1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-23 02:10:12 +01:00
Commit Graph

371 Commits

Author SHA1 Message Date
Mark Stacey
22f3e79bd8
Update eth-sig-util and ethashjs lockfile versions (#10383)
The packages `eth-sig-util` and `ethashjs` have been updated to their
latest in-range versions in the lockfile. This removes the last
instance of `ethereumjs-abi@0.6.5` from our dependency tree, as well as
the last non-optional instance of `sha3` (it's still present as a
transitive dependency of an optional development dependency via
`ganache`)
2021-02-08 17:50:04 -03:30
kumavis
1e086aeb06
storybook/i18n - add i18n party button (#10382) 2021-02-08 23:45:06 +08:00
Mark Stacey
9dc88397dc
Update @metamask/inpage-provider from v8.0.3 to v8.0.4 (#10378)
Fixes #10356

There was a bug in the inpage provider that would mistakenly report
usage of our injected `web3` instance when the `web3.currentProvider`
property was accessed. This was fixed in v8.0.4 of
`@metamask/inpage-provider`.
2021-02-08 20:41:39 +08:00
Mark Stacey
494c7da7dd
Update yarn.lock file (#10393)
The lockfile had extraneous packages that were removed upon install.
They must have been left behind as a result of a recent merge.
2021-02-08 20:35:42 +08:00
kumavis
b0215738a2
storybook - i18n toolbar (#10381)
* storybook - i18n toolbar

* lint fix
2021-02-06 10:28:54 +08:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
kumavis
b2d40f4e3a
deps - bump allow-scripts (#10370) 2021-02-04 09:39:45 -03:30
Etienne Dusseault
fc409a103b
Add .yarnrc to disable scripts (#10354)
* add yarn rc file to disable scripts

* remove ignore scripts in CI

* re-add entry

* add lavamoat preinstall always fail

* allow-scripts - add missing package to denylist

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-03 21:53:12 -03:30
kumavis
b98cef16af
Update to Node v14 (#9514)
* manual rebase against develop

* Update .nvmrc
2021-02-03 13:45:38 +08:00
Etienne Dusseault
6b34fb4184
Use @lavamoat/allow-scripts (#10009)
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-02-01 20:08:42 -08:00
dependabot[bot]
05f5deb701
Bump electron from 9.1.2 to 9.4.2 (#10308)
Bumps [electron](https://github.com/electron/electron) from 9.1.2 to 9.4.2.
- [Release notes](https://github.com/electron/electron/releases)
- [Changelog](https://github.com/electron/electron/blob/master/docs/breaking-changes.md)
- [Commits](https://github.com/electron/electron/compare/v9.1.2...v9.4.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 17:47:18 -03:30
Erik Marks
bd57705b5f
@metamask/contract-metadata@1.22.0 (#10285) 2021-01-25 12:17:01 -08:00
Mark Stacey
183cc154fa
Update yarn.lock (#10241)
A recent change resulted in an outdated lockfile. These changes
resulted from running `yarn` with a clean working tree.
2021-01-21 17:03:57 -03:30
David Walsh
9b4715cc8f
Update postMessage structure for TrezorConnect 8 (#10192) 2021-01-21 11:12:54 -06:00
dependabot[bot]
cb8f82d171
Bump socket.io from 2.2.0 to 2.4.1 (#10232)
Bumps [socket.io](https://github.com/socketio/socket.io) from 2.2.0 to 2.4.1.
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/2.4.1/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/2.2.0...2.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 10:54:17 -03:30
Mark Stacey
6de41a1cf6
Update @reduxjs/toolkit from v1.3.2 to v1.5.0 (#10228)
The changes made between v1.3.2 and v1.5.0 of `@reduxjs/toolkit` don't
appear to affect us at all. They mostly consist of feature additions
and bug fixes for edge cases we haven't encountered.[1]

The one change that is technically breaking is that v8 of `immer` now
freezes state objects in production rather than just in development.
That would only be breaking if we were mutating Redux state though,
which we aren't doing in the few Redux slices in which we use
`@reduxjs/toolkit`. Even if we were, we would have noticed that it
broke in development already.

[1]: https://github.com/reduxjs/redux-toolkit/releases
2021-01-21 10:04:03 -03:30
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
118281b9a9
@metamask/inpage-provider@8.0.3 (#10219)
Restores the provider `data` event.
2021-01-20 10:42:59 -08:00
Brad Decker
acbe38c260
use dart sass, and update related modules (#10208) 2021-01-19 10:54:32 -06:00
Erik Marks
849a47afba
@metamask/inpage-provider@8.0.2 (#10178) 2021-01-12 14:22:22 -08:00
Erik Marks
d7c648db98
eth-method-registry@2.0.0 (#10169) 2021-01-11 08:27:51 -08:00
Erik Marks
6abb32f042
@metamask/contract-metadata@1.21.0 (#10142) 2021-01-05 11:08:23 -08:00
Brad Decker
7a65b33788
add module resolution for node-analytics/axios (#10139) 2021-01-04 17:44:16 -06:00
Erik Marks
2f6f8966bb
@metamask/contract-metadata@1.20.0 (#10116) 2020-12-21 12:07:32 -08:00
dependabot[bot]
5681634ba2
Bump @metamask/contract-metadata from 1.19.0 to 1.20.0 (#10104)
Bumps [@metamask/contract-metadata](https://github.com/MetaMask/contract-metadata) from 1.19.0 to 1.20.0.
- [Release notes](https://github.com/MetaMask/contract-metadata/releases)
- [Commits](https://github.com/MetaMask/contract-metadata/compare/v1.19.0...v1.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 10:14:48 -06:00
Mark Stacey
bba2b9646d
Update @metamask/controllers to v5.1.0 (#10096)
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.

I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.

This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
2020-12-17 12:06:29 -03:30
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
dependabot[bot]
45b737fca0
Bump ini from 1.3.5 to 1.3.7 (#10064)
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-11 18:27:42 -03:30
Mark Stacey
da1aae772b
Remove coveralls (#10063)
We don't look at coveralls very much. We might occasionally consult it
to see a report on our code coverage, but that report is already
generated entirely locally, and has been added to the MetaMask bot
comment in #10061.
2020-12-11 16:20:45 -03:30
Mark Stacey
4a5a2881d0
Update selenium-webdriver and geckodriver (#10057)
Update `geckodriver` to the latest version, and `selenium-webdriver`
to the second-most-recent version. Updates include various dependency
updates, bug fixes, and minor features. None of the updates seem to
directly affect us, aside from one new feature of `selenium-webdriver`
that updates the `installAddon` function to support `.zip` files, which
will be used in a subsequent PR.

`selenium-webdriver` was pinned one version behind latest because the
latest version caused our Chrome e2e tests to fail with a mysterious
error whenever `getAttribute` was called on a WebElement.
2020-12-11 12:03:20 -03:30
Mark Stacey
8ab5230115
Update tweetnacl dependencies (#10028)
The `eth_decrypt` used to fail on Firefox with a recursion error.
Updating these `tweetnacl` dependencies seemed to have fixed the issue
the last time I tested this.

When I tried to reproduce the failure today, it failed due to a
different reason, both before and after this update.

But nonetheless, it still seems like a good idea to update. These newer
versions have no breaking changes and contain important bug fixes.
2020-12-09 15:40:33 -03:30
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
dependabot[bot]
e8cb565b48
Bump highlight.js from 10.4.0 to 10.4.1 (#10004)
Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 10.4.0 to 10.4.1.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/master/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/10.4.0...10.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 14:38:30 -08:00
Dan J Miller
97d268c8ee
Remove use of ethgasstation; use metaswap /gasPrices api for gas price estimates (#9867)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates

* Remove references to ethgasstation

* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates

* Update ui/app/hooks/useTokenTracker.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

* Delete gas price chart

* Remove price chart css import

* Delete additional fee chart code

* Lint fix

* Delete more code no longer used after ethgasstation removal

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-12-02 19:55:19 -03:30
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Erik Marks
df209612d5
@metamask/etherscan-link@1.4.0 (#9970) 2020-12-02 08:59:04 -08:00
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00
Mark Stacey
429847a686
Update to @storybook/*@6 (#9956)
Our Storybook dependencies have been updated to v6.1.9, from v5. This
was done to address a security vulnerability in a transitive dependency
of these packages (`highlight.js`).

The primary changes required by this Storybook update were the change
in import path for the `withKnobs` hook, the change in background
config format, and the webpack configuration. Storybook seems to work
correctly.

The migration was guided by the Storybook changelog[1] and the
Storybook v6 migration guide[2].

There is one Storybook error remaining; it fails to load the Euclid
font. This is a pre-existing error though, so we can fix it in a later
PR.

The `yarn.lock` file was deduplicated in this PR as well, as it was
required to fix various install warnings that were introduced with this
update.

[1]: https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md
[2]: https://github.com/storybookjs/storybook/blob/next/MIGRATION.md
2020-11-30 16:40:46 -03:30
Niranjana Binoy
6a9c15d4a4
updating the version of extension-port-stream to latest (#9942) 2020-11-24 14:32:06 -05:00
David Walsh
bf65c979d2
Use async storage instead of localstorage (#9919) 2020-11-24 09:38:04 -06:00
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
Erik Marks
f8f3faf539
resolve-url-loader@3.1.2 (#9925) 2020-11-20 13:52:07 -08:00
Dan J Miller
a9fcf0ea86
Use getTokenTrackerLink for asset view etherscan link in token-asset.js (#9913) 2020-11-19 00:59:42 -03:30
dependabot[bot]
198b503f94
Bump @metamask/eth-token-tracker from 3.0.1 to 3.1.0 (#9901)
Bumps [@metamask/eth-token-tracker](https://github.com/MetaMask/eth-token-tracker) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/MetaMask/eth-token-tracker/releases)
- [Changelog](https://github.com/MetaMask/eth-token-tracker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/eth-token-tracker/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-18 01:55:57 -03:30
Erik Marks
74839831c0
@metamask/controllers@4.2.0 (#9849) 2020-11-13 11:04:48 -08:00
Erik Marks
aa85533368
@metamask/controllers@4.0.2 (#9839) 2020-11-09 18:19:42 -08:00
Erik Marks
80834b775d
@metamask/controllers@4.0.0 (#9838) 2020-11-09 14:00:10 -08:00
kumavis
5e61955d99
deps - yarn-deduplicate (#9519) 2020-11-09 18:10:46 -03:30
Erik Marks
6aa6052318 eth-sig-util@3.0.0 2020-11-09 08:57:18 -08:00
David Walsh
dcd2927f03
Update etherscan-link to 1.2.0 (#9789) 2020-11-04 17:05:38 -06:00