* Fix warning dialog when sending tokens to a known token contract address
Fixing after rebase
Covering missed cases
Rebased and ran yarn setup
Rebased
Fix checkContractAddress condition
Lint fix
Applied requested changes
Fix unit tests
Applying requested changes
Applied requested changes
Refactor and update
Lint fix
Use V2 of ActionableMessage component
Adding Learn More Link
Updating warning copy
Addressing review feedback
Fix up copy changes
Simplify validation of pasted addresses
Improve detection of whether this is a token contract
Refactor to leave updateRecipient unchanged, and to prevent the double calling of update recipient
Update tests
fix
* Fix unit tests
* Fix e2e tests
* Ensure next button is disabled while recipient type is loading
* Add optional chaining and a fallback to getRecipientWarningAcknowledgement
* Fix lint
* Don't reset recipient warning on asset change, because we should show recipient warnings regardless of asset
* Update unit tests
* Update unit tests
Co-authored-by: Filip Sekulic <filip.sekulic@consensys.net>
* Increase likelyhood of valid method signatures being returned by getMethodData
* Update coverage
* Update coverage
* Update coverage
* add a migration to clear knownMethodData
* Small typo changes
Co-authored-by: Alex <adonesky@gmail.com>
* When background port closes, UI should display a user friendly error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove console.log
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
A couple of fixes
1. Use timeout in metaRPCClientFactory to check if UI can't
communicate with bg
2. Refactor locale setup
3. Fixed wording/capitalization
4. Fix locales usage so that linting works
5. Refactor CSS
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
do not simulate errorwq
Refactor loading css
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Remove the onDisconnect event handler in ui as this is handled in
metarpcclientfactory
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not throw in bg
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Fix PR comments
Remove unused message 'failedToLoadMessage'
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Move usage of locales to shared/** so that linter can see it.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
metarpc can handle multiple requests, responseHandled should be a map.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
reload metamask button on critical error
Use metamask state (if available) to the locale, else read locale files
manually.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
use constant and numeric separator
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
refactor error utils
remove error simulation
Memoize setupLocale function
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
test cases
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
1. store should be metamask state
2. code refactorings.
Tests: mock setupLocale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Mock fetchLocale instead
Test setup locale
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
UI/CSS changes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Do not simulate failure
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* spell MetaMask correctly
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename state to mockStore
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* we should clean up this.responseHandled[id] in the error case.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fixed PR comments.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* clean up response handled.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix speed-up/cancel: don't update existing transaction data
* Move retryTxMeta state management to useGasFeeInputs.js
* Handle initial retryTxMeta set if no transaction is passed to useGasFeeInputs
* Ensure previousGas is use on retry transaction if it is available in useGasFeeInputs
* Remove update transaction mock and correctly test gas fee increase scenarios now that updateTransaction used in cancel-speedup is defined on the front end
* removed unnecessary eslint disable and removed key prop from SettingsSearchList
* removed unnecessary function, refactored settings pages to use only handleSettingsRefs
* simplified utils, removed unnecessary test
* updated usage of util functions
* fixed type error, allow for ampersand in search input
* removed unnecessary var
* fixed test
* fixes per comments
* fixed var name
* fixed property name
* changed some properties in SETTINGS_CONSTANTS to accept t param
* redid util functions
* changed from multiline comment to single line
* replace empty descriptions
* updated util logic
* fix undefined issue
* added snaps routes
* changed settings search icons to font-awesome
* removed manual input of id
* added snap list to search
* removed console.logs and changed settingsRef to an array to work with settings search helper functions
* lint fixes
* updated tests
* test fix
* fixed util function
* renamed vars
* fixed spelling
* deps fix
* fix issue where we show contract address as recipient when calling safe transfer method on erc721 or erc1155 contracts
* updates function name getTransactionData -> parseStandardTokenTransactionData, and adds documentation
* Initial native notification implementation
* Simplify implementation
* Implementation based on RateLimitController
* Update controllers package
* Add notification to permission list
* Wire up correctly
* Remove snap_notify from the exclusion list
When the gas API is down, the logic we use will no longer compute all of
the data that the gas API returns in order to reduce the burden on
Infura. Specifically, only estimated fees for different priority levels,
as well as the latest base fee, will be available; all other data
points, such as the latest and historical priority fee range and network
stability, will be missing. This commit updates the frontend logic to
account for this lack of data by merely hiding the relevant pieces of
the UI that would otherwise be shown.
* make use of getTokenStandardAndDetails method exposed on assetsContractController to determine how to represent the contract being interacted with in token contract method calls
* fix error with color variable - fix rebase
* clean list search & fuse threshold decreased
* update search-icon , fix tests
* nice to have highlighting text & cleaning
* unit test on settings & search input ui up on expanded view
* fix color variable in alert scss
* setting search input padding right up
* fix dom warning
* util/search test added & Dom element warning fix
* renaming files
* fix color text in settings search
* settings search highlight text refacto & fix ui
* fix settings-search test & renaming
* Fix styling on search field for edge cases, update components and e2e
E2E tests update for search feature
Update components from class to functional component
#
Fix storybook for search box
Fix styling
Fix unit tests
fix: remove z-index
Fix unit tests
Co-authored-by: amerkadicE <amer.kadic@endava.com>
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.
Closes#11626
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.
Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.
Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
The ESLint config for the extension explicitly includes support for
Prettier. However, this is already being provided by our global ESLint
config (`@metamask/eslint-config`). Therefore there is no need to
include it here. In fact, this is causing weird issues where the `curly`
option is getting overridden somehow. After this change, these syntaxes
are invalid:
``` javascript
if (foo) return;
```
``` javascript
if (foo) return 'bar';
```
The ESLint config has been updated to v8. The breaking changes are:
* The Prettier rule `quoteProps` has been changed from `consistent` to
`as-needed`, meaning that if one key requires quoting, only that key is
quoted rather than all keys.
* The ESLint rule `no-shadow` has been made more strict. It now
prevents globals from being shadowed as well.
Most of these changes were applied with `yarn lint:fix`. Only the
shadowing changes required manual fixing (shadowing variable names were
either replaced with destructuring or renamed).
The dependency `globalThis` was added to the list of dynamic
dependencies in the build system, where it should have been already.
This was causing `depcheck` to fail because the new lint rules required
removing the one place where `globalThis` had been erroneously imported
previously.
A rule requiring a newline between multiline blocks and expressions has
been disabled temporarily to make this PR smaller and to avoid
introducing conflicts with other PRs.
* Premilimary Sanitize data logic.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* sanitizeData v2
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* sanitizeData: take 3
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Sanitize Data take 4
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Check that version is v4 before sanitizing.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* sanitize arrays.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Tests to check that typeless data are not shwon
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Do not check value types, Iterate through the message, and ensure each property of the message is declared as a type
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Check that if data type is not defined, it is a solidity type.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint Fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Code cleanup
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move sanitizeData to utils
Tests for sanitizeData in utils
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix unit tests for signaturerequest
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove unused type
include fixedMxN and ufixedMxN checks.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* move fixtures to before each
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* invert if condition to avoid indentations.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* We should exclude types with [] at the beginning or middle as well:
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* cache nestedType
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Throw error for undefined/invalid types definition
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Throw if base type and types are not defined.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
A propType error was showing up during e2e tests with a `testDev`
build. It was caused by `process.env.IN_TEST` being treated as a
boolean, when in fact it is either the string `'true'` or a boolean.
`IN_TEST` has been updated to always be a boolean. `loose-envify` has
no trouble injecting boolean values, so there's no reason to treat this
as a string.
* Clear the clipboard after the seed phrase is pasted
On the "Import" page of the import onboarding flow, we now clear the
clipboard after the secret recovery phrase is pasted. This ensures that
the SRP isn't accidentally pasted somewhere else by the user, which can
be an easy and disastrous mistake to make.
* Clear clipboard during new onboarding flow as well
* Support for Layer 2 networks with transaction fees on both layers
* Use variable name in transaction-breakdown
* Add comment on code source to ui/helpers/utils/optimism/fetchEstimatedL1Fee.js
* Fix unit tests
* Ensure values passed to are defined
* Fix activity log
The build system now supports platform-specific modifications to the
manifest for each build type. The need to customize the `id` on Firefox
motivated this change.
To support this, a new directory was made in each build type directory
for manifest changes. The images currently in this directory were moved
into an `images` subdirectory.
This new `manifest` directory can include each manifest file currently
in `app/manifest`. The `_base.json` file is assumed to exist, but the
platform manifest modifications are optional.
* UX improvements to the "Permission Request" section on the approve screen
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix locales.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Check that hidden elements are hidden in test
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
This PR enables the exclusion of JavaScript and JSON source by `buildType`, and enables the running of `eslint` under LavaMoat. 80-90% of the changes in this PR are `.patch` files and LavaMoat policy additions.
The file exclusion is designed to work in conjunction with our code fencing. If you forget to fence an import statement of an excluded file, the application will now error on boot. **This PR commits us to a particular naming convention for files intended only for certain builds.** Continue reading for details.
### Code Fencing and ESLint
When a file is modified by the code fencing transform, we run ESLint on it to ensure that we fail early for syntax-related issues. This PR adds the first code fences that will be actually be removed in production builds. As a consequence, this was also the first time we attempted to run ESLint under LavaMoat. Making that work required a lot of manual labor because of ESLint's use of dynamic imports, but the manual changes necessary were ultimately quite minor.
### File Exclusion
For all builds, any file in `app/`, `shared/` or `ui/` in a sub-directory matching `**/${otherBuildType}/**` (where `otherBuildType` is any build type except `main`) will be added to the list of excluded files, regardless of its file extension. For example, if we want to add one or more pages to the UI settings in Flask, we'd create the folder `ui/pages/settings/flask`, add any necessary files or sub-folders there, and fence the import statements for anything in that folder. If we wanted the same thing for Beta, we would name the directory `ui/pages/settings/beta`.
As it happens, we already organize some of our source files in this way, namely the logo JSON for Beta and Flask builds. See `ui/helpers/utils/build-types.js` to see how this works in practice.
Because the list of ignored filed is only passed to `browserify.exclude()`, any files not bundled by `browserify` will be ignored. For our purposes, this is mostly relevant for `.scss`. Since we don't have anything like code fencing for SCSS, we'll have to consider how to handle our styles separately.
