1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 04:20:53 +01:00
Commit Graph

1573 Commits

Author SHA1 Message Date
Dan J Miller
9573aa7515
Update @metamask/controllers to v6.2.1 (#10701) 2021-03-25 17:37:52 -02:30
kumavis
ff86465a24
deps - remove "remotedev-server" (#10687)
* deps - remove remotedev-server

* Remove stale references from allow-scripts config

Any packages that are no longer in the dependency tree have been
removed from the `allow-scripts` config.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-22 15:32:25 -02:30
Shane
b50fe3184a
fix: replace dnode background with JSON-RPC (#10627)
fixes #10090
2021-03-18 11:23:46 -07:00
Mark Stacey
1c573ef852
Improve specificity of test:unit:lax npm script (#10661)
The unit test npm script `test:unit:lax` is now more specific about
which tests files to exclude. An `--ignore` CLI option is used to
specify the files to ignore, rather than using the braces glob syntax
to ignore them from the target glob itself.

This makes the option easier to update going forward as we move more
tests into the "strict" group, because the options are exactly the same
between the two scripts. It also ensures we don't accidentally exclude
other subdirectories that happen to also be named `permissions`.

In trying to implement this, I stumbled at first because mocha expects
the ignore pattern to be a relative path if the target is a relative
path (i.e. they need to both start with `./` or neither). The script
`test:unit:strict` has been updated to use a relative target pattern
for consistency.
2021-03-17 10:50:59 -02:30
Brad Decker
5a233e4634
colocate tests in flat structure (#10655) 2021-03-16 16:00:08 -05:00
Erik Marks
a29fc51838
Ensure permission log will only store JSON-able data (#10524) 2021-03-10 11:50:06 -08:00
Mark Stacey
df9b4f933a Revert "add fsevents entry from allow-scripts for mac os x (#10605)"
This reverts commit 59f516ade2.
2021-03-10 15:37:18 -03:30
Brad Decker
38fe75b7d9
prefer chainId when building block explorer urls (#10587) 2021-03-09 15:37:19 -06:00
David Walsh
92680cf56f
Add support for multiple Ledger & Trezor hardware accounts (#10505) 2021-03-09 14:39:16 -06:00
Thomas Huang
3ba91df387
Unifies unit tests filename suffix to .test.js (#10607)
* Unifies the filename suffix to .test.js

* Display @babel/no-invalid-this rule for tx-controller.test.js

* Add test file extension to test:unit:global
2021-03-09 11:08:06 -08:00
Brad Decker
59f516ade2
add fsevents entry from allow-scripts for mac os x (#10605) 2021-03-08 15:53:06 -06:00
Brad Decker
80266cf33c
update @metamask/etherscan-link to v1.5.0 (#10603) 2021-03-08 13:52:24 -06:00
Mark Stacey
a09dab4f6b
Update elliptic to v6.5.4 to address security advisory (#10602)
The `elliptic` package has been updated to v6.5.4 to address a security
advisory regarding a vulnerability in v6.5.3. We are not affected by
this vulnerability to the best of our knowledge. This is just to stay
on the safe side, and fix our audit check.
2021-03-08 14:25:06 -03:30
Mark Stacey
83371dff3e
Update @lavamoat/allow-scripts to v1.0.4 (#10599)
This patch update fixes an install issue encountered when trying to
update `eth-trezor-keyring` from v0.5.2 to v0.6.0.
2021-03-05 14:38:01 -03:30
Etienne Dusseault
3128d183e1
make lavamoat optional for dev mode (#10538) 2021-03-03 15:52:42 +08:00
ryanml
b74b70df2a
Resolving pull-ws to v3.3.2 (#10543) 2021-03-02 10:34:58 +08:00
ty
b04120dd0f
Warn users when an ENS name contains 'confusable' characters (#9187)
* Add warning system for 'confusable' ENS names (#9129)

Uses unicode.org's TR39 confusables.txt to display a warning when
'confusable' unicode points are detected.

Currently only the `AddRecipient` component has been updated, but the new
`Confusable` component could be used elsewhere

The new `unicode-confusables` dependency adds close to 100KB to the
bundle size, and around 30KB when gzipped.

Adds 'tag' prop to the tooltop-v2 component

Use $Red-500 for confusable ens warning

Lint Tooltip component

Update copy for confusing ENS domain warning.

* Fix prop type

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-02-27 01:56:04 -03:30
Mark Stacey
59058b2f73
Fix ganache:start npm script (#10515)
This script was accidentally broken in #10499, which added the `.sh`
file extension to all Bash scripts. I forgot to update the
`ganache:start` script to use the new file extension.
2021-02-24 18:02:29 -03:30
Mark Stacey
681db78ff8
Add CI check to ensure LavaMoat policy is updated (#10493)
A CI job has been added to ensure the `allow-scripts` config and the
LavaMoat auto-generated policy is up-to-date. This will only run on
release branches and the `master` branch, because it's too difficult a
requirement to meet for each PR for contributors on macOS, due to
differences in the dependency graph caused by optional dependencies.

The `allow-scripts` and LavaMoat policy have both been updated using
`yarn allow-scripts auto` and `yarn lavamoat:auto`.
2021-02-24 12:22:28 -03:30
Brad Decker
aabe653240
Add Custom Network UI (#10310) 2021-02-22 10:20:42 -06:00
Etienne Dusseault
f196c9feb8
Add Lavamoat to build system (#9939)
* lavamoat - run build system in lavamoat

* lavamoat/allow-scripts - add missing policy entry

* update viz and lavvamoat

* trim policy file

* bump viz

* prue policy override

* regen policy file

* Update package.json

* Update package.json

* Apply suggestions from code review

Co-authored-by: kumavis <kumavis@users.noreply.github.com>

* update policy, remove redundant patches

* use yarn setup in CI

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-22 22:43:29 +08:00
David Walsh
3d579dfcef
Remove react-select and SimpleDropdown, use Dropdown (#10468) 2021-02-19 13:03:44 -06:00
Austin Akers
2122b8cf16
Hide links to etherscan when no block explorer is specified for a custom network (#10455)
Conditionally render view on Etherscan text if it's a custom network

Fixes: #5631
2021-02-17 09:45:30 -03:30
Mark Stacey
8a76dcc18a
Remove gulp-imagemin (#10435)
This package hasn't been used since #8140, which dropped it for being
too slow and of minimal benefit.

We should consider re-adding this as a CI check to ensure images are
optimized, but I don't think it should be re-added to the build process
itself.
2021-02-15 11:50:01 -03:30
Mark Stacey
932794a5dd
Remove gulp-babel package (#10437)
This has not been used in some time. The last import was removed in
the PR #4712
2021-02-15 11:03:51 -03:30
Mark Stacey
cbf375a6a2
Remove gulp-debug (#10436)
This dependency was added in #3781, but appears to have never actually
been used.
2021-02-13 17:05:34 -03:30
Mark Stacey
bc5a136af1
Remove unused react-test-renderer (#10431)
This package seems to have always been unused. I suspect it was added
years ago by mistake.
2021-02-13 17:03:13 -03:30
Mark Stacey
50c3b06563
Remove chai (#10440)
We don't seem to use chai assertions anywhere anymore. I'm unsure when
the last was removed.
2021-02-12 18:53:47 -03:30
Mark Stacey
eb879a7930
Remove deps-dump dependency (#10438)
This dependency was used in the Sesify bundle build task, which was
removed in #9514.
2021-02-12 18:11:37 -03:30
Mark Stacey
03562ff711
Remove file-loader package (#10439)
This dependency has not been used since #8249.
2021-02-12 17:50:31 -03:30
Mark Stacey
ff909d724e
Remove browserify-derequire (#10441)
This was used for the Sesify build, which was removed in #9514
2021-02-12 17:50:16 -03:30
Mark Stacey
d9e393f827
Remove babel-loader (#10442)
This dependency was added to get Storybook working, but since then it
has been made a direct dependency of Storybook. We no longer use it
directly, and we don't need it in our dependencies.
2021-02-12 17:49:56 -03:30
Mark Stacey
81ef9330c7
Remove multihashes (#10443)
This dependency was used in our IPFS ENS resolver, but it has not been
used directly since #6402.
2021-02-12 17:49:32 -03:30
Mark Stacey
036e1cf8ce
Remove regenerator-runtime (#10430)
This package was added as a devDependency to address a peerDependency
warning when installing Storybook v5.3.14. We're now using Storybook
v6, which doesn't list this as a peerDependency.
2021-02-12 14:20:12 -03:30
Mark Stacey
a9a6614290
Remove gulp-replace (#10432)
This package has not been used since #4712.
2021-02-12 14:19:43 -03:30
Mark Stacey
906324cb5e
Remove gulp-multi-process (#10434)
This package has not been used since #8140. We now spawn separate
processes directly in our build script rather than using this gulp
plugin to do so.
2021-02-12 14:16:25 -03:30
Mark Stacey
b9a3d3442f
Update react-devtools (#10429)
This update includes various improvements and bug fixes.
2021-02-12 14:06:43 -03:30
Mark Stacey
aadb8ac0ac
Fix start:dev script (#10399)
The `start:dev` script relies upon `electron` and `sqlite`, both of
which had their install scripts disabled by `allow-scripts`. Without
those two packages, `start:dev` crashes immediately.

The manifest has been updated to ensure install scripts run for both
packages. `start:dev` now works.
2021-02-08 12:36:32 -03:30
kumavis
1e086aeb06
storybook/i18n - add i18n party button (#10382) 2021-02-08 23:45:06 +08:00
Mark Stacey
9dc88397dc
Update @metamask/inpage-provider from v8.0.3 to v8.0.4 (#10378)
Fixes #10356

There was a bug in the inpage provider that would mistakenly report
usage of our injected `web3` instance when the `web3.currentProvider`
property was accessed. This was fixed in v8.0.4 of
`@metamask/inpage-provider`.
2021-02-08 20:41:39 +08:00
kumavis
b0215738a2
storybook - i18n toolbar (#10381)
* storybook - i18n toolbar

* lint fix
2021-02-06 10:28:54 +08:00
kumavis
6a6b27a04d
"yarn setup" - the new way to install your deps (#10379)
* deps - run "yarn setup" to install deps

* doc - add "yarn setup" to local dev instructions
2021-02-05 12:11:45 -03:30
Erik Marks
2d777c9178
Update allow-scripts config (#10375) 2021-02-04 10:41:21 -08:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
kumavis
efd280172f
ci - run storybook and add to build-artifacts (#10360)
* ci - run storybook and add to build-artifacts

* ci/storybook - rename storybook build path and fix artifact upload

* ci/storybook - rename link text

* clean - remove accidently committed storybook build dir

* storybook - fix image path to relative (#10364)
2021-02-04 22:30:22 +08:00
kumavis
b2d40f4e3a
deps - bump allow-scripts (#10370) 2021-02-04 09:39:45 -03:30
Etienne Dusseault
fc409a103b
Add .yarnrc to disable scripts (#10354)
* add yarn rc file to disable scripts

* remove ignore scripts in CI

* re-add entry

* add lavamoat preinstall always fail

* allow-scripts - add missing package to denylist

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-03 21:53:12 -03:30
kumavis
b98cef16af
Update to Node v14 (#9514)
* manual rebase against develop

* Update .nvmrc
2021-02-03 13:45:38 +08:00
Etienne Dusseault
6b34fb4184
Use @lavamoat/allow-scripts (#10009)
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-02-01 20:08:42 -08:00
Erik Marks
bd57705b5f
@metamask/contract-metadata@1.22.0 (#10285) 2021-01-25 12:17:01 -08:00
David Walsh
9b4715cc8f
Update postMessage structure for TrezorConnect 8 (#10192) 2021-01-21 11:12:54 -06:00
Mark Stacey
6de41a1cf6
Update @reduxjs/toolkit from v1.3.2 to v1.5.0 (#10228)
The changes made between v1.3.2 and v1.5.0 of `@reduxjs/toolkit` don't
appear to affect us at all. They mostly consist of feature additions
and bug fixes for edge cases we haven't encountered.[1]

The one change that is technically breaking is that v8 of `immer` now
freezes state objects in production rather than just in development.
That would only be breaking if we were mutating Redux state though,
which we aren't doing in the few Redux slices in which we use
`@reduxjs/toolkit`. Even if we were, we would have noticed that it
broke in development already.

[1]: https://github.com/reduxjs/redux-toolkit/releases
2021-01-21 10:04:03 -03:30
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
118281b9a9
@metamask/inpage-provider@8.0.3 (#10219)
Restores the provider `data` event.
2021-01-20 10:42:59 -08:00
Brad Decker
acbe38c260
use dart sass, and update related modules (#10208) 2021-01-19 10:54:32 -06:00
Erik Marks
849a47afba
@metamask/inpage-provider@8.0.2 (#10178) 2021-01-12 14:22:22 -08:00
Erik Marks
d7c648db98
eth-method-registry@2.0.0 (#10169) 2021-01-11 08:27:51 -08:00
Erik Marks
6abb32f042
@metamask/contract-metadata@1.21.0 (#10142) 2021-01-05 11:08:23 -08:00
Brad Decker
7a65b33788
add module resolution for node-analytics/axios (#10139) 2021-01-04 17:44:16 -06:00
Erik Marks
2f6f8966bb
@metamask/contract-metadata@1.20.0 (#10116) 2020-12-21 12:07:32 -08:00
Mark Stacey
bba2b9646d
Update @metamask/controllers to v5.1.0 (#10096)
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.

I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.

This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
2020-12-17 12:06:29 -03:30
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
Mark Stacey
da1aae772b
Remove coveralls (#10063)
We don't look at coveralls very much. We might occasionally consult it
to see a report on our code coverage, but that report is already
generated entirely locally, and has been added to the MetaMask bot
comment in #10061.
2020-12-11 16:20:45 -03:30
Mark Stacey
4a5a2881d0
Update selenium-webdriver and geckodriver (#10057)
Update `geckodriver` to the latest version, and `selenium-webdriver`
to the second-most-recent version. Updates include various dependency
updates, bug fixes, and minor features. None of the updates seem to
directly affect us, aside from one new feature of `selenium-webdriver`
that updates the `installAddon` function to support `.zip` files, which
will be used in a subsequent PR.

`selenium-webdriver` was pinned one version behind latest because the
latest version caused our Chrome e2e tests to fail with a mysterious
error whenever `getAttribute` was called on a WebElement.
2020-12-11 12:03:20 -03:30
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Mark Stacey
d13aabde23
Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-08 15:08:31 -03:30
Dan J Miller
97d268c8ee
Remove use of ethgasstation; use metaswap /gasPrices api for gas price estimates (#9867)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates

* Remove references to ethgasstation

* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates

* Update ui/app/hooks/useTokenTracker.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

* Delete gas price chart

* Remove price chart css import

* Delete additional fee chart code

* Lint fix

* Delete more code no longer used after ethgasstation removal

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-12-02 19:55:19 -03:30
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Erik Marks
df209612d5
@metamask/etherscan-link@1.4.0 (#9970) 2020-12-02 08:59:04 -08:00
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00
Mark Stacey
cc1161a52a
Add metrics e2e test (#9784)
An e2e test has been added that uses the new mock Segment server to
verify that the three initial page metric events are sent correctly.

Using the mock Segment server requires a special build with this mock
Segment server hostname embedded, so a distinct job for building and
running this test was required. As such, it was left out of the
`run-all.sh` script.
2020-12-01 17:54:56 -03:30
Mark Stacey
429847a686
Update to @storybook/*@6 (#9956)
Our Storybook dependencies have been updated to v6.1.9, from v5. This
was done to address a security vulnerability in a transitive dependency
of these packages (`highlight.js`).

The primary changes required by this Storybook update were the change
in import path for the `withKnobs` hook, the change in background
config format, and the webpack configuration. Storybook seems to work
correctly.

The migration was guided by the Storybook changelog[1] and the
Storybook v6 migration guide[2].

There is one Storybook error remaining; it fails to load the Euclid
font. This is a pre-existing error though, so we can fix it in a later
PR.

The `yarn.lock` file was deduplicated in this PR as well, as it was
required to fix various install warnings that were introduced with this
update.

[1]: https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md
[2]: https://github.com/storybookjs/storybook/blob/next/MIGRATION.md
2020-11-30 16:40:46 -03:30
Niranjana Binoy
6a9c15d4a4
updating the version of extension-port-stream to latest (#9942) 2020-11-24 14:32:06 -05:00
David Walsh
bf65c979d2
Use async storage instead of localstorage (#9919) 2020-11-24 09:38:04 -06:00
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
Erik Marks
f8f3faf539
resolve-url-loader@3.1.2 (#9925) 2020-11-20 13:52:07 -08:00
Dan J Miller
a9fcf0ea86
Use getTokenTrackerLink for asset view etherscan link in token-asset.js (#9913) 2020-11-19 00:59:42 -03:30
Erik Marks
74839831c0
@metamask/controllers@4.2.0 (#9849) 2020-11-13 11:04:48 -08:00
Erik Marks
aa85533368
@metamask/controllers@4.0.2 (#9839) 2020-11-09 18:19:42 -08:00
Erik Marks
80834b775d
@metamask/controllers@4.0.0 (#9838) 2020-11-09 14:00:10 -08:00
Erik Marks
6aa6052318 eth-sig-util@3.0.0 2020-11-09 08:57:18 -08:00
David Walsh
dcd2927f03
Update etherscan-link to 1.2.0 (#9789) 2020-11-04 17:05:38 -06:00
Erik Marks
a6f676764f @metamask/test-dapp@4.0.1 2020-11-04 10:17:10 -08:00
Erik Marks
d2dc4a62c4 @metamask/test-dapp@4.0.0 2020-11-03 21:35:03 -08:00
Brad Decker
3c171de44c
potential fix for METAMASK-GKCN (#9768) 2020-11-03 11:58:22 -06:00
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
d0d7a3d01f
Remove redundant mocha command (#9738)
The command `mocha` was included twice in `test:unit:global`
accidentally. The second occurrence was interpreted as a filename, and
would result in the following warning:

`Warning: Cannot find any files matching pattern "mocha"`

The second instance has been removed, and the warning no longer
appears.
2020-10-28 05:03:05 -02:30
Mark Stacey
d1b4d29219
Update ganache-core and ganache-cli (#9725)
`ganache-core` and `ganache-cli` have been updated to the latest
published versions.

Two Yarn resolutions have been made unnecessary by this update, so they
have been removed. They were added to update dependencies of
`ganache-core` to address security advisories. They have since been
updated in the latest `ganache-core` release.
2020-10-26 21:08:49 -02:30
Brad Decker
7d50357684
remove matomo and route to segment (#9646) 2020-10-26 14:05:57 -05:00
Erik Marks
bb2eed6a8d
@metamask/test-dapp@3.2.0 (#9707) 2020-10-23 20:59:49 -07:00
Etienne Dusseault
69d45ab46c
Add ses lockdown to build system (#9568)
* Add ses lockdown to build system using lavamoat-core

* use proper object.assign version

* disable lint rules for ses lockdown

* deps - update rtlcss

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-10-23 21:04:42 -02:30
Whymarrh Whitby
10227266f9
Fix node/no-unsupported-features/node-builtins issues (#9684)
Refs #9663

See [`node/no-unsupported-features/node-builtins`][1] for more information.

This change enables `node/no-unsupported-features/node-builtins` and fixes the issue
raised by the rule.

The `engines.node` version is updated to reflect the version specified by the `.nvmrc`
file and the version used by CircleCI:

```bash
$ cat .nvmrc
v10.18.1
```

```bash
$ docker run --rm -it circleci/node@sha256:e16740707de2ebed45c05d507f33ef204902349c7356d720610b5ec6a35d3d88 node --version
v10.18.1
```
2020-10-22 16:24:57 -02:30
Mark Stacey
7d0a7ab301
Update @metamask/eslint-config to v4.1.0 (#9663)
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.

Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.

Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
2020-10-21 14:01:03 -02:30
Ari Lotter
c3fafe311e
Spawn yarn processes in a cmd subshell on Windows (#9628)
On Windows, spawn fails if the exact filename
of a binary isn't passed. e.g. `spawn('yarn')` fails
because the binary is named `yarn.cmd`.
Instead, we depend on `cross-spawn` which handles differences
in `spawn` across platforms.
2020-10-20 01:37:23 -02:30
Mark Stacey
aae176537f
Update Sentry to the latest version. (#9597)
All three of our Sentry packages have been updated to the latest
versions. There appear to have been no breaking changes - just bug
fixes and new features.
2020-10-14 13:30:28 -02:30
Whymarrh Whitby
3353c33981
Use eth-contract-metadata@1.16.0 (#9540) 2020-10-09 13:07:23 -02:30
Whymarrh Whitby
e20cf61915
Fix Storybook build (#9526)
[skip e2e]
2020-10-08 15:33:30 -02:30
Dan J Miller
30d13422b5
Add MetaMask Swaps (#9482) 2020-10-06 15:58:38 -02:30
Whymarrh Whitby
8f3b81f67a
Use node-forge@0.10.0 (#9473)
This change updates `node-forge` to the latest published version, 0.10.0. This
update resolves a security advisory [1] brought in via our `3box` dependency.

  [1]:https://www.npmjs.com/advisories/1561
2020-10-01 16:37:07 -02:30
ricky
b00cd344d9
Use ethers to validate mnemonic during import (#9463) 2020-09-28 18:43:42 -02:30
Erik Marks
48e2880731
rpc-cap@3.2.0 (#9461) 2020-09-24 08:33:48 -07:00
Erik Marks
60d4b6aa41
@metamask/controllers@3.1.0 (#9460) 2020-09-23 13:24:24 -07:00
Mark Stacey
97b49b7614
Add prettier-plugin-sort-json (#9450)
JSON files are now sorted by key with `prettier`, using the plugin
`prettier-plugin-sort-json`. This does not affect `package.json`
because `prettier` uses a special parser for that file, as it has
a more restrictive format than JSON.
2020-09-23 12:21:42 -02:30
Erik Marks
3f2a7fd6ac
eth-json-rpc-filters@4.2.1 (#9452) 2020-09-22 21:55:59 -07:00
Erik Marks
242a5b3f23
eth-json-rpc-infura@5.1.0 (#9451) 2020-09-22 20:46:02 -07:00
Erik Marks
6b81da2a73
json-rpc-engine@5.3.0 (#9449) 2020-09-22 19:03:26 -07:00
Erik Marks
2eb8a9aca9
eth-json-rpc-middleware@6.0.0 (#9448) 2020-09-22 19:03:12 -07:00
Whymarrh Whitby
b83bca7223
Use eth-phishing-detect@1.1.14 (#9423) 2020-09-16 16:24:56 -02:30
Whymarrh Whitby
3b70cf64ec
Use @metamask/controllers@3.0.1 (#9416) 2020-09-16 14:34:28 -02:30
Whymarrh Whitby
34b3953815
Use eth-json-rpc-middleware@5.0.3 (#9405) 2020-09-14 19:17:29 -02:30
dependabot[bot]
b1665dedc6
Bump node-fetch from 2.6.0 to 2.6.1 (#9399)
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 15:45:42 -02:30
Brad Decker
8b24f624dd
add segment implementation of metametrics (#9382)
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-09-14 12:04:05 -05:00
Mark Stacey
9391eac670
Update @metamask/eth-token-tracker from v3.0.0 to v3.0.1 (#9398)
`v3.0.1` of `@metamask/eth-token-tracker` fixes how token balances are
displayed when they are between 1 and 0.1. See here for more details:
https://github.com/MetaMask/eth-token-tracker/pull/47
2020-09-11 19:03:24 -03:00
Mark Stacey
ce66ddcf0d
Use prettier for JSON linting (#9396)
Instead of using `eslint-plugin-json` for linting JSON files,
`prettier` is now used. `prettier` is capable of detecting and
correcting more problems than `eslint-plugin-json` can, such as
indentation.

All JSON files have been run through `prettier`. The changes are all
superficial.
2020-09-11 10:57:39 -03:00
Whymarrh Whitby
e2dedaacdb
Use Infura v3 API (#9368)
* Use eth-json-rpc-infura@5.0.0
* Use Infura v3 API
* Add example .metamaskrc file
2020-09-10 13:46:00 -02:30
Whymarrh Whitby
1e99a7b0c3
Migrate to scoped @metamask/jazzicon (#9341) 2020-09-02 12:37:56 -02:30
Whymarrh Whitby
a6e93a6344
Use ganache-core/websocket@1.0.32 (#9340)
This change updates `websocket` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ ganache-core                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ ganache-core > websocket > gulp > gulp-cli > yargs >         │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-09-02 12:36:12 -02:30
Whymarrh Whitby
72313f011d
Use derequire@2.1.1 (#9332)
This change updates `derequire` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ browserify-derequire                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ browserify-derequire > derequire > yargs > yargs-parser      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-08-31 21:54:06 -02:30
Whymarrh Whitby
1024f49275
Use @metamask/eslint-config@3.2.0 (#9330) 2020-08-31 13:11:15 -02:30
Erik Marks
3aaa41ef44
Replace abi-decoder with ethers (#9290)
* replace abi-decoder with ethers

* handle transaction parsing errors

* update token param getter function names

* add docstrings
2020-08-21 19:29:19 -07:00
Erik Marks
02d318d493
Add @metamask/logo (#9281)
* Remove metamask-logo
2020-08-20 10:48:43 -07:00
Dan J Miller
42f4c2e407
MetaMask mascot support for provided directions targets and toggling followMouse (#9166)
* MetaMask mascot support for provided directions targets and toggling followMouse

* Fixes for mascot.component.js

* Update metamask-logo version to 2.4.0

* Lint fix

* Fix mouse follow updating

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Improve mascot story name

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update package.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Lint fix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-20 05:29:03 -02:30
Thomas Huang
5f11273550
Add react-testing-library/react (#9249)
* Add react-testing-library

Adds react-testing-library as a dependency, creates a wrapper function with Provider store/I18n context support, and implements it in unconnected-account-alert.

* Refactor renderWithProvider store to extra param, instead of component prop store
2020-08-19 21:13:59 -07:00
Whymarrh Whitby
2b7a692658
Use @metamask/eslint-config@3.1.0 (#9275)
This change updates the shared ESLint config to the latest published version,
v3.1.0.

From the config [`CHANGELOG.md`][1]: v3.0.1 has disabled `prefer-object-spread`
by default, so it has been enabled for this project.

  [1]:https://github.com/MetaMask/eslint-config/blob/master/CHANGELOG.md
2020-08-19 17:34:58 -02:30
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
5c74420850
Use @metamask/controllers@2.0.5 (#9266) 2020-08-18 21:37:02 -02:30
Whymarrh Whitby
e8b31a77b9
Use copy-webpack-plugin@6.0.3 (#9197)
This updates the `copy-webpack-plugin` to the latest published version, 6.0.3,
resolving [a high-severity security advisory][1] with its `serialize-javascript`
dependency.

  [1]: https://www.npmjs.com/advisories/1548

See https://www.npmjs.com/advisories/1548 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Remote Code Execution                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ serialize-javascript                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=3.1.0                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ copy-webpack-plugin                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ copy-webpack-plugin > serialize-javascript                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1548                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```

The relevant [`v6.0.0`][2] breaking changes:

- minimum supported Node.js version is 10.13
    -  We use 10.18.1 locally and on CI
- the plugin now accepts an object, you should change `new CopyPlugin(patterns, options)` to `new CopyPlugin({ patterns, options })`
    -  Updated `.storybook/webpack.config.js`

  [2]:https://github.com/webpack-contrib/copy-webpack-plugin/releases/tag/v6.0.0
2020-08-12 22:02:40 -02:30
Erik Marks
5527a6d9e9
Remove web3 e2e tests (#9159) 2020-08-07 12:29:50 -07:00
Whymarrh Whitby
d0366ad8f2
Use luxon@1.24.1 (#9154) 2020-08-07 12:33:03 -02:30
Thomas Huang
9e1aed88c2
Update 'react-devtools' to ^4.8.0 (#9140)
* bump-react-devtools

* Completed yarn lock after version bump of react-devtools
2020-08-06 12:30:28 -07:00
Mark Stacey
96dd435538
Add validate-source-maps npm script (#9134)
This script executes the `sourcemap-validator.js` script to validate
the source maps in the `dist` directory.
2020-08-04 12:10:28 -03:00
Mark Stacey
c7db4c5a4d
Update brfs from v1.6.1 to v2.0.2 (#9115)
We were not affected by the breaking changes introduced with v2.0.0.
This was updated primarily to get a bugfix relating to source maps, and
to update some older transitive dependencies.
2020-07-30 17:44:13 -03:00
Mark Stacey
b19e048f58
Update browserify from v16.2.3 to v16.5.1 (#9113)
The changes between these two versions don't seen to affect us a great
deal. The browserify dependency updates do result in changes to our
production bundle, but the changes have no obvious functional impact.
2020-07-30 16:02:27 -03:00
Mark Stacey
081153a0df
Update sesify-viz from v3.0.9 to v3.0.10 (#9111)
The changes between v3.0.9 and v3.0.10 are minimial - just some minor
improvements to error handling.
2020-07-30 14:55:46 -03:00
Mark Stacey
ee291d48e9
Update gulp-rename from v1.4.0 to v2.0.0 (#9112)
The changes between these versions don't affect us. The breaking change
was related to passing in a function to `gulp-rename`, which we don't
do.
2020-07-30 14:55:26 -03:00
Mark Stacey
3f53db1846
Update source-map-explorer from v2.0.1 to v2.4.2 (#9110)
The output remains identical between these two versions, and none of
the changelog entries appear relevant to us (aside from maybe some of
the bug fixes).
2020-07-30 14:43:02 -03:00
Whymarrh Whitby
d990de4a0c
Update dependencies (#9105)
This change updates the following two dependencies to address high severity advisories in the production dependencies:

* Use elliptic@6.5.3
* Use dot-prop@5.2.0

The public advisories:

- `elliptic`: [npm](https://www.npmjs.com/advisories/1547)
- `dot-prop`: [npm](https://www.npmjs.com/advisories/1213), [GHSA-ff7x-qrg7-qggm](https://github.com/advisories/GHSA-ff7x-qrg7-qggm)

I don't believe there to be any functional changes here:

- I don't think we hit any (important?) codepaths of the whole `ipld-zcash/zcash-bitcore-lib/elliptic` subtree of 3Box
- `dot-prop` doesn't have a changelog but;
    - Looking through [`v3.0.0...v4.0.0`](https://github.com/sindresorhus/dot-prop/compare/v3.0.0...v4.0.0) it would seem that the breaking change was requiring Node.js 4 ([`88b6eb6`](88b6eb66cf))
    - The only breaking change listed for [v5.0.0](https://github.com/sindresorhus/dot-prop/releases/tag/v5.0.0) was requiring Node.js 8.
2020-07-29 19:39:47 -02:30
Mark Stacey
a69245d9ba
Improve source maps (#9101)
Our source maps were being corrupted during minification, because the
`gulp-terser-js` plugin we were using didn't account for the existence
of sourcemaps in the input. A configuration option to allow the input
of sourcemaps was added in v5.2.0. The plugin has been updated, and we
now use this option.

Previously the generated sourcemaps had an invalid entry in the
"sources" array, with the filename of the bundle itself. This was not a
real source. After this change, this invalid source is no longer
present.
2020-07-29 17:31:01 -03:00
Erik Marks
a3cad5d52e
rpc-cap@3.1.0 (#9103) 2020-07-29 12:56:24 -07:00
Erik Marks
99899b5df9
json-rpc-engine@5.2.0 (#9091) 2020-07-28 10:01:24 -07:00
ryanml
b4663eb78b
Fixes MetaMask/metamask-extension#8626 - verifies password on requesting seed phrase (#9063) 2020-07-24 19:47:40 -03:00
Brad Decker
21292a8ed1
update eth-token-tracker (#9056) 2020-07-22 15:31:22 -05:00
Whymarrh Whitby
33430f6dea
Use content-hash@2.5.2 (#9051) 2020-07-22 15:19:49 -02:30
Erik Marks
3c9a51d1af
@metamask/inpage-provider@6.1.0 (#9046) 2020-07-21 15:21:02 -07:00
Erik Marks
a51c518d09
@metamask/inpage-provider@6.0.1 (#9003) 2020-07-15 12:34:08 -07:00
Mark Stacey
49c46c9ed2
Update stylelint from v9.10.1 to v13.6.1 (#9001)
The changes made between v9.10.1 and v13.6.1 don't appear to be
relevant to us, aside from bug fixes that we'd benefit from.

`gulp-stylelint` also needed to be updated, as it's in-step with
`stylelint`. It went from v7 to v13.0.0. The changes aren't notable
here for us either.
2020-07-15 16:03:14 -03:00
Mark Stacey
c9dfc62123
Fix stylelint (#8169)
* Stylelint: Ignore only top-level directories

The `.stylelintignore` entries lacked leading slashes, so most of the
UI code was ignored (because it fell under the `ui/app` directory, and
`app/` was ignored.

The leading slashes ensure only the intended top-level directories are
ignored.

* Simplify stylelint rules

We use the `stylelint-config-standard` rule-set, so most commonly-used
stylelint rules are inherited from that.

Some of the removed rules were redundant, some of them were more strict
than the rules in `standard` and we hadn't been following them in
practice, and some were obsolete.

* Convert stylelint config to JavaScript

JavaScript is a bit easier than JSON to work with, as it allows
comments.

This was also done to make it easier to merge in the `stylelint-config-
standard`, which is also in JavaScript.

* Inline `stylelint-config-standard`

I intend to go through each of these rules one-by-one, which is easier
with all of these rules inlined. Selectively overriding/disabling them
would have been messy.

* Comment out rules that aren't current working

These rules have been temporarily disabled. They will be re-renabled
one-by-one as they are fixed. This was done to make it easier to split
these changes among separate PRs, as many of the rules require
extensive functional changes.

* Add `stylelint` to `lint` script

`stylelint` is now run as part of the `lint` script. There is also a
separate `lint:styles` script for running just `stylelint`.
2020-07-14 16:12:53 -03:00
Whymarrh Whitby
6b97cb8c5c
Use eslint-plugin-mocha@6.3.0 (#8984) 2020-07-14 14:26:03 -02:30
Whymarrh Whitby
14c952b15c
Use eslint-plugin-import@2.22.0 (#8983) 2020-07-14 13:43:19 -02:30
Whymarrh Whitby
4f0a205369
Use eslint@6.8.0 (#8978)
* Use eslint@6.8.0
* yarn lint:fix
2020-07-14 12:50:41 -02:30
Whymarrh Whitby
07237e3dbf
Use extract-zip@1.7.0 (#8977) 2020-07-14 11:04:46 -02:30
Whymarrh Whitby
6b9a3fb9a6
Use abortcontroller-polyfill@1.4.0 (#8970) 2020-07-14 10:06:06 -02:30
Whymarrh Whitby
956dea91fb
Use gonzales-pe@4.3.0 (#8971) 2020-07-14 10:05:36 -02:30
Whymarrh Whitby
0d8b399609
Use lodash@4.17.19 (#8969) 2020-07-14 10:05:08 -02:30
Mark Stacey
2856af2336
Remove integration tests (#8959)
The remaining integration tests are all covered by e2e tests, so
they're no longer needed.

All associated scripts, fixtures, and dependencies have also been
removed.
2020-07-10 12:22:36 -03:00
Mark Stacey
111bef2baa
Update @metamask/test-dapp to v3.1.0 (#8963)
This updated test dapp has a new `personal_sign` button. It also fixes
the `Encrypt` button, which was broken in `v3.0.0`.

The `signature-request` e2e test needed to be updated to find the
'Sign' button by id rather than by text, since there are now two
buttons with the text 'Sign'.
2020-07-10 10:43:18 -03:00
Mark Stacey
c3e330aa2b
Remove unused watch:test:unit script (#8960)
This script used `nodemon`, which is not among our dependencies, so it
doesn't work.
2020-07-10 00:58:57 -03:00
Brad Decker
3cbcc913e9
update material-ui/core (#8950) 2020-07-09 16:05:44 -05:00
Brad Decker
cd4903f65e
remove ramda (#8932) 2020-07-08 15:17:53 -05:00
Whymarrh Whitby
88e33c8d79
Use lodash@4.17.17 (#8940) 2020-07-08 14:08:04 -02:30
Brad Decker
14416a796a
add support for nullish coalescing (#8935) 2020-07-07 15:15:04 -05:00
Erik Marks
f4c60df0c1
rpc-cap@3.0.1 (#8929) 2020-07-06 11:50:05 -07:00
Erik Marks
8bc02d4b5e
rpc-cap@3.0.0 (#8924)
* rpc-cap@3.0.0

* adapt use of rpc-cap for new major version
2020-07-05 12:49:22 -07:00
Erik Marks
2f2cf07ef5
eth-json-rpc-middleware@5.0.2 (#8923) 2020-07-04 17:04:55 -07:00
Erik Marks
916edc64f0
@metamask/inpage-provider@6.0.0 (#8921) 2020-07-04 10:13:00 -07:00
Erik Marks
b6504341bd
@metamask/test-dapp@3.0.0 (#8902) 2020-07-03 11:12:32 -07:00
Mark Stacey
af1f6a1af4
Fix dapp script in package.json (#8900)
This script is relied upon by our e2e tests. It was broken in #8888,
because `@metamask/test-dapp` was updated to a version with a different
directory structure. The website is now in the `dist` directory instead
of the `website` directory.
2020-07-02 22:56:09 -03:00
Erik Marks
d3aa9f8620
eth-keyring-controller@6.0.1 (#8897) 2020-07-02 17:33:49 -07:00
Erik Marks
dd209c8fd2
@metamask/test-dapp@2.2.0 (#8888) 2020-07-02 11:05:16 -07:00
Erik Marks
04198ec30a
update inpage provider (#8872)
Update `@metamask/inpage-provider` to v5.2.1
2020-06-29 15:57:36 -03:00
Erik Marks
79e001b9ac
eth-contract-metadata@1.15.0 (#8871) 2020-06-29 15:56:58 -03:00
Erik Marks
242db43700
Update inpage provider, deprecation warnings (#8854) 2020-06-24 15:21:57 -07:00
Erik Marks
3bd4528d9d
Update test-dapp (#8856)
* update test-dapp
2020-06-24 14:16:51 -07:00
Erik Marks
be3ac50791
Update eth-json-rpc-middleware (#8847) 2020-06-23 13:08:41 -07:00
Erik Marks
04de9a92c5
Fix signing method bugs (#8833)
* update signTypedData validation

* update tests for new eth-json-rpc-middleware

* remove lowercasing of tx 'from' addresses
2020-06-23 09:12:11 -07:00
Whymarrh Whitby
2abbeadbfb
Use node-sass@4.14.1 (#8844)
This change updates our `node-sass` dependency to the latest version, 4.14.1.
This resolves two security advisories brought in by an outdated `yargs-parser`
subdependency.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ node-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ node-sass > sass-graph > yargs > yargs-parser                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp-sass > node-sass > sass-graph > yargs > yargs-parser    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-23 05:51:43 -02:30
Whymarrh Whitby
dc398191e0
Use @metamask/controllers@2.0.1 (#8832) 2020-06-18 12:10:01 -02:30
Brad Decker
2f50e9fd72
Restore timing function (#8774)
* restore and enhance the time est feature

background: we had a feature for showing a time estimate on pending txs
that was accidently removed during the redesign implementation. This PR
restores that feature and also enhances it:
1. Displays the time estimate on all views instead of just fullscreen
2. Uses Intl.RelativeTimeFormat to format the time
3. Adds a way to toggle the feature flag.
4. Uses a hook to calculate the time remaining instead of a component

* Update app/_locales/en/messages.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* do not display on test nets

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-12 13:46:01 -05:00
Brad Decker
13d6803698
Adds the rule of hooks eslint rule (#8779) 2020-06-10 13:31:14 -05:00
Brad Decker
34fb525ce5
Limit Dapp permissions to primary account (#8653) 2020-05-27 22:35:09 -05:00
Mark Stacey
a0d64c7932
Implement new fullscreen design (#8657)
The fullscreen UI now shows roughly the same design as the popup UI.
A few additional changes depicted in the new fullscreen designs will
be implemented in subsequent PRs (e.g. the inline buttons on assets)

This was done now to make asset pages easier to implement. Implementing
asset pages solely for the popup UI would have been complicated by the
fact that we use viewport size to switch between the two layouts, so we
would have had to re-route upon resizing the window.
2020-05-27 17:28:33 -03:00
Whymarrh Whitby
c0e32b54eb
Use @storybook/storybook-deployer@2.8.6 (#8656) 2020-05-27 12:43:19 -02:30
Whymarrh Whitby
d989cbd8a6
Use concurrently@5.2.0 (#8655) 2020-05-26 22:41:51 -02:30
Whymarrh Whitby
e06fb2c9f6
Use mocha@7.2.0 (#8650) 2020-05-26 16:25:42 -02:30
Erik Marks
8d2c543ea5
Update eth-keyring-controller (#8611) 2020-05-18 13:05:37 -07:00
Mark Stacey
ce11fad81c
Improve account options menu (#8607)
The account options menu is now much faster, and it correctly closes
when 'Switch account' is selected.

A static width had to be set on the menu so that it could be positioned
reliably. Without this width set, it was rendered as a different size
before positioning than after, which resulted in it being positioned
incorrectly. A `z-index` had to be added (equal to the `z-index` used
by the popover component) to ensure it wasn't rendered beneath the
popover.

The menu is automatically positioned relative to the account options
button, appearing below the button by default but above it instead if
there isn't room below. It is positioned to be inside the bounds of the
popover as well.

The account options button is now a `<button>` rather than a `<i>`.
This required a few additional style rules to overrule the default
button styles. Additionally the size was increased so that it matches
the designs more closely.

The callbacks for connecting, disconnecting, and switching accounts
have been updated to use state and props to determine the correct
address to use, rather than being bound to the correct address
parameter in the render function. This means we aren't creating a new
function upon each render anymore.

The `showAccountOptions` method still needs to be bound once per
account, but this was switched to use more readable syntax (`.bind`,
instead of the double arrow function).

`react-popper` and `@popperjs/core` were both added as dependencies.
These should be used for any UI requiring relative positioning (e.g.
tooltips, menus, etc.). Older versions of these libraries are already
in our codebase as transitive dependencies of the tooltip library we're
using.
2020-05-18 14:51:29 -03:00
ricky
c413d0905f
Add dev config to login automagically based on dot file (#8598)
* Add dev config to login automagically based on runtime config

Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2020-05-15 12:40:06 -07:00
Erik Marks
0470386326
Delete recent blocks controller (#8575)
* delete recent blocks controller

* delete percentile from direct dependencies
2020-05-12 12:40:33 -07:00
Brad Decker
0aa41e397e
factor out containers for currency components (#8543) 2020-05-12 14:07:35 -05:00
Whymarrh Whitby
3b1794f77b
Switch to @metamask/controllers package (#8560) 2020-05-12 12:30:24 -02:30
Erik Marks
4a065cc8c8
Update ganache-cli, ganache-core (#8538) 2020-05-07 19:10:22 -07:00
Whymarrh Whitby
1629f1bbe9
Use gaba@1.11.0 (#8548) 2020-05-07 19:25:24 -02:30
Erik Marks
748d5e680c
Add @metamask/test-dapp (#8464)
* add @metamask/test-dapp; delete contract-test files

* dedupe @metamask/onboarding, remove from direct deps
2020-05-01 11:23:03 -07:00
Erik Marks
7419fa84ae
update eth-contract-metadata (#8466) 2020-04-30 09:50:25 -03:00
Mark Stacey
53feb20803
Alert user upon switching to unconnected account (#8312)
An alert is now shown when the user switches from an account that is
connected to the active tab to an account that is not connected. The
alert prompts the user to dismiss the alert or connect the account
they're switching to.

The "loading" state is handled by disabling the buttons, and the error
state is handled by displaying a generic error message and disabling
the connect button.

The new reducer for this alert has been created with `createSlice` from
the Redux Toolkit. This utility is recommended by the Redux team, and
represents a new style of writing reducers that I hope we will use more
in the future (or at least something similar). `createSlice` constructs
a reducer, actions, and action creators automatically. The reducer is
constructed using their `createReducer` helper, which uses Immer to
allow directly mutating the state in the reducer but exposing these
changes as immutable.
2020-04-29 14:10:51 -03:00
Erik Marks
c011c0406b
Add new inpage provider package (#8442)
* add @metamask/inpage-provider

* fix failing e2e tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-04-28 17:14:51 -07:00
Mark Stacey
d68f156ac7
Update pify to v5.0.0 (#8383)
`pify` v5.0.0 will preserve `this` references correctly, so explicit
binding of objects passed to `pify` is no longer needed.

There are no breaking changes that affect us; the only breaking change
in v4 and v5 is to update the minimum Node.js version to v10.
2020-04-22 17:46:25 -03:00
Erik Marks
d9966daba2
Add test:unit:path script to package.json (#8355) 2020-04-17 10:45:19 -07:00
Mark Stacey
5ee1291662
Prevent accidental use of globals (#8340)
Previously all browser globals were allowed to be used anywhere by
ESLint because we had set the `env` property to `browser` in the ESLint
config. This has made it easy to accidentally use browser globals
(e.g. #8338), so it has been removed. Instead we now have a short list
of allowed globals.

All browser globals are now accessed as properties on `window`.

Unfortunately this change resulted in a few different confusing unit
test errors, as some of our unit tests setup assumed that a particular
global would be used via `window` or `global`. In particular,
`window.fetch` didn't work correctly because it wasn't patched by the
AbortController polyfill (only `global.fetch` was being patched).
The `jsdom-global` package we were using complicated matters by setting
all of the JSDOM `window` properties directly on `global`, overwriting
the `AbortController` for example.

The `helpers.js` test setup module has been simplified somewhat by
removing `jsdom-global` and constructing the JSDOM instance manually.
The JSDOM window is set on `window`, and a few properties are set on
`global` as well as needed by various dependencies. `node-fetch` and
the AbortController polyfill/patch now work as expected as well,
though `fetch` is only available on `window` now.
2020-04-15 14:23:27 -03:00
Mark Stacey
3735f0bf8c
Replace fetch-mock with stub (#8339)
The `fetch-mock` package has been removed, and replaced with a simple
stub in the one place it was used.
2020-04-15 13:01:02 -03:00
Mark Stacey
f1c9f1ab68
Fix Font Awesome in Storybook build (#8304)
The Font Awesome font wasn't loaded correctly in the Storybook build.
Unlike our other fonts, Font Awesome is copied from `node_modules` at
build-time rather than being saved directly in `app/fonts`.

The `copy-webpack-plugin` plugin is now used in the Storybook webpack
build to copy the fonts explicitly from `node_modules` into the build
output directory. The font now seems to load correctly in Storybook.
2020-04-08 10:22:20 -03:00
Whymarrh Whitby
d41d4489d9
Use luxon@1.23.0 (#8302) 2020-04-07 19:54:34 -02:30
Whymarrh Whitby
d8e0c9edd9
Use @metamask/etherscan-link@1.1.0 (#8294) 2020-04-06 13:38:44 -02:30
Whymarrh Whitby
9901a39961
Remove http-server dependency (#8272) 2020-04-01 15:43:25 -02:30
Mark Stacey
b30a352acb
Use @fortawesome/fontawesome-free npm package (#8256)
The official npm package for Font Awesome Free is now used instead of
the vendored styles. Previously we had been using v4.4.0, now we're
using v5.13.0.

We're now importing the Font Awesome SCSS modules instead of using the
minified CSS bundle. This integrates more cleanly into our build
system, and it lets us use their mixins directly in the future if we
need to.

The variable `fa-font-path` has been set to reference our font
directory, as instructed here:
https://fontawesome.com/how-to-use/on-the-web/using-with/sass#compile
2020-03-30 20:05:51 -03:00
Mark Stacey
079db2fdb4
Remove use of webpack loaders in components (#8249)
Various SVGs were being imported directly in components using Webpack
loaders. This was done to get these components to work correctly in
storybook, which uses Webpack. However we don't use Webpack for our
actual build system, so these components would fail when you attempted
to use them.

Instead the storybook script has been updated to use the `--static-dir`
flag, which allows specifying a directory of files to serve statically.
The `app` directory is served statically, so all of the relative URLs
we use in practice to reference fonts and images should just work.

The storybook build command has been updated to use the same flag.
Unfortunately this also means that the uncompiled background code is
now included in the build as well, because it's alongside our static
files. This shouldn't have any impact upon the build though.

The use of this `static-dir` option as made much of the existing
storybook Webpack configuration unnecessary, so it has been reduced to
just the essential steps.
2020-03-30 15:38:02 -03:00
Mark Stacey
4b59d6099a
Fix token list when balance is zero (#8250)
The token list would be stuck on "Loading" when there was at least one
token, but the balance of all tokens was zero. This bug was only
present on `develop`, and has not affected any published version of the
extension.

This was introduced in #8223, which removed what at the time seemed to
be an unnecessary update step. It turns out that the step was required
as a workaround to this bug with the token tracker.

The bug was fixed in https://github.com/MetaMask/eth-token-tracker/pull/33
and published in v2.0.0 of `@metamask/eth-token-tracker`.
2020-03-30 15:37:51 -03:00
Erik Marks
2301d9980e
Wait for extension unlock before processing eth_requestAccounts (#8149)
* eth_requestAccounts: wait on unlock

return error on duplicate eth_requestAccounts
add getUnlockPromise mock to permissions unit tests

* only await unlock if already permitted

* add notification badge for wait on unlock

* fixup

* more fixup

* cleanup

* update keyring controller, us its unlock event

* move keyring update unlock logic to unlock event handler

* fix unit tests

* delete onUnlock handler

* fix eth-keyring-controller resolution

* update eth-keyring-controller
2020-03-23 09:25:55 -07:00
Whymarrh Whitby
5c158ed11d
Force resolve all minimist versions to minimist@1.2.5 (#8206) 2020-03-17 14:15:09 -03:00
Erik Marks
b1d090ac4d
Add permissions controller unit tests (#7969)
* add permissions controller, log, middleware, and restricted method unit tests

* fix permissions-related bugs

* convert permissions log to controller-like class

* add permissions unit test coverage requirements

* update rpc-cap

Co-Authored-By: Whymarrh Whitby <whymarrh.whitby@gmail.com>
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
2020-03-16 10:13:22 -07:00
kumavis
7686edadb0
Build system refactor (#8140)
* build - start static asset task cleanup

* build - simplify manifest tasks

* build - refactor + rename some tasks

* build - various cleanups

* manifest - fix ref from controller

* build - drop gulp for simple async tasks

* build - breakout gulpfile into multiple files

* build - rename some tasks

* build - use task fn refs instead of string names

* build - bundle all scripts first, except for contentscript

* build - improve task timeline

* deps - update lock

* build - improve task time printout

* build/scripts - remove intermediate named task

* build - use 'yarn build' for task entry points

* build - properly run tasks via runTask for timeline display

* development/announcer - fix manifest path + clean

* build - lint fix

* build - make all defined tasks possible entry points

* build/task - properly report errors during task

* ci - fix sesify/lavamoat-viz build command

* build/scripts - run each bundle in separate processes

* lint fix

* build - forward childProcess logs to console

* build/task - fix parallel/series stream end event

* build/scripts refactor contentscript+inpage into a single task

* build/static - use the fs for 150x speedup zomg

* lint fix

* build/static - fix css copy

* Update development/build/scripts.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/scripts.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/index.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* deps - remove redundant mkdirp

* deps - remove unused pumpify

* deps - remove redundant merge-deep

* deps - prefer is-stream of isstream

* deps - remove clone for lodash.cloneDeep

* clean - remove commented code

* build/static - use fs.copy + fast-glob instead of linux cp for better platform support

* build/manifest - standardize task naming

* build/display - clean - remove unused code

* bugfix - fix fs.promises import

* build - create "clean" as named task for use as entrypoint

* build/static - fix for copying dirs

* Update development/build/task.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/display.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/display.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/display.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* build - use task refs, tasks only return promises not streams, etc

* lint fi bad merge + lint

* build - one last cleanup + refactor

* build - add comments introducing file

* build/manifest - fix bug + subtasks dont beed to be named

* Update package.json

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* build/task - remove unused fn

* Update package.json

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/styles.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Update development/build/styles.js

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-03-09 08:55:02 +08:00
Mark Stacey
293741766f
Update @metamask/eth-ledger-bridge-keyring (#8164)
This updates the package to match the version used on `master`

See #8162 and #8163 for details
2020-03-05 18:00:12 -04:00
Whymarrh Whitby
21c1c2a14e
Use @metamask/eth-ledger-bridge-keyring@0.2.2 (#8155)
* Use @metamask/eth-ledger-bridge-keyring@0.2.2

* Update usages of eth-ledger-bridge-keyring
2020-03-02 20:32:45 -04:00
Whymarrh Whitby
cf85f56989
Use sinon@9.0.0 (#8123) 2020-02-27 00:33:50 -03:30
Whymarrh Whitby
f5317e5ab6
Use json-rpc-engine@5.1.8 (#8124) 2020-02-27 00:33:33 -03:30
Mark Stacey
b6487f08b7
Allow changing Storybook preview backgrounds (#8111)
The `@storybook/addon-backgrounds' addon has been added, which allows
changing the component preview background. By default no background
colors are defined, though there is a helpful grid button. A "light"
and "dark" background option has been added globally. Additional
story-specific backgrounds or global backgrounds can be added later if
necessary.
2020-02-26 13:40:53 -04:00
Mark Stacey
2d74fbc75c
Fix superagent peer dependency warning (#8116)
This warning was resolved by updating `pubnub`, which is the dependency
that uses `superagent-proxy` which is causing this warning. The
resolution we added to address a security advisory is also no longer
required.
2020-02-26 13:40:29 -04:00
Mark Stacey
cf8875c57b
Update Storybook dependencies to v5.3.14 (#8115)
This was primarily done to make explicit that we're using v5.3.x. Our
manifest listed `^5.2.x` but we had already updated to `v5.3.9` in the
lockfile. v5.3.0 lays much of the groundwork for the planned v6.0
release, and includes many changes.

The changes between v5.3.9 and v5.3.14 include various bug fixes, none
of which affect us as far as I know.

Peer dependencies required by Storybook have also been added. These
were already in our dependencies indirectly either way.
2020-02-26 10:40:34 -04:00
Whymarrh Whitby
8d0a757ab5
Use end-of-stream@1.4.4 (#8098) 2020-02-25 09:12:09 -03:30
Whymarrh Whitby
5eb95625ca
Remove react-tooltip-component (#8099) 2020-02-25 09:11:56 -03:30
Whymarrh Whitby
169ab8adc9
Remove recompose (#8097) 2020-02-24 19:28:26 -03:30
Whymarrh Whitby
fcd404015b
Use gulp-replace@1.0.0 (#8095) 2020-02-24 15:58:49 -03:30
Whymarrh Whitby
81d8237654
Use eslint-plugin-react@7.18.3 (#8085) 2020-02-24 15:24:35 -03:30
Whymarrh Whitby
ec1227fded
Use lockfile-lint@4.0.0 (#8088) 2020-02-24 14:41:28 -03:30
Whymarrh Whitby
e8dc8abd5c
Use concurrently@5.1.0 (#8087) 2020-02-24 14:40:57 -03:30
Whymarrh Whitby
6c9b7fc8c7
Use gulp-babel@8.0.0 (#8086) 2020-02-24 14:40:38 -03:30
Whymarrh Whitby
ef8ea9b188
Remove eslint-plugin-chai (#8089) 2020-02-24 14:39:55 -03:30
Konstantin
6f47fece56
Implementation encrypt/decrypt feature (#7831)
Implement `eth_decrypt` and `eth_getEncryptionPublicKey`. This allows decryption backed by the user's private key. The message decryption uses a confirmation flow similar to the messaging signing flow, where the message to be decrypted is also able to be decrypted inline for the user to read directly before confirming.
2020-02-19 14:24:16 -04:00
Whymarrh Whitby
cab2f1b769
Use react-redux@7.2.0 (#8069) 2020-02-18 14:54:24 -03:30
Whymarrh Whitby
8f26f5a021
Remove redux-test-utils dependency (#8070)
* Remove usages of redux-test-utils
* Remove redux-test-utils dependency
2020-02-18 14:54:03 -03:30
ricky
1f9e3b89d4
Add optional chaining (#8052)
* Add plugin-proposal-optional-chaining

* Use optional chaining to provide error fallback
2020-02-18 10:11:52 -05:00
Whymarrh Whitby
9c45ae0552
Use http-server@0.12.1 (#8066) 2020-02-18 08:58:06 -03:30
Whymarrh Whitby
b5cdbcb581
Update redux-related dependencies (#8068) 2020-02-18 08:56:54 -03:30
Dan Finlay
9c8fd38db4
Merge pull request #8048 from MetaMask/null-check
Fix faulty null checks
2020-02-12 12:03:28 -08:00
Erik Marks
9376c47dd1
update packages 2020-02-12 10:39:47 -08:00
Whymarrh Whitby
85430746ad
Update mocha version (#8028)
* Use mocha@7.0.1
* Remove bad async test
2020-02-12 14:47:36 -03:30
Whymarrh Whitby
7f3cf07f94
Update sinon and proxyquire (#8027)
* Use sinon@8.1.1
* Use proxyquire@2.1.3
* Move sinon mocking out of global scope into hooks
2020-02-11 17:03:32 -03:30
Whymarrh Whitby
4f3fc95d50
Update ESLint rules for test suite (#8023)
* Use @metamask/eslint-config@1.1.0
* Use eslint-plugin-mocha@6.2.2
* Mark root ESLint config as root
* Update Mocha ESLint rules with shared ESLint config
2020-02-11 13:21:13 -03:30
Whymarrh Whitby
1a1e0b43d0 Remove unused test:single script (#8025) 2020-02-09 16:12:57 -03:30
Whymarrh Whitby
5b28fb3a1c
Enable Storybook deploy on CI (#8009) 2020-02-08 16:26:33 -03:30
Whymarrh Whitby
1d654d6c4e
Remove version bump scripts (#8006) 2020-02-06 18:56:31 -03:30
Erik Marks
8e307f8d71
update inpage-provider; minor fixes (#7997) 2020-02-06 07:57:54 -08:00
Whymarrh Whitby
08c7322203
Remove last remaining usages of npm run (#7994)
* Remove last remaining usages of `npm run`
* Use nyc@15.0.0
2020-02-06 12:22:40 -03:30
Whymarrh Whitby
2aa22fa9d7
Use gulp@4.0.2 (#7982) 2020-02-04 11:04:21 -03:30
Whymarrh Whitby
75769e5809
Use eth-keyring-controller@5.5.0 (#7980) 2020-02-04 10:41:34 -03:30
Whymarrh Whitby
8610c1cf47
Use eth-json-rpc-infura@4.0.2 (#7981) 2020-02-04 10:41:10 -03:30
Whymarrh Whitby
313ee0c5e1
Use envify@4.1.0 (#7983) 2020-02-04 10:39:59 -03:30
Whymarrh Whitby
b80afc6493
Use ethereum-ens-network-map for network support (#7960) 2020-01-31 09:56:50 -03:30
Whymarrh Whitby
608a1fc298
Remove cross-env (#7950) 2020-01-30 14:11:26 -03:30
Whymarrh Whitby
0001b49cdf
Remove gulp-eslint and gulp-util dependency (#7949) 2020-01-30 10:50:20 -03:30
Whymarrh Whitby
ca9aaad911
Remove mocha-jsdom and mocha-sinon (#7947) 2020-01-29 22:36:52 -03:30
Whymarrh Whitby
2f3f605521
Inline isomorphic-fetch test helper (#7945) 2020-01-29 21:31:32 -03:30
Whymarrh Whitby
4ad49ffd68
Remove unused mocha-eslint dependency (#7943) 2020-01-29 21:28:44 -03:30
Whymarrh Whitby
472d8c3160
Remove unnecessary 'path' dependency (#7942) 2020-01-29 21:24:08 -03:30
Whymarrh Whitby
3b187eff43
Remove unused rimraf devDependency (#7940) 2020-01-29 20:00:42 -03:30
Whymarrh Whitby
e380c6fc6c
Remove unused fs-extra and fs-promise devDependencies (#7939) 2020-01-29 17:47:47 -03:30
Whymarrh Whitby
4428926784
Move polyfill-crypto.getrandomvalues to devDeps (#7938) 2020-01-29 17:47:34 -03:30
Whymarrh Whitby
fe83376b9f
Remove unused number-to-bn package (#7937) 2020-01-29 17:11:28 -03:30
Whymarrh Whitby
b4339f6cbf
Move devDeps into devDeps (#7936) 2020-01-29 16:58:08 -03:30
Whymarrh Whitby
d75e587533
Replace fast-deep-equal with isEqual from lodash (#7935) 2020-01-29 16:31:53 -03:30
Whymarrh Whitby
6c616b0d83
Replace mkdirp with built-in functionality (#7934) 2020-01-29 15:50:52 -03:30
Whymarrh Whitby
e8a42ba6b0
Remove unused promise-filter dependency (#7932) 2020-01-29 14:33:44 -03:30
Mark Stacey
00a73ee25e
Replace debounce package with debounce function from lodash (#7931)
These two functions differ slightly in options, but none of those
options are being used by us, so in these cases they're functionally
equivalent. They're even both descendants of the original `debounce`
function from `underscore`.

This was done to reduce the number of direct dependencies we have. It
should not affect bundle size, as we still depend upon the `debounce`
package transitively.
2020-01-29 13:36:03 -04:00
Whymarrh Whitby
4136209f3d
Remove redux-logger from mock-store (#7930) 2020-01-29 13:45:16 -03:30
Mark Stacey
398a45bfdd
Replace clone dependency with cloneDeep from lodash (#7926)
This was done to reduce the number of direct dependencies we have. It
should be functionally equivalent. The bundle size should not change,
as we use `clone` as a transitive dependency in a number of places.
2020-01-29 13:14:33 -04:00
Mark Stacey
99ceca3d25
Update jazzicon component (#7898)
* Use ref instead of findDOMNode in jazzicon component

The jazzicon component was using `findDOMNode` to get the DOM node for
the main div returned by the component, which is generally not
recommended. Instead a ref is now used.

* Update Jazzicon to v2

This version drops the dependency upon `raphael`, and no longer uses
the function `createSVGMatrix` which was causing unit tests to fail
(because it's not supported by jsdom).
2020-01-28 16:08:55 -08:00
Mark Stacey
ffd24a2854
Remove JSDoc tools (#7897)
Our JSDoc documentation has not been updated in a very long time, and
we don't use JSDoc in enough places for the docs to have been
especially useful. The tools and scripts  used to generate and publish
these docs have been removed.

References to this documentation have also been removed from the
README.

Hopefully once the TypeScript migration has made substantial progress,
we can generate more useful documentation using something like TypeDoc.
2020-01-28 13:02:49 -04:00
Erik Marks
b75f812953
Improve LoginPerSite UX/devX and permissions logging (#7649)
Update accounts permission history on accountsChanged
Create PermissionsLogController
Fix permissions activity log pruning
Add selectors, background hooks for better UX
Make selected account the first account returned
Use enums for store keys in log controller
Add last selected address history to PreferencesController
2020-01-27 14:42:03 -08:00
Mark Stacey
f2a719a70c
Replace deep-extend with merge from lodash (#7908)
The `merge` function from `deep-extend` is at least mostly equivalent
to `merge` from `lodash` - certainly in how we're using it.
2020-01-27 14:01:09 -04:00
Mark Stacey
491675d50e
Update c3 and d3 (#7905)
This updates include a number of bug fixes. The two charts we use these
libraries for appear unaffected.
2020-01-27 12:47:33 -04:00
Mark Stacey
583b404e02
Switch to full lodash package, and update lodash (#7907)
* Update lodash

All versions of the full `lodash` package have been updated to 4.17.15.
The only exception is v4.17.14 which is pinned by `ganache-core`.

* Switch to using `lodash` instead of per-method packages

We have the full lodash package _ten times_ as a production transitive
dependency, so including per-method packages is not saving space (it
might instead result in slightly more space being used).
2020-01-27 12:45:48 -04:00
Mark Stacey
1d73d90a1a
Replace bluebird with Node.js API for unhandled rejections (#7904)
Unhandled rejections are now caught using built-in Node.js APIs instead
of with `bluebird`. `bluebird` was added as a production dependency but
was only used for this purpose. The code responsible for catching
unhandled rejection in the browser was removed, as this test helper is
never run in the browser.

Additionally, unhandled rejections are tracked over the course of all
tests, and result in a non-zero exit code if they remain at the end.
This was done because it is possible for errors to trigger the
`uncaughtRejection` event but then still be handled later on. This is
uncommon, and doesn't seem to happen in our test suite. But if it does
in the future, it'll be logged but won't result in a non-zero exit
code.
2020-01-27 11:15:37 -04:00
Mark Stacey
feffd4f79c
Update classnames to v2.2.6 (#7906)
This patch update includes a bug fix for ES6 imports. The bug doesn't
affect our use of this module, but it ensures that we can safely
use the `dedupe` and `bind` APIs as ES6 imports if we decide to.
2020-01-27 11:09:17 -04:00
Whymarrh Whitby
d3bce9c595
Remove xtend from the dependencies list (#7902) 2020-01-27 11:06:31 -03:30
ricky
245952f236
Minimum changes to get storybook working (#7884)
* Minimum changes to get storybook working

Undo path changes

* Add build:storybook scripts to package.json

* Add storybook deployer

* Add storybook:deploy to package.json

* Update circle ci config

* Update yarn.lock

* Remove addon-info

* Update yarn.lock file to reflect removing of addon-info

Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2020-01-26 18:44:58 -05:00
Mark Stacey
38a71a6067
Update Sentry to v5.x (#7880)
Theses changes were made in accordance with the provided migration
guide [1].

The two integrations added were included by default on v4.x, so this
shouldn't result in any change in behavior.

[1]:  https://github.com/getsentry/sentry-javascript/blob/master/MIGRATION.md
2020-01-26 12:49:58 -04:00
Mark Stacey
7908232719
Replace request-promise with node-fetch (#7899)
`node-fetch` is a smaller and simpler project than `request-promise`,
and we already have it as a transitive dependency.

`request-promise` was also incorrectly listed as a production
dependency. `node-fetch` has been added as a `devDependency` to replace
it, as it was only used in one CI script.
2020-01-26 12:43:50 -04:00
Whymarrh Whitby
f32ea5f676 Use eth-contract-metadata@1.12.1 (#7901) 2020-01-26 08:36:44 -08:00
Whymarrh Whitby
171acae0eb Use eth-contract-metadata@1.12.0 (#7896) 2020-01-25 00:44:29 -04:00
Whymarrh Whitby
a05f2c4654
Update GABA dependency version (#7894) 2020-01-24 19:24:42 -03:30
Mark Stacey
e79d18de2a
Replace DetectRTC package with standard web APIs (#7887)
The only web API that our usage of DetectRTC relied upon was
'enumerateDevices', which is supported and stable among all of our
supported browsers.

Note that the error handling here is a little... non-standard, and the
logic around how Firefox and Brave are handled should be justified, but
I've left the logic as-is for now to keep this PR small.
2020-01-23 14:04:16 -04:00
Mark Stacey
7471e2df02
Remove unnecessary WebRTC shim (#7886)
The WebRTC spec is fairly stable these days, particularly among the
browsers we support. We don't need this shim for anything. I'm guessing
it may have been added primarily with IE in mind.
2020-01-23 14:04:05 -04:00
Whymarrh Whitby
ecd4b8221c
Use shared MetaMask ESLint config (#7882) 2020-01-22 11:07:19 -03:30
Mark Stacey
e02b229df6
Add margin of error metric (#7877)
A margin of error metric has been added, which is calculated from a 95%
confidence interval. This confidence interval is calculated using
Student's t-distribution, which is generally preferred for smaller
sample sizes (< ~30) of populations following a normal distribution.
2020-01-21 17:12:40 -04:00
Whymarrh Whitby
3f1971bb10
Remove unused browser-passworder dependency from package.json (#7879) 2020-01-21 17:14:51 -03:30
Erik Marks
e35d4edac5
Update inpage provider (#7878) 2020-01-21 10:12:38 -08:00
Mark Stacey
5734f7210c
Add benchmark script (#7869)
The script `benchmark.js` will collect page load metrics from the
extension, and print them to a file or the console. A method for
collecting metrics was added to the web driver to help with this.

This script will calculate the min, max, average, and standard
deviation for four metrics: 'firstPaint', 'domContentLoaded', 'load',
and 'domInteractive'. The variation between samples is sometimes high,
with the results varying between samples if only 3 were taken. However,
all tests I've done locally with 5 samples have produced results within
one standard deviation of each other. The default number of samples has
been set to 10, which should be more than enough to produce consistent
results.

The benchmark can be run with the npm script `benchmark:chrome` or
`benchmark:firefox`, e.g. `yarn benchmark:chrome`.
2020-01-21 12:02:45 -04:00
Erik Marks
728026d1f7
Fix batch transaction UX (#7473)
* order transactions from oldest to newest in UI

* update json-rpc-engine, eth-json-rpc-middleware

* update e2e and integration tests
2020-01-10 06:34:02 -08:00
Whymarrh Whitby
92971d3c87
Migrate codebase to use ESM (#7730)
* Update eslint-plugin-import version

* Convert JS files to use ESM

* Update ESLint rules to check imports

* Fix test:unit:global command env

* Cleanup mock-dev script
2020-01-09 00:04:58 -03:30
Mark Stacey
1b3e8ef412
Update react-devtools to v4.4.0 (#7758)
This update was necessary to get React DevTools working in Chrome. The
standalone UI was broken in Chrome in v4.2.1.
2020-01-07 23:55:43 -04:00
Mark Stacey
7bddbf611a
Replace inlined blockies identicon with npm package (#7757)
The "blockies" style identicon is handled by a module that was copied
from MyEtherWallet and inlined. This has been removed, and replaced
with the upstream package it was originally derived from.
2020-01-07 23:55:32 -04:00
Whymarrh Whitby
c66449f823
Disable semicolons for class props (#7754) 2020-01-07 16:40:44 -03:30
Whymarrh Whitby
28defaf7e6
Update @sentry/cli version (#7752) 2020-01-07 12:47:15 -03:30
Mark Stacey
8f40cd8438
Update selenium-webdriver (#7749)
Update `selenium-webdriver` to v4.0.0-alpha.5. Despite the fact that
this version has "alpha" in the name, the maintainer of
`selenium-webdriver` has described this release as stable [1].

A few APIs were removed or changed in v4, which required changes to our
Firefox webdriver.

The port used for webdriver communication can now be specified
manually. This was required to ensure the threebox tests kept working,
because they used two different driver instances. This new version of
`selenium-webdriver` now uses the same port for each instance of the
webdriver (unlike the old version, which generated a new port for each
one), so it was necessary to manually specify the port to prevent the
same port from being used for both instances.

`chromedriver` required an update, as the version we were using was not
compatible with the new W3C WebDriver protocol. I've updated
`geckodriver` as well, just to bring it in line with the version of
Firefox we are using.

[1]: https://github.com/SeleniumHQ/selenium/issues/5617#issuecomment-373446249
2020-01-07 10:01:06 -04:00
Whymarrh Whitby
bcfe58d59b
Add lockfile-lint to CI (#7727) 2020-01-06 15:28:43 -03:30
Mark Stacey
69d418a5a3
Login per site onboarding (#7602)
* Remove unused onboarding stream

* Pass `sender` through to `setupProviderEngine`

The Port `sender` has been passed down a few more layers. This allows
us to get more information from the sender deeper in the stack, but
also simplifies things a bit as well. For example, now the "fake"
URL object with the `metamask` hostname is no longer needed.

* Create onboarding middleware

This middleware intercepts `wallet_registerOnboarding` RPC messages. It
will register the sender as an oboarding initiator if possible, and
otherwise ignores the message.
2019-12-20 12:02:31 -03:30
Frankie
237d0b4d41 Add tests around migration files (#7016) 2019-12-12 20:44:29 -03:30
pldespaigne
0ef7f603d6 Ipfs cid v1 base32 (#7362)
add ipfs gateway to advanced settings
use ipfs gateway from settings
use ipfs.dweb.link as default CID gateway
disallow gateway.ipfs.io as gateway
2019-12-12 11:28:07 -08:00
ricky
e5682eec38
Add lint:shellcheck:package (#7568)
* Add lint:shellcheck:package

* Add double quote as per jq suggestion

* Use single quotes

* Ignore SC2016

* Use shellcheck script

* Set some flags

* Put shellcheck --version on new line

* Disable SC2016 (singe quotes is actually what we want here)
2019-12-11 15:52:08 -05:00
Mark Stacey
eadeaa7883 End-to-end test state fixtures (#7663)
* Add network store for testing

An alternative persistent state store has been created for use with e2e
tests. Instead of reading state from disk, it tries to load state from
a local fixture server running on port `12345` and serving state from
the path `/state.json`, and returns a blank state otherwise.

* Add e2e test fixture server

A fixture server has been added for serving background state, which the
background will read upon startup as part of restoring persisted state.

The `signature-request` e2e test has been updated to use a fixture to
bypass the registration step. The fixture used (`imported-account`) was
generated by pausing midway through that test run
2019-12-11 09:26:20 -08:00
Whymarrh Whitby
34b674c3d7
Remove unneeded Edge-specific encryption code (#7683) 2019-12-10 16:34:50 -03:30
Mark Stacey
885d30f90a
Remove unused test methods (#7679)
These helper methods were no longer used in any e2e tests.
2019-12-10 09:52:48 -04:00
Whymarrh Whitby
7af09d036f
yarn remove react-hyperscript (#7680) 2019-12-09 21:12:13 -03:30
ricky
1c4f2aab8f React 16 upgrade (#7476)
* Use arrow property initializer functions

* Use pure components where applicable

* Add UNSAFE_ prefix for deprecated lifecycle hooks

* Add allow UNSAFE_

* Removed unused "Component"

* Replace boron with 'fade-modal'

* Upgrade react/no-deprecated to an error

* Paste react-tooltip-component source directly

* Use arrow functions to bind `this`

* Add UNSAFE_ prefix

* Update react-redux, react-router-dom

* Remove things from inlined 'fade-modal'

* Adjust mountWithRouter to get unit tests passing again

* Remove domkit

* Add Wrapper to render-helpers

* Upgrade @storybook/addon-knobs
2019-12-06 11:40:06 -04:00
Dan Finlay
f519fa1ed3
Connect distinct accounts per site (#7004)
* add PermissionsController

remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata

add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales

Add external extension id to metadata (#7396)

update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages

* Login Per Site UI (#7368)

* LoginPerSite original UI changes to keep

* First commit

* Get necessary connected tab info for redirect and icon display for permissioned sites

* Fix up designs and add missing features

* Some lint fixes

* More lint fixes

* Ensures the tx controller + tx-state-manager orders transactions in the order they are received

* Code cleanup for LoginPerSite-ui

* Update e2e tests to use new connection flow

* Fix display of connect screen and app header after login when connect request present

* Update metamask-responsive-ui.spec for new item in accounts dropdown

* Fix approve container by replacing approvedOrigins with domainMetaData

* Adds test/e2e/permissions.spec.js

* Correctly handle cancellation of a permissions request

* Redirect to home after disconnecting all sites / cancelling all permissions

* Fix display of site icons in menu

* Fix height of permissions page container

* Remove unused locale messages

* Set default values for openExternalTabs and tabIdOrigins in account-menu.container

* More code cleanup for LoginPerSite-ui

* Use extensions api to close tab in permissions-connect

* Remove unnecessary change in domIsReady() in contentscript

* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.

* Adds getOriginOfCurrentTab selector

* Adds IconWithFallback component and substitutes for appropriate cases

* Add and utilize font mixins

* Remove unused  method in disconnect-all.container.js

* Simplify buttonSizeLarge code in page-container-footer.component.js

* Add and utilize getAccountsWithLabels selector

* Remove console.log in ui/app/store/actions.js

* Change last connected time format to yyyy-M-d

* Fix css associated with IconWithFallback change

* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes

* Code cleanup for LoginPerSite-ui

* Use reusable function for modifying openNonMetamaskTabsIDs in background.js

* Enables automatic switching to connected account when connected domain is open

* Prevent exploit of tabIdOriginMap in background.js

* Remove unneeded code from contentscript.js

* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs

* Design and styling fixes for LoginPerSite-ui

* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts

* Front end changes to support display of lastConnected time in connected and permissions screens

* Fix lint errors

* Refactor structure of permissionsHistory

* Fix default values and object modifications for domain and permissionsHistory related data

* Fix connecting to new accounts from modal

* Replace retweet.svg with connect-white.svg

* Fix signature-request.spec

* Update metamask-inpage-provider version

* Fix permissions e2e tests

* Remove unneeded delay from test/e2e/signature-request.spec.js

* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec

* Use requestAccountTabIds strategy for determining tab id that opened a given window

* Improve default values for permissions requests

* Add some message descriptions to app/_locales/en/messages.json

* Code clean up in permission controller

* Stopped deep cloning object in mapObjectValues

* Bump metamask-inpage-provider version

* Add missing description in app/_locales/en/messages.json

* Return promises from queryTabs and switchToTab of extension.js

* Remove unused getAllPermissions function

* Use default props in icon-with-fallback.component.js

* Stop passing  to permissions controller

* Delete no longer used clear-approved-origins modal code

* Remove duplicate imports in ui/app/components/app/index.scss

* Use URL instead of regex in getOriginFromUrl()

* Add runtime error checking to platform, promise based extension.tab methods

* Support permission requests from external extensions

* Improve font size and colour of the domain origin on the permission confirmation screen

* Add support for toggling permissions

* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions

* Remove unused code from LoginPerSite-ui branch

* Ensure modal closes on Enter press for new-account-modal.component.js

* Lint fix

* fixup! Login Per Site UI (#7368)

* Some code cleanup for LoginPerSite

* Adds UX for connecting to dapps via the connected sites screen (#7593)

* Adds UX for connecting to dapps via the connected sites screen

* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask

* Delete unused permissions controller methods

* Fixes two small bugs in the LoginPerSite ui (#7595)

* Restore `providerRequest` message translations (#7600)

This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.

* Login per site no sitemetadata fix (#7610)

* Support connected sites for which we have no site metadata.

* Change property containing subtitle info often populated by origin to a more accurate of purpose name

* Lint fix

* Improve disconnection modal messages (#7612)

* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages

* Update disconnectAccountModalDescription app/_locales/en/messages.json

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Improve disconnectAccount modal message clarity

* Adds cancel button to the account selection screen of the permissions request flow (#7613)

* Fix eth_accounts permission language & selectability (#7614)

* fix eth_accounts language & selectability

* fix MetaMask capitalization in all messages

* Close sidebar when opening connected sites (#7611)

The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.

It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.

I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.

* Reject permissions request upon tab close (#7618)

Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617

* Handle tab update failure (#7619)

`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.

* Login per site tab popup fixes (#7617)

* Handle redirect in response to state update in permissions-connect

* Ensure origin is available to permissions-connect subcomponents during redirect

* Hide app bar whenever on redirect route

* Improvements to handling of redirects in permissions-connect

* Ensure permission request id change handling only happens when page is not null

* Lint fix

* Decouple confirm transaction screen from the selected address (#7622)

* Avoid race condtion that could prevent contextual account switching (#7623)

There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.

The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.

* Only redirect back to dapp if current tab is active (#7621)

The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.

* Fix JSX style lint errors

* Remove unused state
2019-12-03 09:35:56 -08:00
Erik Marks
5917da63f7 add locale fix script (#7580) 2019-11-29 13:39:45 -05:00
Mark Stacey
f763979bed
Add support for one-click onboarding (#7017)
* Add support for one-click onboarding

MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.

At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.

If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.

Closes #6161

* Add onboarding button to contract test dapp

The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.

* Add new static server for test dapp

The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.

Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.

* Add `@metamask/onboarding` and `@metamask/forwarder`

Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
2019-11-22 13:03:51 -04:00
Mark Stacey
056e8cdf7e
Merge pull request #7479 from MetaMask/master
Master sync
2019-11-19 21:10:55 -04:00
ricky
476274474f
Add shellcheck lint (#7392)
* Add shellcheck lint script

* Add to build

* Add shellcheck lint to main lint task

* Put shellcheck in the right place, hopefully?

* Fix declared multiple executor types

* Add sudo

* Address shellcheck warnings

* Add test-lint-shellcheck

* Add test-lint-shellcheck to workflow

* Use correct lint task

* output version which could be helpful for debugging

* Address PR feedback

* consistency++
2019-11-19 10:46:10 -05:00
Mark Stacey
a26e77c61e
Update abi-decoder (#7472)
This is a major version update, but it appears that the reason for the
breaking change was that the dependency on `web3` was dropped in favour
of using two `web3` utility libraries instead. I could find no
indication of a breaking change to the API of `abi-decoder` itself.
2019-11-19 09:43:42 -04:00
Whymarrh Whitby
86b165ea83
Add migration notification for users with Sai (#7450)
Maker has upgraded its Dai token to "Multi-Collateral Dai" (MCD) and requires
all users interacting with Dai migrate their tokens to the new version. Dai
now exclusively refers to Multi-Collateral Dai and what was previouly called
Dai is now Sai (Single Collateral Dai).

In this description, Sai refers to what was (prior to the 2019-11-18) known as Dai.
Dai is the _new_ token.

This changeset:

1. Only affects users who had non-zero Sai at the old contract address
2. Displays a persistent notification for users with Sai
3. Updates the token symbol for users already tracking the Sai token
4. Bumps our direct and indirect eth-contract-metadata dependencies

The notification copy:

> A message from Maker: The new Multi-Collateral Dai token has been released. Your old tokens are now called Sai. Please upgrade your Sai tokens to the new Dai.

The copy is from the Maker team.
2019-11-18 18:16:28 -03:30
Mark Stacey
a57ff0b681 Add eslint import plugin to help detect unresolved paths
Most of the rules in the import plugin are only useful for projects
using purely ES6 imports. The `no-unresolved` rule works with mixed
CommonJS and ES6 though, so we at least benefit from that in the
meantime.
2019-11-14 09:06:31 -04:00
Bruno Barbieri
3673459a54
lock eth-contract-metadata (#7412) 2019-11-13 20:05:56 -05:00
Erik Marks
ce7f5166c8
Update json-rpc-engine (#7390)
* update json-rpc-engine

* update lockfile resolution
2019-11-12 13:29:56 -08:00
Whymarrh Whitby
b27b568c32
Update to gaba@1.8.0 (#7357) 2019-11-06 12:33:49 -03:30
Whymarrh Whitby
eed4a9ed65
ENS Reverse Resolution support (#7177)
* ENS Reverse Resolution support
* Save punycode for ENS domains with Unicode characters
* Update SenderToRecipient recipientEns tooltip
* Use cached results when reverse-resolving ENS names
* Display ENS names in tx activity log
2019-11-01 15:24:00 -02:30
Filip Š
30606327f0 Add support for ZeroNet (#7038) 2019-10-31 15:37:06 -03:00
Mark Stacey
19965985ad
Update ethereumjs-util (#7332)
`ethereumjs-util` is now pinned at `5.1.0`, instead of at the commit
`ac5d0908536b447083ea422b435da27f26615de9`. That commit immediately
preceded v5.1.0, so there are no functional differences. This was
done mainly to remove our last GitHub/git dependency, and to make it
more obvious which version we're using.
2019-10-30 22:31:04 -03:00
Erik Marks
5d843db533
Update eth-json-rpc-filters (#7325)
* update eth-json-rpc-filters

* update gaba
2019-10-29 18:38:00 -07:00
Erik Marks
478d6563f2
Freeze Promise global on boot (#7309)
* freeze background and UI Promise globals on boot

* add new tests

* remove tape
2019-10-24 06:54:32 -07:00
Dan Finlay
a8aca0a326 Merge remote-tracking branch 'upstream/develop' into routeTypedSignaturesToKeyrings 2019-10-22 14:51:21 -07:00
Mark Stacey
27d67558fc
Update superagent-proxy to address security advisory (#7301)
Security advisory: https://www.npmjs.com/advisories/1184

This advisory was already addressed in #7289 but subsequent releases
have made this simpler resolution possible.
2019-10-22 16:29:21 -03:00
Dan Finlay
4b4bee77c7 Move signTypedData signing out to keyrings
This simplifies the logic of signing and improves security:
- Private keys are never moved to the base controller.
- Hardware wallets are abstracted in the same way as local keys.

This also paves the way for allowing even more modular accounts,
provided by plugins:
https://github.com/MetaMask/metamask-plugin-beta/pull/63

Fixes #7075.
2019-10-22 11:37:04 -07:00
Mark Stacey
4ad42d8374
Update https-proxy-agent as per security advisory (#7289)
Security advisory: https://www.npmjs.com/advisories/1184

The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.
2019-10-21 09:16:21 -03:00
kumavis
e1efb4d7ac
ci - install deps - limit install scripts to whitelist (#7208)
* ci - install deps - limit install scripts to those needed for build

* Update .circleci/scripts/deps-install.sh

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* ci - install deps - expand install scripts needed for tests

* ci - install deps - expand install scripts needed for integration tests

* ci - install deps - fix node-sass script ref

* github - set codeowners for scripts/deps-install

* development - add utility to show deps with install scripts

* lint fix

* deps - move read-installed to devDeps
2019-09-25 20:01:10 +08:00
kumavis
8a1ddbbcd8
sesify-viz - bump dep for visualization enhancement (#7175)
* deps - bump sesify-viz for visualization enhancement

* deps - bump sesify-viz for visualization enhancement

* deps - bump sesify-viz for visualization enhancement

* deps - sesify-viz - use carrot version range

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* deps - update yarn lockfile
2019-09-23 11:14:18 +08:00
Jenny Pollack
e86cebde3b address book entries by chainId (#7205) 2019-09-21 14:36:05 -03:00
Mark Stacey
e44a2283b5
Optimize images only during production build (#7194)
* Optimize images only during production build

Image optimization is fairly slow (over a minute), and isn't necessary
for test or development builds. It is now only run as part of the
`build` gulp task, which is used during `gulp dist`.

* Remove unused gulp tasks

There were two high-level tasks and one style formatting task that
were not used by any npm scripts, so were probably unused generally.

The `dev` task was a duplcate of `dev:extension`. The `build:extension`
task was useful for just building the extension without performing
other steps required by the final production bundle, but it was
broken. It didn't correctly build the ui-libs and bg-libs required.
Instead of fixing it, it has been removed until the handling of those
separate library bundles is simplified.

The style formatting task seems like it could be useful, but I'm unsure
about keeping it around as opt-in, as in practice it'll just end up
being ignored. Moreover the library authors themselves are recommending
switching to `prettier`, so I think we're better off removing it for
now, then considering using `prettier` if we want to introduce
something like this again.

The stylelint dependency was added because it's a peer dependency of
gulp-stylelint that should have already been listed among our
dependencies. It hadn't caused a problem before because it happened to
be a transitive dependency of gulp-stylefmt, which is no longer needed
 and has been removed.
2019-09-21 13:32:17 -03:00
Mark Stacey
9f21317a30
Verify locales on CI (#7199)
* Add '--quiet' flag to verify locales script

The `--quiet` flag reduces the console output to just the essential
information for running in a CI environment. For each locale, it will
print the number of unused messages (if any).

* Add `verify-locales` script to lint CI job

The locales are now verified as part of the lint CI job. Any unused
messages detected will result in the job failing.
2019-09-21 13:31:33 -03:00
Marius van der Wijden
a869fd639b updated ganache and addons-linter (#7204) 2019-09-20 08:52:34 -03:00
Dan Finlay
85cbf8a894
Merge pull request #7173 from rekmarks/fix-errors
Fix RPC error messages
2019-09-19 09:40:11 -07:00
Erik Marks
672ade33a6 add user rejected errors 2019-09-18 19:19:12 -07:00
Erik Marks
79e0a9c1a6 update json-rpc-engine 2019-09-18 19:19:10 -07:00
Erik Marks
58c5fe01bf use eth-json-rpc-errors 2019-09-18 19:17:31 -07:00
Mark Stacey
48bf2f8731
Remove unused locale messages (#7190)
* Switch to using string literals for locale keys

Various message keys were being specified with a string template
instead of a string literal. They have been switched to use string
literals so that the script for detecting unused messages can find
them.

* Remove unused locale messages

A number of unused locale messages have been removed - probably
leftover from old UI elements that have since been removed.

The `verify_locale_strings` script has been augmented to search the UI
for string literals, and match those against the locale message keys in
the `en` locale. Any messages without a corresponding string literal
are assumed to be unused.

The script has also been updated with an optional `--fix` parameter,
which will automatically delete any unused messages from locales.

148 unused messages were found in this case, out of a total of about
650 messages. Another 70 messages are _potentially_ unused and require
further investigation, but weren't as easy to rule out because they
were found in string literals.

* Remove additional unused locale messages

The following messages were more difficult to rule out because they
were present as string literals in the UI. They do appear to be
unused as locale keys though.
2019-09-18 20:29:46 -03:00
Sergej Müller
ef7d0192c1 Performance: Delivery optimized images (#7176) 2019-09-17 19:01:48 -03:00
Dan J Miller
7985f4f4f8
3box integration 2.0 (#6972)
* Adds threebox controller

* Adds threebox approval modal

* Fix unit tests and lint after addition of threebox

* Correct threebox behaviour after rejecting request for backup; fixes e2e tests.

* Update threebox controller for automatic syncing

* Ensure frontend locale updates when preferences are changed via direct update within controller

* Add toggle in settings for 3box syncing

* Update threebox controller for latest 3box version

* Delete unnecessary frontend changes for threebox integration

* Backing up address book contacts with threebox

* Update unit tests for 3box-integration additions

* Only enable threebox by default for new wallets

* Mock globals for correct unit tests

* 3box '1.10.2' -> '^1.10.2'

* Correct capilalization on 3Box

* Use log.debug instead of console.log in threebox controller

* Update yarn.lock

* Remove edge build

* Split 3box module into background deps js file

* extra bundle opts for bg-libs

* sync yarn.lock

* new3Box logic

* Show confirm threebox restore after import

* Remove bg-libs.js from manifest file for dev builds

* Switch 3Box controller to using the spaces api (instead of the profile api)

* Finalize switching to spaces api and only restoring from 3box after import

* Update metamask-controller-test.js for threebox controller changes

* Make threebox modal style consistent with others and update success button wording

* Use mock 3box when in test

* Correct 3box modal header

* Remove unnecessary property of threebox controller provider

* Remove unnecessary method calls after restoration from 3box in the threebox-restore-confirm modal.

* Replace setThreeBoxSyncingPermission calls in routes/index.js with turnThreeBoxSyncingOn

* Replace erroneous use of  with

* Replace erroneous use of threeboxSyncing with threeBoxSyncingAllowed in advancted-tab directory

* Lint fixes for 3box changes

* Log errors encountered when updating 3Box

* Remove unnecessary parameter from state update

* Add timeout to initial 3Box sync

The initial 3Box sync will now timeout after 1 minute. If the timeout
is triggered, 3Box is disabled and cannot be re-enabled unless the
initial sync does finally finish. If it never finishes, 3Box cannot
be enabled unless the extension is reinstalled.

The Advanced Settings page was updated to show this option as disabled
in that circumstance, with a new discription explaining why it's
disabled. The UI here could certainly be improved.

Additionally, "on" and "off" labels were added to the toggle to match
the other toggles on the Advanced Settings page.

* Use non-minified 3Box module

We had previously used the minified 3Box module to avoid a build error
encountered when `envify` was processing the `libp2p` module (which is
used by 3Box). The build would fail because `esprima` (used by `envify`)
is incompatible with the object spread/rest operator (which is used in
`libp2p`).

That issue has been solved by adding a global Babelify transformation
specifically for transpiling out the object rest/spread operator from
dependencies. It has been targetted to only affect `libp2p` to avoid
extending the build time too much. This workaround can be used until
a new version of `esprima` is released that includes this bug fix.

* Use app key addresses for threebox

* Replace use of modal for confirming 3box restoration with a home notification

* Adds e2e tests for restoring from threebox

* Update eth-keyring-controller to 5.1.0

* Correct parameters passed to getAppKeyAddress in threebox.js

* Add prefix to origin passed to getAppKeyAddress in threebox.js

* Remove unused locale message.

* Prevent CORS errors in firefox e2e tests

* Ensure extraneous scripts are excluded from the local test dev build

* Move threeBoxLastUpdate state from home.component to redux

* Threebox PR code cleanup

* Always use first address when initializing threebox

* Replace setRestoredFromThreeBox api with setRestoredFromThreeBoxToFalse and setRestoredFromThreeBoxToTrue

* Update development/metamaskbot-build-announce.js to include ui-libs and bg-libs in hard coded bundle list

* Update test/e2e/threebox.spec.js to use new helpers added with pull #7144

* Make setFeatureFlag available on the ui window during testing

* Hide threebox feature behind a feature flag that can only be activated via dev console

* Remove unnecessary migration of threebox feature flag

* Prevent this.init() call in threebox constructor if feature flag is not turned on

* Prevent threebox notification from showing if feature flag is falsy

* http://localhost/8889 -> http://localhost/* in gulp manifest:testing tasks
2019-09-16 14:41:01 -02:30
Mark Stacey
95b4d91116
Replace undefined selectedAddress with null (#7161)
* Replace `undefined` selectedAddress with `null`

The `runtime.Port.postMessage` API will drop keys with a value of
`undefined` on Chrome, but not on Firefox. This was a problem for the
`publicConfig` stream, which passed the key `selectedAddress` with the
value of `undefined` to communicate to dapps that the user had logged
out.

Instead a `null` is now passed for `selectedAddress` upon logout, which
is correctly sent by the `runtime.Port.postMessage` API on both Chrome
and Firefox.

closes #7101
closes #7109

* Update `metamask-inpage-provider` to v3.0.0

The v3.0.0 update includes a change to the `accountsChanged` event. The
event will now emit an empty array instead of an array with `undefined`
or `null`.

The previous behavior was to emit `[undefined]`. The previous commit
would have changed that to `[null]` anyway, so we figured if we're
going to make a public-facing change to the event anyway we should
change it to be correct. `[undefined]` was never intended, and it
technically violates EIP-1193, which states that the `accountsChanged`
event should emit an array of strings.
2019-09-13 11:32:55 -03:00
Mark Stacey
50e9c4e5ad
Add polyfill for AbortController (#7157)
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.

I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
2019-09-12 17:07:27 -03:00
kumavis
629f5ef221
ci - create source-map-explorer build-artifacts (#7141)
* ci - create source-map-explorer build-artifacts

* ci - add source-map-explorer builds to metamaskbot comment

* lint fix

* ci - source-map-explorer - include all bundles
2019-09-11 23:35:30 +08:00
kumavis
0985e8f012
ci - build-artifacts - generate sesify-viz for inspecting deps (#7151)
* ci - build-artifacts - generate sesify-viz for inspecting deps

* lint fix
2019-09-11 22:47:21 +08:00
kumavis
86e69b6a22 deps - move gulp-terser-js to devDeps 2019-09-11 01:02:48 +08:00
kumavis
72fd15e828 build - replace gulp-uglify-es with gulp-terser-js 2019-09-10 16:48:09 +08:00
Dan J Miller
7af902e500
Make chainId available in the metamask-inpage-provider (#7110)
* Make chainId available in the metamask-inpage-provider

* Update metamask-inpage-provider to 2.1.0

* Add e2e tests for ethereum.on events

* Move chainId constants to lib/enums.js

* Don't use new chainId enums in createInfuraClient

* Fix app/scripts/lib/select-chain-id.js
2019-09-09 22:01:34 -02:30
Whymarrh Whitby
0422930575
Bump eth-json-rpc-middleware dependency (#7128)
* Update eth-json-rpc-middleware to @^4.2.0

* Resolve all eth-json-rpc-middleware to 4.2.0
2019-09-09 14:53:13 -04:00
Nick Doiron
d589d2dec0 Right-to-left CSS (using module for conversion) (#7072)
* Create RTL stylesheets using `gulp-rtl`

* Handle RTL stylesheet special cases

Certain blocks of Sass  were set to bypass "rtlcss" using ignore
comments. Certain icons had to be flipped 180 degrees.

* Switch stylesheets when locale changes

A second stylesheet has been added to each HTML page for use with
right-to-left locales. It is disabled by default. It is enabled on
startup if a RTL locale is set, and when switching to a RTL locale.
Similarly the LTR stylesheet is disabled when a RTL locale is used.

Unfortunately there is an unpleasant flash of unstyled content when
switching between a LTR and a RTL locale. There is also a slightly
longer page load time when using a RTL locale (<1s difference). We
couldn't think of an easy way to avoid these problems.

* Set `dir="auto"` as default on `TextFields`
2019-09-03 14:47:54 -03:00
Erik Marks
4e29fb97d6
Remove Babel 6 from internal dependencies (#7037)
remove babel@6 from internal deps

update internal deps to latest published versions
2019-08-26 10:07:44 -06:00
Whymarrh Whitby
6dfc16f0fc
Add lint:changed script entry to lint only changed files (#7055) 2019-08-22 09:21:16 -02:30
Whymarrh Whitby
6bc1077880
Make Coveralls its own optional CI job (#7002)
* ci: Move Coveralls into optional step

* Split Coveralls step out of test:coverage npm script
2019-08-13 13:29:10 -02:30
Bruno Barbieri
835d4fbb13
Update mobile sync (#6967)
* update mobile sync

* update lockfile
2019-08-06 15:33:41 -04:00