1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

197 Commits

Author SHA1 Message Date
Frederik Bolding
910b9e713f
Use separate versions for Flask and Stable snaps (#18875)
* Use separate versions for Flask and Stable snaps

* Update LM policy override

* Add deps to depcheck

* Improve import
2023-05-03 15:16:43 +02:00
legobeat
576eee7adf
devDeps: eslint@8.14.0,8.20.0->8.36.0 (#18748)
* devDeps: eslint@8.14.0,8.20.0->8.36.0

- CVE-2021-4279 / CVE-2021-4279
- consolidate eslint into single version
  - port patches

* add eslintignore directive

* lavamoat: update build policy overrides
2023-04-28 07:45:15 +09:00
legobeat
2943ec3310
devDeps: bumps source-map related dependencies (#18830)
* devDeps: bumps source-map related dependencies

* update lavamoat build policy
2023-04-27 00:07:04 +09:00
Brad Decker
08f775796c
Policy formatting issue (#18810) 2023-04-25 15:54:13 -05:00
legobeat
2c1ed4e8f0
deps: replace gulp-dart-sass with gulp-sass. (#16302)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 09:37:30 -05:00
Olaf Tomalka
95c37e1ba3
feat: add yaml feature management (#18125)
* feat: add yaml feature management

Add yaml feature file per build type.
Also add method to parse yaml and set
enabled features env to true. The build
process will then replace any process.env[feature]
that exists on the config by its value

* chore: add example for desktop

* Added initial draft of build features

* [TMP] Sync between computers

* Is able to succesfully build stable extension with snaps feature

* Removing var context from builds.yml

* Add asssets to builds.yml

* Minor bug fixes and removing debug logs

* [WIP] Test changes

* Removed TODOs

* Fix regession bug

Also
* remove debug logs
* merge Variables.set and Variables.setMany with an overload

* Fix build, lint and a bunch of issues

* Update LavaMoat policies

* Re-add desktop build type

* Fix some tests

* Fix desktop build

* Define some env variables used by MV3

* Fix lint

* Fix remove-fenced-code tests

* Fix README typo

* Move new code

* Fix missing asset copy

* Move Jest env setup

* Fix path for test after rebase

* Fix code fences

* Fix fencing and LavaMoat policies

* Fix MMI code-fencing after rebase

* Fix MMI code fencing after merge

* Fix more MMI code fencing

---------

Co-authored-by: cryptotavares <joao.tavares@consensys.net>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 16:32:51 +02:00
legobeat
64d4bfbbe9
Use SIWE origin validation logic from @metamask/controller-utils (#18518)
* feat: use SIWE origin domain validation from @metamask/controller-utils
* deps: @metamask/controller-utils@3.2.0->3.3.0
2023-04-25 17:25:58 +09:00
legobeat
a827c444fb
devDeps: security updates roundup (#18739)
* devDeps: resolutions: git-url-parse@^12=>13.1.0
  - CVE-2022-2900 / GHSA-j9fq-vwqv-2fm2

Depended on from now abandoned @storybook/storybook-deployer
  - https://github.com/storybook-eol/storybook-deployer/pull/131
  - https://github.com/IonicaBizau/git-url-parse/releases/tag/13.0.0
  - https://github.com/IonicaBizau/git-up/releases/tag/7.0.0

* devDeps: source-map-explorer@2.4.2->2.5.3
* devDeps: bump terser dependencies
   - CVE-2022-25858 / GHSA-4wf5-vphf-c2xc
* devDeps: shelljs@0.8.4->0.8.5
   - CVE-2022-0144 / GHSA-4rq4-32rv-6wp6
* devDeps: serve-handler@6.1.3->6.1.5, minimatch@3.0.4->3.1.2
  - CVE-2022-3517 / GHSA-f8q6-p94x-37v3
* devDeps: bump x-default-browser-id in resolutions
  - CVE-2021-33623 / CVE-2021-33623
  - https://npm-diff.app/x-default-browser@0.4.0...x-default-browser@0.5.2
* devDeps: pin glob-parent@^6.0.2 in resolutions
  - CVE-2020-28469 / GHSA-ww39-953v-wcq6
2023-04-25 17:09:22 +09:00
Bernardo Garces Chapero
8632acbba3
Update tokens controller (#18459)
* update tokens controller
2023-04-21 09:05:27 +01:00
Mark Stacey
3776f4ad4c
Remove mobile sync feature (#18692)
The mobile sync feature has been removed. It has been disabled for
years. When we enable sync again, it will be using a different
implementation. This has already been removed on the mobile side.
2023-04-20 14:29:30 -02:30
legobeat
5d2c4c143a
devdeps: mocha@7.2.0->9.2.2 (#18195)
* devdeps: mocha@7.2.0->9.2.2

Maintenance upgrade

- Closes subdependency flat advisory
  - CVE-2020-36632 / GHSA-2j2x-2gpw-d8fm
- upgrade eslint-plugin-mocha to match
  - previously used `eslint-plugin-mocha` depended on mocha@^8.2.0

* devdeps: patch-bump ansi-regex

closes GHSA-93q8-gq69-wqmw

* update lavamoat policies
2023-04-14 10:49:22 +09:00
Mark Stacey
4c62bc445e
Update controllers to include core v42 release (#18464)
All controllers from the core monorepo have been updated to be equal to
or greater than the versions included in the v42 core release.

This release included a breaking change to all controllers because the
package `isomorphic-fetch` was removed. That package was used to ensure
that a `fetch` polyfill was present, so that the controllers could be
used in a non-browser context. This breaking change does not affect the
extension because we already install a `fetch` polyfill in our unit test
environment, and in a real build the real `fetch` API is present.

The gas fee controller had an additional breaking change: the EIP 1559
API endpoint is now a required argument. This does not affect the
extension because this argument was already being set.
2023-04-12 11:02:14 -02:30
Mark Stacey
16bfa1f728
Update the gas fee controller from v1 to v3 (#18466)
The gas fee controller has been updated from v1 to v3. The breaking
changes for v2 and v3 related to the `@metamask/network-controller`
type that was referenced. They don't affect the extension's usage of
this package, so they are non-breaking for the extension.

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
2023-04-11 13:11:26 -02:30
Mark Stacey
92556867f7
Update the announcement controller to v2 (#18465)
The announcement controller has been updated to v2.0.1. The breaking
change in v2 was the migration to the BaseControllerV2 API. This
affected the constructor, as well as some methods/properties that we do
not use.
2023-04-06 17:21:13 -02:30
OGPoyraz
6e40a0eb7e
feat: use siwe detection from @metamask/controller-utils (#18409) 2023-04-04 17:25:57 +02:00
Mark Stacey
7059894399
Update @metamask/swappable-obj-proxy (#18422)
* Update `@metamask/swappable-obj-proxy`

The package `@metamask/swappable-obj-proxy` has been updated to the
latest version. The breaking changes include moving the package under
the `@metamask` scope and converting it to TypeScript.

* Update policy
2023-04-04 09:27:51 -02:30
Mark Stacey
be41b29199
Update @metamask/obs-store (#18421)
`@metamask/obs-store` has been updated from v5 to v8. The breaking
changes include updating the minimum supported Node.js version to v12,
and removing an unused class `LocalStorageStore`. v8 includes a bugfix
that resolves an accidental breaking change in v6.0.2; it's non-
breaking when updating from older versions.

This update includes type improvements. The main improvement is that
now we can type the observational store using generic parameters. The
previous version used `unknown` for the store contents.
2023-04-03 15:58:56 -02:30
Mark Stacey
74f2d27d10
Update @metamask/safe-event-emitter (#18419)
The package `safe-event-emitter` has been updated to v2. This update
includes renaming the package to be scoped under `@metamask`, and it
includes a TypeScript migration.
2023-04-03 15:57:39 -02:30
Frederik Bolding
a53b9fb489
[FLASK] snaps-monorepo@0.32.2 (#18371)
* snaps-monorepo@0.32.0

* Update LavaMoat policies

* Add JsonSnapRegistry

* Fix lint

* [FLASK] Handle side-effects changes in metamask-controller (#18373)

* Update PermissionController

* Fix lint

* Update iframe-execution-environment

* snaps-monorepo@0.32.1

* Bump test-snaps

* Update version assertion

* Update URLs

* Fix lint

* snaps-monorepo@0.32.2

---------

Co-authored-by: Guillaume Roux <guillaumeroux123@gmail.com>
2023-03-30 23:57:28 +02:00
Alex Donesky
349c9d4a03
Refactor network client constructor (#17652) 2023-03-22 17:20:59 -05:00
Matthew Walsh
bf29922488
Use core message managers and create sign controller (#18163) 2023-03-20 13:19:50 +00:00
Guillaume Roux
d6f58bceb0
[FLASK] snaps-monorepo@0.31.0 (#18142)
* allow SnapController to call `ApprovalController:updateRequestState` action

* combine popups

* show only autorship pill on result

* lint

* update `snaps-monorepo@0.31.0` and regen policies

* dedupe deps and fix fencing

* fix update button text

* fix fencing

* Update a bunch of e2es

* address requested changes

* update policy

* bump key-tree

* fix lint

* Update RPC E2E

* fix locales

* Remove wrong instance of window handle polling

* design changes and address pr comments

* remove unused imports

* fix lint

* fix fencing

* remove unused locales

* fence things

* re-add redirection

* bump test-snaps version

* Fix update e2e

* fix redirecting logic and address requested changes

* force update metamask state on approved

* move force update

---------

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-03-17 12:00:05 +01:00
Frederik Bolding
872a8c79f4
Bump @metamask/utils to 5.0.0 (#18155)
* Update utils

* Ignore as-sha256

* Update LavaMoat policies
2023-03-16 11:33:40 +01:00
witmicko
fde18dec0c
link component (#17897)
Added externlalLink to ButtonLink

Co-authored-by: George Marshall <george.marshall@consensys.net>
2023-03-10 17:47:01 +00:00
Hassan Malik
7086494b72
[FLASK] BREAKING - snaps-monorepo@0.30.0 (#17718)
* updated snap permission to wallet_snap, updated tests and added migration

* updated snap packages

* yarn.lock fix

* fixed errors

* override policy

* update policy

* undo override

* updated localization message descriptions

* updated lavamoat policy

* more policy updates

* update permission controller version

* update policy

* update fixture builder

* updated code to include permission value to satisfy wallet_snap permission description call

* fix import issue

* update test-snaps version

* added missing actions, added snap permission dedupe function

* prettier fix

* fix fencing

* add more fencing

* prettier fix

* fix fencing (again)

* added new action and selector and updated view snap accordingly

* update test snaps website version

* unfence request variable

* add fencing

* add optional chaining to fix type error

* update migration #

* remove old migration

* prettier fix

* fix migration test

* fix fencing

* added missing fencing

* updated code to workaround fencing

* update test-snaps site version and remove snap confirm test

* update snap packages

* update policies

* fix merge marker issue

* update test

* more fixes

* fix permissions

* update test

* fixed test

* Bump test-snaps and iframe-execution-environment

* remove unused snap permission from fixture builder

* update policies

* undo comment removal, update selector implementation

* removed unnecessary function, updated migration, updated caveat action

* remove optional chaining

* fix type issue

* more type fixes

* fix migration test

* remove isFlask check, make migration logic more robust

* update coverage

* Update LavaMoat policies

* Update test/e2e/snaps/enums.js

* add extra bail condition

* Revert "add extra bail condition"

This reverts commit b45c53dcfc6e6e35a5e283d4955d6d6ea9ca5965.

* Revert "Revert "add extra bail condition""

This reverts commit cd2ded677935c9cdab0c02b6af55474c83727f60.

* fix test

* add SnapController entry to state object

* updated permission name and caveat type with hardcoded values

* add extra test for non-flask scenario

* update lavamoat policies

* fix locale messages

* change coverage target

* re-enable rpc snap test

* revert locale message change

* fix el message

* reverted changes

---------

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-03-08 13:29:23 -05:00
Matthew Walsh
d0417da3d0
Move desktop code to flask build type (#17960) 2023-03-06 19:35:00 +00:00
João Tavares
656b6d1963
fix: desktop lavamoat policies (#17928) 2023-02-28 14:51:43 +00:00
Mark Stacey
e223348fb3
Update eth-json-rpc-middleware from v9 to v10 (#17591)
This release only includes one breaking change, which is the renaming
of the package to be under the `@metamask` scope. It includes
improvements to the types that will unblock migrating our network
clients to TypeScript.
2023-02-27 13:19:08 -03:30
Mark Stacey
2ccc1977bf
Update the PhishingController to v2 and update phishing warning page (#17835)
The PhishingController has been updated to v2. This release should
dramatically reduce network traffic and double the update speed of the
phishing list.

This was accomplished by combining both of our phishing configurations
into one list (the "stalelist"), then creating a separate list of the
changes just the past few days (the "hotlist"). Now users will download
a smaller list more frequently (every 30 minutes rather than every
hour), whereas the full list is only updated every 4 days.

The combined configuration means that we no longer know which list was
responsible for each block. The phishing warning page has been updated
to dynamically look this information up, to ensure users are still
directed to the correct place to dispute a block. This update to the
phishing warning page also includes the recent redesign.
2023-02-24 11:39:00 -03:30
Mark Stacey
0b296e88a5
Update @metamask/utils to the latest version (#17837)
The latest version of this package includes improvements to the
`hasProperty` function, making it more useful for type narrowing.
2023-02-21 11:19:20 -03:30
Guillaume Roux
ccde54937f
Pass excludedPermissions to SnapController (#17321)
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-02-15 11:09:47 +01:00
Thomas Huang
4735978b8d
Removal of enzyme pkge dep (#17261)
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-02-14 12:14:00 -06:00
Mark Stacey
1d0522fd88
Update json-rpc-middleware-stream from v2 to v4 (#17588)
This package has been updated to reduce the bundle size (we already use
the v4 version indirectly). The only breaking change applicable to the
usage of this package in the extension is to the package's exports. The
one import line has been updated accordingly.

This update comes with types (v3 was the TypeScript migration).
2023-02-08 11:15:00 -03:30
Matthew Walsh
92367dff79
Add desktop build type (#17592)
Implement build type inheritance.
Add CircleCI jobs for desktop build type.
2023-02-08 09:24:01 +00:00
Maarten Zuidhoorn
1d5030af97
Add hardcoded list of human-readable snap derivation paths (#17627)
* Add hardcoded list of human-readable snap derivation paths

* Fix formatting

* Update policies
2023-02-06 21:49:56 +01:00
Nidhi Kumari
080d72abed
updated assets and phishing controller packages (#17569)
* updated controller versions

* updated policy and lock files
2023-02-06 20:41:13 +05:30
Brad Decker
c1f9c778c9
Add error module for safely handling errors (#17511)
Co-authored-by: Danica Shen <zhaodanica@gmail.com>
2023-02-02 13:30:57 -06:00
vthomas13
532a10f9f5
Adding browser outdated notification (#17027)
* Adding browser outdated notification

* updating dependency

* adding unit tests for util function

* adding unit tests for selectors, lintfix

* Added Tests, refactored notification delay logic

* lint:fix

* adding test coverage for method parameter

* Update app/scripts/controllers/app-state.js

adding documentation details

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* moving declaration into test

* Update app/scripts/controllers/app-state.test.js

spacing in test file

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update jest.config.js

removing duplicate entries

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* using async submitRequestToBackground method

* removing unused import

* removing unnecessary link syntax in notification

* adding opera and edge and associated tests

* handling the undefined case in bowser.satisfies

* setOutdatedBrowserWarningLastShown try/catch

* lint:fix

* Removing try/catch and letting errors bubble up

Removing deprecated displayWarning method

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* taking out forceMetamaskUpdateState call

* excludint app-state test from mocha test suite

* Added note: Jest files should match Mocha excluded

* syntax error, lint:fix

---------

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2023-02-02 13:56:41 -05:00
David Walsh
03d8ee5eae
Onboarding V2: Remove old onboarding flow (#17081) 2023-02-01 09:28:09 -06:00
Alex Miller
3e3abcafc2
[GridPlus] Bumps gridplus-sdk to v2.4.1 (#16847)
The only change relevant to MetaMask users is a fix on an ABI
decoding util that addresses an edge case that was failing to decode.
Full changes: https://github.com/GridPlus/gridplus-sdk/compare/v2.2.9...v2.4.1
2023-01-25 18:57:33 -03:30
amerkadicE
dd09245ff6
Fix/use etherjs specific imports (#15461)
* replace ethers with submodules

Co-authored-by: Alex <adonesky@gmail.com>
2023-01-24 08:10:36 -06:00
Frederik Bolding
51518c42bb
[FLASK] snaps-monorepo@0.28.0 (#17277)
* snaps-monorepo@0.28.0

* Update LavaMoat policies

* Remove old blocklist implementation, add feature flags

* Lint

* Update iframe execution environment

* Change getPrimaryKeyringMnemonic return type

* Update tests

* Update key-tree
2023-01-23 20:41:04 +01:00
Alex Donesky
c508087cf1
Integrate KeyringController v10 (#17056)
* integrate `@metamask/eth-keyring-controller` v10
2023-01-20 17:03:11 -06:00
Brad Decker
a9ef2a049a
add numeric module (#17324) 2023-01-20 15:16:56 -06:00
Nidhi Kumari
c5368c152b
Added storybook check to CI (#17092)
* added storybook test runner

* added test runner in ci

* updated test for ci and fixed lint error

* updated lavamoat policy

* updated test command

* updated playwright

* changed command to storybook;ci

* updated command

* updated instance for test-storybook

* updated playwright

* added playwright step

* replaced concurrently with start-server-and-test

* updated the static storybook directory

* replaced first with last

* updated lock file

* replaced first with last

* updated test-storybook with maxworkers

* updated .depchechrc

* updated yml

* removed id from banner base

* replaced broken stories with .stories-to-do.js extesnsion

* updated token allowance story

* removed duplicacies from yarn

* fixed lavamoat

* removed filename comment

* updated links for docs

* fixed file extension for stories

* updated path for stories.json

* updated stories.json path

* yarn updated

* updated stories

* updated yarn

* updated wait on
2023-01-21 00:57:46 +05:30
Thomas Huang
fae2a02d1c
Bump @testing-library/react-hooks dependency. (#17271)
* Bump @testing-library/react-hooks from `v3.2.1` to `v8.0.1`

* Lavamoat policy changes with dep bump
2023-01-18 10:49:56 -08:00
Olusegun Akintayo
d7e829ed5a
Persist phishing state controller state. (#16643)
* Persist phishing state controller state.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

update phishing controller to latest version

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Rebase, Yarn3, Lavamoat

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

run allow-scrips.

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

lavamoat:auto and linter

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

* lint fixes

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>

Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
2023-01-18 16:44:19 +01:00
weizman
6d551f10fe
Update LavaMoat (core/lavapack) (#17061) 2023-01-18 14:35:37 +02:00
Jyoti Puri
a5a775bcfd
Update eth-json-rpc-filters (#17193) 2023-01-17 23:54:06 +05:30
Niranjana Binoy
a0bb4a6c5a
Toggle option to enable/disable balance and Token rate checking for using third-party API (#16772) 2023-01-17 10:23:04 -05:00