1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-29 07:16:36 +01:00
Commit Graph

17 Commits

Author SHA1 Message Date
Bernardo Garces Chapero
55a1514513
fix signature controller patch (#19607) 2023-06-15 15:12:59 +01:00
Elliot Winkler
f77b1f65e2
Upgrade assets-controllers to v9 (#19472) 2023-06-09 15:48:48 -05:00
Elliot Winkler
e96b6860a4
Check Node (and Yarn) versions at install (#19537)
Unlike Yarn Classic, Yarn Berry will not verify that the current version
of Node being used matches the `engines` field in `package.json`.
However, someone has written a plugin, [`engines`][1], that provides
this missing functionality, and this commits adds that plugin. This
should ensure that all developers are using the correct version of Node.
(In addition to checking the current Node version, the plugin also
checks the current Yarn version.)

[1]: https://github.com/devoto13/yarn-plugin-engines
2023-06-09 11:23:23 -06:00
Bernardo Garces Chapero
5355000202
Handle watch asset accept and reject using ApprovalController only (#18829) 2023-06-05 21:13:22 +01:00
Bernardo Garces Chapero
67555fc879
accept approval request first (#19409) 2023-06-02 11:07:08 +01:00
legobeat
dc580c1cf1
devDeps: squirrelly@^8.0.8->^9.0.0 (#19113)
CVE-2021-32819 / GHSA-q8j6-pwqx-pm96
2023-06-01 05:21:42 +09:00
Daniel
471889e5bb
Enable token detection for the Aurora network, fix primary token for Aurora, update a URL (#19009) 2023-05-16 17:57:04 +02:00
Frederik Bolding
125021e425
[FLASK] snaps-monorepo@0.33.1-flask.1 (#18913)
* snaps-monorepo@0.33.0-flask.1

* Add browser-passworder

* Patch babel/core

* Fix PermissionController messenger allowlist

* Update test-snaps

* Use latest patch

* Update LavaMoat policies

* Re-enable RPC E2E

* Make snaps iframe URL be a env variable and bump it

* Add new env variable to test env

* Add iframe URL to desktop build
2023-05-15 19:36:24 +02:00
legobeat
576eee7adf
devDeps: eslint@8.14.0,8.20.0->8.36.0 (#18748)
* devDeps: eslint@8.14.0,8.20.0->8.36.0

- CVE-2021-4279 / CVE-2021-4279
- consolidate eslint into single version
  - port patches

* add eslintignore directive

* lavamoat: update build policy overrides
2023-04-28 07:45:15 +09:00
legobeat
c21c2bdcf0
security: patch request for CVE-2023-28155 (#18208)
* security: patch request for CVE-2023-28155

GHSA-p8p7-x288-28g6

Ported from https://github.com/request/request/pull/3444

* add iyarc exclusion
2023-03-17 11:59:39 -02:30
ryanml
4ee93f2594
Fixing yarn version command, adding yarn version plugin (#17325)
* Removing invalid flags for yarn version command

* Adding yarn version plugin

* remove .yarn from coverage

---------

Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-02-01 17:05:52 -07:00
weizman
6d551f10fe
Update LavaMoat (core/lavapack) (#17061) 2023-01-18 14:35:37 +02:00
Brad Decker
8e3eaed57f
fix audit failure for luxon by upgrading (#17106) 2023-01-09 12:41:32 -06:00
Brad Decker
35e3b7e82e
fix audit failure (#17079) 2023-01-04 11:29:37 -06:00
weizman
3cf5ef642f
Revert "Integrate new LavaMoat scuttling protection feature (#16994)" (#17043) 2022-12-22 17:26:53 +02:00
weizman
5d320ceec6
Integrate new LavaMoat scuttling protection feature (#16994)
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-12-21 12:54:30 -06:00
Brad Decker
6d1170f06c
upgrade yarn to version 3 (#16232)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: ricky <ricky.miller@gmail.com>
Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
Co-authored-by: legobt <6wbvkn0j@anonaddy.me>
Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net>
2022-12-08 10:38:04 -06:00