f93db
[GridPlus] Updates corresponding to Lattice firmware v0.13.2 (#13455) 
This updates `eth-lattice-keyring`, which itself updates `gridplus-sdk`.
These changes are backwards compatible but do unlock functionality in
Lattice firmware v0.13.2

Underlying Changes:
* `gridplus-sdk`: https://github.com/GridPlus/gridplus-sdk/compare/v0.9.2...v0.9.7
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/compare/v0.4.0...v0.4.9
 2022-02-09 22:07:22 +01:00
Brad Decker
d45cb6c12e
update test-dapp to 5.0.0 (#13503) 
* update test-dapp to 5.0.0

* Update edit-gas-fee.spec.js

* Lint

* Update send-eth.spec.js

* Update signature-request.spec.js

* typo

Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
Co-authored-by: Alex Donesky <adonesky@gmail.com>
 2022-02-09 13:57:05 +00:00
PeterYinusa
2b010710ae
update chromedriver to v97 (#13502) 2022-02-03 15:02:56 +00:00
Brad Decker
3dde05dbce add resolution for simple-get (#13471) 2022-02-01 20:30:58 -07:00
dependabot[bot]
37f930ddf6
Bump cached-path-relative from 1.0.2 to 1.1.0 (#13424) 
Bumps [cached-path-relative](https://github.com/ashaffer/cached-path-relative) from 1.0.2 to 1.1.0.
- [Release notes](https://github.com/ashaffer/cached-path-relative/releases)
- [Commits](https://github.com/ashaffer/cached-path-relative/commits)

---
updated-dependencies:
- dependency-name: cached-path-relative
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-31 16:30:44 -07:00
dependabot[bot]
c3265727f2
Bump node-fetch from 2.6.1 to 2.6.7 (#13397) 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-31 13:23:15 -03:30
Brad Decker
5889d0ac45
add resolution for simple-get (#13471) 2022-01-31 08:46:25 -06:00
kumavis
3729e15c0c
lavamoat - @lavamoat/allow-scripts v2 (#13428) 2022-01-28 10:02:49 -10:00
Erik Marks
30852f76f3 Add resolution for follow-redirects (#13301) 
Adds a resolution for `follow-redirects` to resolve https://github.com/advisories/GHSA-74fj-2j2h-c42q. The dependency graph is `analytics-node#axios#follow-redirects`, and neither parent package has published a fix for this vulnerability.
 2022-01-26 10:26:02 -07:00
ryanml
60981f30b3 Lockfile fix 2022-01-26 09:43:24 -07:00
Brad Decker
ca5c4b7839 fix node-forge vulnerability (#13389) 2022-01-26 09:40:11 -07:00
dependabot[bot]
3ca6dd6583 Bump @metamask/controllers from 25.0.0 to 25.1.0 (#13399) 
Bumps [@metamask/controllers](https://github.com/MetaMask/controllers) from 25.0.0 to 25.1.0.
- [Release notes](https://github.com/MetaMask/controllers/releases)
- [Changelog](https://github.com/MetaMask/controllers/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/controllers/compare/v25.0.0...v25.1.0)

---
updated-dependencies:
- dependency-name: "@metamask/controllers"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-26 09:38:54 -07:00
dependabot[bot]
7fb5f417c4
Bump @metamask/controllers from 25.0.0 to 25.1.0 (#13399) 
Bumps [@metamask/controllers](https://github.com/MetaMask/controllers) from 25.0.0 to 25.1.0.
- [Release notes](https://github.com/MetaMask/controllers/releases)
- [Changelog](https://github.com/MetaMask/controllers/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/controllers/compare/v25.0.0...v25.1.0)

---
updated-dependencies:
- dependency-name: "@metamask/controllers"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:31:33 -03:30
Brad Decker
ec8a9384c9
fix node-forge vulnerability (#13389) 2022-01-25 12:49:58 -03:30
PeterYinusa
e2a8886a05
Upgrade ganache - continued (#13354) 
* remove ganache-core

* use ganache v7

* convert to hex

* lint
 2022-01-20 16:56:52 +00:00
dragana8
a67a5efca3
Incorrect Rounding Down of Balance #10167 (#13337) 2022-01-19 13:04:33 -06:00
Alex Donesky
f7849a0b7c
Add error that redirects users to Import NFT page when they attempt to add an NFT on the Import Token page (#13271) 
* Add error that redirects users to Import NFT page when they attempt to add an NFT on the Import Token page
 2022-01-19 08:38:33 -06:00
Jyoti Puri
9a3c917a48
Adding support for EIP-1559 in E2E tests (#13282) 2022-01-19 04:38:41 +05:30
Mark Stacey
48d9ca19cc
Remove unnecessary Yarn resolution (#13305) 
This resolution was used to force a transitive dependency to be updated
to a specific version. But this target version was within the range
that was already requested, so a resolution is not needed. Yarn
resolutions are used for forcing a package to update to something
_outside_ of the requested range. For in-range updates, a Yarn lockfile
update is all we need, and it leaves us with less of a maintenance
burden (the resolution can clobber future updates).
 2022-01-13 13:19:35 -03:30
Erik Marks
d4b6e95f89
Add resolution for follow-redirects (#13301) 
Adds a resolution for `follow-redirects` to resolve https://github.com/advisories/GHSA-74fj-2j2h-c42q. The dependency graph is `analytics-node#axios#follow-redirects`, and neither parent package has published a fix for this vulnerability.
 2022-01-12 21:37:40 -08:00
dependabot[bot]
ac5d06e4e3
Bump copy-props from 2.0.4 to 2.0.5 (#13245) 
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases)
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-10 21:57:13 +05:30
Alex Donesky
4826c8c95e
Feat/collectibles send flow (#13048) 
* Add collectibles send flow
 2022-01-10 10:23:53 -06:00
Mark Stacey
3732c5f71e
Add JSDoc ESLint rules (#12112) 
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.

Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.

Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
 2022-01-07 12:27:33 -03:30
Alex Donesky
c266d4e6af
Feat/check update collectible ownership (#13110) 
* Use method to check and update collectible ownership
 2022-01-03 14:39:41 -06:00