1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

264 Commits

Author SHA1 Message Date
Mark Stacey
48c02ef641
Add validation to production build script (#15468)
Validation has been added to the build script when the "prod" target is
selected. We now ensure that all expected environment variables are
set, and that no extra environment variables are present (which might
indicate that the wrong configuration file is being used).

The `prod` target uses a new `.metamaskprodrc` configuration file. Each
required variable can be specified either via environment variable or
via this config file. CI will continue set these via environment
variable, but for local manual builds we can use the config file to
simplify the build process and ensure consistency.

A new "dist" target has been added to preserve the ability to build a
"production-like" build without this validation.

The config validation is invoked early in the script, in the CLI
argument parsing step, so that it would fail more quickly. Otherwise
we'd have to wait a few minutes longer for the validation to run.
This required some refactoring, moving functions to the utility module
and moving the config to a dedicated module.

Additionally, support has been added for all environment variables to
be set via the config file. Previously the values `PUBNUB_PUB_KEY`,
`PUBNUB_SUB_KEY`, `SENTRY_DSN`, and `SWAPS_USE_DEV_APIS` could only be
set via environment variable. Now, all of these variables can be set
either way.

Closes #15003
2022-08-19 15:46:18 -02:30
Erik Marks
8210e3a812
Convert LavaMoat policy generation script to Yargs application (#15626)
This PR converts `generate-lavamoat-policies.sh` to `.js` using Yargs. This makes it easier to only generate policy files for a specific build type (using the `-t` flag), which is often useful during Flask development. In addition, the `lavamoat:background:auto` scripts are renamed, and the main readme is updated with some useful tips.

Note that `lavamoat:background:auto:dev` is removed and `lavamoat:background:auto` should be used during local development.
2022-08-18 16:09:26 -07:00
seaona
437acdb74c
Capture user actions times for MV2 benchmark and generate artifacts (#15353)
* User actions benchmark and artifacts

* Lint and fix identation

* Fix lint

* Updated path

* lint

* Add user actions benchmark to pre release job

* Remove title

* Out path updated

* See if url is finally fixed

* Adding some console logs

* lint

* fix lint

* fix lint

* Updated persisting and store artifacts path

* Added MetaMask bot correct link and remove console logs

* Remove console log

* Sort Imports

* Fix lint

* Update loadAccount function and prop name for clarity to loadNewAccount

* Run yarn setup

* Fix yarn

* Update Create Account element for Create account

* Remove unnecessary step on send

Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
2022-08-12 19:41:20 +02:00
Elliot Winkler
024b41546b
Fix deployment of TS migration dashboard (again) (#15528)
An improper deploy key was used to deploy the TypeScript
migration dashboard. A new key has been created on the GitHub side for
the `metamask-extension-ts-migration-dashboard` repo and also added to
CircleCI. The new fingerprint for this key is provided in this commit.
This should hopefully make it possible for us to deploy to this repo
from CircleCI.
2022-08-10 12:38:43 -06:00
Elliot Winkler
2dc8ba32da
Fix deploying the TS migration dashboard (#15516)
When the TypeScript migration dashboard is updated, it is built and
deployed in another repo, which is then deployed via GitHub Pages. To
push to this repo we have to set a Git username and email. This is
missing from the CircleCI config, so this commit uses the metamaskbot
GitHub account to do that.
2022-08-10 09:45:21 -06:00
Elliot Winkler
a7d98b695f
Add TypeScript migration dashboard (#13820)
As we convert parts of the codebase to TypeScript, we will want a way to
track progress. This commit adds a dashboard which displays all of the
files that we wish to convert to TypeScript and which files we've
already converted.

The list of all possible files to convert is predetermined by walking
the dependency graph of each entrypoint the build system uses to compile
the extension (the files that the entrypoint imports, the files that the
imports import, etc). The list should not need to be regenerated, but
you can do it by running:

    yarn ts-migration:enumerate

The dashboard is implemented as a separate React app. The CircleCI
configuration has been updated so that when a new commit is pushed, the
React app is built and stored in the CircleCI artifacts. When a PR is
merged, the built files will be pushed to a separate repo whose sole
purpose is to serve the dashboard via GitHub Pages (this is the same
way that the Storybook works). All of the app code and script to build
the app are self-contained under
`development/ts-migration-dashboard`. To build this app yourself, you
can run:

    yarn ts-migration:dashboard:build

or if you want to build automatically as you change files, run:

    yarn ts-migration:dashboard:watch

Then open the following file in your browser (there is no server
component):

    development/ts-migration-dashboard/build/index.html

Finally, although you shouldn't have to do this, to manually deploy the
dashboard once built, you can run:

    git remote add ts-migration-dashboard git@github.com:MetaMask/metamask-extension-ts-migration-dashboard.git
    yarn ts-migration:dashboard:deploy
2022-08-09 14:16:08 -06:00
Jyoti Puri
d4075b099f
Fix for script to measure bundle size over time (#15338) 2022-07-27 16:37:15 +05:30
Jyoti Puri
80c830373e
Fix build (#15328) 2022-07-23 00:40:08 +05:30
Jyoti Puri
45f5635cd8
Bundlesize stats over time (#15209)
* Adding tasks for MV3 test build

* more changes

* fix

* fix

* fix

* MV3 CI fixes

* fixes

* fix

* Initial work to capture the logs, write to file, and parse it.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* chrome debug logs

* Pull logs from webdriver and save to json file.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* comment out stats stuffs

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Lint Fixes

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Remove console.log

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* fixes

* Adding build artifact for initialisation time

* change

* fix lint

* fix

* fix

* fix

* fix

* fixes

* Capturing load time stats

* fix

* fix

* fix

* fix

* fix build

* fix

* fix

* fix

* fix

* fix

* Initial work to capture the logs, write to file, and parse it.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* chrome debug logs

* Pull logs from webdriver and save to json file.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* comment out stats stuffs

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Lint Fixes

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* Remove console.log

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* fix

* fix

* fix

* fix

* Initial work to capture the logs, write to file, and parse it.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

chrome debug logs

Pull logs from webdriver and save to json file.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Remove console.log

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

split output of lavamoat to 2 files. background and ui

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* fix

* fix

* fix

* Enable logging to chrome_debug only if in MV3

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* fix

* fix

* fix

* fixes

* fix

* fix

* fix

* fix

* fixes

* test

* test

* fix

* fix

* MV3 bundle size stats

* fix

* Committing bundle size status to extension_bundlesize_stats repo

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* Initial commit

* Initial commit

* Initial commit

* Initial commit

* fixes

* fix

* fix

* fix

* fix

* fix

* fix

Co-authored-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
2022-07-21 12:25:18 -10:00
Jyoti Puri
45cecf385d
Adding artifacts (#15145) 2022-07-20 19:33:16 +04:00
Jyoti Puri
aeb0147846
Adding tasks for MV3 test build (#15133) 2022-07-14 03:34:33 +04:00
Erik Marks
08cc6c5e77
Bump minimum Node.js version to 16 (#15131) 2022-07-02 23:32:18 -07:00
PeterYinusa
4e1dbc6194
State logs e2e (#15123)
* download dir

* state logs e2e

* update ff version
2022-07-01 20:46:12 +01:00
PeterYinusa
bf9140aa57
Chromedriver v103 (#15015)
* update chromdriver to v103

* update chrome binary to v103
2022-06-24 08:41:55 -04:00
PeterYinusa
2fd4549333
Update chromedriver and chrome binary (#14877)
* Update chromedriver and chrome binary

* yarn deduplicate
2022-06-07 16:02:11 +01:00
PeterYinusa
12cda5eb2d
Chromedriver v101 (#14617)
* update chromedriver package

* update chrome binary used in ci
2022-05-11 13:17:49 +01:00
PeterYinusa
4127583224
Jest tests - incremental coverage (#14612)
* add jest-it-up dependancy

* add reporter

* post test run jest-it-up

* Add CI check

* update coverage

* deduplicate dependancies
2022-05-04 17:02:42 +01:00
ricky
0fd1cea1fe
Feature/remove bitmask (#14489)
* remove bitmask

* add --fail-on-missing-exclusions

* add .iyarc
2022-04-21 17:58:57 -04:00
kumavis
0f4417684b
unblock ci: update vuln deps + fix npm registry for snaps firefox (#14437)
* dep-audit-fix for async@2.6.3

* deps - update async for vuln fix and remove patch

* deps/ci-yarn-audit - remove outdated ignored vulns

* deps/lock - deduplicate async@2

* deps/lock - deduplicate async@2 + remove indirectly used dep

* Use regular NPM registry for snaps on Firefox (#14439)

* Use regular NPM registry for snaps on FF

* Fix linting

* Update app/scripts/metamask-controller.js

Co-authored-by: Shane <jonas.shane@gmail.com>

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Shane <jonas.shane@gmail.com>

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Shane <jonas.shane@gmail.com>
2022-04-13 17:28:03 -10:00
PeterYinusa
1582efdc06
update chromedriver and chrome binary to v100 (#14337) 2022-04-04 16:02:54 +01:00
PeterYinusa
c07e477c13
E2e metrics (#13904)
* remove metrics build

* remove segment server from tests

* enable cors

* mock segment globally

* metrics e2e test

* running test builds

* move file

* destructuring
2022-03-15 13:17:48 -03:00
Mark Stacey
6aaeab2f24
Automate the Flask release process (#13898)
* Automate the Flask release

A Flask release will now be published alongside each main extension
release. The version of each Flask release will be the same as the
extension version except it will have the suffix `-flask.0`.

* Programmatically remove build prefix

The create GH release Bash script derives the Flask version from the
Flask build filename by removing the build prefix, leaving just the
version. Rather than hard-coding the prefix size to remove, it is now
calculated programmatically so that it is easier to read and update.

* Fix tag publishing

The tab publishing step used the wrong credentials, and didn't properly
identify the commit author. This has now been fixed.
2022-03-15 08:54:37 -02:30
Shane
1f55af3151
Fixed firefox Snaps + add initial end-to-end tests (#13671)
* Changed registryUrl for snaps only in firefox
Fixed getPlatform to only be imported into metamask-controller in flask
Removed snaps specific testrunner script and use run-all with a cli option

* Fixed flakey tests

* Removed unneeded await

* Added delay

* Fixed linting
2022-03-10 14:01:55 -08:00
PeterYinusa
4f6eb02854
update chromedriver (#13854) 2022-03-07 19:05:58 +00:00
PeterYinusa
2b1256faf4
Update to latest ChromeDriver (#13616) 2022-02-14 17:06:10 +00:00
PeterYinusa
2b010710ae
update chromedriver to v97 (#13502) 2022-02-03 15:02:56 +00:00
Brad Decker
022f0efcd7
Update vulnerability ignore list (#13390) 2022-01-25 14:34:50 -06:00
Erik Marks
31cf7c10a4
Permission System 2.0 (#12243)
# Permission System 2.0

## Background

This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.

With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.

Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.

The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.

## Changes in Detail

First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.

- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.

Reviewers should focus their attention on the following files:

- `app/scripts/`
  - `metamask-controller.js`
    - This is where most of the integration work for the new `PermissionController` occurs.
      Some functions that were internal to the original controller were moved here.
  - `controllers/permissions/`
    - `selectors.js`
      - These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
    - `specifications.js`
      - The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
        See the `PermissionController` readme for details.
  - `migrations/068.js`
    - The new state should be cross-referenced with the controllers that manage it.
      The accompanying tests should also be thoroughly reviewed.

Some files may appear new but have just moved and/or been renamed:

- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
  - This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
  - A truncated version of `test/mocks/permission-controller.js`.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-12-06 19:16:49 -08:00
PeterYinusa
9babc8b804
update chromedriver to v96 (#12921) 2021-12-01 18:21:29 +00:00
Dan J Miller
76158bf26b
Use node-browsers-medium-plus executor for validate-lavamoat-config job (#12884) 2021-11-29 17:34:51 -03:30
Etienne Dusseault
5a14a1a54a
Add storybook render tests with CI integration (#12477)
* add storybook unit tests with CI integration

* fix command and fix casing for test

* change ci ordering for storybook tasks

* fix syntax error

* fix jest

* lint

* Add transaction-total-banner render test to Storybook (#12517)

* transaction-total-banner

* lint

* confirm to spec

* lint

* fix jest ocnfig for snapshot test failure
2021-11-23 16:41:30 -08:00
kumavis
d9d1a831a6
ci - enforce yarn lock deduplications (#12737)
* ci - test for yarn lock deduplications

* deps - update yarn.lock and patches

* lavamoat - update policy

* test - ui/helpers/utils/optimism/buildUnserializedTransaction - test against json obj

* lint fix

* patch-package - patch @babel/runtime for lavamoat support

* patch-package - fix additional @babel/runtime lockdown incompats

* patch-package - cleanup sass patch
2021-11-23 09:17:27 -10:00
Mark Stacey
fb6375472e
Update improved-yarn-audit and ignore 2 advisories (#12765)
`improved-yarn-audit` has been updated so that it supports GitHub
advisories. Two new GitHub advisories have been ignored, as they are
both moderate RegExp DoS vulnerabilities that don't affect us, and they
are embedded deep within our dependency graph and are difficult to
update.
2021-11-19 11:53:19 -03:30
kumavis
1ec2af0337
ci - update shellcheck (#12739) 2021-11-18 14:58:31 -10:00
kumavis
f5f2f38ea5
ci - fix yarn-audit (#12738)
* ci/yarn-audit - ensure error propagation

* ci/yarn-audit - ensure dependencies are installed first
2021-11-18 10:57:47 -10:00
PeterYinusa
c0f0e1cfc4
update chromedriver to v95 (#12603) 2021-11-05 15:52:24 +00:00
Mark Stacey
690144a480
Add beta and Flask builds to CI (#12572)
The beta and Flask builds are now built on CI and included in the
metamask bot comment alongside the main builds. The same sourcemap
linter and mozilla linter used for the prod builds is also run on the
beta and Flask builds.

Closes #12426
2021-11-04 16:14:48 -02:30
Alex Donesky
3b5e33bc4c
use improved-yarn-audit and exclude 1002401 and 1002581 (#12310)
* use improved-yarn-audit and exclude 1002401
2021-10-08 12:18:38 -05:00
kumavis
a174d50ba5
ci - improve lavamoat validation debug info (#12259)
* ci - improve lavamoat validation debug info

* Update validate-allow-scripts.sh

* Update validate-lavamoat-policy.sh
2021-10-01 09:39:28 -10:00
kumavis
d9d20160d6
LavaMoat Node update and various small enhancements (#12239)
* lavamoat - update lavamoat-node and relevant policy + two handy patches

* test/e2e - add timeout known to be flaky

* lavamoat-viz - rename npm script
2021-09-28 20:56:08 -10:00
kumavis
d3f7464333
Ci test config improvement (#12223)
* ci - use same resource class for chrome and ff e2e tests

* e2e:chrome - enable logging by default

* lint fix
2021-09-27 12:39:31 -10:00
Elliot Winkler
bbe972ca46
Upgrade chromedriver to 93 (#11990)
This allows developers to run the Chrome e2e tests locally without
having to have a custom version of Chrome installed.
2021-09-08 14:54:31 -06:00
Elliot Winkler
8ffebb294b
Fix 'yarn setup' on M1 Macs (#11887)
There are a few issues encountered when running `yarn setup` on new
Apple Silicon (aka M1, aka arm64) Macs:

* The script halts when attempting to run the install step for
  the `chromedriver` package with the message "Only Mac 64 bits
  supported". This is somewhat misleading as it seems to indicate that
  chromedriver can only be installed on a 64-bit Mac. However, what I
  think is happening is that the installation script for `chromedriver`
  is not able to detect that an arm64 CPU *is* a 64-bit CPU. After
  looking through the `chromedriver` repo, it appears that 87.0.1 is the
  first version that adds a proper check ([1]).

  Note that upgrading chromedriver caused the Chrome-specific tests to
  fail intermittently on CI. I was not able to 100% work out the reason
  for this, but ensuring that X (which provides a way for Chrome to run
  in a GUI setting from the command line) is available seems to fix
  these issues.

* The script also halts when attempting to run the install step for
  the `electron` package. This happens because for the version of
  `electron` we are using (9.4.2), there is no available binary for
  arm64. It appears that Electron 11.x was the first version to support
  arm64 Macs ([2]). This is a bit trickier to resolve because we don't
  explicitly rely on `electron` — that's brought in by `react-devtools`.
  The first version of `react-devtools` that relies on `electron` 11.x
  is 4.11.0 ([3]).

[1]: 469dd0a6ee
[2]: https://www.electronjs.org/blog/apple-silicon
[3]: https://github.com/facebook/react/blob/main/packages/react-devtools/CHANGELOG.md#4110-april-9-2021
2021-09-01 10:40:40 -06:00
ryanml
a44d863093
Adding yarn scripts for changelog validation (#11868) 2021-08-18 08:59:48 -07:00
kumavis
984b78730f
CI - enforce dep usage with depcheck (#11518)
* deps - validate with depcheck

* ci - add depcheck + fixes for missing/extra deps

* ci - run depcheck after deps prep install

* deps - add yarn-deduplicate development tool

* Update .circleci/config.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update .circleci/config.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Removing @lavamoat/preinstall-always-fail

* [depcheck] removing unused dependencies

* Update .depcheckrc.yml

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ryanml <ryanlanese@gmail.com>
2021-07-27 20:03:03 -07:00
Mark Stacey
6416a1ef98
Add logs for Google Chrome binary checksum verification (#11366)
The Chrome installation script now has logs explaining whether the
checksum verification succeeded or failed.
2021-06-23 17:17:16 -02:30
Mark Stacey
cc90fca2f6
Add retries to the benchmark script (#11319)
The benchmark script can now be set to retry upon failure, like the E2E
tests do. The default is zero, just as with the E2E tests. A retry of 2
has been set in CI to match the E2E tests as well.

The `retry` module had to be adjusted to throw an error in the case of
failure. Previously it just set the exit code, but that only worked
because it was the last thing called before the process ended. That is
no longer the case.
2021-06-21 12:46:18 -02:30
Brad Decker
7cc747c792
change download location of chrome file (#11346)
* change download location of chrome file

* Update .circleci/scripts/chrome-install.sh

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-06-18 11:45:58 -05:00
Mark Stacey
7535d63466
Add run-e2e-test.js script (#11301)
This script makes it easier to run an individual E2E test. In the past
I've run individual scripts by editing `run-all.sh` manually, but now
that can be done more easily with this script. It also allows setting
the number of retries to use and the browser to use from the CLI.

This script has been added as an npm script as well, called
'test:e2e:single'.

The `run-all.sh` script was rewritten in JavaScript to make it easier
to pass through a `--retries` argument.

The default number of retries has been set to zero to make local
testing easier. It has been set to 2 on CI.

This was mainly done to consolidate the code used to run an E2E test in
one place, to make later improvements easier.
2021-06-15 15:21:25 -02:30
Mark Stacey
37dc19a352
Migrate Sentry settings to environment variables (#11085)
Sentry is now configured with environment variables, rather than with
hard-coded values. This makes it easier to test Sentry functionality
using a different Sentry account, as we did recently during QA of
v9.5.1.

The only change for the normal build process is the introduction of the
`SENTRY_DSN_DEV` variable, which can be set via `.metamaskrc` or via an
environment variable. This determines where error reports are sent. It
still defaults to our team Sentry account's `metamask-testing` project.

The `sentry:publish` script now requires SENTRY_ORG and SENTRY_PROJECT
to be set in order to publish release artifacts. The CircleCI
configuration has been updated with these values, so it should act the
same as it did before. Previously we had used a CLI flag to specify the
organization and project, but Sentry already natively supports these
environment variables [1].

[1]: https://docs.sentry.io/product/cli/configuration/#configuration-values
2021-05-18 13:56:22 -02:30