1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-22 18:00:18 +01:00
Commit Graph

2127 Commits

Author SHA1 Message Date
Alex Donesky
3960fdfcf9 Add tokenId type validation in wallet_watchAsset middleware (#19738) 2023-06-27 14:35:33 -02:30
Dan J Miller
bf8f606344
Update sentry to v7.53.0 (#19279)
* Update sentry to v7.53.0

* Fix errors.spec.js

* Update LavaMoat policies

* Update LavaMoat policies

---------

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-06-27 12:15:02 -02:30
Mark Stacey
ec7e7fdf6d
Fix fallback gas estimation (#19746)
* Fix fallback gas estimation

Our fallback gas estimation was failing due to a bug in the
`@metamask/controller-utils` package. This was causing gas estimation
to fail completely on certain networks (those not supported by our gas
estimation APIs and non EIP-1559 compatibile), and it was causing the
fallback gas estimation operation (in case our API was down) to fail
across all networks.

Fixes https://github.com/MetaMask/metamask-extension/issues/19735

* Add e2e tests

E2E tests have been added to capture gas estimation. Cases are added
for our API, for the fallback estimate, and for non-EIP-1559 estimates.

As part of this work, the legacy gas API had to be disabled. This was
being used in e2e tests but was dead code in production. It needed to
be disabled to ensure the code under test was reachable.

* Fix gas API referenced in e2e test

* Update unit test snapshots
2023-06-26 16:13:16 -02:30
jiexi
0c047acdbf
Bump @metamask/providers to v11.1.0 (#19762)
* Bump @metamask/providers to v11.1.0

---------

Co-authored-by: Alex <adonesky@gmail.com>
2023-06-26 13:27:03 -05:00
Frederik Bolding
3df690b852
Use snaps@0.35.2-flask.1 and snaps@1.0.0-prerelease.1 (#19734)
* snaps@0.35.0-flask.1

* Update LavaMoat policies

* Update stable snaps packages to 1.0.0-prerelease.1

* Update LavaMoat policies

* Fix lint

* snaps@0.35.2

* Exclude snap_manageAccounts

* Code fencing

* Revert removing endowment:keyring exclusion

* Bump iframe URLs
2023-06-26 19:41:59 +02:00
Mark Stacey
55a8ff249c
Remove unused GitHub Action workflow (#19660)
This GitHub action workflow was disabled, but was still running setup
steps. It has now been removed entirely. We can re-introduce it again
later once the problem that led to it being disabled has been fixed.

The associated npm script and JavaScript module have been removed as
well.
2023-06-26 11:50:00 -02:30
Alex Donesky
e7e55dd873
Add tokenId type validation in wallet_watchAsset middleware (#19738) 2023-06-26 09:12:13 -05:00
weizman
365c1e32d2
Integrate Snow with LavaMoat scuttling protection (#17969) 2023-06-23 18:25:24 +03:00
Howard Braham
ed06926ac5
chore(tools): update geckodriver to 4.0.4 (#19558) 2023-06-22 21:00:40 -07:00
Mark Stacey
492038a312
Validate LavaMoat config in parallel (#19589)
The LavaMoat policies and allow-scripts configuration are now validated
in parallel. They are still only validated for release candidate
branches and the `master` branch.
2023-06-22 18:40:32 -02:30
Elliot Winkler
89cec5335f
Replace NetworkController w/ core version (#19486)
This commit fulfills a long-standing desire to get the extension using
the same network controller as mobile by removing NetworkController from
this repo and replacing it with NetworkController from the
`@metamask/network-controller` package.

The new version of NetworkController is different the old one in a few
ways:

- The new controller inherits from BaseControllerV2, so the `state`
  property is used to access the state instead of `store.getState()`.
  All references of the latter have been replaced with the former.
- As the new controller no longer has a `store` property, it cannot be
  subscribed to; the controller takes a messenger which can be
  subscribed to instead. There were various places within
  MetamaskController where the old way of subscribing has been replaced
  with the new way. In addition, DetectTokensController has been updated
  to take a messenger object so that it can listen for NetworkController
  state changes.
- The state of the new controller is not updatable from the outside.
  This affected BackupController, which dumps state from
  NetworkController (among other controllers), but also loads the same
  state into NetworkController on import. A method `loadBackup` has been
  added to NetworkController to facilitate this use case, and
  BackupController is now using this method instead of attempting to
  call `update` on NetworkController.
- The new controller does not have a `getCurrentChainId` method;
  instead, the chain ID can be read from the provider config in state.
  This affected MmiController. (MmiController was also updated to read
  custom networks from the new network controller instead of the
  preferences controller).
- The default network that the new controller is set to is always
  Mainnet (previously it could be either localhost or Goerli in test
  mode, depending on environment variables). This has been addressed
  by feeding the NetworkController initial state using the old logic, so
  this should not apply.
2023-06-22 12:46:09 -06:00
Elliot Winkler
16dad66da9
Update Chromedriver to v114 (#19648) 2023-06-22 09:41:03 -05:00
Howard Braham
9acd4b4ea1
feat(srp): add a quiz to the SRP reveal (#19283)
* feat(srp): add a quiz to the SRP reveal

* fixed the popover header centering

* lint fixes

* converted from `ui/components/ui/popover` to `ui/components/component-library/modal`

* responded to @darkwing review

* added unit tests

* renamed the folder to 'srp-quiz-modal'

* responded to Monte's review

* using i18n-helper in the test suite

* small improvement to JSXDict comments

* wrote a new webdriver.holdMouseDownOnElement() to assist with testing the "Hold to reveal SRP" button

* Updating layout and some storybook naming and migrating to tsx

* Apply suggestions from @georgewrmarshall

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Unit test searches by data-testid instead of by text

* new layout and copy for the Settings->Security page

* now with 100% test coverage for /ui/pages/settings/security-tab
fixes #16871
fixes #18140

* e2e tests to reveal SRP after quiz

* e2e- Fix lint, remove unneeded extras

* @coreyjanssen and @georgewrmarshall compromise

Co-authored-by: George Marshall <george.marshall@consensys.net>
Co-authored-by: Corey Janssen <corey.janssen@consensys.net>

* trying isRequired again

* transparent background on PNG

* [e2e] moving functions to helpers and adding testid for SRP reveal quiz (#19481)

* moving functions to helpers and adding testid

* fix lint error

* took out the IPFS gateway fixes

* lint fix

* translations of SRP Reveal Quiz

* new Spanish translation from Guto

* Update describe for e2e tests

* Apply suggestion from @georgewrmarshall

Co-authored-by: George Marshall <george.marshall@consensys.net>

* fixed the Tab key problem

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Plasma Corral <32695229+plasmacorral@users.noreply.github.com>
Co-authored-by: Corey Janssen <corey.janssen@consensys.net>
2023-06-20 14:27:10 -04:00
Alex Donesky
c6b938a89c
bump assets-controllers to v9.1.0 (#19629)
* bump assets-controllers to v9.1.0

* fix package entry
2023-06-20 11:13:43 -05:00
Mark Stacey
3a61f179a3
Correctly categorize dev dependencies (#19676)
The two GitHub action dependencies were mistakenly listed as production
dependencies. They've been moved to `devDependencies` instead.

The `husky` development dependency was mistakenly listed as a
production dependency as well. It has been removed from that set, now
listed as just a `devDependency`.
2023-06-20 11:43:12 -02:30
OGPoyraz
39089e0f4c
Accept SignController approval request from frontend (#19184) 2023-06-20 15:37:09 +02:00
Gauthier Petetin
3bbfe87e9e
feat(action): github action to automatically add label "release-x.y.z" when PRs get merged (#19061)
* feat(action): github action to add release label when PR gets merged

* feat(action): make sure the action only runs for PRs merged in main branch

* fix(action): update labels default color

* fix(action): add check on release label format

* fix(action): type function explicitely

* feat(action): add possibility to extract next release version number from artifact

* fix(action): rename next rc cut number into next semver version

* feat(action): add a github action to create release branch

* fix(action): default branch is develop

* fix(action): specify name of workflow used to create release branch

* fix(action): handle case where artifact doesn't exist

* fix(action): create branch but not the PR

* feat(action): fetch next semver version from release branches name or from package.json

* fix(action): remove unused Create Release Branch action

* fix(action): release branch format was not correct

* feat(action): take tags into account when calculating next version number

* feat(action): add the possibility to force next semver version

* fix(action): update comments

* fix(action): adopt kebak-case instead of snake_case

* fix(action): rename PERSONAL_ACCESS_TOKEN into RELEASE_LABEL_TOKEN

* fix(action): yarn installation not required

* fix(action): yarn install shall be immutable

* fix(action): make the script compatible with ShellCheck

* fix(script): exit script earlier if condition is met

* fix(action): use closingIssuesReferences instead of timeline events

* fix(action): add execute permissions to script

* fix(action): remove duplicate comment
2023-06-20 09:29:35 -03:00
MetaMask Bot
94c10bee96 Version v10.33.0 2023-06-16 16:44:05 +00:00
Dan Miller
953af884de Merge branch 'develop' into master-sync 2023-06-15 21:19:01 -02:30
Alex Donesky
c16b35c029
Extend wallet_watchAsset to support ERC721 and ERC1155 tokens (#19454)
* Extend wallet_watchAsset to support ERC721 and ERC1155 tokens
2023-06-15 15:18:12 -05:00
António Regadas
1520f57b77
MMI start script and fixes a bug preventing it to run (#19594)
* adds MMI start script and fixes a bug preventing it to run

* lint fix
2023-06-15 17:57:35 +01:00
legobeat
f286d16664
devDeps: bump and align devDependencies (#19194)
* devDeps: madge@^5.0.1->^6.1.0

* devDeps: dependency-tree@^8.1.2->^10.0.7

* devDeps: gh-pages@^3.2.3->^5.0.0

* devDeps: del@^3.0.0->^6.1.1

* devDeps: chalk@^3.0.0->^4.1.2

* dedupe

---------

Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-06-16 00:47:39 +09:00
Bernardo Garces Chapero
55a1514513
fix signature controller patch (#19607) 2023-06-15 15:12:59 +01:00
Victorien Gauch
1fca9255c1
fix: refactor linea goerli testnet implementation (#19321)
* fix: refactor linea goerli testnet implementation

* fix: rename linea goerli network

* feat: add linea testnet logo

* update linea goerli block explorer url

* update @metamask/eth-json-rpc-infura package to version 8.1.0

* fix: refactor ticker map object in shared/constants/networks.ts files
2023-06-15 09:08:07 -02:30
Mark Stacey
b43900f743
Update message manager and signature controller (#19370)
* Update message manager and signature controller

The packages `@metamask/message-manager` and
`@metamask/signature-controller` have been updated to the latest
versions. These versions were part of part of the [core monorepo v53](MetaMask/core#1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

These releases included a few breaking changes, but none that affect
the extension. Both packages now expect `getCurrentChainId` to return
`Hex`, but that was already the case here. Additionally the signature
controller now has a peer dependency on the approval controller v3,
which is already present and at the correct version.

Relates to #19271

* Ignore error caused by TS bug

* Update types to omit metadata for encryption requests

* Update lavamoat policy
2023-06-14 11:27:41 -02:30
Mark Stacey
abd2a5559e
Update @metamask/gas-fee-controller to v6 (#19366)
* Update `@metamask/gas-fee-controller` to v6

The `@metamask/address-book-controller` package has been updated to v3.
This version was part of the [core monorepo v53](MetaMask/core#1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

This release included a number of breaking changes, but most of them
do not affect the extension:

* Bump to Node 16
  * The extension already uses Node.js v16
* The `getChainId` constructor parameter now expects a `Hex` return
type rather than a decimal string
  * The extension was already passing in a `getChainId` parameter that
returned `Hex`
* The gas fee controller messenger now requires the
`NetworkController:stateChange` event instead of the
`NetworkController:providerConfigChange` event
  * This does not apply if `onNetworkStateChange` and `getChainId` are
provided to the constructor, which is the case here.
* Update `@metamask/network-controller` dependency and peer dependency
  * This dependency is only used for types, and none of the type
changes affect how the extension interacts with this controller.

The one change that did have an impact is that the constructor
parameter `onNetworkStateChange` now expects event handlers to be
passed the full network state.

Relates to #19271

* Ensure chainid always matches mainnet in test builds

This is a bit strange, but this is how the tests were setup previously.

* Fix accidental state mutation

* Remove hardcoded mainnet chain ID from test builds
2023-06-13 12:13:13 -02:30
Frederik Bolding
be7900e9e9
[FLASK] Bump RateLimitController to v3 (#19578)
* Bump RateLimitController to latest

* Regen LavaMoat policies
2023-06-13 15:04:28 +02:00
Bernardo Garces Chapero
b072a5c954 accept approval request first (#19409) 2023-06-13 07:07:24 -02:30
Matthew Walsh
4f4192c6f4
Await approval request in transaction controller (#19197) 2023-06-13 10:17:32 +01:00
Elliot Winkler
f77b1f65e2
Upgrade assets-controllers to v9 (#19472) 2023-06-09 15:48:48 -05:00
Dan J Miller
2258eaabef Merge branch 'master' into Version-v10.32.0 2023-06-09 10:52:45 -02:30
Elliot Winkler
84969c1b0e
Bump minimum Node version to 16.20.0 (#19520)
When using older versions of 16.x we may get this error when attempting
to build the extension:

    TypeError: Cannot assign to read only property 'Symbol(Symbol.iterator)' of object '[object Set]'
      at Object.buildAllowedFlags (node:internal/process/per_thread:375:53)
      at process.get [as allowedNodeEnvironmentFlags] (node:internal/bootstrap/node:279:34)
      at get (<anonymous>)
      at getOwn (node:internal/bootstrap/loaders:182:5)
      at NativeModule.syncExports (node:internal/bootstrap/loaders:294:31)
      at ModuleWrap.<anonymous> (node:internal/bootstrap/loaders:274:22)
      at NativeModule.getESMFacade (node:internal/bootstrap/loaders:279:17)
      at NativeModule.compileForPublicLoader (node:internal/bootstrap/loaders:259:10)
      at loadNativeModule (node:internal/modules/cjs/helpers:49:9)
      at Function.Module._load (node:internal/modules/cjs/loader:804:15)

This error goes away when upgrading to a later version of 16.x.

To make sure this isn't an issue going forward, this commit bumps the
Node version requirement in `package.json`. 16.20.0 happens to be the
latest version of 16.x (to date).
2023-06-08 17:40:07 -06:00
Thomas Huang
f5b158dda6
Master sync follow v10.31.1 (#19517)
* Version v10.31.1

* fix: keystone sign request break (#19349)

* Update changelog for v10.31.1

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Soralit <soralitria@gmail.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2023-06-08 09:17:41 -07:00
Bernardo Garces Chapero
5355000202
Handle watch asset accept and reject using ApprovalController only (#18829) 2023-06-05 21:13:22 +01:00
Frederik Bolding
f03f2d3f79
[FLASK] snaps@0.34.0-flask.1 (#19377)
* snaps@0.34.0-flask.1

* Update LavaMoat policies

* Replace instances of targetKey with targetName

* Replace use of PermissionKeys with PermissionNames

* Use Flask packages in tests for now

* Bump execution env

* Add another mock

* Fix lint
2023-06-05 13:51:19 +02:00
Albert Olivé
9195057136
[MMI] Added code fencing in libs folder (#17929) 2023-06-02 18:40:58 +02:00
Bernardo Garces Chapero
67555fc879
accept approval request first (#19409) 2023-06-02 11:07:08 +01:00
Soralit
14f1ac7a66 fix: keystone sign request break (#19349) 2023-06-01 12:22:54 -02:30
MetaMask Bot
a1050095d4 Version v10.31.1 2023-06-01 13:30:13 +00:00
Mark Stacey
20f028bf6f
Update @metamask/approval-controller to v3 (#19365)
The `@metamask/approval-controller` package has been updated to v3.
This version was part of the [core monorepo v53](MetaMask/core#1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

The only breaking change in this release was to update the minimum
supported Node.js version to v16.

Note that this will temporarily introduce peer dependency warnings
because of the major version bump. These are safe to avoid for now
because nothing is affected by the Node.js minimum version bump.

A resolution has been added to force v3 to be used throughout the
dependency tree so that this bump doesn't unnecessarily bloat our
dependencies. In practice this is only being used in one place, the
other references are just for types.

The resolution can be removed once the last package using this
controller has been updated, which will happen as part of #19271. The
peer dependency warnings will be resolved once #19271 is completed as
well.

Relates to #19271
2023-05-31 20:10:20 -02:30
Mark Stacey
81dbb27c73
Update @metamask/notification-controller to v3 (#19364)
The `@metamask/notification-controller` package has been updated to v3.
This version was part of the [core monorepo v53](MetaMask/core#1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

The only breaking change in this release was to update the minimum
supported Node.js version to v16.

Relates to #19271
2023-05-31 20:10:05 -02:30
Soralit
63b810f0db
fix: keystone sign request break (#19349) 2023-05-31 19:36:20 -02:30
Mark Stacey
58c0ac8b53
Update @metamask/address-book-controller to v3 (#19345)
The `@metamask/address-book-controller` package has been updated to v3.
This version was part of the [core monorepo v53](https://github.com/MetaMask/core/pull/1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

This release included a number of breaking changes relating to the
`chainId` format change from `string` to `Hex`. However these changes
don't affect the extension because it was already using `Hex` chain IDs
for all address book interactions.

Relates to #19271
2023-05-31 19:32:08 -02:30
Mark Stacey
000c1f2ef4
Update @metamask/controller-utils to v4 (#19344)
The package `@metamask/controller-utils` has been updated to v4. This
version was part of the core monorepo v53 release. The remaining
packages released as part of v53 will be updated in later PRs.

This release included a variety of breaking changes, but most of them
did not affect the extension's usage of this library. The one that did
have an impact was the removal of the `Json` type, which was identical
to the `Json` type in `@metamask/utils`. We're now using the
`@metamask/utils` version of this type exclusively.

Relates to #19271

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-05-31 18:33:29 -02:30
legobeat
dc580c1cf1
devDeps: squirrelly@^8.0.8->^9.0.0 (#19113)
CVE-2021-32819 / GHSA-q8j6-pwqx-pm96
2023-06-01 05:21:42 +09:00
Mark Stacey
d09c8bd492
Update @metamask/announcement-controller to v4 (#19348)
The `@metamask/announcement-controller` has been updated to v4, which
is the version released in the core monorepo v53 release. The remaining
packages released as part of v53 will be updated in later PRs.

The only breaking change is that the minimum Node.js version was
updated to v16.

Relates to #19271
2023-05-31 13:19:34 -02:30
Mark Stacey
7f82ea231c
Update @metamask/base-controller to v3 (#19343)
The `@metamask/base-controller` has been updated to v3, which is the
version released in the core monorepo v53 release. The other packages
released as part of v53 will be updated in later PRs.

Relates to #19271
2023-05-31 12:38:07 -02:30
António Regadas
edf2cc41cb
[MMI] adds mmi code fences to mm controller (#18279)
* adds code fencing

* MMI adds mmi-controller

* MMI prettier

* chore: create keyring builder for CustodyKeyrings

* updates code fence to build-mmi

* adds dependencies

* fix import and prettier

* lint

* clean up

* clean up

* removes old methods and adds new

* comment for now

* adds two missing methods

* runs yarn dedupe

* adds missing import

* bump target values

* lavamoat policy update

* bump values in coverage targets

* prettier import order

* coverage report update

* clean up

* yarn update

* yarn dedupe

* ran lavamoat:auto

* adds zlib entry to storybook/main.js

* adds browserify-zlib

* clean up

* clean up

* prettier

* prettier

* eslint fix

* fix paths

* fix prettier

* fix file name for mocha

* adds to config

* rename

* adds file to configs

* test lavamoat clean up

* run dedupe

* sets value in storybook main.js as false

* runs lavamoat auto

* updates mmi packages to lighter versions

* updates mmi packages

* lavamoat auto

* adds finalized tx status

* lavamoat auto

* yarn dedupe

* clean up

* moving stuff into mmi controller

* clean up

* updates tresholds

* yarn lock review

* updates the mmi controller

---------

Co-authored-by: Shane Terence Odlum <shane.odlum@consensys.net>
2023-05-29 16:38:28 +01:00
MetaMask Bot
b667fde2e3 Version v10.32.0 2023-05-26 20:01:59 +00:00
Dan J Miller
e5a9dc8dcf Merge remote-tracking branch 'origin/develop' into master-sync 2023-05-26 15:08:25 -02:30
Albert Olivé
057188d155
[MMI] Add code fences in signature-request (#18770)
* Started adding code fences in signature-request

* Finished code fencing

* Improving code

* Fixed storybook and code fences bundle

* Added missing dependency

* Fixed yarn.lock

* Fixing policies

* Updated package.json

* updating lavamoat

* lavamoat fix

* adds missing package

* runs yarn dedupe

* updates method name

* run lavamoat:auto again

* Added more code fences

* updates snapshot

* snapshot updates

* updates mmi packages to lighter versions

* updates mmi packages

* runs lavamoat auto

* updates yarn lock and runs lavamoat auto

* updates yarn lock

* updates targets file

* Removed console log and added tests

---------

Co-authored-by: António Regadas <apregadas@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: Antonio Regadas <antonio.regadas@consensys.net>
2023-05-24 13:41:21 +02:00
Dan J Miller
301c2e1beb Merge remote-tracking branch 'origin/master' into Version-v10.31.0 2023-05-19 13:33:39 -02:30
Elliot Winkler
6267fa37c9
Bump dependencies of network-controller (#19172)
In preparation for introducing `@metamask/network-controller`, we want
to ensure that any packages that depend on this package are up to date
so that we are using the same version of `@metamask/network-controller`
in the dependency tree.

The extension uses two packages that depend on
`@metamask/network-controller`: `@metamask/assets-controllers` and
`@metamask/gas-fee-controller`. This commit upgrades them to the latest
version. There are no breaking changes in the new release of these
packages so there are no accompanying compatibility changes.
2023-05-19 09:34:29 -06:00
Dan J Miller
5ca0cd446a Merge remote-tracking branch 'origin/develop' into master-sync 2023-05-18 10:49:28 -02:30
legobeat
8675c7863e
devDeps: storybook@7 (#19092)
* devDeps: pin @babel/core and @babel/runtime in resulotions
    Without this: misses patch, lavamoat error


* storybook 6 to 7 migration
* devDeps: add @storybook/addon-mdx-gfm
* fix lint deps
* devDeps: remove unused require-from-string
* devDeps/resolutions: @types/react@^16.9.53
* devDeps: add @storybook/cli
* storybook: new-frameworks migration
* iyarc: remove resolved dependency advisory
* deps: set globalthis@1.0.1 in resolutions
   This is required since a file is copied over from a set path in the dist
   package subdirectory as of d13aabde23 (#10014).
   A future update should either vendor the shim, or update to
   compatibility with a maintained upstream version.

* mdx2 migration fixes
* chore: bump ljharb packages
* devDeps: @storybook/*@^7.0.10->^7.0.11
* storybook: update preview.js to use v7 addon api
* ci/test/storybook: echo between storybook build&test
* ci/circleci: resources tweak
* info-tab: handle undefined global.platform
* update lavamoat build policy
* update lavamoat browserify policies
2023-05-18 11:07:42 +09:00
Daniel
471889e5bb
Enable token detection for the Aurora network, fix primary token for Aurora, update a URL (#19009) 2023-05-16 17:57:04 +02:00
MetaMask Bot
1f5ab1e714 Version v10.30.4 2023-05-16 01:45:21 +00:00
MetaMask Bot
2897607288 Version v10.30.3 2023-05-15 21:04:04 +00:00
Frederik Bolding
125021e425
[FLASK] snaps-monorepo@0.33.1-flask.1 (#18913)
* snaps-monorepo@0.33.0-flask.1

* Add browser-passworder

* Patch babel/core

* Fix PermissionController messenger allowlist

* Update test-snaps

* Use latest patch

* Update LavaMoat policies

* Re-enable RPC E2E

* Make snaps iframe URL be a env variable and bump it

* Add new env variable to test env

* Add iframe URL to desktop build
2023-05-15 19:36:24 +02:00
MetaMask Bot
33fd7876ff
Version v10.30.2 RC (#19109)
* Version v10.30.2

* Ensure the GasDetailsItem component can handle a tx with a maxPriorityFee of 0 (#19102)

* Ensure the GasDetailsItem component can handle a tx with a maxPriorityFee of 0

* Clean up code

* Update ui/components/app/gas-details-item/gas-details-item.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

---------

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Backport the `@metamask/message-manager` update to v5 (#19110)

The `@metamask/message-manager` update to v5 has been backported to the
v10.30.x release branch. This update includes three breaking changes,
but two (bump in minimum supported Node.js version, and change in type
from `Map` to `Record`) don't affect this project. The only breaking
change requiring changes was the addition of the `getCurrentChainId`
constructor parameter for the TypedMessageManger.

* Update changelog

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-05-12 16:49:37 -02:30
OGPoyraz
37a2be0fbb
Add getCurrentChainId argument to SignatureController (#19078) 2023-05-11 10:22:42 +02:00
George Marshall
32688c2e3c
Adding ModalFocus component (#18979) 2023-05-09 14:33:29 -07:00
Pedro Figueiredo
6e180af313
remove pre commit hook for branch names (#19077)
* remove pre commit hook for branch names

* bail with ticket number 0 detected
2023-05-09 20:39:38 +01:00
António Regadas
7ebd561ff9
[MMI] adds mmi logic in home view (#18960)
* adds mmi logic to home container

* adds code fences to home component

* adds code fences to home component

* lint fix

* lint fix

* updates fences and runs prettier

* version bump

* clean up code fence
2023-05-08 15:09:00 +01:00
legobeat
1c199d3223
devDeps: storybook-dark-mode@1.1.2->2.1.1 (#18866)
* devDeps: @storybook/*->6.5.16

* devDeps: storybook-dark-mode@1.1.2->2.1.1

* add lavamoat build policy override
2023-05-08 22:48:29 +09:00
Pedro Figueiredo
8df3bc9c1b
Label PRs based on the labels of the associated issue (#17603)
* Implement CI to copy issue labels over to PRs

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* clean up

* clean up
2023-05-08 09:51:02 +01:00
MetaMask Bot
7d62a0bfdd Version v10.31.0 2023-05-05 19:48:35 +00:00
Brad Decker
b60b9f441f
Bundle size reduction: Upgrading ethereumjs/tx and ethereumjs/common (#18302)
* upgrade ethereumjs/tx and deps

* Yarn dedupe

---------

Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2023-05-05 10:55:41 -05:00
Dan J Miller
828fd35575
Merge pull request #19026 from MetaMask/master-sync
Master sync PR following v10.30.0 and v10.30.1
2023-05-05 11:57:21 -02:30
Matthew Walsh
f62d8fce61
Use core signature controller (#18654) 2023-05-05 13:05:52 +01:00
Dan Miller
1a55a7e4d1 Merge branch 'develop' into master-sync 2023-05-05 09:32:50 -02:30
MetaMask Bot
e3a7f91095 Version v10.30.1 2023-05-05 08:21:28 -02:30
Pedro Figueiredo
bfbe10ba28
e2e test for action metrics (#18347)
* e2e test for action metrics

* add tests to implementing sw restart delay tracking

* wip

* wip

* wip

* wip

* remove unneeded code

* remove scuttling changes contemplated in #18989
2023-05-04 10:38:09 +04:00
Frederik Bolding
910b9e713f
Use separate versions for Flask and Stable snaps (#18875)
* Use separate versions for Flask and Stable snaps

* Update LM policy override

* Add deps to depcheck

* Improve import
2023-05-03 15:16:43 +02:00
Peter
2589d8d5d3
E2E: update selenium webdriver (#18854)
* update package

* yarn lock deduplication
2023-04-28 14:11:27 +01:00
legobeat
576eee7adf
devDeps: eslint@8.14.0,8.20.0->8.36.0 (#18748)
* devDeps: eslint@8.14.0,8.20.0->8.36.0

- CVE-2021-4279 / CVE-2021-4279
- consolidate eslint into single version
  - port patches

* add eslintignore directive

* lavamoat: update build policy overrides
2023-04-28 07:45:15 +09:00
Andrew Peters
bbb35dbe8d
update ses@0.18.4 (#17521)
* update ses import directory
* agoric references removed
* domainTaming set to unsafe

---------

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-04-27 21:31:52 +09:00
seaona
6e4de3bee8
[e2e] test-dapp update to v6.0.0 (#18844)
* Test dapp update to v6.0.0 and tweak initial token amounts to adjust to the new contract

* Update gas estimates for new TST contract

---------

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-04-27 13:01:17 +02:00
OGPoyraz
6d0f3a0b26
Consume Decrypt Message Manager from @metamask/message-manager (#18379) 2023-04-26 17:02:33 +02:00
legobeat
2c1ed4e8f0
deps: replace gulp-dart-sass with gulp-sass. (#16302)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 09:37:30 -05:00
Olaf Tomalka
95c37e1ba3
feat: add yaml feature management (#18125)
* feat: add yaml feature management

Add yaml feature file per build type.
Also add method to parse yaml and set
enabled features env to true. The build
process will then replace any process.env[feature]
that exists on the config by its value

* chore: add example for desktop

* Added initial draft of build features

* [TMP] Sync between computers

* Is able to succesfully build stable extension with snaps feature

* Removing var context from builds.yml

* Add asssets to builds.yml

* Minor bug fixes and removing debug logs

* [WIP] Test changes

* Removed TODOs

* Fix regession bug

Also
* remove debug logs
* merge Variables.set and Variables.setMany with an overload

* Fix build, lint and a bunch of issues

* Update LavaMoat policies

* Re-add desktop build type

* Fix some tests

* Fix desktop build

* Define some env variables used by MV3

* Fix lint

* Fix remove-fenced-code tests

* Fix README typo

* Move new code

* Fix missing asset copy

* Move Jest env setup

* Fix path for test after rebase

* Fix code fences

* Fix fencing and LavaMoat policies

* Fix MMI code-fencing after rebase

* Fix MMI code fencing after merge

* Fix more MMI code fencing

---------

Co-authored-by: cryptotavares <joao.tavares@consensys.net>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 16:32:51 +02:00
legobeat
64d4bfbbe9
Use SIWE origin validation logic from @metamask/controller-utils (#18518)
* feat: use SIWE origin domain validation from @metamask/controller-utils
* deps: @metamask/controller-utils@3.2.0->3.3.0
2023-04-25 17:25:58 +09:00
legobeat
a827c444fb
devDeps: security updates roundup (#18739)
* devDeps: resolutions: git-url-parse@^12=>13.1.0
  - CVE-2022-2900 / GHSA-j9fq-vwqv-2fm2

Depended on from now abandoned @storybook/storybook-deployer
  - https://github.com/storybook-eol/storybook-deployer/pull/131
  - https://github.com/IonicaBizau/git-url-parse/releases/tag/13.0.0
  - https://github.com/IonicaBizau/git-up/releases/tag/7.0.0

* devDeps: source-map-explorer@2.4.2->2.5.3
* devDeps: bump terser dependencies
   - CVE-2022-25858 / GHSA-4wf5-vphf-c2xc
* devDeps: shelljs@0.8.4->0.8.5
   - CVE-2022-0144 / GHSA-4rq4-32rv-6wp6
* devDeps: serve-handler@6.1.3->6.1.5, minimatch@3.0.4->3.1.2
  - CVE-2022-3517 / GHSA-f8q6-p94x-37v3
* devDeps: bump x-default-browser-id in resolutions
  - CVE-2021-33623 / CVE-2021-33623
  - https://npm-diff.app/x-default-browser@0.4.0...x-default-browser@0.5.2
* devDeps: pin glob-parent@^6.0.2 in resolutions
  - CVE-2020-28469 / GHSA-ww39-953v-wcq6
2023-04-25 17:09:22 +09:00
Pedro Figueiredo
632ae0b7c3
Prevent new JS files in shared folder (#17737)
* Prevent new JS files in shared folder

* migrate to typescript

* fix types

* cleanup
2023-04-24 15:44:42 +01:00
Frederik Bolding
eaa004c147
Bump @metamask/slip44 to 3.0.0 (#18773) 2023-04-24 15:43:43 +02:00
Bernardo Garces Chapero
8632acbba3
Update tokens controller (#18459)
* update tokens controller
2023-04-21 09:05:27 +01:00
MetaMask Bot
366ffe67c3 Version v10.30.0 2023-04-20 23:15:06 +00:00
Dan J Miller
0f1e2c9608 Merge branch 'develop' into master-sync 2023-04-20 17:17:52 -02:30
Elliot Winkler
24eae1d3c6
Use fake provider for NetworkController unit tests (#18628)
* Use fake provider for NetworkController unit tests

In the unit tests for NetworkController, it's important to prevent
network requests from occurring. Currently we do that by using Nock.
However, the `core` version of NetworkController uses a fake provider
object. This is arguably a better approach for unit tests because it
prevents us from having to think about the behavior that a specific
middleware may have. For instance, the Infura middleware intercepts
`eth_chainId` to return a static result, and the block cache middleware
replaces the `latest` block tag with the latest block number, making an
extra call to `eth_blockNumber` in doing so. We have to account for
these kinds of behaviors when using Nock, but we do not need to do this
when using a fake provider.

This should make it easier to compare the difference between the unit
tests in this repo vs. in the `core` repo, which should ultimately help
us merge the two controllers together.

* Rename fake-provider-engine to fake-provider

* Rearrange imports

* Move fake-provider and fake-block-tracker into a directory and exclude it from coverage

* Make FakeBlockTracker inert, and fix JSDocs

* Remove generics from FakeProvider

* Call beforeCompleting (and beforeResolving) using async/await

* Fix signature of sendAsync; align other signatures within FakeProvider

* No need to check whether error is not a string

* Don't exclude the provider-api-tests directory from coverage

* Make sure to mock both net_version and eth_getBlockByNumber when testing network status

* Fix FakeProvider so that none of the methods have optional callbacks
2023-04-20 15:21:41 -02:30
Mark Stacey
8de87c0734 Remove mobile sync feature (#18692)
The mobile sync feature has been removed. It has been disabled for
years. When we enable sync again, it will be using a different
implementation. This has already been removed on the mobile side.
2023-04-20 14:36:53 -02:30
Mark Stacey
3776f4ad4c
Remove mobile sync feature (#18692)
The mobile sync feature has been removed. It has been disabled for
years. When we enable sync again, it will be using a different
implementation. This has already been removed on the mobile side.
2023-04-20 14:29:30 -02:30
Dan J Miller
53faf7966c Merge remote-tracking branch 'origin/develop' into master-sync 2023-04-19 13:44:02 -02:30
Matthew Walsh
58ed6af3a4 Disable rate limiting for signature approval requests (#18594) 2023-04-19 07:50:32 -02:30
Matthew Walsh
fa32c5deb9
Disable rate limiting for signature approval requests (#18594) 2023-04-14 18:33:53 +01:00
Elliot Winkler
26db0aee46
Convert NetworkController net client tests to TS (#18490)
In order to be able to better compare differences between the version of
NetworkController in this repo and the version in the `core` repo before
we replace this version with the `core` version, this commit converts
the NetworkController network client tests to TypeScript.

The added types here are copied from the `core` repo. We plan on
making more improvements on the `core` side at some point to polish the
tests and types and reduce some of the duplication, but for now we're
just trying to keep things as similar as possible.
2023-04-14 10:21:29 -06:00
legobeat
5d2c4c143a
devdeps: mocha@7.2.0->9.2.2 (#18195)
* devdeps: mocha@7.2.0->9.2.2

Maintenance upgrade

- Closes subdependency flat advisory
  - CVE-2020-36632 / GHSA-2j2x-2gpw-d8fm
- upgrade eslint-plugin-mocha to match
  - previously used `eslint-plugin-mocha` depended on mocha@^8.2.0

* devdeps: patch-bump ansi-regex

closes GHSA-93q8-gq69-wqmw

* update lavamoat policies
2023-04-14 10:49:22 +09:00
Bernardo Garces Chapero
6ed72d6934
Refactor eth_getEncryptionPublicKey handling (#18319)
* add EncryptionPublicKeyController

* update message-managers package
2023-04-13 09:24:59 +01:00
Elliot Winkler
6439551075
Convert NetworkController unit tests to TypeScript (#18476)
This helps us more easily compare the unit tests for NetworkController
in this repo and the NetworkController in the `core` repo.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-04-12 13:53:34 -06:00
Mark Stacey
4c62bc445e
Update controllers to include core v42 release (#18464)
All controllers from the core monorepo have been updated to be equal to
or greater than the versions included in the v42 core release.

This release included a breaking change to all controllers because the
package `isomorphic-fetch` was removed. That package was used to ensure
that a `fetch` polyfill was present, so that the controllers could be
used in a non-browser context. This breaking change does not affect the
extension because we already install a `fetch` polyfill in our unit test
environment, and in a real build the real `fetch` API is present.

The gas fee controller had an additional breaking change: the EIP 1559
API endpoint is now a required argument. This does not affect the
extension because this argument was already being set.
2023-04-12 11:02:14 -02:30
MetaMask Bot
2cc41c9bb8 Version v10.28.3 2023-04-11 19:23:04 +00:00