1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 01:39:44 +01:00
Commit Graph

99 Commits

Author SHA1 Message Date
legobeat
b7da0a98e4
@metamask/smart-transactions-controller@3.1.0->4.0.0 (#20016) 2023-07-19 06:42:50 +09:00
legobeat
0981509e82
devDeps: jsdom@11.12.0->16.7.0 (#19971)
* bump parse5; port patch

* devDeps: jsdom@11.5.1->16.7.0
  - patch-revert https://github.com/jsdom/jsdom/pull/2076
  - jsdom's storage-overriding does not play well with test suite usage of
localforage:
    $ yarn test:unit:global
    ✖ ERROR: TypeError: Cannot set property localStorage of #<Window> which has only a getter
        at Object.<anonymous> (/app/test/helpers/setup-helper.js:79:32)
        at Module._compile (node:internal/modules/cjs/loader:1198:14)
        at Module.m._compile (/app/node_modules/ts-node/src/index.ts:1459:23)
        at Module._compile (/app/node_modules/pirates/lib/index.js:136:24)
        at Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
        at newLoader (/app/node_modules/pirates/lib/index.js:141:7)
        at Object.require.extensions.<computed> [as .js] (/app/node_modules/ts-node/src/index.ts:1462:12)
        at Module.load (node:internal/modules/cjs/loader:1076:32)
        at Function.Module._load (node:internal/modules/cjs/loader:911:12)
        at Module.require (node:internal/modules/cjs/loader:1100:19)
        at require (node:internal/modules/cjs/helpers:108:18)
        at Object.<anonymous> (/app/test/setup.js:4:1)
        at Module._compile (node:internal/modules/cjs/loader:1198:14)
        at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
        at Module.load (node:internal/modules/cjs/loader:1076:32)
        at Function.Module._load (node:internal/modules/cjs/loader:911:12)
        at ModuleWrap.<anonymous> (node:internal/modules/esm/translators:169:29)
        at ModuleJob.run (node:internal/modules/esm/module_job:193:25)
        at async Promise.all (index 0)
        at ESMLoader.import (node:internal/modules/esm/loader:530:24)
        at importModuleDynamicallyWrapper (node:internal/vm/module:438:15)
        at formattedImport (/app/node_modules/mocha/lib/nodejs/esm-utils.js:7:14)
        at exports.requireOrImport (/app/node_modules/mocha/lib/nodejs/esm-utils.js:48:32)
        at exports.handleRequires (/app/node_modules/mocha/lib/cli/run-helpers.js:94:28)
        at /app/node_modules/mocha/lib/cli/run.js:353:25

* update lavamoat policies

* update lavamoat build policy
2023-07-13 23:06:08 +09:00
Mark Stacey
cc9d87c365
Fix intermittent build error (#19966)
Occasionally our builds have been failing with the error "Unexpected
end of JSON input", with a stack pointing at `lavamoat-core`. The file
in question was reading the policy, reading overrides, merging them,
then writing the policy back to disk.

The intermittent errors can be explained if the policy file was read in
one process while it was being written in another. The extension build
script builds bundles in multiple processes in parallel, so it does
follow that this would happen some of the time. This could result in a
partial policy file being read by the build script, resulting in a JSON
parsing error.

This has been fixed by removing the policy write step using a patch.
We don't need this step. We update the policy using a different
function altogether, and we have a CI job to ensure we never forget to
update it.
2023-07-11 18:27:52 -02:30
Mark Stacey
fc2402df5e
Update LavaMoat policies (#19744)
Update LavaMoat policies to match what CI expects.
2023-06-23 17:43:52 -02:30
weizman
365c1e32d2
Integrate Snow with LavaMoat scuttling protection (#17969) 2023-06-23 18:25:24 +03:00
Mark Stacey
3b9fd435fb
Validate LavaMoat policies on each PR (#19703)
* Validate LavaMoat policies on each PR

The LavaMoat policies are now validated on every PR. This makes it
easier to validate policy changes, as they should always correspond
with the changes made in the PR (unlike today, when they could be due
to a change in platform or a previous PR).

Closes #19680

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-06-23 09:50:36 -02:30
Elliot Winkler
16dad66da9
Update Chromedriver to v114 (#19648) 2023-06-22 09:41:03 -05:00
Mark Stacey
bce053f7ef
Update LavaMoat build policy (#19668)
The LavaMoat build policy has been updated to match what is generated
on CI.
2023-06-20 09:21:10 -02:30
legobeat
f286d16664
devDeps: bump and align devDependencies (#19194)
* devDeps: madge@^5.0.1->^6.1.0

* devDeps: dependency-tree@^8.1.2->^10.0.7

* devDeps: gh-pages@^3.2.3->^5.0.0

* devDeps: del@^3.0.0->^6.1.1

* devDeps: chalk@^3.0.0->^4.1.2

* dedupe

---------

Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-06-16 00:47:39 +09:00
Victorien Gauch
1fca9255c1
fix: refactor linea goerli testnet implementation (#19321)
* fix: refactor linea goerli testnet implementation

* fix: rename linea goerli network

* feat: add linea testnet logo

* update linea goerli block explorer url

* update @metamask/eth-json-rpc-infura package to version 8.1.0

* fix: refactor ticker map object in shared/constants/networks.ts files
2023-06-15 09:08:07 -02:30
Mark Stacey
b43900f743
Update message manager and signature controller (#19370)
* Update message manager and signature controller

The packages `@metamask/message-manager` and
`@metamask/signature-controller` have been updated to the latest
versions. These versions were part of part of the [core monorepo v53](MetaMask/core#1385)
release. The remaining packages released as part of v53 will be updated
in later PRs.

These releases included a few breaking changes, but none that affect
the extension. Both packages now expect `getCurrentChainId` to return
`Hex`, but that was already the case here. Additionally the signature
controller now has a peer dependency on the approval controller v3,
which is already present and at the correct version.

Relates to #19271

* Ignore error caused by TS bug

* Update types to omit metadata for encryption requests

* Update lavamoat policy
2023-06-14 11:27:41 -02:30
Matthew Walsh
4f4192c6f4
Await approval request in transaction controller (#19197) 2023-06-13 10:17:32 +01:00
Mark Stacey
2ee1e4d78b
Update LavaMoat policies (#19505)
The policy file for the build system was stale
2023-06-08 14:51:58 +09:00
Elliot Winkler
a4f3a5fdd0
Widen the number of test files that TS sees (#19403)
Currently, all test files are excluded from TypeScript's purview. That
means that if any test file fails to typecheck, we won't know about it.
In fact if we were to remove all test files from the `exclude` list,
then some files would indeed fail to be typechecked.

At the moment all we care about is the unit test file for
NetworkController. Due to how the `include`/`exclude` rules work in
`tsconfig.json`, we can't "un-exclude" that file after it's excluded, so
to fix this, we simply exclude fewer things.

While we're at it, we also:

- Add `esModuleInterop: true` to address warnings we sometimes see
  around imports
- Add `noEmit: true` so that we can run `tsc` to test typechecking on
  its own without producing any compiled files (so that ESLint doesn't
  accidentally pick them up)
- Clean up `tsconfig.json` slightly
2023-06-07 12:16:06 -06:00
Mark Stacey
7f82ea231c
Update @metamask/base-controller to v3 (#19343)
The `@metamask/base-controller` has been updated to v3, which is the
version released in the core monorepo v53 release. The other packages
released as part of v53 will be updated in later PRs.

Relates to #19271
2023-05-31 12:38:07 -02:30
Albert Olivé
057188d155
[MMI] Add code fences in signature-request (#18770)
* Started adding code fences in signature-request

* Finished code fencing

* Improving code

* Fixed storybook and code fences bundle

* Added missing dependency

* Fixed yarn.lock

* Fixing policies

* Updated package.json

* updating lavamoat

* lavamoat fix

* adds missing package

* runs yarn dedupe

* updates method name

* run lavamoat:auto again

* Added more code fences

* updates snapshot

* snapshot updates

* updates mmi packages to lighter versions

* updates mmi packages

* runs lavamoat auto

* updates yarn lock and runs lavamoat auto

* updates yarn lock

* updates targets file

* Removed console log and added tests

---------

Co-authored-by: António Regadas <apregadas@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: Antonio Regadas <antonio.regadas@consensys.net>
2023-05-24 13:41:21 +02:00
legobeat
8675c7863e
devDeps: storybook@7 (#19092)
* devDeps: pin @babel/core and @babel/runtime in resulotions
    Without this: misses patch, lavamoat error


* storybook 6 to 7 migration
* devDeps: add @storybook/addon-mdx-gfm
* fix lint deps
* devDeps: remove unused require-from-string
* devDeps/resolutions: @types/react@^16.9.53
* devDeps: add @storybook/cli
* storybook: new-frameworks migration
* iyarc: remove resolved dependency advisory
* deps: set globalthis@1.0.1 in resolutions
   This is required since a file is copied over from a set path in the dist
   package subdirectory as of d13aabde23 (#10014).
   A future update should either vendor the shim, or update to
   compatibility with a maintained upstream version.

* mdx2 migration fixes
* chore: bump ljharb packages
* devDeps: @storybook/*@^7.0.10->^7.0.11
* storybook: update preview.js to use v7 addon api
* ci/test/storybook: echo between storybook build&test
* ci/circleci: resources tweak
* info-tab: handle undefined global.platform
* update lavamoat build policy
* update lavamoat browserify policies
2023-05-18 11:07:42 +09:00
Frederik Bolding
125021e425
[FLASK] snaps-monorepo@0.33.1-flask.1 (#18913)
* snaps-monorepo@0.33.0-flask.1

* Add browser-passworder

* Patch babel/core

* Fix PermissionController messenger allowlist

* Update test-snaps

* Use latest patch

* Update LavaMoat policies

* Re-enable RPC E2E

* Make snaps iframe URL be a env variable and bump it

* Add new env variable to test env

* Add iframe URL to desktop build
2023-05-15 19:36:24 +02:00
OGPoyraz
37a2be0fbb
Add getCurrentChainId argument to SignatureController (#19078) 2023-05-11 10:22:42 +02:00
George Marshall
32688c2e3c
Adding ModalFocus component (#18979) 2023-05-09 14:33:29 -07:00
legobeat
1c199d3223
devDeps: storybook-dark-mode@1.1.2->2.1.1 (#18866)
* devDeps: @storybook/*->6.5.16

* devDeps: storybook-dark-mode@1.1.2->2.1.1

* add lavamoat build policy override
2023-05-08 22:48:29 +09:00
Brad Decker
b60b9f441f
Bundle size reduction: Upgrading ethereumjs/tx and ethereumjs/common (#18302)
* upgrade ethereumjs/tx and deps

* Yarn dedupe

---------

Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2023-05-05 10:55:41 -05:00
Frederik Bolding
910b9e713f
Use separate versions for Flask and Stable snaps (#18875)
* Use separate versions for Flask and Stable snaps

* Update LM policy override

* Add deps to depcheck

* Improve import
2023-05-03 15:16:43 +02:00
legobeat
576eee7adf
devDeps: eslint@8.14.0,8.20.0->8.36.0 (#18748)
* devDeps: eslint@8.14.0,8.20.0->8.36.0

- CVE-2021-4279 / CVE-2021-4279
- consolidate eslint into single version
  - port patches

* add eslintignore directive

* lavamoat: update build policy overrides
2023-04-28 07:45:15 +09:00
legobeat
2943ec3310
devDeps: bumps source-map related dependencies (#18830)
* devDeps: bumps source-map related dependencies

* update lavamoat build policy
2023-04-27 00:07:04 +09:00
Brad Decker
08f775796c
Policy formatting issue (#18810) 2023-04-25 15:54:13 -05:00
legobeat
2c1ed4e8f0
deps: replace gulp-dart-sass with gulp-sass. (#16302)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 09:37:30 -05:00
legobeat
a827c444fb
devDeps: security updates roundup (#18739)
* devDeps: resolutions: git-url-parse@^12=>13.1.0
  - CVE-2022-2900 / GHSA-j9fq-vwqv-2fm2

Depended on from now abandoned @storybook/storybook-deployer
  - https://github.com/storybook-eol/storybook-deployer/pull/131
  - https://github.com/IonicaBizau/git-url-parse/releases/tag/13.0.0
  - https://github.com/IonicaBizau/git-up/releases/tag/7.0.0

* devDeps: source-map-explorer@2.4.2->2.5.3
* devDeps: bump terser dependencies
   - CVE-2022-25858 / GHSA-4wf5-vphf-c2xc
* devDeps: shelljs@0.8.4->0.8.5
   - CVE-2022-0144 / GHSA-4rq4-32rv-6wp6
* devDeps: serve-handler@6.1.3->6.1.5, minimatch@3.0.4->3.1.2
  - CVE-2022-3517 / GHSA-f8q6-p94x-37v3
* devDeps: bump x-default-browser-id in resolutions
  - CVE-2021-33623 / CVE-2021-33623
  - https://npm-diff.app/x-default-browser@0.4.0...x-default-browser@0.5.2
* devDeps: pin glob-parent@^6.0.2 in resolutions
  - CVE-2020-28469 / GHSA-ww39-953v-wcq6
2023-04-25 17:09:22 +09:00
Mark Stacey
3776f4ad4c
Remove mobile sync feature (#18692)
The mobile sync feature has been removed. It has been disabled for
years. When we enable sync again, it will be using a different
implementation. This has already been removed on the mobile side.
2023-04-20 14:29:30 -02:30
legobeat
5d2c4c143a
devdeps: mocha@7.2.0->9.2.2 (#18195)
* devdeps: mocha@7.2.0->9.2.2

Maintenance upgrade

- Closes subdependency flat advisory
  - CVE-2020-36632 / GHSA-2j2x-2gpw-d8fm
- upgrade eslint-plugin-mocha to match
  - previously used `eslint-plugin-mocha` depended on mocha@^8.2.0

* devdeps: patch-bump ansi-regex

closes GHSA-93q8-gq69-wqmw

* update lavamoat policies
2023-04-14 10:49:22 +09:00
witmicko
fde18dec0c
link component (#17897)
Added externlalLink to ButtonLink

Co-authored-by: George Marshall <george.marshall@consensys.net>
2023-03-10 17:47:01 +00:00
Hassan Malik
7086494b72
[FLASK] BREAKING - snaps-monorepo@0.30.0 (#17718)
* updated snap permission to wallet_snap, updated tests and added migration

* updated snap packages

* yarn.lock fix

* fixed errors

* override policy

* update policy

* undo override

* updated localization message descriptions

* updated lavamoat policy

* more policy updates

* update permission controller version

* update policy

* update fixture builder

* updated code to include permission value to satisfy wallet_snap permission description call

* fix import issue

* update test-snaps version

* added missing actions, added snap permission dedupe function

* prettier fix

* fix fencing

* add more fencing

* prettier fix

* fix fencing (again)

* added new action and selector and updated view snap accordingly

* update test snaps website version

* unfence request variable

* add fencing

* add optional chaining to fix type error

* update migration #

* remove old migration

* prettier fix

* fix migration test

* fix fencing

* added missing fencing

* updated code to workaround fencing

* update test-snaps site version and remove snap confirm test

* update snap packages

* update policies

* fix merge marker issue

* update test

* more fixes

* fix permissions

* update test

* fixed test

* Bump test-snaps and iframe-execution-environment

* remove unused snap permission from fixture builder

* update policies

* undo comment removal, update selector implementation

* removed unnecessary function, updated migration, updated caveat action

* remove optional chaining

* fix type issue

* more type fixes

* fix migration test

* remove isFlask check, make migration logic more robust

* update coverage

* Update LavaMoat policies

* Update test/e2e/snaps/enums.js

* add extra bail condition

* Revert "add extra bail condition"

This reverts commit b45c53dcfc6e6e35a5e283d4955d6d6ea9ca5965.

* Revert "Revert "add extra bail condition""

This reverts commit cd2ded677935c9cdab0c02b6af55474c83727f60.

* fix test

* add SnapController entry to state object

* updated permission name and caveat type with hardcoded values

* add extra test for non-flask scenario

* update lavamoat policies

* fix locale messages

* change coverage target

* re-enable rpc snap test

* revert locale message change

* fix el message

* reverted changes

---------

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-03-08 13:29:23 -05:00
Thomas Huang
4735978b8d
Removal of enzyme pkge dep (#17261)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-02-14 12:14:00 -06:00
Brad Decker
c1f9c778c9
Add error module for safely handling errors (#17511)
Co-authored-by: Danica Shen <zhaodanica@gmail.com>
2023-02-02 13:30:57 -06:00
amerkadicE
dd09245ff6
Fix/use etherjs specific imports (#15461)
* replace ethers with submodules

Co-authored-by: Alex <adonesky@gmail.com>
2023-01-24 08:10:36 -06:00
Brad Decker
a9ef2a049a
add numeric module (#17324) 2023-01-20 15:16:56 -06:00
Nidhi Kumari
c5368c152b
Added storybook check to CI (#17092)
* added storybook test runner

* added test runner in ci

* updated test for ci and fixed lint error

* updated lavamoat policy

* updated test command

* updated playwright

* changed command to storybook;ci

* updated command

* updated instance for test-storybook

* updated playwright

* added playwright step

* replaced concurrently with start-server-and-test

* updated the static storybook directory

* replaced first with last

* updated lock file

* replaced first with last

* updated test-storybook with maxworkers

* updated .depchechrc

* updated yml

* removed id from banner base

* replaced broken stories with .stories-to-do.js extesnsion

* updated token allowance story

* removed duplicacies from yarn

* fixed lavamoat

* removed filename comment

* updated links for docs

* fixed file extension for stories

* updated path for stories.json

* updated stories.json path

* yarn updated

* updated stories

* updated yarn

* updated wait on
2023-01-21 00:57:46 +05:30
weizman
6d551f10fe
Update LavaMoat (core/lavapack) (#17061) 2023-01-18 14:35:37 +02:00
Alex Donesky
dc253068f9
update build system policy override config (#17163) 2023-01-12 14:01:29 -06:00
weizman
3cf5ef642f
Revert "Integrate new LavaMoat scuttling protection feature (#16994)" (#17043) 2022-12-22 17:26:53 +02:00
weizman
5d320ceec6
Integrate new LavaMoat scuttling protection feature (#16994)
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-12-21 12:54:30 -06:00
Dan J Miller
b3dbf62860
Add lavamoat policy override for react-responsive-carousel (#16955) 2022-12-14 14:35:28 -06:00
Alex Donesky
5d285f7be5
fix cached detected token results (#16866) 2022-12-14 12:26:08 +05:30
Frederik Bolding
659063b335
[FLASK] Allow Snaps UI to use Markdown for text formatting (#16911)
* Allow Snaps UI to use Markdown for text formatting

* Fix yarn audit and dedupe errors

* Update LavaMoat policies

* Fix lint

* Add paragraph wrapper component

* Fix lint
2022-12-13 15:37:20 +01:00
Brad Decker
6d1170f06c
upgrade yarn to version 3 (#16232)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ricky <ricky.miller@gmail.com>
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
Co-authored-by: legobt <6wbvkn0j@anonaddy.me>
Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
2022-12-08 10:38:04 -06:00
Maarten Zuidhoorn
c341abaea6
Use Webpack 5 for Storybook (#16678)
* Fix storybook

* Update policies

* Bump all Storybook dependencies to the latest version

* Add Storybook dependencies to depcheck ignore list

* Update policy-override.json

* Fix SectionShape circular dependency

* Change policy override for eslint-scope

* Fix some Webpack build issues

* Add missing dependency

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2022-11-29 19:23:36 +01:00
Elliot Winkler
51cffa15dd
Migrate to new controller packages (#16547)
* Migrate to new controller packages

`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.

[1]: https://github.com/MetaMask/controllers/pull/831

* Support GitHub registry for draft PRs (#16549)

* Add additional allowed host to lockfile linter

* Update LavaMoat policies

* Add policy exception for nanoid

* Add additional nanoid overrides

* Update LavaMoat policies again

* Bump controller packages

* Update lavamoat

* Bump controller packages

* Update packages to v1.0.0

* Expand gitignore comment

* Unpin controller dependencies, using ^ range instead

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-24 16:29:07 -03:30
David Walsh
266d7d93d5
Fix #15050 - MV3: Keep the user logged in when service worker restarts (#15558) 2022-11-23 18:49:24 -06:00
Brad Decker
c9527e745f
upgrade gulp-autoprefixer (#16439) 2022-11-15 08:40:56 -06:00
Erik Marks
a8c1756816
Remove 3box feature and delete ThreeBoxController (#14571)
* Remove 3box feature and delete ThreeBoxController

Lint locale messages

lavamoat policy updates

* Restore 3Box user trait with value `false`

The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.

A deprecation comment has been left in various places for this trait.

* Remove unused state

* Remove additional 3box-related things

* Run `yarn-deduplicate`

* Restore migration that was lost while rebasing

* Remove obsolete override

* Remove additional unused resolutions/dependencies

* Update LavaMoat policies

* Remove obsolete security advisory ignore entries

* Remove 3Box fixture builder method

* Update unit tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-10-31 13:50:50 -02:30