1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 12:29:06 +01:00
Commit Graph

1805 Commits

Author SHA1 Message Date
Mark Stacey
a1cda8ad9d Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (228 commits)
  Update `object.values` patch (#15692)
  chore: Adjust trailing whitespace (#15636)
  updated casing in import Token for spanish (#15687)
  development scripts: add node shebang; mark as executable (#15655)
  Created a new contract details modal (#15549)
  Token allowance improvements feature flag (#15646)
  Updated origin pill component to match the new design (#15603)
  Update `depcheck` to latest version (#15690)
  Replace `lavamoat-runtime.js` patch (#15682)
  upgrade jest (#15642)
  Fix Sentry deduplication of events that were never sent (#15677)
  Jest configuration fix (#15673)
  Header component for transaction confirmation screens (#15614)
  New network info popup (#13319)
  Consolidating Zendesk URLs in to constants file (#15669)
  Created review spending cap component (#15633)
  Fix Sentry in LavaMoat contexts (#15672)
  Fix LavaMoat policy generation script (#15668)
  Using formatIconUrlWithProxy to get the iconUrl proxy of swap token (#15562)
  Migrate app constants to typescript (#15611)
  ...
2022-08-25 11:03:29 -02:30
MetaMask Bot
31d5c1cf22
Version v10.18.4 RC (#15643)
* Version v10.18.4

* Fix default currency symbol for `wallet_addEthereumChain` + improve warnings for data that doesn't match our validation expectations (#15201)

* set more appropriate default for ticker symbol when wallet_addEthereumChain is called

* throw error to dapp when site suggests network with same chainId but different ticker symbol from already added network, instead of showing error and disabled notification to user

* Fix Provider Tracking Metrics (#15082)

* fix filetype audit (#15334)

* Remove decentralized 4byte function signature registry since it contains incorrect signatures and we can't algorithmically check for best option when 4byte.directory is down (#15300)

* remove decentralized 4byte function signature registry since it is griefed and we can't algorithmically check for best option when 4byte is down

* add migration

* remove nock of on chain registry call in getMethodDataAsync test

* remove audit exclusion (#15346)

* Updates `eth-lattice-keyring` to v0.10.0 (#15261)

This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2

* Fix 'block link explorer on custom networks' (#13870)

* Created a logic for the 'Add a block explorer URL'

Removed unused message

Message logic rollback

Modified history push operation

WIP: Pushing before rebasing

Applied requested changes

Removed unintenionally added code

* Lint fix

* Metrics fixed

* Stop injecting provider on docs.google.com (#15459)

* Fix setting of gasPrice when on non-eip 1559 networks (#15628)

* Fix setting of gasPrice when on non-eip 1559 networks

* Fix unit tests

* Fix logic

* Update ui/ducks/send/send.test.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* [GridPlus] Bumps `eth-lattice-keyring` to v0.11.0 (#15490)

* [GridPlus] Bumps `gridplus-sdk` to v2.2.4 (#15561)

* remove exclusions for mismatched object jsdoc type casing (#15351)

* Improve `tokenId` parsing and clean up `useAssetDetails` hook (#15304)

* Fix state creation in setupSentryGetStateGlobal (#15635)

* filter breadcrumbs for improved clarity while debugging sentry errors (#15639)

* Update v10.18.4 changelog (#15645)

* Auto generated changelog

* Update 10.18.4 changelog

* Run lavamoat:auto

* Call metrics event for wallet type selection at the right time (#15591)

* Fix Sentry in LavaMoat contexts (#15672)

Our Sentry setup relies upon application state, but it wasn't able to
access it in LavaMoat builds because it's running in a separate
Compartment.

A patch has been introduced to the LavaMoat runtime to allow the root
Compartment to mutate the `rootGlobals` object, which is accessible
from outside the compartment as well. This lets us expose application
state to our Sentry integration.

* Fix Sentry deduplication of events that were never sent (#15677)

The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.

* Replace `lavamoat-runtime.js` patch (#15682)

A patch made in #15672 was found to be unnecessary. Instead of setting
a `rootGlobals` object upon construction of the root compartment, we
are now creating a `sentryHooks` object in the initial top-level
compartment. I hadn't realized at the time that the root compartment
would inherit all properties of the initial compartment `globalThis`.

This accomplishes the same goals as #15672 except without needing a
patch.

* Update v10.18.4 changelog

* Fix lint issues

* Update yarn.lock

* Update `depcheck` to latest version (#15690)

`depcheck` has been updated to the latest version. This version pins
`@babel/parser` to v7.16.4 because of unresolved bugs in v7.16.5 that
result in `depcheck` failing to parse TypeScript files correctly.

We had a Yarn resolution in place to ensure `@babel/parser@7.16.4` was
being used already. That resolution is no longer needed so it has been
removed. This should resove the issue the dev team has been seeing
lately where `yarn` and `yarn-deduplicate` disagree about the state the
lockfile should be in.

* Update yarn.lock

* Update LavaMoat policy

* deduplicate

* Update LavaMoat build policy

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Alex Donesky <adonesky@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: Alex Miller <asmiller1989@gmail.com>
Co-authored-by: Filip Sekulic <filip.sekulic@consensys.net>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: seaona <54408225+seaona@users.noreply.github.com>
Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
2022-08-24 19:57:47 +01:00
Mark Stacey
2140a12b06
Update depcheck to latest version (#15690)
`depcheck` has been updated to the latest version. This version pins
`@babel/parser` to v7.16.4 because of unresolved bugs in v7.16.5 that
result in `depcheck` failing to parse TypeScript files correctly.

We had a Yarn resolution in place to ensure `@babel/parser@7.16.4` was
being used already. That resolution is no longer needed so it has been
removed. This should resove the issue the dev team has been seeing
lately where `yarn` and `yarn-deduplicate` disagree about the state the
lockfile should be in.
2022-08-24 12:42:30 -02:30
Brad Decker
0d862d4032
upgrade jest (#15642) 2022-08-23 15:13:02 -05:00
Mark Stacey
1f36ba4b75
Fix Sentry deduplication of events that were never sent (#15677)
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
2022-08-23 16:14:14 -02:30
Niranjana Binoy
4512a9e151
Using formatIconUrlWithProxy to get the iconUrl proxy of swap token (#15562) 2022-08-22 15:16:57 -04:00
Daniel
0cbff07b61
Remove unnecessary event props, update STX controller version (#15653)
* Remove unnecessary event prop
* Update STX controller version
* yarn yarn-deduplicate
2022-08-19 22:27:49 +02:00
Mark Stacey
48c02ef641
Add validation to production build script (#15468)
Validation has been added to the build script when the "prod" target is
selected. We now ensure that all expected environment variables are
set, and that no extra environment variables are present (which might
indicate that the wrong configuration file is being used).

The `prod` target uses a new `.metamaskprodrc` configuration file. Each
required variable can be specified either via environment variable or
via this config file. CI will continue set these via environment
variable, but for local manual builds we can use the config file to
simplify the build process and ensure consistency.

A new "dist" target has been added to preserve the ability to build a
"production-like" build without this validation.

The config validation is invoked early in the script, in the CLI
argument parsing step, so that it would fail more quickly. Otherwise
we'd have to wait a few minutes longer for the validation to run.
This required some refactoring, moving functions to the utility module
and moving the config to a dedicated module.

Additionally, support has been added for all environment variables to
be set via the config file. Previously the values `PUBNUB_PUB_KEY`,
`PUBNUB_SUB_KEY`, `SENTRY_DSN`, and `SWAPS_USE_DEV_APIS` could only be
set via environment variable. Now, all of these variables can be set
either way.

Closes #15003
2022-08-19 15:46:18 -02:30
legobeat
1d0ef3e321
chore: Complete node16 upgrade (#15634)
Follow-up from #15131
2022-08-19 22:35:52 +08:00
Erik Marks
8210e3a812
Convert LavaMoat policy generation script to Yargs application (#15626)
This PR converts `generate-lavamoat-policies.sh` to `.js` using Yargs. This makes it easier to only generate policy files for a specific build type (using the `-t` flag), which is often useful during Flask development. In addition, the `lavamoat:background:auto` scripts are renamed, and the main readme is updated with some useful tips.

Note that `lavamoat:background:auto:dev` is removed and `lavamoat:background:auto` should be used during local development.
2022-08-18 16:09:26 -07:00
Garrett Bear
d25f9cf4da
UI-14395: typography v2 (#15408)
UI-14395: change Typography v2 to Text

UI-14395: upgrade design tokens

UI-14395: add classname testing

UI-14395: update text colors, update font family name to match token, update text storybook boxprops

UI-14395: add text transform docs

lint fix
2022-08-18 10:51:53 -07:00
Maarten Zuidhoorn
a52c6a4908
[FLASK] snaps-skunkworks@0.19.0 (#15619)
* Bump snaps-skunkworks to 0.19.0

* Improve snap_getBip32Entropy UI

* Remove console.log

* Update LavaMoat policy

* Dedupe Yarn lock

* Update LavaMoat policy again

* Fix tests

* Update policies and e2e tests

* Update policy again

* Update iframe-execution-environment

* Dedupe yarn.lock

* Update snapshots

* Fix PR comments

* Add TODO

* Trigger CI
2022-08-18 17:07:34 +02:00
seaona
437acdb74c
Capture user actions times for MV2 benchmark and generate artifacts (#15353)
* User actions benchmark and artifacts

* Lint and fix identation

* Fix lint

* Updated path

* lint

* Add user actions benchmark to pre release job

* Remove title

* Out path updated

* See if url is finally fixed

* Adding some console logs

* lint

* fix lint

* fix lint

* Updated persisting and store artifacts path

* Added MetaMask bot correct link and remove console logs

* Remove console log

* Sort Imports

* Fix lint

* Update loadAccount function and prop name for clarity to loadNewAccount

* Run yarn setup

* Fix yarn

* Update Create Account element for Create account

* Remove unnecessary step on send

Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
2022-08-12 19:41:20 +02:00
Niranjana Binoy
6e5c2f03bf
Token detection V2 Flag Removal and Re-introducing the use of legacy token list when token detection is OFF (#15138)
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens

updating the controller version and calling detectNewToken on network change

fixing rebase error

Run yarn lavamoat:auto for updating policies

updating lavamoat

Deleted node modules and run again lavamoat auto

fixing rebase issues

updating lavamoat policies

updating lavamoat after rebasing

policies

updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks

to update the token in fetchTosync

updating the contract map object

Revert build-system lavamoat policy changes

Move token list selection logic from components to getTokenList selector

updating the tokenList

Update lavamoat

Fix error

updating lavamoat

lint fix

fix unit test fail

fix unit test fail

lint fix

fixing rebase locale error

rebase fix

Revert build-system policy changes

temp

addressing review comments

* rebase fix
2022-08-09 22:56:25 -02:30
Elliot Winkler
a7d98b695f
Add TypeScript migration dashboard (#13820)
As we convert parts of the codebase to TypeScript, we will want a way to
track progress. This commit adds a dashboard which displays all of the
files that we wish to convert to TypeScript and which files we've
already converted.

The list of all possible files to convert is predetermined by walking
the dependency graph of each entrypoint the build system uses to compile
the extension (the files that the entrypoint imports, the files that the
imports import, etc). The list should not need to be regenerated, but
you can do it by running:

    yarn ts-migration:enumerate

The dashboard is implemented as a separate React app. The CircleCI
configuration has been updated so that when a new commit is pushed, the
React app is built and stored in the CircleCI artifacts. When a PR is
merged, the built files will be pushed to a separate repo whose sole
purpose is to serve the dashboard via GitHub Pages (this is the same
way that the Storybook works). All of the app code and script to build
the app are self-contained under
`development/ts-migration-dashboard`. To build this app yourself, you
can run:

    yarn ts-migration:dashboard:build

or if you want to build automatically as you change files, run:

    yarn ts-migration:dashboard:watch

Then open the following file in your browser (there is no server
component):

    development/ts-migration-dashboard/build/index.html

Finally, although you shouldn't have to do this, to manually deploy the
dashboard once built, you can run:

    git remote add ts-migration-dashboard git@github.com:MetaMask/metamask-extension-ts-migration-dashboard.git
    yarn ts-migration:dashboard:deploy
2022-08-09 14:16:08 -06:00
Daniel
d255fcdefb
Only check if a user has enough token balance before calling STX (#15218) 2022-08-09 12:56:52 -05:00
ryanml
67a7483754
Adding option to update lavamoat policies in parallel (#14536)
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-09 11:08:34 -05:00
PeterYinusa
12943e0e71
[E2E]: Set approval for all e2e (#15481)
* Update test dapp

* fix provider

fix provider
remove debug
mint nft

* Add collectibles spec

Co-authored-by: Alex Donesky <adonesky@gmail.com>
2022-08-09 14:59:20 +01:00
Alex Miller
3d49dd5849
[GridPlus] Bumps eth-lattice-keyring to v0.11.0 (#15490) 2022-08-09 08:12:27 -05:00
Mark Stacey
44f8e9e10e
Replace rc with ini (#15464)
We use the `rc` package to read the `.metamaskrc` configuration file,
which is in "ini" format. This package has been replaced by the `ini`
package.

The `rc` package was not actively maintained, and it has had recent
security vulnerabilities. But most importantly, the config object
returned by `rc` includes a bunch of extra information that made build
script validation [1] difficult to implement. Specifically, it made it
challenging to ensure no extra environment variables were present.

The `ini` package on the other hand is simple, well maintained, and
is simpler to use. This package doesn't add any extra properties to the
object it returns, making validation easy.

[1]: https://github.com/MetaMask/metamask-extension/issues/15003
2022-08-05 15:11:18 -02:30
Brad Decker
7b42c54728
Update Babel and dependencies (#15392) 2022-08-05 10:04:44 -05:00
ryanml
46c110b70c Merge remote-tracking branch 'origin/develop' into master-sync 2022-08-04 21:41:32 -07:00
MetaMask Bot
60ba129eb2 Version v10.18.3 2022-08-04 19:56:00 +00:00
MetaMask Bot
f503a634f0 Version v10.18.2 2022-08-03 20:57:32 +00:00
Sam Gbafa
5802805597
Add Sign-In with Ethereum (#14438)
Co-authored-by: Gregório Granado Magalhães <greg.magalhaes@gmail.com>
Co-authored-by: George Marshall <georgewrmarshall@gmail.com>
Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-03 09:56:11 -05:00
Brad Decker
c72199a1a6
update prettier (#15360) 2022-07-31 13:26:40 -05:00
Brad Decker
31fa55123a
fix storybook (#15387) 2022-07-29 14:15:48 -05:00
Alex Miller
77c3b4622b
Updates eth-lattice-keyring to v0.10.0 (#15261)
This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2
2022-07-27 12:04:04 -05:00
ryanml
e24997d67c
Sync master with develop (#15355)
* Version v10.18.1

* Update changelog for v10.18.1

* Metrics adjustments (#15313)

* Don't send errors to sentry if users have not opted-in to participate in metametrics

* Don't capture opt-out metrics

* Move the metrics-opt in screen to immediately after the welcome screen

* Ensure that global.getSentryState is set in the background

* Fix e2e tests after rearranging onboardin flow

* Fix unit tests

* More e2e test fixes

* Remove unnecessary wrappers around capture exception

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-07-27 10:05:05 -02:30
Brad Decker
1db0ee87ec
Update Eslint and deps (#15293) 2022-07-26 13:10:51 -05:00
MetaMask Bot
e577a1b66e Version v10.18.1 2022-07-22 20:44:27 +00:00
Dan Miller
7bea9848ab Merge remote-tracking branch 'origin/develop' into master-sync 2022-07-22 12:50:58 -02:30
Jyoti Puri
be47d78475
Fix for mv3 performance stats (#15321) 2022-07-22 16:24:14 +05:30
George Marshall
5592687df1
Updating design tokens package and shadow values with new tokens (#15264)
* Updating design tokens v1.8 and shadows

* Adding missing stories

* Some fixes and updates to css and stories

* removing unneeded story

* Fixing story order
2022-07-21 15:43:31 -07:00
Jyoti Puri
0622883a3c
Capturing load time stats (#15157) 2022-07-20 11:40:31 +04:00
Jyoti Puri
6aa0ecce2a
Capturing lavamoat stats in E2E (#15153) 2022-07-20 03:07:15 +04:00
Frederik Bolding
1ec190bd8c
[FLASK] snaps-skunkworks@0.18.1 (#15230)
* snaps-skunkworks@0.17.0

* Handle breaking changes

* Fix import

* Fix blocklist implementation

* snaps-skunkworks@0.18.0

* Fix lint

* Update LavaMoat policy

* Update iframe-execution-environment

* snaps-skunkworks@0.18.1

* Bump iframe-execution-environment

* Update LavaMoat policy
2022-07-19 17:41:06 +02:00
Alex Donesky
09164dcabb
Bump controllers v30.0.2 (#14906)
* bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 09:43:30 -05:00
PeterYinusa
9ae909d6a7
[E2E] Install Firefox extension from dist folder (#15255)
* update webdriver

* install extension from dist folder

* remove redundant code
2022-07-18 09:22:23 +01:00
Jyoti Puri
aeb0147846
Adding tasks for MV3 test build (#15133) 2022-07-14 03:34:33 +04:00
Makoto Inoue
fdd8646ce8
Support for ENS wildcard and offchain resolution (#14675) 2022-07-12 09:30:31 -05:00
MetaMask Bot
550103a5b0 Version v10.18.0 2022-07-11 08:38:29 +00:00
Dan J Miller
6553b9a29b
Merge pull request #15126 from MetaMask/master-sync
Master sync following v10.17.0
2022-07-07 16:26:34 -02:30
Erik Marks
08cc6c5e77
Bump minimum Node.js version to 16 (#15131) 2022-07-02 23:32:18 -07:00
Dan Miller
9bc8e0bb08 Merge remote-tracking branch 'origin/develop' into master-sync 2022-07-01 13:57:47 -02:30
Dan J Miller
0884b6aa10 Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-30 02:26:56 -02:30
Dan Miller
bc6c60cde1 Revert "Merge pull request #15063 from MetaMask/revert-v10.16.0"
This reverts commit 4d42715220, reversing
changes made to f09ab88891.
2022-06-29 13:03:10 -02:30
MetaMask Bot
e1f392a1de Version v10.16.2 2022-06-29 15:32:25 +00:00
Dan Miller
93c4d33cda Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-29 10:22:51 -02:30
Dan Miller
24662963c5 Revert "Merge pull request #15063 from MetaMask/revert-v10.16.0"
This reverts commit 4d42715220, reversing
changes made to f09ab88891.
2022-06-29 10:21:35 -02:30
MetaMask Bot
51311e4024 Version v10.16.1 2022-06-28 14:42:13 +00:00
Mark Stacey
925a19fa4a Revert "Merge pull request #14912 from MetaMask/Version-v10.16.0"
This reverts commit f09ab88891, reversing
changes made to effc761e0e.

This is being temporarily reverted to make it easier to release an
urgent fix for v10.15.1.
2022-06-28 10:41:47 -02:30
PeterYinusa
bf9140aa57
Chromedriver v103 (#15015)
* update chromdriver to v103

* update chrome binary to v103
2022-06-24 08:41:55 -04:00
MetaMask Bot
b96690a976 Version v10.17.0 2022-06-23 23:25:06 +00:00
ryanml
50e7fe9386 Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-23 12:28:06 -07:00
ryanml
71755bf4cc Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-22 12:24:48 -07:00
Mark Stacey
b68aee1bef
Migrate the build script to yargs (#14836)
The build script now uses `yargs` rather than `minimist`. The CLI is
now better documented, and we have additional validation for each
option.

A patch for `yargs` was required because it would blow up on the line
`Error.captureStackTrace`. For some reason when running under LavaMoat,
that property did not exist.

Closes #12766
2022-06-21 17:37:05 -02:30
Frederik Bolding
506a9872f0 Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-21 17:13:57 -02:30
MetaMask Bot
390cf09b3f Version v10.15.1 2022-06-21 19:26:15 +00:00
Frederik Bolding
5168538afe Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-20 17:53:06 -07:00
Frederik Bolding
82645ba516
[FLASK] snaps-skunkworks@0.16.0 (#14952)
* snaps-skunkworks@0.16.0

* Bump iframe-execution-environment

* Add getAppKey

* Regen LavaMoat policy

* Bump test-snaps
2022-06-20 10:13:12 +02:00
Daniel
7d1259476b
Update smart-transactions-controller to v2.1.0 (#14955) 2022-06-16 17:51:55 +02:00
Frederik Bolding
25aa3ab4b4
Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-15 15:50:37 +02:00
MetaMask Bot
2c6236ed4f Version v10.16.0 2022-06-09 19:09:50 +00:00
Dan J Miller
9121a028e6
Merge pull request #14905 from MetaMask/master-sync
Sync master to develop (v10.15.0)
2022-06-09 14:29:30 -02:30
Erik Marks
7df0af8f4f
@metamask/providers@9.0.0 (#14904)
Bump `@metamask/providers` to `9.0.0`. Should be completely non-breaking for our purposes.
2022-06-09 09:03:07 -07:00
Dan J Miller
e7b86fb54b Merge branch 'develop' into master-sync 2022-06-09 11:54:20 -02:30
kumavis
c1804c33f5 lavamoat - bump for stats support (#14641)
* lavamoat - bump for stats support

* lavamoat - update policy

* deps - dedupe lockfile
2022-06-09 02:34:47 -02:30
kumavis
15a962527a LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-06-09 01:55:29 -02:30
PeterYinusa
2fd4549333
Update chromedriver and chrome binary (#14877)
* Update chromedriver and chrome binary

* yarn deduplicate
2022-06-07 16:02:11 +01:00
Erik Marks
ada427af6d Fix development build scripts (#14594)
#14583 broke the development build scripts (e.g. `yarn start`) by adding a positional argument to a package script (`build:dev`) that is used and passed positional arguments in the build script itself. This PR removes the positional argument from the `build:dev` script and `yarn start` now works again. In addition, the `--apply-lavamoat` flag is properly forwarded to child processes, which was not the case in the original implementation.

To test, `yarn start` should work and LavaMoat should _not_ be applied, in distinction to `yarn build:dev dev --apply-lavamoat=true`. Whether LavaMoat is applied can be determined by checking whether `Object.isFrozen(Object.prototype)` is `true` (with LavaMoat) or `false` (without LavaMoat).
2022-06-06 14:13:01 -02:30
Erik Marks
fda057637e Add applyLavaMoat build flag (#14583)
Adds a new flag, `--apply-lavamoat`, to the main build script. The flag controls whether LavaMoat is actually applied to the output of the build process. The flag defaults to `true`, but we explicitly set it to `false` in the `start` package script. Meanwhile, the `start:lavamoat` script is modified such that it applies LavaMoat to the build output in development mode, but it no longer runs the build process itself under LavaMoat as there aren't very compelling reasons to do so.

This change is motivated by the fact that development builds do not have their own dedicated LavaMoat policies, which causes development builds to fail since #14537. The downside of this change is that LavaMoat-related failures will not be detected when running `yarn start`. @kumavis has plans for fixing this problem in a future major version of the `@lavamoat` suite.
2022-06-06 14:13:01 -02:30
Mark Stacey
c70ea259d6 Update minimist from v1.2.5 to v1.2.6 (#14850)
This addresses a security advisory.
2022-06-03 17:09:17 -02:30
Mark Stacey
db519a8cff
Update minimist from v1.2.5 to v1.2.6 (#14850)
This addresses a security advisory.
2022-06-03 16:21:21 -02:30
Mark Stacey
e6d5af5f9a Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (131 commits)
  Update `protobufjs` and remove obsolete advisory exclusion (#14841)
  Include snap version in pill (#14803)
  Update PULL_REQUEST_TEMPLATE.md (#14790)
  fix: keystone transaction qrcode has no white spacing (#14798)
  Snap notifications integration (#14605)
  Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
  snaps-skunkworks@0.15.0 (#14772)
  Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
  Ensure transaction type is correctly updated on edit (#14721)
  Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
  Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
  Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
  Migrate the "estimateGas" API call to "getFees" for STX (#14767)
  Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
  Adding flag for MV3 (#14762)
  Add types to send state (#14740)
  Remove site origin on snap install (#14752)
  Update design tokens library from 1.5 to 1.6 WIP (#14732)
  Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
  remove draft transaction (#14701)
  ...
2022-06-03 11:53:40 -02:30
Dan Miller
3942502951 Merge branch 'master' into Version-v10.15.0 2022-06-03 08:16:08 -02:30
Mark Stacey
cf5db650fe Merge remote-tracking branch 'origin/master' into Version-v10.14.7
* origin/master: (101 commits)
  Updating changelog
  Add token standard to custom token details (#14506)
  Revert "Dark Mode: What's New Announcement (#14346)"
  Ensure network name in confirm page container is defined (#14520)
  Updating lavamoat policies
  Fix the alerts toggles in settings (#14498)
  Disable swaps whenever the environment is not development or testing, so that behaviour follows production for QA purposes (#14499)
  [skip e2e] Updating changelog for v10.14.0 (#14487)
  Version v10.14.0
  Docs - segment metrics (#14435)
  Add snaps view search (#14419)
  Run main, flask and beta in sequence in generate-lavamoat-policies.sh (#14470)
  Modify import SRP page (#14425)
  Dark Mode: Implement Metrics (#14455)
  HoldToRevealButton component (#13785)
  e2e test import json file as import account strategy (#14449)
  MetaMetrics: Identify 'number_of_tokens' user trait (#14427)
  MetaMetrics: Identify 'nft_autodetection_enabled' &  'opensea_api_enabled' (#14367)
  Swaps: Sort "token_from" dropdown tokens by their fiat value first and "token_to" by top tokens (#14436)
  Update segment instantiation check. Only check if SEGMENT_WRITE_KEY exists (#14407)
  ...
2022-06-02 18:30:23 -02:30
Jyoti Puri
95c230127c
Upgrade @metamask/eth-ledger-bridge-keyring (#14799) 2022-06-01 22:04:29 +05:30
Frederik Bolding
7ce4868401
snaps-skunkworks@0.15.0 (#14772)
* snaps-skunkworks@0.15.0

* Update patch

* Update tofu and LavaMoat policy
2022-06-01 11:26:12 +02:00
Alex Miller
08490def8f [GridPlus] Updates Lattice-related modules to unlock functionality (#14467)
GridPlus has updated the EVM signing pathway in Lattice firmware,
which has not yet been released. Additionally, requesters can now
include ABI definitions with signing requests, which are used by
Lattice firmware to decode calldata in place.
All updates are backward compatable.
Updates:
* https://github.com/GridPlus/gridplus-sdk/compare/v1.1.6...v1.2.4
* https://github.com/GridPlus/eth-lattice-keyring/compare/v0.6.1...v0.7.3
2022-05-27 14:41:05 -02:30
Daniel
6dbb2c4ded
Migrate the "estimateGas" API call to "getFees" for STX (#14767) 2022-05-26 19:56:28 +02:00
Jyoti Puri
25082ae272
Adding flag for MV3 (#14762) 2022-05-26 10:18:23 +05:30
George Marshall
8fcbebc546
Update design tokens library from 1.5 to 1.6 WIP (#14732)
* Updating account menu icon color

* Updating design-tokens and making appropriate updates to extension styles

* Adding more deprecated tags to colors

* Adding spinner and removing todo comment

* Remove comment

* Updates

* Updating snapshots

* More color and ui updates

* reverting transition change
2022-05-25 08:35:36 -07:00
Mark Stacey
5b05dd4e8e v10.14.7
This release includes another change to make the builds reproducible
between different environments.
2022-05-23 18:17:32 -02:30
Frederik Bolding
66c049bb35
snaps-skunkworks@0.14.0 (#14700)
* snaps-skunkworks@0.13.0

* snaps-skunkworks@0.14.0

* Fix test

* Add long-running permission copy and icon

* Run linting

* Fix typo

* Bump E2E version
2022-05-18 13:49:26 +02:00
Mark Stacey
211f98c5c7 v10.14.6
In this release, the phishing warning page is extracted to an external
site.
2022-05-16 18:48:20 -02:30
Mark Stacey
5a5e541b5e Fix e2e tests
The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`.
The iframe case was updated with a new design, which required test
changes. The third test that was meant to ensure the phishing page
can't redirect to an extension page has been updated to navigate
directly to the phishing warning page and setting the URL manually via
query parameters, as that was the only way to test that redirect.
2022-05-16 18:48:20 -02:30
Mark Stacey
3693de7947 Reproducible .zip files (#14623)
* Create `.zip` files deterministically

Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.

The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.

* Update lavamoat build policy
2022-05-16 14:48:09 -02:30
Mark Stacey
7199d9c567 Use externally hosted phishing warning page
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.

The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.

The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.

The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.

New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
2022-05-16 14:40:50 -02:30
Frederik Bolding
c2cd6f8097
Bump addons-linter (#14717)
* Bump addons-linter

* Deduplicate yarn.lock

* Rerun yarn install and LavaMoat policy gen
2022-05-16 18:04:25 +02:00
Dan J Miller
f4094925f0 Ensure ledger keyring message event listener are removed on metamask lock (#14691)
* Ensure ledger keyring message event listener are removed on metamask lock

* Clean up
2022-05-16 06:04:22 -07:00
Mark Stacey
8a14504b63 Version v10.14.5
This version is equivalent to v10.14.2. This release is just intended
to fix build configuration issues.
2022-05-14 21:03:06 -02:30
Alex Donesky
23565cac2c
Bump @metamask/controllers version, remove patches (#14618) 2022-05-12 18:01:24 -05:00
Dan J Miller
8948018e5a
Ensure ledger keyring message event listener are removed on metamask lock (#14691)
* Ensure ledger keyring message event listener are removed on metamask lock

* Clean up
2022-05-12 13:36:14 -02:30
PeterYinusa
12cda5eb2d
Chromedriver v101 (#14617)
* update chromedriver package

* update chrome binary used in ci
2022-05-11 13:17:49 +01:00
Frederik Bolding
2dac88cbf4
snaps-skunkworks@0.12.0 (#14670)
* snaps-skunkworks@0.12.0

* Bump iframe execution environment

* Remove policy override

* Rerun LavaMoat

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2022-05-10 23:08:42 -07:00
kumavis
55e88a0e8e
lavamoat - bump for stats support (#14641)
* lavamoat - bump for stats support

* lavamoat - update policy

* deps - dedupe lockfile
2022-05-09 11:04:41 -10:00
kumavis
07da8ce589
LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-05-05 12:47:51 -10:00
Alex Miller
32a82be2b6
[GridPlus] Updates Lattice-related modules to unlock functionality (#14467)
GridPlus has updated the EVM signing pathway in Lattice firmware,
which has not yet been released. Additionally, requesters can now
include ABI definitions with signing requests, which are used by
Lattice firmware to decode calldata in place.
All updates are backward compatable.
Updates:
* https://github.com/GridPlus/gridplus-sdk/compare/v1.1.6...v1.2.4
* https://github.com/GridPlus/eth-lattice-keyring/compare/v0.6.1...v0.7.3
2022-05-05 09:55:17 -05:00
Frederik Bolding
c3071b273b
slip44@2.1.0 (#14619) 2022-05-05 16:32:08 +02:00