1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

4109 Commits

Author SHA1 Message Date
Etienne Dusseault
8fc2c3272a
security - update SES lockdown (#10663)
* update ses

* build - reference ses directly

* deps - unify regenerator-runtime versions on 0.13.7

* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411

* patches - patch regenerator-runtime for latest ses fix

* reduc patch, new lockdown severe override taming

* updated redux patch

* update redux patch for production

* ignore lockdown in lint

* deps - bump patch-package just in case

* trailing comma

* remove ses as dep

* fix path for frozen promise

* remove js extension in lockdown require

* Revert "ignore lockdown in lint"

This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.

* Revert "build - reference ses directly"

This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.

* deps - update ses

* Revert "fix path for frozen promise"

This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.

Co-authored-by: kumavis <aaron@kumavis.me>
2021-03-26 12:27:25 +08:00
Dan J Miller
cc55a981d4
Additional swaps network support (#10721)
* Add swaps support for bnc chain

* Use single default token address in shared/constants/swaps
2021-03-25 18:22:37 -02:30
Dan J Miller
9573aa7515
Update @metamask/controllers to v6.2.1 (#10701) 2021-03-25 17:37:52 -02:30
David Walsh
7afd3156e0
Fix mismatchedChain typo in custom network approval screen (#10723) 2021-03-25 13:26:55 -05:00
MetaMask Bot
5ea02142b5 Version v9.2.1 2021-03-25 15:49:31 -02:30
Niranjana Binoy
04f92a5f14 Setting balance to 0x0 when the original value is undefined (#10634) 2021-03-25 15:49:31 -02:30
ryanml
1cfa58287c
Removing hard references to 12 word seed phrases in copy (#10704)
Adding translation entry for "Wallet Seed"

Fixed label padding issue by adding missing CSS rule
2021-03-24 10:55:03 -07:00
kumavis
bfdc1e68f5
Delete setupFetchDebugging.js (#10636)
* Delete setupFetchDebugging.js

* remove fetch-debugging (now handled corrently by sentry)
2021-03-23 18:05:49 +08:00
Brad Decker
1b4504e233
make migration more safe (#10689) 2021-03-22 10:21:52 -05:00
Brad Decker
a81629e104
refactor incoming tx controller (#10639) 2021-03-19 16:54:30 -05:00
ryanml
530e8c132f
Fixing incorrectly typed token decimal attribute (#10666) 2021-03-19 10:17:39 -07:00
gitpurva
fc999f948b
Change 'Send ETH' title to 'Send' (#10651) 2021-03-19 14:42:11 -02:30
Shane
b50fe3184a
fix: replace dnode background with JSON-RPC (#10627)
fixes #10090
2021-03-18 11:23:46 -07:00
Dan J Miller
480512d14f
Swaps support for local testnet (#10658)
* Swaps support for local testnet

* Create util method for comparison of token addresses/symbols to default swaps token

* Get chainId from txMeta in _trackSwapsMetrics of transaction controller

* Add comment to document purpose of getTransactionGroupRecipientAddressFilter

* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js
2021-03-18 07:50:06 -02:30
Brad Decker
5a233e4634
colocate tests in flat structure (#10655) 2021-03-16 16:00:08 -05:00
Mark Stacey
9ce7b31719 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Position the 3dot menu in the same spot on asset screen and home screen (#10642)
  Move swaps constants to the shared constants directory (#10614)
  prefer chainId over networkId in most cases (#10594)
  no more node:console (#10640)
  fix: speedup cancellation (#10579)
  Setting balance to 0x0 when the original value is undefined (#10634)
  Hide zero balance tokens at useTokenTracker layer (#10630)
  Removing double click bug from delete custom network modal (#10628)
  remove transactionCategory in favor of more types (#10615)
  Ensure permission log will only store JSON-able data (#10524)
  Replace logic for eth swap token in fetchQuotesAndSetQuoteState with getSwapsEthToken call (#10624)
  add trezor HD path for ledger wallets (#10616)
2021-03-15 13:20:43 -02:30
Dan J Miller
153bbc6053
Move swaps constants to the shared constants directory (#10614) 2021-03-15 10:51:35 -02:30
Brad Decker
3d4dfc74a8
prefer chainId over networkId in most cases (#10594) 2021-03-12 16:23:26 -06:00
Shane
b21cc5660f
fix: speedup cancellation (#10579)
fixes #7305
2021-03-12 11:26:07 -08:00
Niranjana Binoy
84b1379b40
Setting balance to 0x0 when the original value is undefined (#10634) 2021-03-12 10:20:33 -05:00
Brad Decker
2ed5bafa11
remove transactionCategory in favor of more types (#10615)
* remove transactionCategory in favor of more types

* remove reference to STANDARD in stubs
2021-03-10 14:16:44 -06:00
Erik Marks
a29fc51838
Ensure permission log will only store JSON-able data (#10524) 2021-03-10 11:50:06 -08:00
MetaMask Bot
2c12f19442 Version v9.2.0 2021-03-10 15:37:18 -03:30
Brad Decker
38fe75b7d9
prefer chainId when building block explorer urls (#10587) 2021-03-09 15:37:19 -06:00
David Walsh
92680cf56f
Add support for multiple Ledger & Trezor hardware accounts (#10505) 2021-03-09 14:39:16 -06:00
David Walsh
aeffe176b3
Hide zero balance tokens with preference (#10486) 2021-03-09 13:35:55 -06:00
Dan J Miller
c86ceacfd9
Standard reference to ETH_SWAPS_TOKEN_ADDRESS via ETH_SWAPS_TOKEN_OBJECT.address (#10613) 2021-03-09 12:29:35 -03:30
Brad Decker
9f11fadd95
remove proper noun Ethereum from all locales for onlyAddTrustedNetworks (#10598) 2021-03-08 12:28:06 -06:00
ryanml
45c076e232
Adding warnings for excessive custom gas input (#10582)
Fixes MetaMask/metamask-extension#9811
2021-03-05 10:32:09 -07:00
Mark Stacey
79a7199a2f
Fix mobile sync of ERC20 tokens (#10591)
In #10510 we changed how tokens are stored, keying them by `chainId`
rather than network type. However we didn't update our mobile sync
function to account for this, which ended up breaking the filtering
logic used to prepare the data that is synced.

Specifically, custom tokens added by users are filtered out to just
those that are confirmed to be ERC20 tokens in our built-in list of
tokens. This filters out unrecognized tokens and NFTs.

The filtering logic has been restored to the pre-#10510 behaviour.
2021-03-04 18:43:15 -03:30
Mark Stacey
40ffaa7265
Remove unused localized message (#10589)
This message was accidentally added in #10126.
2021-03-04 16:52:45 -03:30
matteopey
91ffb80606
Update italian translation (#10126)
* Update italian translation

* Update translation after review
2021-03-04 14:13:18 -03:30
Mark Stacey
6c72b55b11 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Updating references to MetaMask support (#10563)
  Remove dead code related to the selectedFromToken variable in swaps/index.js (#10570)
  make lavamoat optional for dev mode (#10538)
  Adding a warning when sending a token to its own contract address (#10546)
  handle undefined network (#10560)
  cache balances by chain id (#10545)
  Fix/handle safe low undefined (#10561)
  Remove unused `hasHexData` prop (#10529)
  Resolving pull-ws to v3.3.2 (#10543)
  Sync `master` with `develop` (#10540)
2021-03-03 22:21:57 -03:30
MetaMask Bot
9d97dcb22e Version v9.1.1 2021-03-03 19:07:29 +00:00
ryanml
a8b1653566
Updating references to MetaMask support (#10563)
* Updating references to support email

Fixes MetaMask/metamask-extension#10188

* Removing UniqueImage component

* Removing unused UniqueImage locales
2021-03-03 10:15:24 -07:00
ryanml
3c6cdef074
Adding a warning when sending a token to its own contract address (#10546)
Fixes MetaMask/metamask-extension#9437
2021-03-02 17:28:12 -07:00
Brad Decker
e42658b590
cache balances by chain id (#10545) 2021-03-02 16:53:07 -06:00
Brad Decker
8bcd5e3b08
Sync master with develop (#10540)
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Thomas Huang <tmashuang@users.noreply.github.com>
2021-03-01 16:37:54 -06:00
MetaMask Bot
5026c1e6d0 Version v9.1.0 2021-03-01 11:26:49 -06:00
Dan J Miller
46ecf70741
Update swaps failure copy to help users get support (#10525) 2021-03-01 13:02:02 -03:30
David Walsh
8013e85c20
Accommodate for 0 sources verifying swap token (#10521) 2021-03-01 09:20:38 -06:00
Brad Decker
616b71271a
add chainId to all new transaction metadata (#10528) 2021-03-01 09:15:42 -06:00
ty
b04120dd0f
Warn users when an ENS name contains 'confusable' characters (#9187)
* Add warning system for 'confusable' ENS names (#9129)

Uses unicode.org's TR39 confusables.txt to display a warning when
'confusable' unicode points are detected.

Currently only the `AddRecipient` component has been updated, but the new
`Confusable` component could be used elsewhere

The new `unicode-confusables` dependency adds close to 100KB to the
bundle size, and around 30KB when gzipped.

Adds 'tag' prop to the tooltop-v2 component

Use $Red-500 for confusable ens warning

Lint Tooltip component

Update copy for confusing ENS domain warning.

* Fix prop type

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-02-27 01:56:04 -03:30
Brad Decker
caa32d87fb
key tokens by chainId (#10510) 2021-02-26 09:40:25 -06:00
Brad Decker
1a2dc850a3
addEthereumChain bug fixes (#10520) 2021-02-25 16:25:51 -06:00
Brad Decker
15d78b8158
use chain id for enabling ENS IPFS resolution (#10507) 2021-02-25 05:40:57 -06:00
Mark Stacey
3181eca351
Add tl localized messages (#10269)
These translations were provided by Lionbridge.
2021-02-24 23:54:01 -03:30
Mark Stacey
1860f486bd
Update ru localized messages (#10268)
These translations were provided by Lionbridge.
2021-02-24 23:53:37 -03:30
Niranjana Binoy
465dcb5e91
Wrong Currency Symbol when using Custom Network (#10490) 2021-02-24 15:39:56 -05:00
Mark Stacey
684c5855cd
Remove unused TransactionController option (#10508)
The function `getNetwork` was being passed into the
TransactionController constructor, but no such option was used in the
controller itself.
2021-02-24 01:01:09 -03:30
Brad Decker
aaec480e32
fix misuse of getCurrentNetwork (#10504) 2021-02-23 12:33:33 -06:00
Brad Decker
823466b62a
Re-add handler for addEthereumChain (#10489) 2021-02-23 10:32:46 -06:00
Brad Decker
1d23b59af3
add Custom Network Added event (#10484) 2021-02-23 09:58:35 -06:00
Brad Decker
aabe653240
Add Custom Network UI (#10310) 2021-02-22 10:20:42 -06:00
David Walsh
3d579dfcef
Remove react-select and SimpleDropdown, use Dropdown (#10468) 2021-02-19 13:03:44 -06:00
Shane
e3084b87cc
fix: manually connect accountsChanged (#10477)
fixes #9933
2021-02-19 09:48:49 -08:00
Dan J Miller
b056867c33
Correct use of useTokenTracker in viewQuote to ensure token data is not disrupted by faulty token in user account (#10456)
* Use the includeFailedTokens option with useTokenTracker in viewQuote

* Show appropriate error message if we do not have data on the balance of token on the view-quote screen

* Update app/_locales/en/messages.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-02-17 11:19:24 -03:30
Mark Stacey
1a91d985cc
Update vi localized messages (#10270)
These translations were provided by Lionbridge.
2021-02-17 09:52:50 -03:30
Austin Akers
2122b8cf16
Hide links to etherscan when no block explorer is specified for a custom network (#10455)
Conditionally render view on Etherscan text if it's a custom network

Fixes: #5631
2021-02-17 09:45:30 -03:30
Mark Stacey
b33a3deea6
Updated es and es-419 translations (#10258)
* Updating Spanish messages.json

* Updating Spanish (Latin America) messages.json

* More updates to Spanish messages.json

* More updates to Spanish (Latin America) messages.json

* Lint fixes

The message `swapGetQuotes` is no longer used, so it has been removed.
Additionally two descriptions were updated to be English. The
descriptions are not meant to be translated.

Co-authored-by: Fernando Sproviero <fernandospr@gmail.com>
2021-02-16 08:56:09 -03:30
Mentor Palokaj
76836097f5
Faulty use of adjective instead of verb in Dutch (#10448)
* Faulty use of adjective instead of noun in Dutch

The word `imported` in Dutch has different forms for adjective, noun and verb usage. I removed two instances of the letter `e` that I noticed when using Metamask.

Line `166` might similarly be wrong, but I don't know where in the interface it is so didn't verify.

**Question for devs:** is the `description` key in English on purpose or is it use for for me to translate it?

* Another faulty usage of geimporteerde
2021-02-15 13:02:14 -03:30
Brad Decker
4c5edea294
fix contract exchange rate race condition (#10414) 2021-02-12 11:41:53 -06:00
Erik Marks
e48053a6d5
Add custom network RPC method (#9724)
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
2021-02-12 09:25:58 -06:00
jpatel888
38078d7a8d
Fix BatchRequest.execute() multiple window issue (#10423) 2021-02-11 18:37:56 -03:30
Brad Decker
bd1683402a
use native currency in asset row (#10413)
* use native currency in asset row

* set native currency on startup
2021-02-11 12:20:08 -06:00
Mark Stacey
3f394c48f0 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Fix locale lint errors (#10410)
  Update zh_CN translation (#9388)
  cancel unapproved confirmations on network change (#10357)
  Remove unused `confirmTransaction` state (#10396)
  Update `eth-sig-util` and `ethashjs` lockfile versions (#10383)
  Fix `transferFrom` localized message (#10395)
  Storybook: Signature Request (#10400)
  Use string literals for transaction category localized messages (#10391)
  Fix `start:dev` script (#10399)
  storybook/i18n - add i18n party button (#10382)
  Update `ja` localized messages (#10265)
2021-02-09 14:04:04 -03:30
Mark Stacey
91aaa8c540
Fix locale lint errors (#10410)
The updates to `zh_CN` merged in #9388 were a fair bit behind the
`develop` branch, so they ended up introducing various lint failures
despite passing on CI on the PR.

The localized messages have been updated to include English
descriptions, and one extraneous message has been removed.
2021-02-09 13:56:16 -03:30
arisac
a12654ec37
Update zh_CN translation (#9388)
* Update zh_CN translation

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-02-08 21:42:41 -08:00
Brad Decker
19fa2f5962
cancel unapproved confirmations on network change (#10357) 2021-02-08 17:22:30 -06:00
Mark Stacey
fd42e3b06d
Update ja localized messages (#10265)
* Update `jp` localized messages

These translations were provided by Lionbridge.

* `ja` localized messages patch via @nyatla

* i18n/ja - remove extra code

* Update app/_locales/ja/messages.json

* Update messages.json

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-08 23:31:17 +08:00
MetaMask Bot
e66709e4b8 Version v9.0.5 2021-02-08 14:10:51 +00:00
Dan J Miller
913fd5aad6
A swaps copy update (#10387) 2021-02-05 15:16:04 -03:30
Dan J Miller
33ab480fbe
Swaps token sources/verification messaging update (#10346)
* Update standard swaps build quote screen token verification message

* Add actionable warning token verification message to swaps build quote screen

* Simplify swapTokenVerification translations

* Use original verifyThisTokenOn message instead of swapsConfirmTokenAddressOnEtherscan

* Restore verifyThisTokenOn message to hi locale

* Support type and the withRightButton option as parameters on the actionable message component

* Use 'continue' in place of swapPriceDifferenceAcknowledgementNoFiat message

* Use wrapperClassName property on infotooltip in actionable-message

* Remove unnecessary change

* Lint fix
2021-02-05 13:41:10 -03:30
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
Dan J Miller
e82ab94699
Change copy of submit button on swaps screen (#10373) 2021-02-04 14:42:43 -03:30
David Walsh
eeca0af5b9
Implement price impact acknowledgement button (#10347) 2021-02-04 09:58:46 -06:00
Mark Stacey
20d536d189
Update id localized messages (#10263)
These translations were provided by Lionbridge.
2021-02-03 09:42:35 -03:30
Thomas Huang
6a89261f28
Reject Trezor eth_getEncryptionPublicKey requests (#10330)
Further implements request rejection on eth_getEncryptionPublicKey for Trezor as they do not implement this method either.
2021-02-02 07:25:30 -08:00
Mark Stacey
f9b5b7ee37
Update ko localized messages (#10266)
* Update `ko` localized messages

These translations were provided by Lionbridge.

* Update `lockoutTimeTooGreat` message

* Update statements with bold 'Never'

The sentences did not make sense previously. They have been updated to
be grammatically correct and to emphasize the negation.

* Apply suggested change to 'swapNewQuoteIn'
2021-02-02 11:22:52 -03:30
Etienne Dusseault
6b34fb4184
Use @lavamoat/allow-scripts (#10009)
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-02-01 20:08:42 -08:00
Thomas Huang
23bab62008
Reject eth_getEncryptionPublicKey for ledger hw wallets (#10326)
Fixes #10111

Determine if the msgParams/address for the newRequestEncryptionPublicKey is a ledger keyring via getKeyringForAccount and return a promise rejection.
2021-02-01 12:39:09 -08:00
Mark Stacey
d8993883b7
Add origin to signature request confirmation page (#10300)
Fixes #6071

The origin of the dapp that suggested signing has been added to the
signature request confirmation page. This only applies to `eth_sign`,
`personal_sign`, `eth_signTypedData`, and `eth_signTypedData_v1`. The
confirmation page for `eth_signTypedData_v3` and `eth_signTypedData_v4`
already featured the origin.
2021-01-28 14:29:25 -03:30
Brad Decker
471140fdea
Add Truncated Definition List (#10292) 2021-01-28 11:22:37 -06:00
MetaMask Bot
d21dcb919d Version v9.0.4 2021-01-26 17:25:51 -03:30
Mark Stacey
5b48896ab1
Restore missing locale descriptions (#10261)
The localized message descriptions from the `en` locale have been
restored to all other locales. These descriptions are intended to help
translators understand the context for each message, and are not
intended to be translated.
2021-01-26 13:29:44 -03:30
Erik Marks
7ebab83e40
Fix logWeb3ShimUsage metrics (#10286) 2021-01-25 14:20:44 -08:00
Mark Stacey
7b1e12fd95
Update hi localized messages (#10264)
These translations were provided by Lionbridge.
2021-01-22 21:01:35 -08:00
Mark Stacey
74ee13f7c3 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (29 commits)
  Reset swaps routeState in navigateBackToBuildQuote (#10166)
  Fix decrypt message confirmation UI crash (#10252)
  Fix site metadata JSON-RPC handler (#10243)
  Fix design system error constants (#10246)
  Remove unused environment variables (#10234)
  Update `yarn.lock` (#10241)
  Update postMessage structure for TrezorConnect 8 (#10192)
  Increase minimum Firefox version to v68 (#10195)
  Bump socket.io from 2.2.0 to 2.4.1 (#10232)
  Update `@reduxjs/toolkit` from v1.3.2 to v1.5.0 (#10228)
  eth-rpc-errors@4.0.2 (#10226)
  Add MAX_SAFE_CHAIN_ID and refactor chain ID validation (#10224)
  add chip component (#10199)
  add new typography component (#10197)
  @metamask/inpage-provider@8.0.3 (#10219)
  Add NETWORK_TYPE_RPC constant (#10203)
  Further improve organization of constants (#10200)
  add includePaths to sass-loader in storybook (#10213)
  Disable the swaps submit button after the first time it is clicked (#10162)
  Remove default to 18 decimals in quotesToRenderableData method (#10212)
  ...
2021-01-22 17:12:14 -03:30
Thomas Huang
a88a087b60 Fix site metadata JSON-RPC handler (#10243)
* Fix getting the site metadata from the request origin params.

Regressed from inpage-provider ts migration the request. The property domainMetadata is now set as a params key for the request.

https://github.com/MetaMask/inpage-provider/blob/v7.0.0/src/siteMetadata.js#L19-L25
vs
https://github.com/MetaMask/inpage-provider/blob/main/src/siteMetadata.ts#L19-L27

* Change hardcoded mocked response of the request to the prod response.
2021-01-22 15:11:09 -03:30
MetaMask Bot
ae5ee105bf Version v9.0.3 2021-01-22 18:29:03 +00:00
Thomas Huang
1dad4abfdc
Fix site metadata JSON-RPC handler (#10243)
* Fix getting the site metadata from the request origin params.

Regressed from inpage-provider ts migration the request. The property domainMetadata is now set as a params key for the request.

https://github.com/MetaMask/inpage-provider/blob/v7.0.0/src/siteMetadata.js#L19-L25
vs
https://github.com/MetaMask/inpage-provider/blob/main/src/siteMetadata.ts#L19-L27

* Change hardcoded mocked response of the request to the prod response.
2021-01-22 10:27:07 -08:00
David Walsh
9b4715cc8f
Update postMessage structure for TrezorConnect 8 (#10192) 2021-01-21 11:12:54 -06:00
Mark Stacey
408586aa4d
Increase minimum Firefox version to v68 (#10195)
Firefox v68 is the _previous_ Extended Support Release. We are
increasing this because our current minimum version doesn't support
async iterators, so some of our dependencies cause the extension to
crash.

Our metrics show that usage of Firefox versions older than this is
quite low (under 0.7% of Firefox users in the past month). These older
versions are also _very behind_ on security updates. Using the Extended
Support Release also makes it easier for us to test the minimum
version, and ensure our extension remains compatible with it.

Relates to #6805
2021-01-21 09:01:42 -06:00
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
4fef2b7443
Add MAX_SAFE_CHAIN_ID and refactor chain ID validation (#10224)
* Add MAX_SAFE_CHAIN_ID constant
* Add isSafeChainId to shared utils module
* Move isPrefixedFormattedHexString to shared utils module
* Validate custom RPC chain IDs in network controller
* Update some network controller error messages.
* Add isSafeChainId validation to UI
2021-01-20 15:37:18 -08:00
Mark Stacey
774b537a9b Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  add new typography component (#10197)
  @metamask/inpage-provider@8.0.3 (#10219)
  Add NETWORK_TYPE_RPC constant (#10203)
  Further improve organization of constants (#10200)
  add includePaths to sass-loader in storybook (#10213)
  Disable the swaps submit button after the first time it is clicked (#10162)
  Remove default to 18 decimals in quotesToRenderableData method (#10212)
  use dart sass, and update related modules (#10208)
  Fetch with a timeout everywhere (#10101)
  Make hiring link a link on text (#10206)
  improve design system scss (#10193)
  zh_TW: Translate buy, assets, activity (#10207)
  Update TW term 乙太 -> 以太 (#10191)
  Fix hardware account selection (#10198)
  Add hiring note to the README (#10190)
  drop the fox in about (#10174)
2021-01-20 18:55:04 -03:30
MetaMask Bot
d7e1ee166f Version v9.0.2 2021-01-20 10:49:50 -08:00
Yahsin Huang
32121107c2 zh_TW: Translate buy, assets, activity (#10207) 2021-01-20 10:49:50 -08:00
gasolin
9ed181f4e1 Update TW term 乙太 -> 以太 (#10191) 2021-01-20 10:49:50 -08:00
Erik Marks
7077ee68dc
Add NETWORK_TYPE_RPC constant (#10203)
* Refactor network display props
* Add NETWORK_TYPE_RPC constant
* Consolidate network constants
2021-01-20 08:49:05 -08:00
Erik Marks
90289ec22a
Further improve organization of constants (#10200) 2021-01-20 08:13:14 -08:00
Erik Marks
7159dd6867
Fetch with a timeout everywhere (#10101)
* Use fetchWithTimeout everywhere
* Memoize getFetchWithTimeout
* Require specified timeout
2021-01-19 08:41:57 -08:00
Yahsin Huang
1007f4b6f2
zh_TW: Translate buy, assets, activity (#10207) 2021-01-18 13:29:01 -08:00
gasolin
b0bb190b5e
Update TW term 乙太 -> 以太 (#10191) 2021-01-18 13:18:27 -08:00
MetaMask Bot
51b736245b Version v9.0.1 2021-01-12 20:30:10 -08:00
Erik Marks
0dfdd44ae7
Restore support for @metamask/inpage provider@"< 8.0.0" (#10179)
This restores support for versions of the inpage provider prior to v8.
This is intended to support dapps and extensions that directly
instantiated their own provider rather than using the injected
provider.

* Forward traffic between old and new provider streams

* Ignore publicConfig stream for non-legacy muxes

* Transform accountsChanged notification for legacy streams

* Convert publicConfigStore to singleton

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-01-12 17:43:45 -08:00
MetaMask Bot
6369f88571 Version v9.0.0 2021-01-11 11:12:19 -03:30
Dan J Miller
2431a5821c
Migration 51: ensure chainId is set in state for default/infura providers (#10170)
* Migration 51: ensure chainId is set in network controller provider state for all infura/default networks

* Clean up

* Migrate incorrect as well as falsy chainIds

Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2021-01-11 11:09:15 -03:30
Wanshan
bcdd2ec91e
Update zh_CN translation (#9772)
* Update zh_CN translation

* Translate 'Gas Limit' to 'Gas 上限'

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-01-08 10:19:41 -08:00
Mark Stacey
69e883c728
Detect tokens on custom Mainnet RPC endpoints (#10157)
Our automatic token detection was hard-coded to only work on our built-
in Infura Mainnet endpoint. It now works with custom Mainnet RPC
endpoints as well.

Relates to #6992
2021-01-08 10:55:46 -03:30
Erik Marks
bc6663d849
Fix block explorer translations (#10160) 2021-01-07 13:13:00 -08:00
Mark Stacey
672a387779 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (66 commits)
  Disable swaps based on chainId, instead of network id (#10155)
  improve handling of last selected provider (#10093)
  Add links to Community Forum to README (#10152)
  @metamask/contract-metadata@1.21.0 (#10142)
  Prevent malformed next nonce warning (#10143)
  add module resolution for node-analytics/axios (#10139)
  Ensure that gas for swap tx submitted at same time as approval is in hex (#10135)
  Fix useTransactionDisplayData unit tests (#10134)
  Fix network settings Kovan block explorer link (#10117)
  Use destructured signal (#10115)
  throw a new wrapped error instead of default one from segment (#10118)
  @metamask/contract-metadata@1.20.0 (#10116)
  Use late-bound noop function when disabling console (#10110)
  Bump @metamask/contract-metadata from 1.19.0 to 1.20.0 (#10104)
  Remove unnecessary swaps footer space when in dropdown mode (#10100)
  Tighten up loading indication logic (#10103)
  Skip reporting of successive persistence failures (#10099)
  Update `@metamask/controllers` to v5.1.0 (#10096)
  @metamask/obs-store@5.0.0 (#10092)
  set last provider when switching to a customRPC (#10084)
  ...
2021-01-07 15:57:40 -03:30
Dan Miller
a30d39f3f3 Version v8.1.11 2021-01-07 14:25:34 -03:30
Brad Decker
b5fc1f9314
improve handling of last selected provider (#10093) 2021-01-06 17:31:11 -06:00
Mark Stacey
7606353100 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (60 commits)
  Ensure that gas for swap tx submitted at same time as approval is in hex (#10135)
  Fix useTransactionDisplayData unit tests (#10134)
  Fix network settings Kovan block explorer link (#10117)
  Use destructured signal (#10115)
  throw a new wrapped error instead of default one from segment (#10118)
  @metamask/contract-metadata@1.20.0 (#10116)
  Use late-bound noop function when disabling console (#10110)
  Bump @metamask/contract-metadata from 1.19.0 to 1.20.0 (#10104)
  Remove unnecessary swaps footer space when in dropdown mode (#10100)
  Tighten up loading indication logic (#10103)
  Skip reporting of successive persistence failures (#10099)
  Update `@metamask/controllers` to v5.1.0 (#10096)
  @metamask/obs-store@5.0.0 (#10092)
  set last provider when switching to a customRPC (#10084)
  Fetch swap quote refresh time from API (#10069)
  Fix `fetch-with-cache` handling of interwoven requests (#10079)
  Fix 9874 - Improve gas maximum estimation  (#10043)
  Add eth_getProof to safe methods (#10070)
  fix metametrics option tracking (#10071)
  Disable console in contentscript (#10040)
  ...
2021-01-04 15:26:46 -03:30
MetaMask Bot
a8d1cdb7ee Version v8.1.10 2020-12-23 14:04:00 -03:30
Brad Decker
1aa6d7bfea throw a new wrapped error instead of default one from segment (#10118) 2020-12-23 14:04:00 -03:30
Mark Stacey
a492a5b0d1 Use late-bound noop function when disabling console (#10110)
The `disable-console` script introduced in #10040 used an arrow-
function no-op function to replace `console.log` and `console.info`.
This replacement function was early-bound to the `this` context of the
`disable-console` script, because that's how arrow functions work.

This violates an assumption baked into Sentry, which also replaces the
`console` functions. It wraps them in a function it uses to track
console logs as breadcrumbs. This wrapper function blows up for some
reason if the "original" `console` function is early-bound to a `this`
value of `undefined`.

This resulted in various UI freezes. One example is during onboarding,
when using Firefox with Enhanced Tracking Protection set in "strict"
mode. After submitting a password in the 'Create wallet' flow, the
Sentry `console` wrapper would throw and leave the user stuck on the
loading screen.

By replacing the no-op arrow function with a no-op function
declaration, the problem has been resolved.

Relates to #10097
2020-12-23 14:04:00 -03:30
David Walsh
c42087d044
Use destructured signal (#10115) 2020-12-23 10:15:07 -06:00
Brad Decker
64adcae08d
throw a new wrapped error instead of default one from segment (#10118) 2020-12-23 00:24:49 -03:30
Mark Stacey
889ca62723
Use late-bound noop function when disabling console (#10110)
The `disable-console` script introduced in #10040 used an arrow-
function no-op function to replace `console.log` and `console.info`.
This replacement function was early-bound to the `this` context of the
`disable-console` script, because that's how arrow functions work.

This violates an assumption baked into Sentry, which also replaces the
`console` functions. It wraps them in a function it uses to track
console logs as breadcrumbs. This wrapper function blows up for some
reason if the "original" `console` function is early-bound to a `this`
value of `undefined`.

This resulted in various UI freezes. One example is during onboarding,
when using Firefox with Enhanced Tracking Protection set in "strict"
mode. After submitting a password in the 'Create wallet' flow, the
Sentry `console` wrapper would throw and leave the user stuck on the
loading screen.

By replacing the no-op arrow function with a no-op function
declaration, the problem has been resolved.

Relates to #10097
2020-12-19 16:58:49 -03:30
Mark Stacey
8dd8bfd690 Skip reporting of successive persistence failures (#10099)
Failure to persist state will now only report to Sentry if the last
attempt to save state succeeded. This ensures that if anyone is stuck
in a state where state can't be saved (e.g. low disk space), we aren't
flooded with repeated errors on Sentry.
2020-12-18 17:36:58 -03:30
Mark Stacey
d2b6376c3d
Skip reporting of successive persistence failures (#10099)
Failure to persist state will now only report to Sentry if the last
attempt to save state succeeded. This ensures that if anyone is stuck
in a state where state can't be saved (e.g. low disk space), we aren't
flooded with repeated errors on Sentry.
2020-12-17 15:39:01 -03:30
Mark Stacey
bba2b9646d
Update @metamask/controllers to v5.1.0 (#10096)
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.

I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.

This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
2020-12-17 12:06:29 -03:30
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
Mark Stacey
4a48f17420 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (46 commits)
  Fetch swap quote refresh time from API (#10069)
  Fix `fetch-with-cache` handling of interwoven requests (#10079)
  Fix 9874 - Improve gas maximum estimation  (#10043)
  Add eth_getProof to safe methods (#10070)
  fix metametrics option tracking (#10071)
  Disable console in contentscript (#10040)
  Use Boolean for filters (#10066)
  Add approval controller (#9401)
  Cache dependencies (#10065)
  Bump ini from 1.3.5 to 1.3.7 (#10064)
  Add HTML coverage report to MetaMask bot comment (#10061)
  Remove coveralls (#10063)
  Prevent metaMaskFee prop error in FeeCard (#10047)
  Display boolean values when signing typed data (#10048)
  Use CircleCI executors to simplify CI config (#10055)
  Use `.zip` for Firefox e2e tests (#10056)
  Update `selenium-webdriver` and `geckodriver` (#10057)
  Update Firefox version used on CI for e2e tests (#10058)
  Add web3 shim usage notification (#10039)
  Refactor home notification (#10046)
  ...
2020-12-15 19:40:19 -03:30
MetaMask Bot
5d30613120 Version v8.1.9 2020-12-15 16:56:00 -03:30
David Walsh
c4aa0b3c9a Fetch swap quote refresh time from API (#10069) 2020-12-15 16:56:00 -03:30
David Walsh
88525ec392
Fetch swap quote refresh time from API (#10069) 2020-12-15 16:54:22 -03:30
Erik Marks
62b00f62db Add eth_getProof to safe methods (#10070)
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186

It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
2020-12-14 21:15:54 -03:30
Etienne Dusseault
16efd7c933 Disable console in contentscript (#10040)
* Maintain console logging in dev mode

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-12-14 21:13:03 -03:30
Mark Stacey
7879481569 Fix contentscript injection failure on Firefox 56 (#10034)
On Firefox 56 and Waterfox Classic, our `runLockdown.js` script throws
an error. This is fine on the HTML pages, as the next script tags still
get run without issue (though they don't benefit from the SES lockdown
sadly). But in the `contentscript`, an exception thrown here appears to
halt the execution of subsequent scripts.

To prevent the `contentscript` from crashing completely, lockdown
errors are now caught and logged. They are also logged to Sentry on the
pages where Sentry is setup.
2020-12-14 21:07:01 -03:30
Erik Marks
eeee8852cd
Add eth_getProof to safe methods (#10070)
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186

It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
2020-12-14 15:21:15 -08:00
Etienne Dusseault
69df19f195
Disable console in contentscript (#10040)
* Maintain console logging in dev mode

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-12-14 11:17:13 -08:00
David Walsh
9a1548368f
Use Boolean for filters (#10066) 2020-12-14 11:03:59 -06:00
Erik Marks
8f40d03299
Add approval controller (#9401)
This PR introduces the new approval controller to the extension codebase. We use it for the permissions controller's pending approval functionality.

The approval controller sets us up for a new pattern of requesting and managing user confirmations in RPC methods. Along with the generic RPC method middleware, the approval controller will allow us to eliminate our message managers, and decouple various method handlers from our provider stack, making the implementations more portable between the extension and mobile.
2020-12-14 08:04:26 -08:00
Erik Marks
54e9c53b27
Add web3 shim usage notification (#10039)
* Add web3 shim usage alert background state and logic
* Cleanup alert background state, constants
* Implement web3 shim usage notification and settings
* nodeify alert controller background hooks
* Remove svg icon, again
* Tweak alert controller initialization
* Add support article URL
* Un-thunk alert UI "actions"
* Delete connect.svg file (unused)
2020-12-10 15:40:29 -08:00
Mark Stacey
86fba2dac1
Fix contentscript injection failure on Firefox 56 (#10034)
On Firefox 56 and Waterfox Classic, our `runLockdown.js` script throws
an error. This is fine on the HTML pages, as the next script tags still
get run without issue (though they don't benefit from the SES lockdown
sadly). But in the `contentscript`, an exception thrown here appears to
halt the execution of subsequent scripts.

To prevent the `contentscript` from crashing completely, lockdown
errors are now caught and logged. They are also logged to Sentry on the
pages where Sentry is setup.
2020-12-10 14:03:04 -03:30
Mark Stacey
4587e984f5
Increase Chrome minimum version (#10019)
The Chrome minimum version has been increased from v58 to v63. We found
that we had very few users on versions below v63, and v62 is
incompatible with our SES lockdown dependency.

This also makes us compatible with Object rest/spread syntax, so we
might not have to transpile that anymore. I'll revisit that separately.
2020-12-10 01:59:47 -03:30
Mark Stacey
b2aa14d676 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (22 commits)
  Fix TokenList component name (#10030)
  Update `tweetnacl` dependencies (#10028)
  Rename `lockdown.cjs` to `lockdown.js` (#10026)
  Revert "Revert "Add SES lockdown to extension webapp (#9729)""
  Revert "Revert "Remove redundant babelify (#9945)""
  Add hidden tokens to store (#9320)
  @metamask/inpage-provider@^8.0.0 (#8640)
  Log persistence errors with Sentry (#10018)
  Fix SES lockdown on older browsers (#10014)
  Reapply view quote screen designs (#9905)
  Fix unbound metrics track function (#10016)
  Deobfuscate error message (#10012)
  Add SES lockdown and Sentry to all pages (#10013)
  Remove web3 injection (#9156)
  Initialize network controller provider chainId to the appropriate default networks (#9999)
  Fix Infura network chain IDs (#8629)
  Prevent props error in swaps gas modal (#10001)
  Fix 9906 - Prevent unwanted 'no quotes available' message when going back to build quote screen while having insufficient funds (#9994)
  Fix 9988 - Don't allow more than 15% slippage (#9991)
  Bump highlight.js from 10.4.0 to 10.4.1 (#10004)
  ...
2020-12-09 18:11:19 -03:30
MetaMask Bot
d5be047b7b Version v8.1.8 2020-12-09 12:19:45 -03:30
Mark Stacey
07fab76dd0 Rename lockdown.cjs to lockdown.js (#10026)
When you load an extension `.zip` file in Firefox, it fails to load
scripts with the `.cjs` file extension. However, it works if you load
the extension via the `manifest.json` file instead.

After renaming the `lockdown.cjs` file to `lockdown.js`, it works in
Firefox in all cases, regardless whether it's loaded by manifest or by
`.zip`.
2020-12-09 12:19:17 -03:30
Mark Stacey
e9b5386f74 Log persistence errors with Sentry (#10018)
Failures to persist state are now logged in Sentry. Previously they
were only logged to the background console.
2020-12-09 12:19:16 -03:30
Mark Stacey
ba2c56c871 Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-09 12:19:16 -03:30
Mark Stacey
b75863dc00 Fix unbound metrics track function (#10016)
The new metrics controller has a `trackEvent` function that was being
called unbound, so `this` references were undefined. It is now bound
early in both places where it is passed in as a parameter.
2020-12-09 12:19:16 -03:30
Mark Stacey
01c0775486 Deobfuscate error message (#10012)
The SES lockdown added in #9729 had the effect of obfuscating our error
messages. Any messages printed to the console would have the error
message replaced with the string "Error #" followed by a number. The
stack was also updated to point at `lockdown.cjs`, though the original
stack was preserved beneath the top stack frame.

Marking the `console` API as untamed seems to have fixed both issues.
The original error message is now printed to the console, along with
the original stack.
2020-12-09 12:19:16 -03:30
Mark Stacey
4ae911eb23 Add SES lockdown and Sentry to all pages (#10013)
When the SES lockdown was added in #9729, the lockdown and the Sentry
initialization were migrated from the main bundle into separate
modules, which were run as separate `<script>` tags. These extra tags
were accidentally omitted for `home.html` and `notification.html`. As
a result Sentry was not initialized on these pages, so any errors
thrown on them would not be collected. They also do not benefit from
the SES lockdown.

The SES lockdown and Sentry initialization modules have been added to
both pages where they were missing.
2020-12-09 12:19:16 -03:30
Thomas Huang
6ecc3dee22 Initialize network controller provider chainId to the appropriate default networks (#9999) 2020-12-09 12:19:16 -03:30
David Walsh
b9cb0014ab Fix 9988 - Don't allow more than 15% slippage (#9991) 2020-12-09 12:19:16 -03:30
Erik Marks
0ed9ed008b Update transaction params validation (#9992)
* Update transaction params validation

* fixup! Update transaction params validation

* Update to/data error message

* fixup! Update to/data error message
2020-12-09 12:17:44 -03:30
Mark Stacey
ffcdd1e76a Revert "Revert "Add SES lockdown to extension webapp (#9729)""
This reverts commit d783966065.
2020-12-09 12:11:55 -03:30
Mark Stacey
f386e4ce4b
Rename lockdown.cjs to lockdown.js (#10026)
When you load an extension `.zip` file in Firefox, it fails to load
scripts with the `.cjs` file extension. However, it works if you load
the extension via the `manifest.json` file instead.

After renaming the `lockdown.cjs` file to `lockdown.js`, it works in
Firefox in all cases, regardless whether it's loaded by manifest or by
`.zip`.
2020-12-09 12:04:11 -03:30
Mark Stacey
427268b25f Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Add hidden tokens to store (#9320)
  @metamask/inpage-provider@^8.0.0 (#8640)
  Log persistence errors with Sentry (#10018)
  Fix SES lockdown on older browsers (#10014)
  Reapply view quote screen designs (#9905)
  Fix unbound metrics track function (#10016)
  Deobfuscate error message (#10012)
  Add SES lockdown and Sentry to all pages (#10013)
  Remove web3 injection (#9156)
  Initialize network controller provider chainId to the appropriate default networks (#9999)
  Fix Infura network chain IDs (#8629)
  Prevent props error in swaps gas modal (#10001)
  Fix 9906 - Prevent unwanted 'no quotes available' message when going back to build quote screen while having insufficient funds (#9994)
  Fix 9988 - Don't allow more than 15% slippage (#9991)
  Bump highlight.js from 10.4.0 to 10.4.1 (#10004)
  Add timeout to `wait-until-called` (#9996)
  Update transaction params validation (#9992)
2020-12-09 01:40:44 -03:30
Mark Stacey
0b0b91196d Revert "Revert "Add SES lockdown to extension webapp (#9729)""
This reverts commit d783966065.
2020-12-09 01:40:22 -03:30
MetaMask Bot
ec1d5f3424 Version v8.1.7 2020-12-09 01:08:24 -03:30
Mark Stacey
d783966065 Revert "Add SES lockdown to extension webapp (#9729)"
This reverts commit 9f6fa64d67.
2020-12-09 01:00:58 -03:30
Patryk Łucka
e4a77e1dc3
Add hidden tokens to store (#9320)
From a behavioral standpoint this PR fixes the issue with tracking, and persisting, tokens that the user hides. Whether we can/should optimize this to prevent duplicates of the accountHiddenTokens and hiddenToken is a point of contention, but it acts similiarly to how we track tokens and accountTokens. 

Also to note, for tokens under a custom network there is no way to distinguish two different custom network sets of hidden tokens, they are all under the `rpc` property, same as accountTokens.
2020-12-08 12:38:00 -08:00
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Mark Stacey
55e5f5513c
Log persistence errors with Sentry (#10018)
Failures to persist state are now logged in Sentry. Previously they
were only logged to the background console.
2020-12-08 16:17:51 -03:30
Mark Stacey
d13aabde23
Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-08 15:08:31 -03:30
Dan J Miller
da5e5cd8b6
Reapply view quote screen designs (#9905) 2020-12-08 10:47:53 -06:00
Mark Stacey
f75c3c6f68
Fix unbound metrics track function (#10016)
The new metrics controller has a `trackEvent` function that was being
called unbound, so `this` references were undefined. It is now bound
early in both places where it is passed in as a parameter.
2020-12-08 12:40:55 -03:30
Mark Stacey
2bcb219501
Deobfuscate error message (#10012)
The SES lockdown added in #9729 had the effect of obfuscating our error
messages. Any messages printed to the console would have the error
message replaced with the string "Error #" followed by a number. The
stack was also updated to point at `lockdown.cjs`, though the original
stack was preserved beneath the top stack frame.

Marking the `console` API as untamed seems to have fixed both issues.
The original error message is now printed to the console, along with
the original stack.
2020-12-08 07:24:31 +08:00
Mark Stacey
7349801799
Add SES lockdown and Sentry to all pages (#10013)
When the SES lockdown was added in #9729, the lockdown and the Sentry
initialization were migrated from the main bundle into separate
modules, which were run as separate `<script>` tags. These extra tags
were accidentally omitted for `home.html` and `notification.html`. As
a result Sentry was not initialized on these pages, so any errors
thrown on them would not be collected. They also do not benefit from
the SES lockdown.

The SES lockdown and Sentry initialization modules have been added to
both pages where they were missing.
2020-12-07 18:46:03 -03:30
Erik Marks
6795298c65
Remove web3 injection (#9156)
* Remove web3 injection
* Implement logWeb3ShimUsage
2020-12-07 12:09:02 -08:00
Thomas Huang
26272d3557
Initialize network controller provider chainId to the appropriate default networks (#9999) 2020-12-07 11:40:42 -08:00
Erik Marks
4839e31e05
Fix Infura network chain IDs (#8629) 2020-12-07 11:39:39 -08:00
David Walsh
56f80ae9a9
Fix 9988 - Don't allow more than 15% slippage (#9991) 2020-12-07 09:12:55 -06:00
Mark Stacey
231e795143
Merge pull request #10002 from MetaMask/sync-master
Sync `master` with `develop`
2020-12-04 14:33:53 -03:30
Erik Marks
baea1b57fb
Update transaction params validation (#9992)
* Update transaction params validation

* fixup! Update transaction params validation

* Update to/data error message

* fixup! Update to/data error message
2020-12-03 18:15:59 -08:00
MetaMask Bot
9fab240c72 Version v8.1.6 2020-12-03 22:25:08 -03:30
Dan J Miller
1661953e23
Migration to remove legacy local storage keys from localStorage (#9986)
* Migration to remove legacy local storage keys from localStorage

* Update app/scripts/migrations/050.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update app/scripts/migrations/050.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Fix unit tests for migration 50

* Fixing stubbing and localstorage reference in migration 50

* Update test/helper.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-12-03 20:25:23 -03:30
Erik Marks
c515591e7b
Add 48x48 icon (#9993) 2020-12-03 13:14:21 -08:00
Mark Stacey
703a063ad1
Fix metrics error when options are not used (#9985)
Attempts to send metrics would fail when no `options` were used. This
was because when the options parameter was not set, it was often sent
over our RPC connection as `undefined`, which gets serialized to `null`
when the message is converted to JSON. This `null` parameter didn't
trigger the default parameter set in the metametrics controller, as
default parameters are only used for `undefined`.

Instead the `options` parameter is now treated as fully optional, with
no default value set. The optional chaining operator is used to ensure
it won't blow up if it's not set. A fallback of `{}` was used for the
one destructure case as well.
2020-12-03 15:35:11 -03:30
Mark Stacey
52d25f0df8
Fix inflated gas estimates (#9984)
If a `gasPrice` was specified in a transaction sent via a dapp, we
would include it in our `eth_estimateGas` call, causing it to fail if
the user had insufficient balance (for either the transaction amount or
the gas fee). This resulted in the fallback gas estimate being used;
the block gas limit. The block gas limit is quite a bit larger than
most transactions need, so this resulted in wildly inflated gas costs
being shown on our confirmation screen.

The `gasPrice` has been removed from the `txParams` object we pass to
`eth_estimateGas`, so now it won't perform any balance checks anymore.
This ensures that we'll get a valid gas estimate, as long as geth is
able to simulate the contract execution properly.

Fixes #9967
2020-12-03 13:55:42 -03:30
Dan J Miller
97d268c8ee
Remove use of ethgasstation; use metaswap /gasPrices api for gas price estimates (#9867)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates

* Remove references to ethgasstation

* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates

* Update ui/app/hooks/useTokenTracker.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

* Delete gas price chart

* Remove price chart css import

* Delete additional fee chart code

* Lint fix

* Delete more code no longer used after ethgasstation removal

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-12-02 19:55:19 -03:30
Brad Decker
0653a489b0
add new MetaMetricsController (#9857) 2020-12-02 15:41:30 -06:00
David Walsh
673371d013
Fix #9872 - Show price difference warning on swaps price quote (#9899) 2020-12-02 15:27:45 -06:00
Erik Marks
5fb2e544d4
Add __isMetaMaskShim__ property to injected web3 (#9972) 2020-12-02 12:35:45 -08:00
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Erik Marks
c3eb272af9
Use method middleware for watchAsset (#9943)
* Use method middleware for watchAsset
* Update validation error messages
* Make addSuggestedERC20Asset private
* Remove redundant check in _handleWatchAssetERC20
2020-12-02 08:49:49 -08:00
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00
Erik Marks
cb44cff168
Fix watchAsset symbol validation (#9960) 2020-11-30 12:59:01 -08:00
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
MetaMask Bot
b86e0b1105 Version v8.1.5 2020-11-19 17:10:55 -03:30
Dan J Miller
1e895c3110
Revert view quote design updates (#9904)
* Revert "Update fee card designs to show savings and MM fee (#9629)"

This reverts commit d9924ca771.

* Revert "Update main-quote-summary designs/styles (#9612)"

This reverts commit 5456d55c88.
2020-11-18 22:10:24 -03:30
Dan J Miller
e4de763116
Add token verification message to swaps build quote screen (#9891)
* Add token verification message to swaps build quote screen

* Adds description for locale

* Use <a> tag for etherscan link

* Remove unnecessary span

* Update ui/app/pages/swaps/build-quote/build-quote.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-17 17:26:02 -03:30
Mark Stacey
31a3541105
Remove invalid matomo metric event option (#9897)
The `matomo` option passed to the send metrics function is invalid. The
intent was to set the `matomoEvent` option, but instead of rectifying
that, we've decide to keep sending this event to the production Segment
project for now. The invalid option has been removed.
2020-11-17 15:59:05 -03:30
Erik Marks
2687163dbb
Fix minor issues with web3 metrics (#9895)
* Fix minor issues with web3 metrics

* Log error, use try/catch
2020-11-17 11:07:59 -08:00
Brad Decker
daf783a0d8
Track a new schema event when adding a token (#9810)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-17 11:39:21 -06:00
Mark Stacey
f9613b2eb9 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Move add contact button in fullscreen/expanded view lower. (#9883)
  Remove CoinSwitch from Deposit screen(#9869)
  Consolidate notification UI openers (#9885)
  Prevent jump when hovering over asset list items
  @metamask/controllers@4.2.0 (#9849)
  Properly detect U2F errors in hardware wallet
  Fix malformed PropType declaraton (#9876)
  Fix broken LoadingScreen PropType declaration (#9877)
  Revert "Add custom hd path option (#9367)" (#9875)
  Update fee card designs to show savings and MM fee (#9629)
  Make editable actoin item a button, autofocus input contents
  Provide alternative text for images where appropriate
2020-11-16 16:55:27 -03:30
Mark Stacey
080dc7ad74 Revert "Revert "Update main-quote-summary designs/styles (#9612)" (#9844)"
This reverts commit 2214e1561d.
2020-11-16 16:55:16 -03:30
Nate Chastain
179dbcb41c
Remove CoinSwitch from Deposit screen(#9869)
Remove all CoinSwitch references and functionality, and bump Wyre to top spot on Deposit screen unless user on test network
2020-11-16 13:57:53 -03:30
Erik Marks
5a80f04dca
Consolidate notification UI openers (#9885)
* Consolidate notification UI openers

* Update tests
2020-11-16 08:32:53 -08:00
Dan J Miller
2214e1561d Revert "Update main-quote-summary designs/styles (#9612)" (#9844)
This reverts commit 5456d55c88.
2020-11-13 16:39:51 -03:30
MetaMask Bot
628865eb45 Version v8.1.4 2020-11-13 16:39:51 -03:30
David Walsh
ed19ce44bd
Merge pull request #9853 from darkwing/image-updates
Provide alternative text for images where appropriate
2020-11-13 13:44:55 -06:00
Mark Stacey
9a50bc0ca4 Revert "Add custom hd path option (#9367)" (#9875)
This reverts commit f30d261e69.

The custom HD path option was found to be unsafe to use, because the
displayed list of accounts would differ depending on which application
was open on the Ledger device. Essentially Ledger was accepting invalid
inputs, and returning junk responses.

This was too dangerous to ship, as it could leave users with an account
that they can't reliably recover. If we don't know how the derivation
is happening, then allowing this import puts our users at risk of
losing funds.

We can re-introduce this functionality after adding validation to
ensure that we only allow inputs that are handled correctly by Ledger.
2020-11-13 15:03:40 -03:30
Mark Stacey
beb6047384
Revert "Add custom hd path option (#9367)" (#9875)
This reverts commit f30d261e69.

The custom HD path option was found to be unsafe to use, because the
displayed list of accounts would differ depending on which application
was open on the Ledger device. Essentially Ledger was accepting invalid
inputs, and returning junk responses.

This was too dangerous to ship, as it could leave users with an account
that they can't reliably recover. If we don't know how the derivation
is happening, then allowing this import puts our users at risk of
losing funds.

We can re-introduce this functionality after adding validation to
ensure that we only allow inputs that are handled correctly by Ledger.
2020-11-13 14:25:47 -03:30
Dan J Miller
d9924ca771
Update fee card designs to show savings and MM fee (#9629)
* Update fee card designs to show savings and MM fee

css touch up

More semantic html and remove unnecessary container wrapper

Update message for case when there are no savings, in new swaps fee card designs

Improve display of tilde in savings designs

* Ensure terms of service is shown when insufficient eth warning is shown on view-quote screen

* Logic simplification in fee-card.js

* Better center info tooltip icons in fee-card

* Add comment about use of \!important in fee card css

* Use container class property on info tooltip in fee card

* Remove function call that was made redundant with 980b14089 but not removed during rebase
2020-11-13 13:42:50 -03:30