1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-29 15:50:28 +01:00
Commit Graph

2158 Commits

Author SHA1 Message Date
Nidhi Kumari
080d72abed
updated assets and phishing controller packages (#17569)
* updated controller versions

* updated policy and lock files
2023-02-06 20:41:13 +05:30
Brad Decker
31897b542d
Convert actions.js to typescript (#17446) 2023-02-03 11:56:44 -06:00
Brad Decker
deb9343ff0
Convert store.js to typescript and redux toolkit (#17508) 2023-02-02 13:32:44 -06:00
vthomas13
532a10f9f5
Adding browser outdated notification (#17027)
* Adding browser outdated notification

* updating dependency

* adding unit tests for util function

* adding unit tests for selectors, lintfix

* Added Tests, refactored notification delay logic

* lint:fix

* adding test coverage for method parameter

* Update app/scripts/controllers/app-state.js

adding documentation details

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* moving declaration into test

* Update app/scripts/controllers/app-state.test.js

spacing in test file

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update jest.config.js

removing duplicate entries

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* using async submitRequestToBackground method

* removing unused import

* removing unnecessary link syntax in notification

* adding opera and edge and associated tests

* handling the undefined case in bowser.satisfies

* setOutdatedBrowserWarningLastShown try/catch

* lint:fix

* Removing try/catch and letting errors bubble up

Removing deprecated displayWarning method

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* taking out forceMetamaskUpdateState call

* excludint app-state test from mocha test suite

* Added note: Jest files should match Mocha excluded

* syntax error, lint:fix

---------

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-02-02 13:56:41 -05:00
Brad Decker
aededb1c71
Convert confirm-tx.utils.js to typescript (#17349) 2023-02-02 12:35:05 -06:00
ryanml
fad3ebd476 Merge remote-tracking branch 'origin/master' into Version-v10.25.0 2023-02-01 14:50:26 -07:00
David Walsh
03d8ee5eae
Onboarding V2: Remove old onboarding flow (#17081) 2023-02-01 09:28:09 -06:00
Danica Shen
2958d68af8
feat(mme-17214): migrate L33 files to typescript (#17372) 2023-01-31 12:01:10 +00:00
Dan Miller
ce9bc2236d Merge remote-tracking branch 'origin/develop' into master-sync 2023-01-30 21:58:52 -03:30
Peter Yinusa
245c32a99e
Nft build for e2e tests (#17430) 2023-01-27 12:45:35 -06:00
Dan J Miller
5f5b75832f Fix cookiejar dependency vulnerability (#17355) 2023-01-27 11:06:43 -07:00
MetaMask Bot
76ebc3318c Version v10.24.2 2023-01-27 17:40:38 +00:00
weizman
e33b8976cd
Bump lavapack version to 5 (#17431)
* Update package.json

* update
2023-01-26 14:34:13 -03:30
Nidhi Kumari
8a6bf4d1c9
Nit fixes for story-test integration (#17344)
* nit fix for story-test integration

* updated package.jsson
2023-01-25 09:24:13 +05:30
weizman
cd484835e3
Add Firefox Snow support (#17147) 2023-01-24 17:29:06 +02:00
amerkadicE
dd09245ff6
Fix/use etherjs specific imports (#15461)
* replace ethers with submodules

Co-authored-by: Alex <adonesky@gmail.com>
2023-01-24 08:10:36 -06:00
ryanml
31aa6c079a
Merge pull request #17359 from MetaMask/master-sync
Sync `master` with `develop`
2023-01-23 14:55:03 -07:00
Frederik Bolding
51518c42bb
[FLASK] snaps-monorepo@0.28.0 (#17277)
* snaps-monorepo@0.28.0

* Update LavaMoat policies

* Remove old blocklist implementation, add feature flags

* Lint

* Update iframe execution environment

* Change getPrimaryKeyringMnemonic return type

* Update tests

* Update key-tree
2023-01-23 20:41:04 +01:00
ryanml
cd972afc56 Merge remote-tracking branch 'origin/develop' into master-sync 2023-01-23 11:56:03 -07:00
Dan J Miller
b746bd0866
Fix cookiejar dependency vulnerability (#17355) 2023-01-23 12:32:39 -06:00
Alex Donesky
c508087cf1
Integrate KeyringController v10 (#17056)
* integrate `@metamask/eth-keyring-controller` v10
2023-01-20 17:03:11 -06:00
Brad Decker
a9ef2a049a
add numeric module (#17324) 2023-01-20 15:16:56 -06:00
Nidhi Kumari
c5368c152b
Added storybook check to CI (#17092)
* added storybook test runner

* added test runner in ci

* updated test for ci and fixed lint error

* updated lavamoat policy

* updated test command

* updated playwright

* changed command to storybook;ci

* updated command

* updated instance for test-storybook

* updated playwright

* added playwright step

* replaced concurrently with start-server-and-test

* updated the static storybook directory

* replaced first with last

* updated lock file

* replaced first with last

* updated test-storybook with maxworkers

* updated .depchechrc

* updated yml

* removed id from banner base

* replaced broken stories with .stories-to-do.js extesnsion

* updated token allowance story

* removed duplicacies from yarn

* fixed lavamoat

* removed filename comment

* updated links for docs

* fixed file extension for stories

* updated path for stories.json

* updated stories.json path

* yarn updated

* updated stories

* updated yarn

* updated wait on
2023-01-21 00:57:46 +05:30
ryanml
bf4c21aa84 Version v10.25.0 2023-01-20 10:08:37 -07:00
Brad Decker
c9bbfa46d5
fix script for linting changed files (#17028) 2023-01-20 09:16:58 -06:00
MetaMask Bot
df9ff6438c Version v10.24.1 2023-01-19 20:30:17 +00:00
ryanml
c67acb7411 Merge remote-tracking branch 'origin/develop' into master-sync 2023-01-19 11:56:06 -07:00
Thomas Huang
fae2a02d1c
Bump @testing-library/react-hooks dependency. (#17271)
* Bump @testing-library/react-hooks from `v3.2.1` to `v8.0.1`

* Lavamoat policy changes with dep bump
2023-01-18 10:49:56 -08:00
Olusegun Akintayo
d7e829ed5a
Persist phishing state controller state. (#16643)
* Persist phishing state controller state.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

update phishing controller to latest version

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Rebase, Yarn3, Lavamoat

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

run allow-scrips.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

lavamoat:auto and linter

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* lint fixes

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
2023-01-18 16:44:19 +01:00
Brad Decker
5f6d2ba6b0
Convert Transaction constants to typescript (#17149) 2023-01-18 08:47:29 -06:00
weizman
6d551f10fe
Update LavaMoat (core/lavapack) (#17061) 2023-01-18 14:35:37 +02:00
ryanml
1df1955276
Update @metamask/contract-metadata to v2.2.0 (#17230) 2023-01-18 01:08:10 -07:00
Niranjana Binoy
ca68e0e197 Toggle option to enable/disable balance and Token rate checking for using third-party API (#16772) 2023-01-17 18:41:47 +00:00
Jyoti Puri
a5a775bcfd
Update eth-json-rpc-filters (#17193) 2023-01-17 23:54:06 +05:30
Niranjana Binoy
a0bb4a6c5a
Toggle option to enable/disable balance and Token rate checking for using third-party API (#16772) 2023-01-17 10:23:04 -05:00
chloeYue
89ea31ce2f
Update chromedriver version to 109 (#17238) 2023-01-16 21:25:22 +01:00
Mark Stacey
2c9a5c93d4
Update concurrently to latest version (#17164)
The package `concurrently` has been updated to the latest version. The
breaking changes since v5 were just dropping support for older Node.js
versions, and changing the return value of the programmatic API that we
do not use.
2023-01-16 10:08:44 -03:30
Michal
32a2411cf5
Remove textarea caret dep (#17105)
remove dependency for mascot head movement
2023-01-16 13:07:59 +00:00
Michele Esposito
2027763e57
Minimize lodash size in dependencies (#16030)
* chore: update lavamoat policies

* chore: fix build and lavamoat policy

* revert: 2f74297 as it increases bundle size

* chore: regenerate lavamoat policy

* chore: rebuild policy after rebase

* chore: added missing resolution

* cleanup rebase

Co-authored-by: Alex <adonesky@gmail.com>
2023-01-13 10:10:55 -06:00
Alex Donesky
e0ff039078
bump @metamask/smart-transactions-controller version (#17120)
* bump smart-transactions-controller version

* update policy files

* fix

* rebase cleanup
2023-01-12 12:57:01 -06:00
Brad Decker
312f24fddc
allow importing of typescript in E2E test suite (#17141) 2023-01-12 08:38:12 -06:00
Brad Decker
64839b6bf7
split unit tests (#16455)
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-01-11 12:23:38 -06:00
Frederik Bolding
38bbb2aeae
Bump Truffle packages (#17132) 2023-01-11 10:30:04 -06:00
ryanml
4ca9390c0a Merge remote-tracking branch 'origin/develop' into master-sync 2023-01-10 10:13:11 -07:00
PeterYinusa
da18f15950 fix audit failure for luxon by upgrading (#17106) 2023-01-09 16:06:32 -06:00
PeterYinusa
39f9b1e953 fix audit failure for luxon by upgrading (#17106) 2023-01-09 19:26:21 +00:00
Brad Decker
8e3eaed57f
fix audit failure for luxon by upgrading (#17106) 2023-01-09 12:41:32 -06:00
PeterYinusa
5672f24c9f fix audit failure (#17079) 2023-01-09 08:03:49 -03:30
MetaMask Bot
2dc8cb7136 Version v10.23.3 2023-01-06 20:08:14 +00:00
Dan J Miller
84de060edf Merge remote-tracking branch 'origin/develop' into master-sync 2023-01-05 16:03:50 -03:30
Brad Decker
123ac70a80
update contract-metadata to 2.1.0 (#16904) 2023-01-05 10:32:11 -06:00
PeterYinusa
e71b664bef fix audit failure (#17079) 2023-01-05 11:41:59 +00:00
Brad Decker
35e3b7e82e
fix audit failure (#17079) 2023-01-04 11:29:37 -06:00
MetaMask Bot
01634752eb Version v10.23.2 2022-12-22 20:13:54 +00:00
HowardBraham
b9d9112b97
Prevent account name collisions (#16752)
* dealt with most of the problems in the Create Account dialog

* Fixed "newAccountNumberName" localizations

* In another language, don't allow accounts named, for instance, Cuenta 3

* Editing an account name later now follows the same rules

* Fixing lint errors

* Responding to the review by @adonesky1

* Worked with @montelaidev to alter the RegExp, in order to catch spaces before and after the account name

* Fixed line breaks for eslint
2022-12-22 11:27:31 -06:00
weizman
3cf5ef642f
Revert "Integrate new LavaMoat scuttling protection feature (#16994)" (#17043) 2022-12-22 17:26:53 +02:00
Mark Stacey
d222f652c3
Upgrade prettier-plugin-sort-json to v1 (#17026)
This upgrade includes no changes relevant to our usage of this plugin.
2022-12-21 19:17:45 -03:30
weizman
5d320ceec6
Integrate new LavaMoat scuttling protection feature (#16994)
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-12-21 12:54:30 -06:00
Alex Donesky
1a842aabb6
Replace eth-optimism/contracts package with local snippet of gas price ABI and address (#16891) 2022-12-20 14:05:07 -06:00
Frederik Bolding
abe0204171
[FLASK] snaps-monorepo@0.27.1 (#16981)
* snaps-monorepo@0.27.0

* Regen LavaMoat policies

* Remove unused constructor arg

* snaps-monorepo@0.27.1
2022-12-20 11:44:05 +01:00
seaona
6cebc854fd
Merge branch 'develop' into master-sync 2022-12-16 13:05:36 +01:00
MetaMask Bot
bc073a771c Version v10.23.1 2022-12-15 17:46:22 +00:00
Alex Donesky
5d285f7be5
fix cached detected token results (#16866) 2022-12-14 12:26:08 +05:30
Mark Stacey
add2d2e1d8
Disable LavaMoat for start:test command (#16919)
The `start:test` command no longer uses LavaMoat to run the build
process. `start:test` is meant for local development, so it should have
the same behavior as `start` in this respect, and `start` also does not
use LavaMoat.

This significantly improves build times for local e2e development.
2022-12-13 12:32:09 -03:30
Frederik Bolding
659063b335
[FLASK] Allow Snaps UI to use Markdown for text formatting (#16911)
* Allow Snaps UI to use Markdown for text formatting

* Fix yarn audit and dedupe errors

* Update LavaMoat policies

* Fix lint

* Add paragraph wrapper component

* Fix lint
2022-12-13 15:37:20 +01:00
Frederik Bolding
c75d2dce55
[FLASK] Implement Snaps UI Renderer (#16605)
* Start implementation of Snaps UI Renderer

* Add snap name and fix some design issues

* Fix lint

* Add some types

* More fixes

* Actually install snaps-ui

* Use JS instead of TS

* Remove unused deps

* Remove dep

* Update LavaMoat policies

* Fix style lint

* Add story

* Small tweaks after rebase

* Remove spacer and add test

* Fix lint

* Remove console.log

* Add error message

* Remove edge-case that doesnt exist anymore

* Update yarn.lock

* Update policy
2022-12-09 13:05:31 +01:00
Frederik Bolding
ff242338a3
[FLASK] snaps-monorepo@0.26.1 (#16839)
* snaps-monorepo@0.26.0

* Regenerate LavaMoat policies

* snaps-monorepo@0.26.1
2022-12-08 19:46:19 +01:00
Brad Decker
6d1170f06c
upgrade yarn to version 3 (#16232)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ricky <ricky.miller@gmail.com>
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
Co-authored-by: legobt <6wbvkn0j@anonaddy.me>
Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
2022-12-08 10:38:04 -06:00
MetaMask Bot
47ddb321d2 Version v10.24.0 2022-12-07 14:06:53 +00:00
Dan Miller
bc042f96fe Merge remote-tracking branch 'origin/develop' into master-sync 2022-12-06 20:11:16 -03:30
Dan Miller
ce257d8b70 Revert "Use new assets contrller package to fix 0 decimal token bug (#16685)"
This reverts commit 91b635b195.
2022-12-06 20:06:11 -03:30
weizman
0487de6e30
Upgrade Snow to new version 1.3.0 in MetaMask (#16815) 2022-12-06 17:10:59 +02:00
Jyoti Puri
31bd70de62
Updating keyring controller (#16762) 2022-12-02 20:10:24 +05:30
Dan J Miller
91b635b195
Use new assets contrller package to fix 0 decimal token bug (#16685) 2022-12-01 16:31:34 -03:30
Frederik Bolding
dfb6210910
[FLASK] snaps-monorepo@0.25.0 (#16673)
* snaps-monorepo@0.25.0

* Regen LavaMoat policies

* Bump test-snaps

* [FLASK] Add Snaps JSON-RPC handler permission (#16670)

* Add Snaps JSON-RPC handler permission

* Add copy and icon

* Fix test

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2022-11-30 13:19:33 +01:00
Maarten Zuidhoorn
c341abaea6
Use Webpack 5 for Storybook (#16678)
* Fix storybook

* Update policies

* Bump all Storybook dependencies to the latest version

* Add Storybook dependencies to depcheck ignore list

* Update policy-override.json

* Fix SectionShape circular dependency

* Change policy override for eslint-scope

* Fix some Webpack build issues

* Add missing dependency

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2022-11-29 19:23:36 +01:00
Jyoti Puri
ea882d4588
DAPP action replay improvements (#16250) 2022-11-29 22:33:13 +05:30
Elliot Winkler
51cffa15dd
Migrate to new controller packages (#16547)
* Migrate to new controller packages

`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.

[1]: https://github.com/MetaMask/controllers/pull/831

* Support GitHub registry for draft PRs (#16549)

* Add additional allowed host to lockfile linter

* Update LavaMoat policies

* Add policy exception for nanoid

* Add additional nanoid overrides

* Update LavaMoat policies again

* Bump controller packages

* Update lavamoat

* Bump controller packages

* Update packages to v1.0.0

* Expand gitignore comment

* Unpin controller dependencies, using ^ range instead

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-24 16:29:07 -03:30
Mark Stacey
121969b1a7
Merge pull request #16650 from MetaMask/master-sync
Master sync following v10.22.3
2022-11-24 11:12:31 -03:30
David Walsh
266d7d93d5
Fix #15050 - MV3: Keep the user logged in when service worker restarts (#15558) 2022-11-23 18:49:24 -06:00
weizman
42b8971571
Integrating snow into metamask (#15580) 2022-11-24 02:36:19 +02:00
seaona
4d58f4cc4e Fix develop conflicts 2022-11-23 11:01:36 +01:00
Frederik Bolding
de955f3faa
[FLASK] snaps-monorepo@0.24.1 (#16525)
* snaps-monorepo@0.24.0

* Fix imports and regen LavaMoat policies

* Bump iframe-execution-environment

* Fix tests

* Add permissions

* Bump patch

* Bump test-snaps

* [FLASK] Fix update e2e test to catch snaps with caveats (#16546)

* changed snap to update to bip32

* small changes to test

* Fix lint

* Fix E2E

* Update copy

* Update icon

Co-authored-by: Bowen Sanders <bowensanders@gmail.com>
2022-11-22 13:07:08 +01:00
George Marshall
45ad946697
Removing storybook tests (#16577) 2022-11-18 07:32:20 -08:00
Dan J Miller
e505056acb Fix version number 2022-11-18 09:54:23 -03:30
MetaMask Bot
cb0c1d681c Version v10.22.23 2022-11-17 20:56:41 +00:00
seaona
dbf49b1fe2 Merge branch 'master' into Version-v10.23.0 2022-11-17 11:38:06 +01:00
Dan Miller
d7adbcd8d7 Merge remote-tracking branch 'origin/develop' into master-sync 2022-11-16 22:07:20 -03:30
seaona
dc0097dd63 Update package json 2022-11-16 23:29:53 +01:00
Mark Stacey
2bc4408f0d Update SmartTransactionsController to v3 (#16511)
This update drops support for Node.js v12, and it includes a bug fix
for a deadlock encountered when using swaps on unsupported testnets.

Fixes #16479
2022-11-16 15:14:37 +01:00
Mark Stacey
61b3d25ab3
Update SmartTransactionsController to v3 (#16511)
This update drops support for Node.js v12, and it includes a bug fix
for a deadlock encountered when using swaps on unsupported testnets.

Fixes #16479
2022-11-16 08:55:53 -03:30
MetaMask Bot
1b602d8141 Version v10.22.2 2022-11-15 19:12:50 +00:00
Mark Stacey
4f66dc948f
Update @metamask/controllers to v33 (#16493)
The controllers package has been updated to v33. The only breaking
change in this release was to rename the term "collectible" to "NFT"
wherever it appeared in the API.

Changes in this PR have been kept minimal; additional renaming can be
done in separate PRs. This PR only updates the controller names,
controller state, controller methods, and any direct references to
these things. NFTs are still called "collectibles" in most places.
2022-11-15 15:19:42 -03:30
Mark Stacey
ace7b0cda9 Revert "Revert "Merge pull request #16353 from MetaMask/Version-v10.22.0""
This reverts commit d91ce9c4b5.
2022-11-15 14:22:08 -03:30
MetaMask Bot
6c942dbeae Version v10.22.1 2022-11-15 15:06:13 +00:00
Mark Stacey
d91ce9c4b5 Revert "Merge pull request #16353 from MetaMask/Version-v10.22.0"
This reverts commit 308033edbf, reversing
changes made to b8d71d6d1d.
2022-11-15 11:30:02 -03:30
Brad Decker
c9527e745f
upgrade gulp-autoprefixer (#16439) 2022-11-15 08:40:56 -06:00
seaona
3a31cbeec9 10.23.0 RC 2022-11-14 15:51:44 +01:00
seaona
d58025d142 Merge branch 'master' into master-sync 2022-11-14 10:48:11 +01:00
Peter Yinusa
d39c0f8096
Upgrade geckodriver to latest version, run ci tests with Firefox v106.0.4 (#16383)
* update geckodriver

* update ff binary in ci

* dedupe
2022-11-10 11:16:02 +00:00
seaona
e7d6684aa7
Sync develop with master v10.21.2 (#16399)
* Fix approve transaction call in _onBootCleanUp (#16382)

* Changelog updated

* Fix lint

Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2022-11-08 10:54:43 +01:00
Frederik Bolding
de3068d932
[FLASK] snaps-monorepo@0.23.0 (#16394)
* snaps-monorepo@0.23.0

* Regen LavaMoat policies

* Update iframe-execution-environment

* Fix tests

* Bump luxon

* Fix lint

* Update test-snaps

* Bump post-message-stream

* Fix E2E
2022-11-08 10:31:22 +01:00
seaona
b3be9ceffa Run update-changelog script 2022-11-02 13:11:16 +01:00
seaona
6f78b5e67c Merge branch 'master' into develop 2022-11-02 12:15:20 +01:00
seaona
c246eaa8e2
Updating chromedriver to last stable version (#16310)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-02 11:14:43 +01:00
kumavis
9a74c995bf
[LavaMoat] improve policy generation performance in dev workflow (#16338)
* npm scripts - rename lavamoat:background to lavamoat:webapp

* lavamoat - generate webapp policy - add devMode flag to run in node for speed

* lavamoat - generate webapp policy - dont lint fences

* lint fix
2022-11-01 08:52:38 -10:00
MetaMask Bot
c70ac4462b Version v10.21.1 2022-10-31 17:59:00 +00:00
Mark Stacey
f8e01a0690
Merge branch 'develop' into sync-master 2022-10-31 13:51:53 -02:30
Erik Marks
a8c1756816
Remove 3box feature and delete ThreeBoxController (#14571)
* Remove 3box feature and delete ThreeBoxController

Lint locale messages

lavamoat policy updates

* Restore 3Box user trait with value `false`

The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.

A deprecation comment has been left in various places for this trait.

* Remove unused state

* Remove additional 3box-related things

* Run `yarn-deduplicate`

* Restore migration that was lost while rebasing

* Remove obsolete override

* Remove additional unused resolutions/dependencies

* Update LavaMoat policies

* Remove obsolete security advisory ignore entries

* Remove 3Box fixture builder method

* Update unit tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-10-31 13:50:50 -02:30
Mark Stacey
ba16fd970a Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (79 commits)
  Exclude E2E tests for swaps until they are stabilised (#16303)
  Add e2e tests for Swaps notifications (#16202)
  E2e test fixtures (#16061)
  Improve transaction confirmation page performance (#16205)
  [MV3] Fix e2e `encrypt-decrypt` test for MV3 test build (#16264)
  Fix e2e incremental-secuirty test for mv3 build (#16265)
  Enable "Add Popular Network" feature by default for all users (#16172)
  [e2e] Fix Dapp interactions flaky test on chrome (#16282)
  [FLASK] Allow snaps insights to show on regular EOA transactions (#16093)
  TextFieldBase updates after design reveiw (#16201)
  Adding `TextField` component (#16105)
  Remove ETH badge from NetworkAccountBalanceHeader when on non-ETH net… (#16102)
  Updating controller dependency (#16033)
  Fix inputs that should allow decimals (#16254)
  Chromedriver v106 (#16213)
  [FLASK] Clear snap state on restore (#16228)
  [FLASK] Fix flaky BIP-32 E2E test (#16255)
  Continue converting tests from enzyme to @testing-library/react (#16175)
  Fix/16207/text component storybook (#16214)
  ci: fix stats-module-load-init step (#16196)
  ...
2022-10-28 23:14:18 -02:30
Maarten Zuidhoorn
7c90fe56a0 Update Jest config to avoid transpiling dependencies (#16068)
* Use stable version of Jest

* Update Jest config
2022-10-28 11:23:02 +02:00
Jyoti Puri
6b2bfd03fc Updating controller dependency (#16033)
* Updating controller dependency

* fix

* fix

* fix

* fix

* fixes

* Lavamoat auto

* Update URLs for phishing detection testcase

* update lavamoat files

* call phishingController.test synchronously again

* bump @metamask/controllers to v32.0.1

* lint

* update policy files

* bump controllers version again

* modify update phishing list strategy

* revert back to use isOutOfDate, but without blocking substream

* possible way to fix e2e tests?

* enable testing

* Remove promise return from setupController in background.js, as it is no longer used

* Ensure updatePhishingLists is called in MM contrller constructer, so that phishing lists are updated right away

Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: Alex <adonesky@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-10-27 20:27:18 +02:00
Frederik Bolding
88e3367d41 [FLASK] snaps-monorepo@0.22.2 (#16161)
* snaps-monorepo@0.22.2

* Update LavaMoat policies

* Fix eth_accounts permission for Snaps

* Update iframe execution environment

* Dedupe yarn.lock and rerun LavaMoat policy gen

* Add policy override for nanoid
2022-10-27 20:27:18 +02:00
Jyoti Puri
37d53fdcb3 Update provider (#16131) 2022-10-27 20:27:18 +02:00
Mark Stacey
e7007ff3d5 Update eth-json-rpc-middleware to v9.0.1 (#16096)
This update includes fixes for our `block-ref` and `retry-on-empty`
middleware.

The `block-ref` middleware resolves the block reference `latest` to a
specific block number, the latest one we are aware of. This is meant to
protect against situations where the network gives inconsistent answers
for what the latest block number is due to some nodes being out-of-sync
with each other (this was a frequent problem years ago with Infura).

It was broken in that the `latest` resolution was failing, and we were
submitting an additional redundant request to Infura for each request.

The `retry-on-empty` middleware is meant to retry certain methods
when they return an empty response. This was also meant to deal with
network synchronization issues that were more common years ago. This
middleware works by making a "child" request over and over until either
a retry limit is reached, or a non-empty response is received.

It was broken in that the final response recieved was thrown away, so
it's as though the middleware was not used. Except that it did result
in additional redundant network requests.

As a result of this update we should see that the extension is more
resilient to certain network synchronization issues. But this is
difficult to test, and these issues may not happen in production
anymore today.

We should see a reduction in requests to Infura as well. This should
be easier to test.
2022-10-27 20:27:17 +02:00
Frederik Bolding
305574703d [FLASK] snaps-skunkworks@0.22.0 (#16069)
* snaps-skunkworks@0.22.0

* Update LavaMoat policies

* Bump execution environment and fix a breaking change

* Fix caveat and permissions

* Fix test

* Exclude keyring endowment for now

* Fix test

* Fix snap_confirm missing title
2022-10-27 20:27:17 +02:00
seaona
5b042e0a9a 20.21.0 RC cut 2022-10-27 20:27:03 +02:00
Jyoti Puri
68642ee47a
Updating controller dependency (#16033)
* Updating controller dependency

* fix

* fix

* fix

* fix

* fixes

* Lavamoat auto

* Update URLs for phishing detection testcase

* update lavamoat files

* call phishingController.test synchronously again

* bump @metamask/controllers to v32.0.1

* lint

* update policy files

* bump controllers version again

* modify update phishing list strategy

* revert back to use isOutOfDate, but without blocking substream

* possible way to fix e2e tests?

* enable testing

* Remove promise return from setupController in background.js, as it is no longer used

* Ensure updatePhishingLists is called in MM contrller constructer, so that phishing lists are updated right away

Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: Alex <adonesky@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-10-25 02:24:02 -02:30
Peter Yinusa
65e3047a74
Chromedriver v106 (#16213)
* update chromedriver

* update chrome binary in ci
2022-10-24 14:36:08 +01:00
Frederik Bolding
d640c9a924
[FLASK] snaps-monorepo@0.22.2 (#16161)
* snaps-monorepo@0.22.2

* Update LavaMoat policies

* Fix eth_accounts permission for Snaps

* Update iframe execution environment

* Dedupe yarn.lock and rerun LavaMoat policy gen

* Add policy override for nanoid
2022-10-11 18:56:34 +02:00
Jyoti Puri
6995174cbc
MV3 Segment Fix (#16020) 2022-10-11 20:34:32 +05:30
Jyoti Puri
b34d24937d
Update provider (#16131) 2022-10-11 14:18:55 +05:30
Mark Stacey
f6f8edfd15
Update eth-json-rpc-middleware to v9.0.1 (#16096)
This update includes fixes for our `block-ref` and `retry-on-empty`
middleware.

The `block-ref` middleware resolves the block reference `latest` to a
specific block number, the latest one we are aware of. This is meant to
protect against situations where the network gives inconsistent answers
for what the latest block number is due to some nodes being out-of-sync
with each other (this was a frequent problem years ago with Infura).

It was broken in that the `latest` resolution was failing, and we were
submitting an additional redundant request to Infura for each request.

The `retry-on-empty` middleware is meant to retry certain methods
when they return an empty response. This was also meant to deal with
network synchronization issues that were more common years ago. This
middleware works by making a "child" request over and over until either
a retry limit is reached, or a non-empty response is received.

It was broken in that the final response recieved was thrown away, so
it's as though the middleware was not used. Except that it did result
in additional redundant network requests.

As a result of this update we should see that the extension is more
resilient to certain network synchronization issues. But this is
difficult to test, and these issues may not happen in production
anymore today.

We should see a reduction in requests to Infura as well. This should
be easier to test.
2022-10-10 13:16:58 -02:30
Frederik Bolding
7ba0f78a84
[FLASK] snaps-skunkworks@0.22.0 (#16069)
* snaps-skunkworks@0.22.0

* Update LavaMoat policies

* Bump execution environment and fix a breaking change

* Fix caveat and permissions

* Fix test

* Exclude keyring endowment for now

* Fix test

* Fix snap_confirm missing title
2022-10-07 10:02:35 +02:00
George Marshall
db59186ced
Adding ast-types to resolutions (#16103) 2022-10-06 12:42:52 -07:00
Maarten Zuidhoorn
22f07aefe3
Update Jest config to avoid transpiling dependencies (#16068)
* Use stable version of Jest

* Update Jest config
2022-10-04 17:58:22 +02:00
Alex Donesky
3b63ecff07
Update eth-lattice-keyring to v0.12.3 (#15997) 2022-10-03 19:02:38 -05:00
ryanml
10d6cfd03d Merge remote-tracking branch 'origin/develop' into master-sync 2022-10-02 20:59:15 -07:00
Frederik Bolding
7a79206fd6 Fix @hapi/hoek audit failure (#16034) 2022-09-30 13:21:27 -02:30
Frederik Bolding
6a0dcf41b6
Fix @hapi/hoek audit failure (#16034) 2022-09-30 09:10:01 -05:00
Elliot Winkler
d7a812f42f
Add remaining tests for createInfuraClient (#15717)
Add tests for the `block-tracker-inspector` middleware — which makes
sure that the block tracker never has a reference to the latest block
which is less than a block number that shows up in an RPC method's
response — and the Infura middleware — which takes care of sending the
request to Infura, and will retry the request up to 5 times if Infura
sends back a certain type of error.

Note that the `retry-on-empty` middleware is not tested because it
currently has a [bug][1] which is making it ineffective.

[1]: https://github.com/MetaMask/eth-json-rpc-middleware/issues/139
2022-09-29 10:39:35 -06:00
seaona
5d9246d0c3
Add segment and portfolio urls on build:test:mv3 script (#15943) 2022-09-28 14:30:06 +02:00
seaona
eed06dae1f RC cut with Snaps fixes 2022-09-28 11:16:20 +02:00
Alex Donesky
34fe20126a
bump smart-transactions-controller verion (#15818) 2022-09-27 16:44:38 -05:00
PeterYinusa
1295fabfb5
[E2E]: Revoke nft approval (#15995) 2022-09-27 10:51:46 -05:00
George Marshall
362ef792bd
Fix/remove mistake script (#15983) 2022-09-27 08:24:49 -05:00
Frederik Bolding
4eb8e50800
[FLASK] snaps-skunkworks@0.21.0 (#15889)
* snaps-skunkworks@0.21.0

* Update policy files

* Regen policies again

* Fix tests

* Simplify selector

* Fix flaky test

* Update iframe execution env

* Move snap install warnings to util

* Add basic copy for snap_getBip32PublicKey

* Update permission icon

* Update E2Es

* Fix lint

* Fix locale strings
2022-09-23 12:39:54 +02:00
Alex Donesky
d3bd5b0d6b
Bump keystone package versions to latest (#15878) 2022-09-22 10:04:24 -05:00
PeterYinusa
1370f19cba
Portfolio site e2e (#15921)
* add env variables to test build

* add data-testid attribute to home component

* add method to retrieve the url of the current page

* add portfolio site test

Co-authored-by: ryanml <ryanlanese@gmail.com>
2022-09-22 08:39:34 +01:00
ryanml
10915d39ea Merge remote-tracking branch 'origin/develop' into master-sync 2022-09-20 13:27:30 -07:00
George Marshall
e69e207b7d
Adding Icon component and removing BaseIcon component (#15772)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-09-20 12:15:14 -05:00
ryanml
51f1e4f238 Bump @metamask/etherscan-link from 2.1.0 to 2.2.0 (#15881) 2022-09-19 21:17:46 +01:00
ryanml
c0065b4c5d
Bump @metamask/etherscan-link from 2.1.0 to 2.2.0 (#15881) 2022-09-19 12:31:45 -07:00
seaona
dd660f83ae
Add test insights on circle ci for test-unit job (#15839)
* Test results for jest

* Add jest-junit package for reporting

* Order alphabetically
2022-09-19 13:30:34 +02:00
Elliot Winkler
d91eabfd16
Add initial provider API tests for Infura client (#15556)
We are working on migrating the extension to a unified network
controller, but before we do so we want to extract some of the existing
pieces, specifically `createInfuraClient` and `createJsonRpcClient`,
which provide the majority of the behavior exhibited within the provider
API that the existing NetworkController exposes. This necessitates that
we understand and test that behavior as a whole.

With that in mind, this commit starts with the Infura-specific network
client and adds some initial functional tests for `createInfuraClient`,
specifically covering three pieces of middleware provided by
`eth-json-rpc-middleware`: `createNetworkAndChainIdMiddleware`,
`createBlockCacheMiddleware`, and `createBlockRefMiddleware`.

These tests exercise logic that originate from multiple different places
and combine in sometimes surprising ways, and as a result, understanding
the nature of the tests can be tricky. I've tried to explain the logic
(both of the implementation and the tests) via comments. Additionally,
debugging why a certain test is failing is not the most fun thing in the
world, so to aid with this, I've added some logging to the underlying
packages used when a request passes through the middleware stack.
Because some middleware change the request being made, or make new
requests altogether, this greatly helps to peel back the curtain, as
failures from Nock do not supply much meaningful information on their
own. This logging is disabled by default, but can be activated by
setting `DEBUG=metamask:*,eth-query DEBUG_COLORS=1` alongside the `jest`
command.

We use this logging by bumping `eth-block-tracker`, and
`eth-json-rpc-middleware`.
2022-09-16 10:48:33 -02:30
Mark Stacey
929a1a0d52
Update eth-json-rpc-infura (#15845)
* Update `eth-json-rpc-infura`

The package `eth-json-rpc-infura@5` has been updated to
`@metamask/eth-json-rpc-infura@7`. This update includes TypeScript
support, and it drops support for older node.js versions. The exports
have also been changed from default to named exports.

See here for a full list of changes: https://github.com/MetaMask/eth-json-rpc-infura/blob/main/CHANGELOG.md#700

* Fix LavaMoat policy issue

The `web3` package used by `@metamask/controllers` unintentionally
overwrites the `XMLHttpRequest` global, which breaks things. This was
fixed by revoking `web3`'s write access to that global using a policy
override.

Previously this policy override was applied to `web3`, but for some
unknown reason, this update caused that override to no longer apply.
2022-09-15 14:41:18 -02:30
seaona
d322c89bb2
Updating Chromedriver to the last version (#15798)
* Updating Chromedriver to the last version

* Update Chrome version to last stable v105
2022-09-13 16:31:19 +02:00
amerkadicE
7aa2a8a983
Replace web3js package with ethersjs package (#15386)
Co-authored-by: Alex Donesky <adonesky@gmail.com>
2022-09-12 15:46:48 -05:00
George Marshall
100fbbfaca
Upgrading storybook from 6.3 to 6.5 fixing shell-quote vulnerability (#15684)
* Updating storybook from 6.3 to 6.5

* Some lavamoat policy overrides for eslint
2022-09-06 15:58:22 -07:00
seaona
bc0d32de56 New 10.19.0 RC 2022-09-06 16:56:52 +02:00
Frederik Bolding
7fc418a96d
[FLASK] snaps-skunkworks@0.20.0 (#15706)
* snaps-skunkworks@0.20.0

* Generate LavaMoat policy

* Fix some breaking changes

* Update iframe execution env

* Fix unit tests

* Implement snap_getBip44Entropy

* Regenerate LavaMoat policy

* Prefer ControllerMessenger over direct calls

* Fix not showing warning for BIP44 legacy permission and E2E test

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2022-08-26 13:48:53 +02:00
PeterYinusa
fe78890dd2
Sentry e2e test (#15715) 2022-08-25 18:07:31 -05:00
Alex Miller
21e3b4785d
[GridPlus] Version bump (#15711)
* [GridPlus] Bumps packages
Significant updates:
* Reverts build system changes to reduce bundle size (`gridplus-sdk` #461)
* Adds support for nested ABI definitions if firmware allows it (`gridplus-sdk` #462, #450)
Full changes:
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/compare/v0.11.0...v0.12.0
* `gridplus-sdk`: https://github.com/GridPlus/gridplus-sdk/compare/v2.2.2...v2.2.7

* [GridPlus] Lavamoat changes
2022-08-25 18:11:17 -02:30
Mark Stacey
a1cda8ad9d Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (228 commits)
  Update `object.values` patch (#15692)
  chore: Adjust trailing whitespace (#15636)
  updated casing in import Token for spanish (#15687)
  development scripts: add node shebang; mark as executable (#15655)
  Created a new contract details modal (#15549)
  Token allowance improvements feature flag (#15646)
  Updated origin pill component to match the new design (#15603)
  Update `depcheck` to latest version (#15690)
  Replace `lavamoat-runtime.js` patch (#15682)
  upgrade jest (#15642)
  Fix Sentry deduplication of events that were never sent (#15677)
  Jest configuration fix (#15673)
  Header component for transaction confirmation screens (#15614)
  New network info popup (#13319)
  Consolidating Zendesk URLs in to constants file (#15669)
  Created review spending cap component (#15633)
  Fix Sentry in LavaMoat contexts (#15672)
  Fix LavaMoat policy generation script (#15668)
  Using formatIconUrlWithProxy to get the iconUrl proxy of swap token (#15562)
  Migrate app constants to typescript (#15611)
  ...
2022-08-25 11:03:29 -02:30
MetaMask Bot
31d5c1cf22
Version v10.18.4 RC (#15643)
* Version v10.18.4

* Fix default currency symbol for `wallet_addEthereumChain` + improve warnings for data that doesn't match our validation expectations (#15201)

* set more appropriate default for ticker symbol when wallet_addEthereumChain is called

* throw error to dapp when site suggests network with same chainId but different ticker symbol from already added network, instead of showing error and disabled notification to user

* Fix Provider Tracking Metrics (#15082)

* fix filetype audit (#15334)

* Remove decentralized 4byte function signature registry since it contains incorrect signatures and we can't algorithmically check for best option when 4byte.directory is down (#15300)

* remove decentralized 4byte function signature registry since it is griefed and we can't algorithmically check for best option when 4byte is down

* add migration

* remove nock of on chain registry call in getMethodDataAsync test

* remove audit exclusion (#15346)

* Updates `eth-lattice-keyring` to v0.10.0 (#15261)

This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2

* Fix 'block link explorer on custom networks' (#13870)

* Created a logic for the 'Add a block explorer URL'

Removed unused message

Message logic rollback

Modified history push operation

WIP: Pushing before rebasing

Applied requested changes

Removed unintenionally added code

* Lint fix

* Metrics fixed

* Stop injecting provider on docs.google.com (#15459)

* Fix setting of gasPrice when on non-eip 1559 networks (#15628)

* Fix setting of gasPrice when on non-eip 1559 networks

* Fix unit tests

* Fix logic

* Update ui/ducks/send/send.test.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* [GridPlus] Bumps `eth-lattice-keyring` to v0.11.0 (#15490)

* [GridPlus] Bumps `gridplus-sdk` to v2.2.4 (#15561)

* remove exclusions for mismatched object jsdoc type casing (#15351)

* Improve `tokenId` parsing and clean up `useAssetDetails` hook (#15304)

* Fix state creation in setupSentryGetStateGlobal (#15635)

* filter breadcrumbs for improved clarity while debugging sentry errors (#15639)

* Update v10.18.4 changelog (#15645)

* Auto generated changelog

* Update 10.18.4 changelog

* Run lavamoat:auto

* Call metrics event for wallet type selection at the right time (#15591)

* Fix Sentry in LavaMoat contexts (#15672)

Our Sentry setup relies upon application state, but it wasn't able to
access it in LavaMoat builds because it's running in a separate
Compartment.

A patch has been introduced to the LavaMoat runtime to allow the root
Compartment to mutate the `rootGlobals` object, which is accessible
from outside the compartment as well. This lets us expose application
state to our Sentry integration.

* Fix Sentry deduplication of events that were never sent (#15677)

The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.

* Replace `lavamoat-runtime.js` patch (#15682)

A patch made in #15672 was found to be unnecessary. Instead of setting
a `rootGlobals` object upon construction of the root compartment, we
are now creating a `sentryHooks` object in the initial top-level
compartment. I hadn't realized at the time that the root compartment
would inherit all properties of the initial compartment `globalThis`.

This accomplishes the same goals as #15672 except without needing a
patch.

* Update v10.18.4 changelog

* Fix lint issues

* Update yarn.lock

* Update `depcheck` to latest version (#15690)

`depcheck` has been updated to the latest version. This version pins
`@babel/parser` to v7.16.4 because of unresolved bugs in v7.16.5 that
result in `depcheck` failing to parse TypeScript files correctly.

We had a Yarn resolution in place to ensure `@babel/parser@7.16.4` was
being used already. That resolution is no longer needed so it has been
removed. This should resove the issue the dev team has been seeing
lately where `yarn` and `yarn-deduplicate` disagree about the state the
lockfile should be in.

* Update yarn.lock

* Update LavaMoat policy

* deduplicate

* Update LavaMoat build policy

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Alex Donesky <adonesky@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: Alex Miller <asmiller1989@gmail.com>
Co-authored-by: Filip Sekulic <filip.sekulic@consensys.net>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: seaona <54408225+seaona@users.noreply.github.com>
Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: PeterYinusa <peter.yinusa@consensys.net>
2022-08-24 19:57:47 +01:00
Mark Stacey
2140a12b06
Update depcheck to latest version (#15690)
`depcheck` has been updated to the latest version. This version pins
`@babel/parser` to v7.16.4 because of unresolved bugs in v7.16.5 that
result in `depcheck` failing to parse TypeScript files correctly.

We had a Yarn resolution in place to ensure `@babel/parser@7.16.4` was
being used already. That resolution is no longer needed so it has been
removed. This should resove the issue the dev team has been seeing
lately where `yarn` and `yarn-deduplicate` disagree about the state the
lockfile should be in.
2022-08-24 12:42:30 -02:30
Brad Decker
0d862d4032
upgrade jest (#15642) 2022-08-23 15:13:02 -05:00
Mark Stacey
1f36ba4b75
Fix Sentry deduplication of events that were never sent (#15677)
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
2022-08-23 16:14:14 -02:30
Niranjana Binoy
4512a9e151
Using formatIconUrlWithProxy to get the iconUrl proxy of swap token (#15562) 2022-08-22 15:16:57 -04:00
Daniel
0cbff07b61
Remove unnecessary event props, update STX controller version (#15653)
* Remove unnecessary event prop
* Update STX controller version
* yarn yarn-deduplicate
2022-08-19 22:27:49 +02:00
Mark Stacey
48c02ef641
Add validation to production build script (#15468)
Validation has been added to the build script when the "prod" target is
selected. We now ensure that all expected environment variables are
set, and that no extra environment variables are present (which might
indicate that the wrong configuration file is being used).

The `prod` target uses a new `.metamaskprodrc` configuration file. Each
required variable can be specified either via environment variable or
via this config file. CI will continue set these via environment
variable, but for local manual builds we can use the config file to
simplify the build process and ensure consistency.

A new "dist" target has been added to preserve the ability to build a
"production-like" build without this validation.

The config validation is invoked early in the script, in the CLI
argument parsing step, so that it would fail more quickly. Otherwise
we'd have to wait a few minutes longer for the validation to run.
This required some refactoring, moving functions to the utility module
and moving the config to a dedicated module.

Additionally, support has been added for all environment variables to
be set via the config file. Previously the values `PUBNUB_PUB_KEY`,
`PUBNUB_SUB_KEY`, `SENTRY_DSN`, and `SWAPS_USE_DEV_APIS` could only be
set via environment variable. Now, all of these variables can be set
either way.

Closes #15003
2022-08-19 15:46:18 -02:30
legobeat
1d0ef3e321
chore: Complete node16 upgrade (#15634)
Follow-up from #15131
2022-08-19 22:35:52 +08:00
Erik Marks
8210e3a812
Convert LavaMoat policy generation script to Yargs application (#15626)
This PR converts `generate-lavamoat-policies.sh` to `.js` using Yargs. This makes it easier to only generate policy files for a specific build type (using the `-t` flag), which is often useful during Flask development. In addition, the `lavamoat:background:auto` scripts are renamed, and the main readme is updated with some useful tips.

Note that `lavamoat:background:auto:dev` is removed and `lavamoat:background:auto` should be used during local development.
2022-08-18 16:09:26 -07:00
Garrett Bear
d25f9cf4da
UI-14395: typography v2 (#15408)
UI-14395: change Typography v2 to Text

UI-14395: upgrade design tokens

UI-14395: add classname testing

UI-14395: update text colors, update font family name to match token, update text storybook boxprops

UI-14395: add text transform docs

lint fix
2022-08-18 10:51:53 -07:00
Maarten Zuidhoorn
a52c6a4908
[FLASK] snaps-skunkworks@0.19.0 (#15619)
* Bump snaps-skunkworks to 0.19.0

* Improve snap_getBip32Entropy UI

* Remove console.log

* Update LavaMoat policy

* Dedupe Yarn lock

* Update LavaMoat policy again

* Fix tests

* Update policies and e2e tests

* Update policy again

* Update iframe-execution-environment

* Dedupe yarn.lock

* Update snapshots

* Fix PR comments

* Add TODO

* Trigger CI
2022-08-18 17:07:34 +02:00
seaona
437acdb74c
Capture user actions times for MV2 benchmark and generate artifacts (#15353)
* User actions benchmark and artifacts

* Lint and fix identation

* Fix lint

* Updated path

* lint

* Add user actions benchmark to pre release job

* Remove title

* Out path updated

* See if url is finally fixed

* Adding some console logs

* lint

* fix lint

* fix lint

* Updated persisting and store artifacts path

* Added MetaMask bot correct link and remove console logs

* Remove console log

* Sort Imports

* Fix lint

* Update loadAccount function and prop name for clarity to loadNewAccount

* Run yarn setup

* Fix yarn

* Update Create Account element for Create account

* Remove unnecessary step on send

Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
2022-08-12 19:41:20 +02:00
Niranjana Binoy
6e5c2f03bf
Token detection V2 Flag Removal and Re-introducing the use of legacy token list when token detection is OFF (#15138)
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens

updating the controller version and calling detectNewToken on network change

fixing rebase error

Run yarn lavamoat:auto for updating policies

updating lavamoat

Deleted node modules and run again lavamoat auto

fixing rebase issues

updating lavamoat policies

updating lavamoat after rebasing

policies

updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks

to update the token in fetchTosync

updating the contract map object

Revert build-system lavamoat policy changes

Move token list selection logic from components to getTokenList selector

updating the tokenList

Update lavamoat

Fix error

updating lavamoat

lint fix

fix unit test fail

fix unit test fail

lint fix

fixing rebase locale error

rebase fix

Revert build-system policy changes

temp

addressing review comments

* rebase fix
2022-08-09 22:56:25 -02:30
Elliot Winkler
a7d98b695f
Add TypeScript migration dashboard (#13820)
As we convert parts of the codebase to TypeScript, we will want a way to
track progress. This commit adds a dashboard which displays all of the
files that we wish to convert to TypeScript and which files we've
already converted.

The list of all possible files to convert is predetermined by walking
the dependency graph of each entrypoint the build system uses to compile
the extension (the files that the entrypoint imports, the files that the
imports import, etc). The list should not need to be regenerated, but
you can do it by running:

    yarn ts-migration:enumerate

The dashboard is implemented as a separate React app. The CircleCI
configuration has been updated so that when a new commit is pushed, the
React app is built and stored in the CircleCI artifacts. When a PR is
merged, the built files will be pushed to a separate repo whose sole
purpose is to serve the dashboard via GitHub Pages (this is the same
way that the Storybook works). All of the app code and script to build
the app are self-contained under
`development/ts-migration-dashboard`. To build this app yourself, you
can run:

    yarn ts-migration:dashboard:build

or if you want to build automatically as you change files, run:

    yarn ts-migration:dashboard:watch

Then open the following file in your browser (there is no server
component):

    development/ts-migration-dashboard/build/index.html

Finally, although you shouldn't have to do this, to manually deploy the
dashboard once built, you can run:

    git remote add ts-migration-dashboard git@github.com:MetaMask/metamask-extension-ts-migration-dashboard.git
    yarn ts-migration:dashboard:deploy
2022-08-09 14:16:08 -06:00
Daniel
d255fcdefb
Only check if a user has enough token balance before calling STX (#15218) 2022-08-09 12:56:52 -05:00
ryanml
67a7483754
Adding option to update lavamoat policies in parallel (#14536)
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-09 11:08:34 -05:00
PeterYinusa
12943e0e71
[E2E]: Set approval for all e2e (#15481)
* Update test dapp

* fix provider

fix provider
remove debug
mint nft

* Add collectibles spec

Co-authored-by: Alex Donesky <adonesky@gmail.com>
2022-08-09 14:59:20 +01:00
Alex Miller
3d49dd5849
[GridPlus] Bumps eth-lattice-keyring to v0.11.0 (#15490) 2022-08-09 08:12:27 -05:00
Mark Stacey
44f8e9e10e
Replace rc with ini (#15464)
We use the `rc` package to read the `.metamaskrc` configuration file,
which is in "ini" format. This package has been replaced by the `ini`
package.

The `rc` package was not actively maintained, and it has had recent
security vulnerabilities. But most importantly, the config object
returned by `rc` includes a bunch of extra information that made build
script validation [1] difficult to implement. Specifically, it made it
challenging to ensure no extra environment variables were present.

The `ini` package on the other hand is simple, well maintained, and
is simpler to use. This package doesn't add any extra properties to the
object it returns, making validation easy.

[1]: https://github.com/MetaMask/metamask-extension/issues/15003
2022-08-05 15:11:18 -02:30
Brad Decker
7b42c54728
Update Babel and dependencies (#15392) 2022-08-05 10:04:44 -05:00
ryanml
46c110b70c Merge remote-tracking branch 'origin/develop' into master-sync 2022-08-04 21:41:32 -07:00
MetaMask Bot
60ba129eb2 Version v10.18.3 2022-08-04 19:56:00 +00:00
MetaMask Bot
f503a634f0 Version v10.18.2 2022-08-03 20:57:32 +00:00
Sam Gbafa
5802805597
Add Sign-In with Ethereum (#14438)
Co-authored-by: Gregório Granado Magalhães <greg.magalhaes@gmail.com>
Co-authored-by: George Marshall <georgewrmarshall@gmail.com>
Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-03 09:56:11 -05:00
Brad Decker
c72199a1a6
update prettier (#15360) 2022-07-31 13:26:40 -05:00
Brad Decker
31fa55123a
fix storybook (#15387) 2022-07-29 14:15:48 -05:00
Alex Miller
77c3b4622b
Updates eth-lattice-keyring to v0.10.0 (#15261)
This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2
2022-07-27 12:04:04 -05:00
ryanml
e24997d67c
Sync master with develop (#15355)
* Version v10.18.1

* Update changelog for v10.18.1

* Metrics adjustments (#15313)

* Don't send errors to sentry if users have not opted-in to participate in metametrics

* Don't capture opt-out metrics

* Move the metrics-opt in screen to immediately after the welcome screen

* Ensure that global.getSentryState is set in the background

* Fix e2e tests after rearranging onboardin flow

* Fix unit tests

* More e2e test fixes

* Remove unnecessary wrappers around capture exception

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-07-27 10:05:05 -02:30
Brad Decker
1db0ee87ec
Update Eslint and deps (#15293) 2022-07-26 13:10:51 -05:00
MetaMask Bot
e577a1b66e Version v10.18.1 2022-07-22 20:44:27 +00:00
Dan Miller
7bea9848ab Merge remote-tracking branch 'origin/develop' into master-sync 2022-07-22 12:50:58 -02:30
Jyoti Puri
be47d78475
Fix for mv3 performance stats (#15321) 2022-07-22 16:24:14 +05:30
George Marshall
5592687df1
Updating design tokens package and shadow values with new tokens (#15264)
* Updating design tokens v1.8 and shadows

* Adding missing stories

* Some fixes and updates to css and stories

* removing unneeded story

* Fixing story order
2022-07-21 15:43:31 -07:00
Jyoti Puri
0622883a3c
Capturing load time stats (#15157) 2022-07-20 11:40:31 +04:00
Jyoti Puri
6aa0ecce2a
Capturing lavamoat stats in E2E (#15153) 2022-07-20 03:07:15 +04:00
Frederik Bolding
1ec190bd8c
[FLASK] snaps-skunkworks@0.18.1 (#15230)
* snaps-skunkworks@0.17.0

* Handle breaking changes

* Fix import

* Fix blocklist implementation

* snaps-skunkworks@0.18.0

* Fix lint

* Update LavaMoat policy

* Update iframe-execution-environment

* snaps-skunkworks@0.18.1

* Bump iframe-execution-environment

* Update LavaMoat policy
2022-07-19 17:41:06 +02:00
Alex Donesky
09164dcabb
Bump controllers v30.0.2 (#14906)
* bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 09:43:30 -05:00
PeterYinusa
9ae909d6a7
[E2E] Install Firefox extension from dist folder (#15255)
* update webdriver

* install extension from dist folder

* remove redundant code
2022-07-18 09:22:23 +01:00
Jyoti Puri
aeb0147846
Adding tasks for MV3 test build (#15133) 2022-07-14 03:34:33 +04:00
Makoto Inoue
fdd8646ce8
Support for ENS wildcard and offchain resolution (#14675) 2022-07-12 09:30:31 -05:00
MetaMask Bot
550103a5b0 Version v10.18.0 2022-07-11 08:38:29 +00:00
Dan J Miller
6553b9a29b
Merge pull request #15126 from MetaMask/master-sync
Master sync following v10.17.0
2022-07-07 16:26:34 -02:30
Erik Marks
08cc6c5e77
Bump minimum Node.js version to 16 (#15131) 2022-07-02 23:32:18 -07:00
Dan Miller
9bc8e0bb08 Merge remote-tracking branch 'origin/develop' into master-sync 2022-07-01 13:57:47 -02:30
Dan J Miller
0884b6aa10 Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-30 02:26:56 -02:30
Dan Miller
bc6c60cde1 Revert "Merge pull request #15063 from MetaMask/revert-v10.16.0"
This reverts commit 4d42715220, reversing
changes made to f09ab88891.
2022-06-29 13:03:10 -02:30
MetaMask Bot
e1f392a1de Version v10.16.2 2022-06-29 15:32:25 +00:00
Dan Miller
93c4d33cda Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-29 10:22:51 -02:30
Dan Miller
24662963c5 Revert "Merge pull request #15063 from MetaMask/revert-v10.16.0"
This reverts commit 4d42715220, reversing
changes made to f09ab88891.
2022-06-29 10:21:35 -02:30
MetaMask Bot
51311e4024 Version v10.16.1 2022-06-28 14:42:13 +00:00
Mark Stacey
925a19fa4a Revert "Merge pull request #14912 from MetaMask/Version-v10.16.0"
This reverts commit f09ab88891, reversing
changes made to effc761e0e.

This is being temporarily reverted to make it easier to release an
urgent fix for v10.15.1.
2022-06-28 10:41:47 -02:30
PeterYinusa
bf9140aa57
Chromedriver v103 (#15015)
* update chromdriver to v103

* update chrome binary to v103
2022-06-24 08:41:55 -04:00
MetaMask Bot
b96690a976 Version v10.17.0 2022-06-23 23:25:06 +00:00
ryanml
50e7fe9386 Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-23 12:28:06 -07:00
ryanml
71755bf4cc Merge remote-tracking branch 'origin/develop' into master-sync 2022-06-22 12:24:48 -07:00
Mark Stacey
b68aee1bef
Migrate the build script to yargs (#14836)
The build script now uses `yargs` rather than `minimist`. The CLI is
now better documented, and we have additional validation for each
option.

A patch for `yargs` was required because it would blow up on the line
`Error.captureStackTrace`. For some reason when running under LavaMoat,
that property did not exist.

Closes #12766
2022-06-21 17:37:05 -02:30
Frederik Bolding
506a9872f0 Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-21 17:13:57 -02:30
MetaMask Bot
390cf09b3f Version v10.15.1 2022-06-21 19:26:15 +00:00
Frederik Bolding
5168538afe Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-20 17:53:06 -07:00
Frederik Bolding
82645ba516
[FLASK] snaps-skunkworks@0.16.0 (#14952)
* snaps-skunkworks@0.16.0

* Bump iframe-execution-environment

* Add getAppKey

* Regen LavaMoat policy

* Bump test-snaps
2022-06-20 10:13:12 +02:00
Daniel
7d1259476b
Update smart-transactions-controller to v2.1.0 (#14955) 2022-06-16 17:51:55 +02:00
Frederik Bolding
25aa3ab4b4
Update E2E tests for new test-dapp version (#14939)
* Update xDAI E2E information

* Use local Ganache instance instead of Gnosis Chain

* Bump test-dapp

* Bump test-dapp

* Enable secondary Ganache server for other test

* Fix linting

* Improve E2E stability

* Update network selector
2022-06-15 15:50:37 +02:00
MetaMask Bot
2c6236ed4f Version v10.16.0 2022-06-09 19:09:50 +00:00
Dan J Miller
9121a028e6
Merge pull request #14905 from MetaMask/master-sync
Sync master to develop (v10.15.0)
2022-06-09 14:29:30 -02:30
Erik Marks
7df0af8f4f
@metamask/providers@9.0.0 (#14904)
Bump `@metamask/providers` to `9.0.0`. Should be completely non-breaking for our purposes.
2022-06-09 09:03:07 -07:00
Dan J Miller
e7b86fb54b Merge branch 'develop' into master-sync 2022-06-09 11:54:20 -02:30
kumavis
c1804c33f5 lavamoat - bump for stats support (#14641)
* lavamoat - bump for stats support

* lavamoat - update policy

* deps - dedupe lockfile
2022-06-09 02:34:47 -02:30
kumavis
15a962527a LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-06-09 01:55:29 -02:30
PeterYinusa
2fd4549333
Update chromedriver and chrome binary (#14877)
* Update chromedriver and chrome binary

* yarn deduplicate
2022-06-07 16:02:11 +01:00
Erik Marks
ada427af6d Fix development build scripts (#14594)
#14583 broke the development build scripts (e.g. `yarn start`) by adding a positional argument to a package script (`build:dev`) that is used and passed positional arguments in the build script itself. This PR removes the positional argument from the `build:dev` script and `yarn start` now works again. In addition, the `--apply-lavamoat` flag is properly forwarded to child processes, which was not the case in the original implementation.

To test, `yarn start` should work and LavaMoat should _not_ be applied, in distinction to `yarn build:dev dev --apply-lavamoat=true`. Whether LavaMoat is applied can be determined by checking whether `Object.isFrozen(Object.prototype)` is `true` (with LavaMoat) or `false` (without LavaMoat).
2022-06-06 14:13:01 -02:30
Erik Marks
fda057637e Add applyLavaMoat build flag (#14583)
Adds a new flag, `--apply-lavamoat`, to the main build script. The flag controls whether LavaMoat is actually applied to the output of the build process. The flag defaults to `true`, but we explicitly set it to `false` in the `start` package script. Meanwhile, the `start:lavamoat` script is modified such that it applies LavaMoat to the build output in development mode, but it no longer runs the build process itself under LavaMoat as there aren't very compelling reasons to do so.

This change is motivated by the fact that development builds do not have their own dedicated LavaMoat policies, which causes development builds to fail since #14537. The downside of this change is that LavaMoat-related failures will not be detected when running `yarn start`. @kumavis has plans for fixing this problem in a future major version of the `@lavamoat` suite.
2022-06-06 14:13:01 -02:30
Mark Stacey
c70ea259d6 Update minimist from v1.2.5 to v1.2.6 (#14850)
This addresses a security advisory.
2022-06-03 17:09:17 -02:30
Mark Stacey
db519a8cff
Update minimist from v1.2.5 to v1.2.6 (#14850)
This addresses a security advisory.
2022-06-03 16:21:21 -02:30
Mark Stacey
e6d5af5f9a Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (131 commits)
  Update `protobufjs` and remove obsolete advisory exclusion (#14841)
  Include snap version in pill (#14803)
  Update PULL_REQUEST_TEMPLATE.md (#14790)
  fix: keystone transaction qrcode has no white spacing (#14798)
  Snap notifications integration (#14605)
  Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
  snaps-skunkworks@0.15.0 (#14772)
  Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
  Ensure transaction type is correctly updated on edit (#14721)
  Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
  Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
  Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
  Migrate the "estimateGas" API call to "getFees" for STX (#14767)
  Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
  Adding flag for MV3 (#14762)
  Add types to send state (#14740)
  Remove site origin on snap install (#14752)
  Update design tokens library from 1.5 to 1.6 WIP (#14732)
  Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
  remove draft transaction (#14701)
  ...
2022-06-03 11:53:40 -02:30
Dan Miller
3942502951 Merge branch 'master' into Version-v10.15.0 2022-06-03 08:16:08 -02:30
Mark Stacey
cf5db650fe Merge remote-tracking branch 'origin/master' into Version-v10.14.7
* origin/master: (101 commits)
  Updating changelog
  Add token standard to custom token details (#14506)
  Revert "Dark Mode: What's New Announcement (#14346)"
  Ensure network name in confirm page container is defined (#14520)
  Updating lavamoat policies
  Fix the alerts toggles in settings (#14498)
  Disable swaps whenever the environment is not development or testing, so that behaviour follows production for QA purposes (#14499)
  [skip e2e] Updating changelog for v10.14.0 (#14487)
  Version v10.14.0
  Docs - segment metrics (#14435)
  Add snaps view search (#14419)
  Run main, flask and beta in sequence in generate-lavamoat-policies.sh (#14470)
  Modify import SRP page (#14425)
  Dark Mode: Implement Metrics (#14455)
  HoldToRevealButton component (#13785)
  e2e test import json file as import account strategy (#14449)
  MetaMetrics: Identify 'number_of_tokens' user trait (#14427)
  MetaMetrics: Identify 'nft_autodetection_enabled' &  'opensea_api_enabled' (#14367)
  Swaps: Sort "token_from" dropdown tokens by their fiat value first and "token_to" by top tokens (#14436)
  Update segment instantiation check. Only check if SEGMENT_WRITE_KEY exists (#14407)
  ...
2022-06-02 18:30:23 -02:30
Jyoti Puri
95c230127c
Upgrade @metamask/eth-ledger-bridge-keyring (#14799) 2022-06-01 22:04:29 +05:30
Frederik Bolding
7ce4868401
snaps-skunkworks@0.15.0 (#14772)
* snaps-skunkworks@0.15.0

* Update patch

* Update tofu and LavaMoat policy
2022-06-01 11:26:12 +02:00
Alex Miller
08490def8f [GridPlus] Updates Lattice-related modules to unlock functionality (#14467)
GridPlus has updated the EVM signing pathway in Lattice firmware,
which has not yet been released. Additionally, requesters can now
include ABI definitions with signing requests, which are used by
Lattice firmware to decode calldata in place.
All updates are backward compatable.
Updates:
* https://github.com/GridPlus/gridplus-sdk/compare/v1.1.6...v1.2.4
* https://github.com/GridPlus/eth-lattice-keyring/compare/v0.6.1...v0.7.3
2022-05-27 14:41:05 -02:30
Daniel
6dbb2c4ded
Migrate the "estimateGas" API call to "getFees" for STX (#14767) 2022-05-26 19:56:28 +02:00
Jyoti Puri
25082ae272
Adding flag for MV3 (#14762) 2022-05-26 10:18:23 +05:30
George Marshall
8fcbebc546
Update design tokens library from 1.5 to 1.6 WIP (#14732)
* Updating account menu icon color

* Updating design-tokens and making appropriate updates to extension styles

* Adding more deprecated tags to colors

* Adding spinner and removing todo comment

* Remove comment

* Updates

* Updating snapshots

* More color and ui updates

* reverting transition change
2022-05-25 08:35:36 -07:00
Mark Stacey
5b05dd4e8e v10.14.7
This release includes another change to make the builds reproducible
between different environments.
2022-05-23 18:17:32 -02:30
Frederik Bolding
66c049bb35
snaps-skunkworks@0.14.0 (#14700)
* snaps-skunkworks@0.13.0

* snaps-skunkworks@0.14.0

* Fix test

* Add long-running permission copy and icon

* Run linting

* Fix typo

* Bump E2E version
2022-05-18 13:49:26 +02:00
Mark Stacey
211f98c5c7 v10.14.6
In this release, the phishing warning page is extracted to an external
site.
2022-05-16 18:48:20 -02:30
Mark Stacey
5a5e541b5e Fix e2e tests
The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`.
The iframe case was updated with a new design, which required test
changes. The third test that was meant to ensure the phishing page
can't redirect to an extension page has been updated to navigate
directly to the phishing warning page and setting the URL manually via
query parameters, as that was the only way to test that redirect.
2022-05-16 18:48:20 -02:30
Mark Stacey
3693de7947 Reproducible .zip files (#14623)
* Create `.zip` files deterministically

Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.

The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.

* Update lavamoat build policy
2022-05-16 14:48:09 -02:30
Mark Stacey
7199d9c567 Use externally hosted phishing warning page
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.

The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.

The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.

The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.

New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
2022-05-16 14:40:50 -02:30
Frederik Bolding
c2cd6f8097
Bump addons-linter (#14717)
* Bump addons-linter

* Deduplicate yarn.lock

* Rerun yarn install and LavaMoat policy gen
2022-05-16 18:04:25 +02:00
Dan J Miller
f4094925f0 Ensure ledger keyring message event listener are removed on metamask lock (#14691)
* Ensure ledger keyring message event listener are removed on metamask lock

* Clean up
2022-05-16 06:04:22 -07:00
Mark Stacey
8a14504b63 Version v10.14.5
This version is equivalent to v10.14.2. This release is just intended
to fix build configuration issues.
2022-05-14 21:03:06 -02:30
Alex Donesky
23565cac2c
Bump @metamask/controllers version, remove patches (#14618) 2022-05-12 18:01:24 -05:00
Dan J Miller
8948018e5a
Ensure ledger keyring message event listener are removed on metamask lock (#14691)
* Ensure ledger keyring message event listener are removed on metamask lock

* Clean up
2022-05-12 13:36:14 -02:30
PeterYinusa
12cda5eb2d
Chromedriver v101 (#14617)
* update chromedriver package

* update chrome binary used in ci
2022-05-11 13:17:49 +01:00
Frederik Bolding
2dac88cbf4
snaps-skunkworks@0.12.0 (#14670)
* snaps-skunkworks@0.12.0

* Bump iframe execution environment

* Remove policy override

* Rerun LavaMoat

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2022-05-10 23:08:42 -07:00
kumavis
55e88a0e8e
lavamoat - bump for stats support (#14641)
* lavamoat - bump for stats support

* lavamoat - update policy

* deps - dedupe lockfile
2022-05-09 11:04:41 -10:00
kumavis
07da8ce589
LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-05-05 12:47:51 -10:00
Alex Miller
32a82be2b6
[GridPlus] Updates Lattice-related modules to unlock functionality (#14467)
GridPlus has updated the EVM signing pathway in Lattice firmware,
which has not yet been released. Additionally, requesters can now
include ABI definitions with signing requests, which are used by
Lattice firmware to decode calldata in place.
All updates are backward compatable.
Updates:
* https://github.com/GridPlus/gridplus-sdk/compare/v1.1.6...v1.2.4
* https://github.com/GridPlus/eth-lattice-keyring/compare/v0.6.1...v0.7.3
2022-05-05 09:55:17 -05:00
Frederik Bolding
c3071b273b
slip44@2.1.0 (#14619) 2022-05-05 16:32:08 +02:00
Mark Stacey
91fd8342dc
Reproducible .zip files (#14623)
* Create `.zip` files deterministically

Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.

The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.

* Update lavamoat build policy
2022-05-05 11:58:24 -02:30
PeterYinusa
4127583224
Jest tests - incremental coverage (#14612)
* add jest-it-up dependancy

* add reporter

* post test run jest-it-up

* Add CI check

* update coverage

* deduplicate dependancies
2022-05-04 17:02:42 +01:00
Mark Stacey
a58faa13a3 Version v10.14.2
This version includes a build system fix that ensures our builds are
deterministic.
2022-05-04 12:57:38 -02:30
kumavis
fefe9401a1 build - update bify-module-groups for build determinism (#14610) 2022-05-04 12:54:59 -02:30
kumavis
5524f224b2
build - update bify-module-groups for build determinism (#14610) 2022-05-04 12:36:33 -02:30
Mark Stacey
900ac4596b Version v10.14.1
This is a rollback release to v10.13.0
2022-05-03 14:06:07 -02:30
Brad Decker
8a141fe28c fix cross-fetch moderate vulnerability alert (#14570) 2022-05-02 23:10:06 -07:00
Erik Marks
6915dd1a57
Fix development build scripts (#14594)
#14583 broke the development build scripts (e.g. `yarn start`) by adding a positional argument to a package script (`build:dev`) that is used and passed positional arguments in the build script itself. This PR removes the positional argument from the `build:dev` script and `yarn start` now works again. In addition, the `--apply-lavamoat` flag is properly forwarded to child processes, which was not the case in the original implementation.

To test, `yarn start` should work and LavaMoat should _not_ be applied, in distinction to `yarn build:dev dev --apply-lavamoat=true`. Whether LavaMoat is applied can be determined by checking whether `Object.isFrozen(Object.prototype)` is `true` (with LavaMoat) or `false` (without LavaMoat).
2022-05-02 15:35:52 -07:00
Erik Marks
73a7ce9e39
Add applyLavaMoat build flag (#14583)
Adds a new flag, `--apply-lavamoat`, to the main build script. The flag controls whether LavaMoat is actually applied to the output of the build process. The flag defaults to `true`, but we explicitly set it to `false` in the `start` package script. Meanwhile, the `start:lavamoat` script is modified such that it applies LavaMoat to the build output in development mode, but it no longer runs the build process itself under LavaMoat as there aren't very compelling reasons to do so.

This change is motivated by the fact that development builds do not have their own dedicated LavaMoat policies, which causes development builds to fail since #14537. The downside of this change is that LavaMoat-related failures will not be detected when running `yarn start`. @kumavis has plans for fixing this problem in a future major version of the `@lavamoat` suite.
2022-04-29 15:56:30 -07:00
Brad Decker
54a89f029e
fix cross-fetch moderate vulnerability alert (#14570) 2022-04-29 19:41:35 +02:00
Shane
7da6c66ea2
Added getAccounts suppressUnauthorized param (#14126)
* Added getAccounts suppressUnauthorized param

* Changed getAccounts supresss unauth param name

* Changed getAccounts param to object

* Fixed default empty obj for getAccounts getPermittedAccounts param

* Bump eth-json-rpc-middleware version to 8.0.2

* Fixed lavamoat policy

* Fixed lavamoat policies

* Fixed dedupe issues

* Fixed lavamoat allowscripts

* yarn deduplicate

* Fixed lavamoat policies

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-04-29 06:05:14 -07:00
MetaMask Bot
402db4e94e Version v10.15.0 2022-04-28 22:32:12 +00:00
ryanml
f19173b0f2 Merge remote-tracking branch 'origin/develop' into master-sync 2022-04-28 12:04:17 -07:00
Frederik Bolding
1624af2364
snaps-skunkworks@0.11.1 (#14531)
* snaps-skunkworks@0.11.0

* Update LavaMoat policies

* Fix breaking changes

* Use SnapController:clearSnapState

* Fix fetch properly

* Bump iframe execution environment

* snaps-skunkworks@0.11.1

* Run allow-scripts auto
2022-04-28 18:17:28 +02:00
Frederik Bolding
27ad7279cd
Rename NotificationController to AnnouncementController (#14389)
* Rename NotificationController to AnnouncementController

* Fix test

* Add test for missing NotificationController state

* Bump controllers

* Move test to correct file

* Rename config key

* Add migration 71 to list of migrations

* Fix selector after migration
2022-04-27 10:36:32 +02:00
ryanml
5568558554
Adjust package version to 10.13.0 (#14540) 2022-04-26 21:29:26 -10:00
kumavis
223124a561
lavamoat@6 - update to secure package naming (#14488) 2022-04-26 07:36:57 -10:00
Brad Decker
193c22588e
call controller methods directly in send duck (#14465) 2022-04-26 12:07:39 -05:00
Erik Marks
cef95f8733
Stop storing request and response objects in the permission activity log (#14485)
We currently store the JSON-RPC request and response objects in the permission activity log. The utility of doing this was always rather dubious, but never problematic. Until now.

In Flask, as the restricted methods have expanded in number, user secrets may be included on JSON-RPC message objects. This PR removes these properties from the permission activity log, and adds a migration which does the same to existing log objects. We don't interact with the log objects anywhere in our codebase, but we don't want unexpected properties to cause errors in the future should any log objects be retained.

This PR also updates relevant tests and test data. It makes a minor functional change to how a request is designated as a success or failure, but this should not change any behavior in practice.
2022-04-21 08:44:15 -07:00
MetaMask Bot
210578635f Version v10.14.0 2022-04-19 20:55:01 +00:00
ryanml
741f623338 Merge remote-tracking branch 'origin/develop' into master-sync 2022-04-19 12:57:56 -07:00
PeterYinusa
553e11d555
Update ganache (#14375)
* Update ganache

* dedup
2022-04-07 16:49:30 +01:00
Daniel
13c5a04752 stx-controller-v1.10.0 (#14352)
* stx-controller-v1.10.0

* yarn yarn-deduplicate
2022-04-07 03:04:31 -07:00
Dan Miller
9d8223f646 Merge remote-tracking branch 'origin/develop' into master-sync 2022-04-06 10:55:19 -02:30
Daniel
e4bf3400bd
stx-controller-v1.10.0 (#14352)
* stx-controller-v1.10.0

* yarn yarn-deduplicate
2022-04-05 16:58:47 +02:00
MetaMask Bot
4eb303f4e4 Version v10.12.4 2022-04-04 20:56:53 +00:00
PeterYinusa
1582efdc06
update chromedriver and chrome binary to v100 (#14337) 2022-04-04 16:02:54 +01:00
David Walsh
ae3953fd01
Update eth-ledger-bridge-keyring to 0.11.0 (#14317) 2022-04-04 08:54:08 -05:00
Frederik Bolding
cb963f3c29
snaps-skunkworks@0.10.7 (#14323)
* snaps-skunkworks@0.10.7

* Bump iframe-execution-environment
2022-04-01 18:14:48 +02:00
George Marshall
5b9a8a295e
Updating design-tokens to 1.5.1 (#14286) 2022-03-31 08:11:23 -07:00
Mark Stacey
646bad8a58 Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (210 commits)
  Dark Mode: Remove unwanted background for price quote (#14278)
  Dark Mode: Fix colors in toggle button (#14280)
  Ensure proper color for swaps edit link (#14273)
  Dark Mode: Ensure actionable message button colors are the same color as previously (#14271)
  Add token standard to Token Added event. (#14253)
  Token Aggregators component for Tokens Detected page (#14157)
  Ensure Metafox follows cursor on Fetching quotes screen (#14261)
  TransactionsControllerTest: catch uncaught errors (#14196)
  GasModalPageContainer story: convert knobs and actions to controls / args (#13516)
  Show STX switch for wrapping / unwrapping (#14225)
  Change over ImportToken stories to use controls instead of knobs, update props in stories (#14246)
  Change over FeeCard stories to use controls instead of knobs, update props in stories (#13766)
  Update What's new screen with Token Detection information (#14124)
  Improvements for multi-layer fee UX (#13547)
  metaMetricsEvent -> trackEvent (#14249)
  E2e dapp interactions (#14149)
  failing contract interaction e2e (#14227)
  Removed metrics event (#14042)
  Add TypeScript to the build system (#13489)
  Build user traits object when metamask state changes (#14192)
  ...
2022-03-30 22:54:28 -02:30
MetaMask Bot
081f7b621b Version v10.12.2 2022-03-30 23:29:47 +00:00
MetaMask Bot
ac6844ee47 Version v10.13.0 2022-03-29 20:21:37 +00:00
Dan Miller
1f1462120b Merge remote-tracking branch 'origin/develop' into master-sync 2022-03-29 11:26:55 -02:30
PeterYinusa
1130b58910 E2e metrics (#13904)
* remove metrics build

* remove segment server from tests

* enable cors

* mock segment globally

* metrics e2e test

* running test builds

* move file

* destructuring
2022-03-29 07:35:06 -02:30
Elliot Winkler
53006d4cf0
Add TypeScript to the build system (#13489)
This commit modifies the build system so that TypeScript files can be
transpiled into ES5 just like JavaScript files.

Note that this commit does NOT change the build system to run TypeScript
files through the TypeScript compiler. In other words, no files will be
type-checked at the build stage, as we expect type-checking to be
handled elsewhere (live, via your editor integration with `tsserver`,
and before a PR is merged, via `yarn lint`). Rather, we merely instruct
Babel to strip TypeScript-specific syntax from any files that have it,
as if those files had been written using JavaScript syntax alone.

Why take this approach? Because it prevents the build process from being
negatively impacted with respect to performance (as TypeScript takes a
significant amount of time to run).

It's worth noting the downside of this approach: because we aren't
running files through TypeScript, but relying on Babel's [TypeScript
transform][1] to identify TypeScript syntax, this transform has to keep
up with any syntax changes that TypeScript adds in the future. In fact
there are a few syntactical forms that Babel already does not recognize.
These forms are rare or are deprecated by TypeScript, so I don't
consider them to be a blocker, but it's worth noting just in case it
comes up later. Also, any settings we place in `tsconfig.json` will be
completely ignored by Babel. Again, this isn't a blocker because there
are some analogs for the most important settings reflected in the
options we can pass to the transform. These and other caveats are
detailed in the [documentation for the transform][2].

[1]: https://babeljs.io/docs/en/babel-plugin-transform-typescript
[2]: https://babeljs.io/docs/en/babel-plugin-transform-typescript#caveats
2022-03-28 16:33:40 -06:00
Alex Miller
cc4de49e3e [GridPlus] Updates SDK and Lattice keyring to fix several UX issues (#14158)
There were several issues related to a retry mechanism. The latest keyring
offers a significant speed and UX enhancement relative to the previous release.
For full details, see:
GridPlus/eth-lattice-keyring@v0.5.0...v0.6.1
2022-03-28 12:38:54 -02:30
Alex Miller
d14c588404
[GridPlus] Updates SDK and Lattice keyring to fix several UX issues (#14158)
There were several issues related to a retry mechanism. The latest keyring
offers a significant speed and UX enhancement relative to the previous release.
For full details, see:
GridPlus/eth-lattice-keyring@v0.5.0...v0.6.1
2022-03-28 12:38:28 -02:30
Dan Miller
d5c693d9db Merge remote-tracking branch 'origin/master' into Version-v10.12.0-alt 2022-03-25 14:56:57 -02:30
Dan J Miller
83a1e7c494 Merge remote-tracking branch 'origin/develop' into master-sync 2022-03-24 15:09:40 -02:30
MetaMask Bot
b6d123bd24 Version v10.12.0 2022-03-24 08:21:08 -02:30
Erik Marks
8ea8b50683 Version v10.11.4 2022-03-22 20:17:18 -07:00
Frederik Bolding
5107f06afa snaps-skunkworks@0.10.6 (#14070)
* snaps-skunkworks@0.10.6

* iframe-execution-environment@0.4.2

Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2022-03-22 19:55:51 -07:00
Frederik Bolding
cb89800a0a snaps-skunkworks@0.10.3 (#14041) 2022-03-22 19:55:51 -07:00
Erik Marks
680d30f095 snaps-skunkworks@0.10.2 (#13901) 2022-03-22 19:55:51 -07:00
Shane
059d5d0488 Fixed firefox Snaps + add initial end-to-end tests (#13671)
* Changed registryUrl for snaps only in firefox
Fixed getPlatform to only be imported into metamask-controller in flask
Removed snaps specific testrunner script and use run-all with a cli option

* Fixed flakey tests

* Removed unneeded await

* Added delay

* Fixed linting
2022-03-22 19:54:33 -07:00
Mark Stacey
d1be072805 Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (210 commits)
  Dark Mode:  Utilities -> Error (#14091)
  Fix dependency audit failure (#14114)
  Dark Mode: Connected Status Indicator (#14096)
  Dark Mode: Update PermissionsConnectPermissionList basic colors (#14072)
  Dark Mode: Remove white style from radio button (#14082)
  Dead Code Removal:  GasFeeDisplay (#14098)
  Dark Mode: Substitute primary color usage (#14094)
  Dark Mode: Fix Import Token Styles (#14099)
  Dark Mode: Home Notifications (#14095)
  Dark Mode: Account Details Modal (#14090)
  Dark Mode : Advanced gas fee (#14073)
  speedup transaction: save on advance gas modal should not close speed… (#14101)
  Dark Mode: Remove Unused Colors (#14088)
  Dark Mode: Connected Account Alert (#14083)
  Dark Mode: Token action circles (#14102)
  Dark Mode: Update colors in contact list (#14089)
  Dark Mode:  Error page (#14107)
  TextField: set bg color to default (#14106)
  Fix SrpInput small viewport styles (#14087)
  Dark Mode : Hide token confirm (#14076)
  ...
2022-03-22 16:43:00 -02:30