1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 04:20:53 +01:00
Commit Graph

3776 Commits

Author SHA1 Message Date
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
MetaMask Bot
b86e0b1105 Version v8.1.5 2020-11-19 17:10:55 -03:30
Dan J Miller
1e895c3110
Revert view quote design updates (#9904)
* Revert "Update fee card designs to show savings and MM fee (#9629)"

This reverts commit d9924ca771.

* Revert "Update main-quote-summary designs/styles (#9612)"

This reverts commit 5456d55c88.
2020-11-18 22:10:24 -03:30
Dan J Miller
e4de763116
Add token verification message to swaps build quote screen (#9891)
* Add token verification message to swaps build quote screen

* Adds description for locale

* Use <a> tag for etherscan link

* Remove unnecessary span

* Update ui/app/pages/swaps/build-quote/build-quote.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-17 17:26:02 -03:30
Mark Stacey
31a3541105
Remove invalid matomo metric event option (#9897)
The `matomo` option passed to the send metrics function is invalid. The
intent was to set the `matomoEvent` option, but instead of rectifying
that, we've decide to keep sending this event to the production Segment
project for now. The invalid option has been removed.
2020-11-17 15:59:05 -03:30
Erik Marks
2687163dbb
Fix minor issues with web3 metrics (#9895)
* Fix minor issues with web3 metrics

* Log error, use try/catch
2020-11-17 11:07:59 -08:00
Brad Decker
daf783a0d8
Track a new schema event when adding a token (#9810)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-17 11:39:21 -06:00
Mark Stacey
f9613b2eb9 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop:
  Move add contact button in fullscreen/expanded view lower. (#9883)
  Remove CoinSwitch from Deposit screen(#9869)
  Consolidate notification UI openers (#9885)
  Prevent jump when hovering over asset list items
  @metamask/controllers@4.2.0 (#9849)
  Properly detect U2F errors in hardware wallet
  Fix malformed PropType declaraton (#9876)
  Fix broken LoadingScreen PropType declaration (#9877)
  Revert "Add custom hd path option (#9367)" (#9875)
  Update fee card designs to show savings and MM fee (#9629)
  Make editable actoin item a button, autofocus input contents
  Provide alternative text for images where appropriate
2020-11-16 16:55:27 -03:30
Mark Stacey
080dc7ad74 Revert "Revert "Update main-quote-summary designs/styles (#9612)" (#9844)"
This reverts commit 2214e1561d.
2020-11-16 16:55:16 -03:30
Nate Chastain
179dbcb41c
Remove CoinSwitch from Deposit screen(#9869)
Remove all CoinSwitch references and functionality, and bump Wyre to top spot on Deposit screen unless user on test network
2020-11-16 13:57:53 -03:30
Erik Marks
5a80f04dca
Consolidate notification UI openers (#9885)
* Consolidate notification UI openers

* Update tests
2020-11-16 08:32:53 -08:00
Dan J Miller
2214e1561d Revert "Update main-quote-summary designs/styles (#9612)" (#9844)
This reverts commit 5456d55c88.
2020-11-13 16:39:51 -03:30
MetaMask Bot
628865eb45 Version v8.1.4 2020-11-13 16:39:51 -03:30
David Walsh
ed19ce44bd
Merge pull request #9853 from darkwing/image-updates
Provide alternative text for images where appropriate
2020-11-13 13:44:55 -06:00
Mark Stacey
9a50bc0ca4 Revert "Add custom hd path option (#9367)" (#9875)
This reverts commit f30d261e69.

The custom HD path option was found to be unsafe to use, because the
displayed list of accounts would differ depending on which application
was open on the Ledger device. Essentially Ledger was accepting invalid
inputs, and returning junk responses.

This was too dangerous to ship, as it could leave users with an account
that they can't reliably recover. If we don't know how the derivation
is happening, then allowing this import puts our users at risk of
losing funds.

We can re-introduce this functionality after adding validation to
ensure that we only allow inputs that are handled correctly by Ledger.
2020-11-13 15:03:40 -03:30
Mark Stacey
beb6047384
Revert "Add custom hd path option (#9367)" (#9875)
This reverts commit f30d261e69.

The custom HD path option was found to be unsafe to use, because the
displayed list of accounts would differ depending on which application
was open on the Ledger device. Essentially Ledger was accepting invalid
inputs, and returning junk responses.

This was too dangerous to ship, as it could leave users with an account
that they can't reliably recover. If we don't know how the derivation
is happening, then allowing this import puts our users at risk of
losing funds.

We can re-introduce this functionality after adding validation to
ensure that we only allow inputs that are handled correctly by Ledger.
2020-11-13 14:25:47 -03:30
Dan J Miller
d9924ca771
Update fee card designs to show savings and MM fee (#9629)
* Update fee card designs to show savings and MM fee

css touch up

More semantic html and remove unnecessary container wrapper

Update message for case when there are no savings, in new swaps fee card designs

Improve display of tilde in savings designs

* Ensure terms of service is shown when insufficient eth warning is shown on view-quote screen

* Logic simplification in fee-card.js

* Better center info tooltip icons in fee-card

* Add comment about use of \!important in fee card css

* Use container class property on info tooltip in fee card

* Remove function call that was made redundant with 980b14089 but not removed during rebase
2020-11-13 13:42:50 -03:30
David Walsh
a05230bba7 Provide alternative text for images where appropriate 2020-11-11 09:38:15 -06:00
Dan J Miller
bcd5f2a7c1
Fix gas_fees properties collected for swaps analytics events (#9727) 2020-11-10 14:09:45 -03:30
Mark Stacey
14d85b1332
Make JSDoc formatting more consistent (#9796)
A few inconsistencies in JSDoc formatting have been fixed throughout
the project. Many issues remain; these were just the few things that
were easy to fix with a regular expression.

The changes include:

* Using lower-case for primitive types, but capitalizing non-primitive
 types
* Separating the parameter identifier and the description with a dash
* Omitting a dash between the return type and the return description
* Ensuring the parameter type is first and the identifier is second (in
 a few places it was backwards)
* Using square brackets to denote when a parameter is optional, rather
 than putting "(optional)" in the parameter description
* Including a type and identifier with every parameter
* Fixing inconsistent spacing, except where it's used for alignment
* Remove incorrectly formatted `@deprecated` tags that reference non-
 existent properties
* Remove lone comment block without accompanying function

Additionally, one parameter was renamed for clarity.
2020-11-10 14:00:41 -03:30
Mark Stacey
a6cc2d3d7c
Track whether seed phrase has been backed up (#9830)
The `seedPhraseBackedUp` now tracks whether or not the seed phrase has
been backed up. Previously this defaulted to `true`, which left no way
to distinguish whether it had been backed up or not during onboarding.

The default is now `null`, and the UI logic has been updated to account
for this, so that "existing users" (i.e. users that have a backup that
is years old) aren't mistakenly considered to have not backed up their
seed phrase. This value is already set explicitly to `true` or `false`
during onboarding, in both the create and import flow.

This change was made primarily to make it easier to fix the onboarding
library integration, which will be done in a subsequent PR.
2020-11-10 12:34:20 -03:30
Dan Finlay
8443c3bdde
Warn instead of throw on duplicate web3 and do not inject (#9832) 2020-11-09 10:40:40 -08:00
Erik Marks
e005a03e75
eth-sig-util@3.0.0 (#9831)
* eth-sig-util@3.0.0

* Only import used sig-util exports in the typed message manager
2020-11-09 09:30:33 -08:00
Dan J Miller
c044b6f2b4
Alternative savings fix (#9675)
* Alternative savings fix

* Further required changes to savings fix

* Further fix to savings calculations that properly accounts for metamask fees

* metaMaskFeeInEth property on quotes to decimal string

* Fix swaps controller unit tests

* Improve documentation in swaps controller

* Prevent getMedianEthValueQuote from mutation passed quotes array with .sort() call

* Another fix and refactor to savings calculations in _findTopQuoteAndCalculateSavings

Cleaner structuring of conditionals for setting tokenValueOfQuoteForSorting, ethValueOfQuote and metaMaskFeeInEth in swaps controller

Stop subtracting medianMetaMaskFee from savings, but include it in savings data

Another fix and refactor to savings calculations in _findTopQuoteAndCalculateSavings

* Add and update unit tests for _findTopQuoteAndCalculateSavings

* Improve calculation of overallValueOfQuoteForSorting for case where ETH is the source token

* Clean up getMedianEthValueQuote code, test and comments

* Clean up _findTopQuoteAndCalculateSavings, create test input and expected results helper functions

* Update getMedianEthValueQuote to account for multiple quotes with overall values equal to the median

* Add jsdoc comment for meansOfQuotesFeesAndValue

* Fix jsdoc comment for getMedianEthValueQuote
2020-11-09 13:39:38 -03:30
Erik Marks
0555cb856e Only import used sig-util exports 2020-11-09 08:59:44 -08:00
Erik Marks
6aa6052318 eth-sig-util@3.0.0 2020-11-09 08:57:18 -08:00
Mark Stacey
248f171b65
Move externally_connectable from base to Chrome manifest (#9824)
The `externally_connectable` property of the extension manifest is not
recognized by Firefox. It has been moved from the base manifest to the
Chrome manifest, so that we no longer get a warning about this property
on Firefox.

We would like to eventually remove it from the Chrome manifest as well,
but we'll wait until we can batch it with other permission changes so
that it doesn't unnecessarily re-prompt the user (see #9804)
2020-11-09 10:21:09 -03:30
Brad Decker
a49a4a066c
expand transaction constants coverage (#9790)
* expand transaction constants coverage

* touchups

* dont import inside of e2e

* Update app/scripts/controllers/transactions/tx-state-manager.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update test/unit/app/controllers/transactions/tx-controller-test.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-07 01:38:12 -06:00
Patryk Łucka
f30d261e69
Add custom hd path option (#9367)
* Add custom hd path option

* Update selectPathHelp locale message

Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2020-11-06 16:17:16 -08:00
Patryk Łucka
ee205b893f
Create custom addHexPrefix function (#9306)
* create custom addHexPrefix function

* switch to custom addHexPrefix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2020-11-06 13:18:00 -08:00
Patryk Łucka
d1430e733e
Do not check popupIsOpen on Vivaldi (#9271) 2020-11-06 10:38:48 -08:00
Erik Marks
6426816411
Log web3 usage for functions and nested properties only (#9797)
* Log web3 usage for functions and nested properties only

* Change web3 metrics source to legacy

* Update web3 metrics properties and event name

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-05 14:55:28 -08:00
Erik Marks
ad838df3e6
Display decimal chain ID in network form (#9780)
* Display network form chain ID in decimal

* Hide chainId tooltip in view mode

* Display chain ID error message in entered format

* Update locale messages

* Rename on change chain ID validator
2020-11-03 20:10:52 -08:00
Brad Decker
026a06b39d
add shared transaction constants (#9459)
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-11-03 16:57:51 -06:00
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
55bff07bbf
Use chainId for incoming transactions controller (#9583)
The incoming transactions controller now uses the `chainId` for the
current network instead of the `networkId`. This ensures that custom
RPC endpoints for the built-in supported networks do correctly receive
incoming transactions.

As part of this change, the incoming transactions controller will also
cease keeping track of the "last block fetched" for networks that are
not supported. This piece of state never really represented the last
block fetched, as _no_ blocks were fetched for any such networks. It
been removed.
2020-10-30 22:28:12 -02:30
David Walsh
77dc0ab008
Make swap arrows accessible, make swaps advanced options accessible (#9750) 2020-10-30 09:35:47 -05:00
Mark Stacey
4bacb9144f
Add description for the incoming transactions controller (#9759)
This comment block describes the responsibilities of this controller.
This was motivated by a suggestion made during review of #9755 [1]

[1]: https://github.com/MetaMask/metamask-extension/pull/9755#discussion_r514400479
2020-10-30 11:33:35 -02:30
Brad Decker
ff7ce81c73
fix for METAMASK-GKF5 (#9760) 2020-10-29 17:18:52 -05:00
Mark Stacey
4086f7b4d6
Fix error when fetchParams is null (#9757)
If the swaps state is cleared in between the initial quote fetch and
the subsequent poll fetch, a `TypeError` will be thrown due to
`fetchParams` being set to `null`.

This is of no functional consequence, as `fetchParams` _should_ be
`null` in this case, and and no further action should be taken.

The optional chaining operator is now used to ensure the call no longer
throws.
2020-10-29 15:52:04 -02:30
Mark Stacey
9ce5d0d0f0 Revert "Revert "Update main-quote-summary designs/styles (#9612)" (#9722)"
This reverts commit d5b8a4ade9. This
restores the new "main-quote-summary" designs that were initially
implemented in #9612.
2020-10-29 00:13:08 -02:30
Mark Stacey
d5b8a4ade9 Revert "Update main-quote-summary designs/styles (#9612)" (#9722)
This reverts commit 5456d55c88.
2020-10-28 16:35:29 -02:30
MetaMask Bot
795658a7f0 Version v8.1.3 2020-10-28 16:35:29 -02:30
Mark Stacey
1294955d81
Fix swaps when initial network not Mainnet (#9745)
This is a continuation of #9726, which did not fix the problem
described.

If the initial network when the extension is started is something other
than Mainnet, the swaps controller will never successfully retrieve
swap quotes. This is because `ethers` will continue to communicate
with whichever network the provider was initially on.

We tried fixing this by hard-coding the `chainId` to Mainnet's
`chainId` when constructing the Ethers provider, but this did not work.
I suspect this failed because the `provider` we pass to `ethers` is not
compliant with EIP 1193, as `ethers` doubtless expects it to be.

Instead the entire `ethers` provider is now reconstructed each time the
network changes. This mirrors the approach we take in some other
controllers.
2020-10-28 16:17:32 -02:30
Dan J Miller
a4f817e171
Include trade.value in calculation of displayed network fees (#9621)
* Ensure that trade.value fees are included in displayed network fees

* Remove unused getTotalEthCost function

* Remove unused getTotalEthCost function

* Update ui/app/pages/swaps/swaps.util.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Lint fix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-10-27 16:32:21 -02:30
Mark Stacey
3bbc1d1fa4
Fix fetching of swap quotes when initial network was testnet (#9726)
If the initial network when the extension is started is something other
than Mainnet, the swaps controller will never successfully retrieve
swap quotes. This is because the `ethers` provider used by the swaps
controller doesn't allow network changes by default - it assumes that
the network remains the same as when the provider was initialized.

This was fixed by hard-coding Mainnet as the initial chain ID for this
`ethers` provider used by the swaps controller.

Some adjustments needed to be made to the `provider` stub to allow
setting `1` as the network ID and chain ID in unit tests.
2020-10-27 13:22:21 -02:30
Brad Decker
7d50357684
remove matomo and route to segment (#9646) 2020-10-26 14:05:57 -05:00
Mark Stacey
d496cf18f2 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (57 commits)
  Remove unused parameter in styles build script (#9710)
  Fix `yarn build styles:dev` (#9709)
  Update main-quote-summary designs/styles (#9612)
  @metamask/test-dapp@3.2.0 (#9707)
  Add ses lockdown to build system (#9568)
  Robustify waiting logic in e2e test (#9704)
  Prevent React error for close
  Prevent memory leak from selected account copy tooltip
  Lint
  Clean up events
  Make the dropdown widgets for swaps keyboard accessible
  Fix mocha/max-top-level-suites issues (#9699)
  Provide image sizing so there's no jump when opening the swaps token search
  Bump @metamask/controllers from 3.1.0 to 3.2.0 (#9692)
  Fix pull request template location
  Bump @metamask/inpage-provider from 6.1.0 to 6.3.0 (#9691)
  Fix 9632 - Prevent old fetches from polluting the swap state
  Remove broken Storybook stories (#9690)
  Add a GitHub Dependabot config (#9664)
  Fix PropType error on Awaiting Swap page (#9688)
  ...
2020-10-26 14:10:26 -02:30
David Walsh
6e89b60a4a
Merge pull request #9671 from darkwing/9632-simple-abort
Fix 9632 - Prevent old fetches from polluting the swap state
2020-10-26 08:09:58 -05:00
Dan J Miller
5456d55c88
Update main-quote-summary designs/styles (#9612)
* Update main-quote-summary designs/styles

* Clean up css: use className instead of element types

* Style fixes to symbol elements in main-quote-view

* Use correct source for token iconUrls passed to main-quote-view

* Improve vertical spacing on view-quote screen and with new main-quote-view designs

* Remove unused classes

* Tweak space around large quote amount text in main-quote-summary
2020-10-25 10:53:34 -02:30