1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-28 23:06:37 +01:00
Commit Graph

1582 Commits

Author SHA1 Message Date
MetaMask Bot
75c7d284c5 Version v9.8.3 2021-07-24 00:44:37 +00:00
ryanml
77626b90c7 Merge remote-tracking branch 'origin/develop' into master-sync 2021-07-21 20:37:42 -07:00
MetaMask Bot
0f90c4239a Version v9.8.2 2021-07-20 12:33:28 +00:00
ryanml
53c358e207 Merge branch 'develop' into master-sync 2021-07-16 11:51:15 -07:00
Peter-Jan Brone
3fada25dfc
Add Skylink support to ENS resolver (#11401)
* Add Skynet support to ENS to IPFS resolver

* Remove newline

* Fix lint

* Fix lint

* Remove mistakenly committed zip file

* Update
2021-07-16 10:22:04 -05:00
kumavis
9f4820ee98
Build - refactor for bundle factoring and swappable runtime (#11080)
* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* Updating lockfile

* lint fix

* build/dev - patch watchifys incompatible binary stats output

* ui - add comment about conditional import

* build - improve comment

* Update development/stream-flat-map.js

Co-authored-by: Brad Decker <git@braddecker.dev>

* Outputting all bundle file links (metamaskbot)

Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
2021-07-15 10:59:34 -07:00
MetaMask Bot
80b0f04127 Version v9.8.1 2021-07-13 20:31:50 +00:00
ryanml
81a71a1052 Merge remote-tracking branch 'origin/develop' into master-sync 2021-07-12 08:41:53 -07:00
Alex Donesky
ece437b139 Update controllers with conversionRate change with minimal required changes in extension (#11361)
* updating controllers with conversionRate change with minimal required changes in extension

* swapping showFiat selector in places where possible

* adding invalid conversion protection

* lint fixes

* adjusting list-item styling logic
2021-07-09 16:35:44 -02:30
Brad Decker
39906d6124
upgrade @metamask/controllers to v12.0.0 (#11472) 2021-07-07 15:08:00 -05:00
ryanml
9e86d417f9
Bumping contract-metadata -> 1.27.0 in package.json (#11458) 2021-07-06 10:44:34 -07:00
MetaMask Bot
17682e3368 Version v9.8.0 2021-07-05 09:14:05 +00:00
Alex Donesky
85f17831a2 add erc-721 token detection and flag to disable sending (#11210)
* add erc-721 token detection and flag to disable sending

* addressing feedback

* remove redundant provider instantiation

* fix issue caused by unprotected destructuring

* add tests and documentation

* move add isERC721 flag to useTokenTracker hook

* Update  and  unit tests

* use memoizedTokens in useTokenTracker

Co-authored-by: Dan Miller <danjm.com@gmail.com>
2021-07-05 01:01:26 -07:00
ryanml
c6a6e6c21b Merge remote-tracking branch 'origin/develop' into master-sync 2021-07-01 12:59:41 -07:00
MetaMask Bot
4b7a1ec91f Version v9.7.1 2021-06-30 19:29:07 +00:00
Etienne Dusseault
5b08a6b94a
yarn build:dev for running build subprocess not in lavamoat (#11427) 2021-06-30 12:26:19 -02:30
Brad Decker
810978c1ff use jest for testing shared (#11334) 2021-06-29 15:35:22 -07:00
ryanml
b4f27d8916 Merge remote-tracking branch 'origin/develop' into master-sync 2021-06-25 09:57:28 -07:00
Brad Decker
a396f55953
use jest for testing shared (#11334) 2021-06-24 14:52:29 -05:00
Alex Donesky
a4a5580785
Update controllers with conversionRate change with minimal required changes in extension (#11361)
* updating controllers with conversionRate change with minimal required changes in extension

* swapping showFiat selector in places where possible

* adding invalid conversion protection

* lint fixes

* adjusting list-item styling logic
2021-06-23 18:28:49 -05:00
Alex Donesky
e10ddbe3a3
add erc-721 token detection and flag to disable sending (#11210)
* add erc-721 token detection and flag to disable sending

* addressing feedback

* remove redundant provider instantiation

* fix issue caused by unprotected destructuring

* add tests and documentation

* move add isERC721 flag to useTokenTracker hook

* Update  and  unit tests

* use memoizedTokens in useTokenTracker

Co-authored-by: Dan Miller <danjm.com@gmail.com>
2021-06-22 12:39:44 -05:00
Brad Decker
cf34e64f15
Support EIP-2718 transaction types, EIP-2930 and EIP-1559 support (#11288) 2021-06-16 15:40:17 -05:00
ryanml
c60313eeac Merge remote-tracking branch 'origin/develop' into master-sync 2021-06-15 14:17:26 -07:00
MetaMask Bot
56650b7e56 Version v9.6.1 2021-06-15 18:59:27 +00:00
Mark Stacey
7535d63466
Add run-e2e-test.js script (#11301)
This script makes it easier to run an individual E2E test. In the past
I've run individual scripts by editing `run-all.sh` manually, but now
that can be done more easily with this script. It also allows setting
the number of retries to use and the browser to use from the CLI.

This script has been added as an npm script as well, called
'test:e2e:single'.

The `run-all.sh` script was rewritten in JavaScript to make it easier
to pass through a `--retries` argument.

The default number of retries has been set to zero to make local
testing easier. It has been set to 2 on CI.

This was mainly done to consolidate the code used to run an E2E test in
one place, to make later improvements easier.
2021-06-15 15:21:25 -02:30
ryanml
341b090857
Upgrading eth-ledger-bridge-keyring -> 0.6.0, eth-trezor-keyring -> 0.7.0 (#11290) 2021-06-14 19:30:52 -07:00
Mark Stacey
80697f781a Update @metamask/contract-metadata from v1.25 to v1.26 (#11278)
This update includes various new tokens.
2021-06-11 06:56:58 -07:00
Mark Stacey
108bd7987b
Update @metamask/contract-metadata from v1.25 to v1.26 (#11278)
This update includes various new tokens.
2021-06-11 11:04:09 -02:30
MetaMask Bot
5f2e1ba476 Version v9.7.0 2021-06-11 01:07:28 +00:00
ryanml
f1403f4849 Bumping package version -> 9.6.0 2021-06-10 14:29:29 -07:00
Etienne Dusseault
ecf31c39d0 bump allow scripts (#11134) 2021-06-07 10:38:33 -02:30
MetaMask Bot
1902b5d6b5 Version v9.6.0 2021-06-07 10:38:33 -02:30
ryanml
ec01218a73 Bumping package.json 2021-06-07 10:33:25 -02:30
Niranjana Binoy
d4cb403d51 Handling custom token decimal fetch failure due to network error (#10956) 2021-06-07 10:33:20 -02:30
David Walsh
440b013d51 Update eth-ledger-bridge-keyring to v0.5.0 (#11064) 2021-06-07 10:30:50 -02:30
Etienne Dusseault
fac258a38a bump allow scripts (#10822) 2021-06-07 10:16:19 -02:30
Erik Marks
2007e73747 @metamask/providers@8.1.1 (#11078)
* @metamask/providers@8.1.1

* Minimize import footprint
2021-06-07 10:07:43 -02:30
ryanml
9303912b7d bumping package.json -> 9.5.2 2021-06-07 10:07:43 -02:30
ryanml
3a6966ac8a Fixing changelog, bumping package.json -> 9.5.1 2021-06-07 10:06:18 -02:30
Mark Stacey
4ced29e3a2 Migrate version from _base manifest to package.json (#11029)
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.

This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
2021-06-07 10:03:09 -02:30
Mark Stacey
119693fe05 Update @metamask/controllers to v8 (#11000)
Update `@metamask/controllers` from v6 to v8. The breaking changes were
all in controllers that aren't used by the extension, so no changes
were required.
2021-06-07 10:02:39 -02:30
Mark Stacey
e6fcd3d867 Replace auto-changelog script (#10993)
The `auto-changelog` script has been replaced with the package
`@metamask/auto-changelog`. This package includes a script that has
an `update` command that is roughly equivalent to the old
`auto-changelog.js` script, except better. The script also has a
`validate` command.

The `repository` field was added to `package.json` because it's
utilized by the `auto-changelog` script, and this was easier than
specifying the repository URL with a CLI argument.
2021-06-07 10:02:30 -02:30
Erik Marks
88d85d43bd @metamask/post-message-stream@4.0.0 (#10989) 2021-06-07 10:00:17 -02:30
Brad Decker
29742b9519 remove the ui/app and ui/lib folders (#10911) 2021-06-06 12:45:27 -02:30
Mark Stacey
a8196c2b21
Merge pull request #11233 from MetaMask/master-sync
Sync `master` with `develop`
2021-06-04 10:01:42 -02:30
ricky
10c600589b
Feature/use zeroAddress (#11205)
* update ethereumjs-util

* Use zeroAddress
2021-06-03 20:56:04 -04:00
Dan Miller
9d79246f9c Merge branch 'develop' into master-sync 2021-06-03 16:29:51 -02:30
Dan J Miller
5d566a483a Resolve ws dependency to version ^7.4.6 to fix security vulnerability (#11229) 2021-06-03 14:07:17 -02:30
Dan Miller
a194fa92c3 Merge branch 'develop' 2021-06-03 12:02:57 -02:30
Dan J Miller
6040c6ebbb
Resolve ws dependency to version ^7.4.6 to fix security vulnerability (#11229) 2021-06-03 10:56:52 -02:30
Dan Miller
e3ed26cc24 Revert "Revert "Implement Ledger Live bridge (#10293)""
This reverts commit 56db48a1c3.
2021-05-31 17:30:56 -02:30
Dan J Miller
9e92ab41ee
Sync master with develop (#11215)
* Revert "lint fix"

This reverts commit 6dfab2e3c6.

* Revert "Adding "What's New" notification for Ledger Support Update (#11188)"

This reverts commit 939a34f16c.

* Revert "Disable Ledger Live toggle for Firefox users (#11169)"

This reverts commit dec34fa4c6.

* Revert "Implement Ledger Live bridge (#10293)"

This reverts commit 397417bf09.

* Version v9.5.7

* Update CHANGELOG.md

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Revert "Revert "Implement Ledger Live bridge (#10293)""

This reverts commit 56db48a1c3.

* Revert "Revert "Disable Ledger Live toggle for Firefox users (#11169)""

This reverts commit 6e0da428ac.

* Revert "Revert "Adding "What's New" notification for Ledger Support Update (#11188)""

This reverts commit 7365f87f9e.

* Revert "Revert "lint fix""

This reverts commit 02b442aace.

* Track version in correct place (i.e. package.json) for master to develop sync for v9.5.7

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-05-31 15:38:52 -02:30
Dan Miller
56db48a1c3 Revert "Implement Ledger Live bridge (#10293)"
This reverts commit 397417bf09.
2021-05-28 16:17:17 -02:30
ryanml
96c6affb12 Bumping package version -> 9.5.6 2021-05-27 13:40:48 -07:00
David Walsh
397417bf09 Implement Ledger Live bridge (#10293) 2021-05-26 10:33:12 -07:00
ryanml
f85697365e Bumping package.json version -> 9.5.5 2021-05-25 12:14:58 -07:00
Etienne Dusseault
4c341d83ab
Add Approval Confirmation Screen component to Storybook (#10998)
* add metametrics wrapper

* add history dep

* provide test data and mock react router

* add first confirmaion screen

* figure out a way to mock match.params

* render token approval with data

* fix lockfile

* fix lint

* remove use effect

* lintfix

* add . for src paths

* litfix

* Add knobs to change redux store for confirm-approve component (Storybook) (#11135)

* add knob for domain

* knobify

* remove logs

* remove comment

* lintfix

* fix comments

* add background calls + metriccs event to storybook acctions

* lintfixxxx
2021-05-25 08:20:09 +08:00
ryanml
28315d64f5 Upgrading dns-packet to ^5.2.2 to resolve vulnerability (#11172) 2021-05-24 16:08:21 -07:00
ryanml
e1c8afc8c4
Upgrading dns-packet to ^5.2.2 to resolve vulnerability (#11172) 2021-05-24 16:07:06 -07:00
Mark Stacey
ff71005041
Update @metamask/auto-changelog from v9.0.1 to v9.1.0 (#11170)
This update includes a bug fix that made v9.0.1 incompatible with valid
entries for the `package.json` "repository" field. Specifically, that
field required that the repository be the GitHub repo URL, but the
field is meant to point at the _git_ repo URL (the difference between
the two on GitHub is the `.git` suffix).

Now that that bug as been fixed, we can update the `repository` field
to point at `https://github.com/MetaMask/metamask-extension.git`, which
is what it should be.
2021-05-24 17:17:31 -02:30
Mark Stacey
203456d4c8 Merge remote-tracking branch 'origin/develop' into sync-master
* origin/develop: (227 commits)
  Improve UI + content for price difference notifications (#11145)
  Swaps: Create a new swap (#11124)
  Bump @metamask/controllers from 9.0.0 to 9.1.0 (#11150)
  Capture exception instead of throw error in useTransactionDisplayData (#11153)
  Fixing jest component test output errors (#11139)
  Avoid showing  "Gas price extremely low" warning in advanced tab for testnets (#11111)
  @metamask/auto-changelog@2.0.1 (#11140)
  Migrate to new CurrencyRateController (#11005)
  bump allow scripts (#11134)
  Show Sentry CLI output when uploading artifacts (#11100)
  use etherscan-link customBlockExplorer methods with customNetwork usage tracking (#11017)
  Adding notification for updated seed phrase wording (#11131)
  Bumping package.json
  Fix a condition for checking if a token should be added (#11127)
  Removing support survey notification from What's New (#11118)
  Handling custom token decimal fetch failure due to network error (#10956)
  Hide basic tab in advanced gas modal for speedup and cancel when on testnets (#11115)
  Migrate Sentry settings to environment variables (#11085)
  Update eth-ledger-bridge-keyring to v0.5.0 (#11064)
  fix metaRPCClientFactory id handling (#11116)
  ...
2021-05-21 16:16:29 -02:30
Erik Marks
978f11b89b
@metamask/auto-changelog@2.0.1 (#11140)
* @metamask/auto-changelog@2.0.1

* Update changelog

* Fix some changelog formatting edge cases
2021-05-19 21:40:22 -07:00
Mark Stacey
5009ceae53
Migrate to new CurrencyRateController (#11005)
The CurrencyRateController has been migrated to the BaseControllerV2
API, which includes various API changes. These changes include:
* The constructor now expects to be passed a
`RestrictedControllerMessenger`.
* State changes are subscribed to via the `ControllerMessenger` now,
rather than via a `subscribe` function.
* The state and configration are passed in as one "options" object,
rather than as two separate parameters
* The polling needs to be started explicitly by calling `start`. It
can be stopped and started on-demand now as well.
* Changing the current currency or native currency will now throw an
error if we fail to update the conversion rate.

The `ComposableObservableStore` has been updated to accomodate these
new types of controllers. The constructor has been updated to use an
options bag pattern as well, to make the addition of the new required
`controllerMessenger` parameter a bit less unweildly.
2021-05-20 00:27:51 -02:30
Etienne Dusseault
d381f70e56
bump allow scripts (#11134) 2021-05-20 00:26:42 -02:30
ryanml
35214dbba7 Bumping package.json 2021-05-18 11:37:44 -07:00
Niranjana Binoy
0e1181862f
Handling custom token decimal fetch failure due to network error (#10956) 2021-05-18 13:23:54 -04:00
David Walsh
da2e662675
Update eth-ledger-bridge-keyring to v0.5.0 (#11064) 2021-05-17 20:16:37 -05:00
Etienne Dusseault
b8177b22db
bump allow scripts (#10822) 2021-05-16 21:48:29 -07:00
Erik Marks
43c33b676f
@metamask/providers@8.1.1 (#11078)
* @metamask/providers@8.1.1

* Minimize import footprint
2021-05-12 19:51:14 -07:00
ryanml
92f630c190 bumping package.json -> 9.5.2 2021-05-12 17:10:42 -07:00
ryanml
b73c29a6a7 Fixing changelog, bumping package.json -> 9.5.1 2021-05-11 18:27:03 -07:00
Mark Stacey
dfe5df765e Update lodash to ^4.17.21 (#11001)
A resolution was required to update the version of `lodash` used by
`ganache-core`, and a previous resolution required updating. All other
lodash instances in our dependency tree were within range, and could be
updated in the lockfile.
2021-05-11 14:05:53 -07:00
Mark Stacey
36869a4350
Migrate version from _base manifest to package.json (#11029)
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.

This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
2021-05-10 14:16:03 -07:00
Mark Stacey
ed737cf073
Update @metamask/controllers to v8 (#11000)
Update `@metamask/controllers` from v6 to v8. The breaking changes were
all in controllers that aren't used by the extension, so no changes
were required.
2021-05-06 16:26:34 -02:30
Mark Stacey
8ce49d8e7c
Update lodash to ^4.17.21 (#11001)
A resolution was required to update the version of `lodash` used by
`ganache-core`, and a previous resolution required updating. All other
lodash instances in our dependency tree were within range, and could be
updated in the lockfile.
2021-05-06 16:02:22 -02:30
Mark Stacey
20b0346d8b
Replace auto-changelog script (#10993)
The `auto-changelog` script has been replaced with the package
`@metamask/auto-changelog`. This package includes a script that has
an `update` command that is roughly equivalent to the old
`auto-changelog.js` script, except better. The script also has a
`validate` command.

The `repository` field was added to `package.json` because it's
utilized by the `auto-changelog` script, and this was easier than
specifying the repository URL with a CLI argument.
2021-05-06 11:50:19 -02:30
Erik Marks
29fa00a97b
@metamask/post-message-stream@4.0.0 (#10989) 2021-05-05 16:07:48 -07:00
MetaMask Bot
333206ccb1
Version v9.5.0 RC (#10944)
* add trezor HD path for ledger wallets (#10616)

Co-authored-by: Barry Gitarts <bgitarts@gmail.com>

* Replace logic for eth swap token in fetchQuotesAndSetQuoteState with getSwapsEthToken call (#10624)

* Ensure permission log will only store JSON-able data (#10524)

* remove transactionCategory in favor of more types (#10615)

* remove transactionCategory in favor of more types

* remove reference to STANDARD in stubs

* Removing double click bug from delete custom network modal (#10628)

Fixes MetaMask/metamask-extension#10626

* Hide zero balance tokens at useTokenTracker layer (#10630)

* Setting balance to 0x0 when the original value is undefined (#10634)

* fix: speedup cancellation (#10579)

fixes #7305

* no more node:console (#10640)

* prefer chainId over networkId in most cases (#10594)

* Move swaps constants to the shared constants directory (#10614)

* Position the 3dot menu in the same spot on asset screen and home screen (#10642)

* Ensure swaps detail height doesn't create jump in vertical height (#10644)

* Fix: ETH 'token' now only appears once in the swaps to and from dropdowns. (#10650)

* Prevent network menu highlighting (#10643)

* Allow TextField to receive min and max attributes (#10656)

* colocate tests in flat structure (#10655)

* Fixing migration script generation paths (#10664)

* Improve specificity of `test:unit:lax` npm script (#10661)

The unit test npm script `test:unit:lax` is now more specific about
which tests files to exclude. An `--ignore` CLI option is used to
specify the files to ignore, rather than using the braces glob syntax
to ignore them from the target glob itself.

This makes the option easier to update going forward as we move more
tests into the "strict" group, because the options are exactly the same
between the two scripts. It also ensures we don't accidentally exclude
other subdirectories that happen to also be named `permissions`.

In trying to implement this, I stumbled at first because mocha expects
the ignore pattern to be a relative path if the target is a relative
path (i.e. they need to both start with `./` or neither). The script
`test:unit:strict` has been updated to use a relative target pattern
for consistency.

* Swaps support for local testnet (#10658)

* Swaps support for local testnet

* Create util method for comparison of token addresses/symbols to default swaps token

* Get chainId from txMeta in _trackSwapsMetrics of transaction controller

* Add comment to document purpose of getTransactionGroupRecipientAddressFilter

* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js

* fix: replace dnode background with JSON-RPC (#10627)

fixes #10090

* Don't render faucet row in deposit modal for custom chains (#10674)

Fixes MetaMask/metamask-extension#10038

* Change 'Send ETH' title to 'Send' (#10651)

* Fixing incorrectly typed token decimal attribute (#10666)

* refactor incoming tx controller (#10639)

* make migration more safe (#10689)

* Adding default properties to NetworkForm (#10682)

Fixes MetaMask/metamask-extension#10681

* deps - remove "remotedev-server" (#10687)

* deps - remove remotedev-server

* Remove stale references from allow-scripts config

Any packages that are no longer in the dependency tree have been
removed from the `allow-scripts` config.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Excluding sourcemaps comment in production builds (#10695)

* Excluding sourcemaps comment in production builds

Fixes MetaMask/metamask-extension#7077

* Fix source map explorer script

The source map explorer script now re-adds the source map comment to
each file to ensure the source map visualization still works. Each
module with a sourcemap is copied to a temporary directory along with
the module it corresponds to, and from there it's passed into
`source-map-explorer`. This should ensure the resulting visualization
matches what it was before.

Everything has been moved inside of functions to generally improve
readability, and to allow the use of local variables.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Delete setupFetchDebugging.js (#10636)

* Delete setupFetchDebugging.js

* remove fetch-debugging (now handled corrently by sentry)

* resolve issue with missing template error (#10692)

* resolve issue with missing template error

* also apply filtering to confirmation page

* rename variable

* Add MetaMask to list of BIP44 HD path examples (#10703)

The "BIP44 Standard" HD path option in the Ledger connect flow listed
only Trezor as an example. It seemed appropriate to include MetaMask as
well, since we use the same path. This helps users who have imported
their MetaMask seed phrase onto a Ledger device to discover this
option.

* Removing hard references to 12 word seed phrases in copy (#10704)

Adding translation entry for "Wallet Seed"

Fixed label padding issue by adding missing CSS rule

* rule out empty string for symbol (#10712)

* fix: remove unused `metamask.rpcUrl` from redux state + fix tests to reflect that (#10714)

* Fix 10706 - Prevent autocomplete from add token input (#10700)

* Fix mismatchedChain typo in custom network approval screen (#10723)

* Fix 10562 - Hide the suggested token pane when not on Mainnet or test network (#10702)

* Update @metamask/controllers to v6.2.1 (#10701)

* Additional swaps network support (#10721)

* Add swaps support for bnc chain

* Use single default token address in shared/constants/swaps

* ci - cache deps before patch-package (#10735)

* ci - cache deps before patch-package

* ci - bump dep cache number (cache break)

* build - refactor build system for easier configuration (#10718)

* build - refactor build system for easier configuration of before and after bundle

* build - fix dependenciesToBundle option

* build - fix bify external options and other config

* build - refactor for cleanliness

* build - fix minify argument

* build - fix sourcemaps setup

* scripts - refactor setupBundlerDefaults in anticipation of factor bundles

* build - scripts - remove unused pipeline label

* build - scripts - make filepath entry optional

* build - scripts - rename filepath and filename options to entryFilepath and destFilepath

* Update development/build/scripts.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* security - update SES lockdown (#10663)

* update ses

* build - reference ses directly

* deps - unify regenerator-runtime versions on 0.13.7

* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411

* patches - patch regenerator-runtime for latest ses fix

* reduc patch, new lockdown severe override taming

* updated redux patch

* update redux patch for production

* ignore lockdown in lint

* deps - bump patch-package just in case

* trailing comma

* remove ses as dep

* fix path for frozen promise

* remove js extension in lockdown require

* Revert "ignore lockdown in lint"

This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.

* Revert "build - reference ses directly"

This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.

* deps - update ses

* Revert "fix path for frozen promise"

This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.

Co-authored-by: kumavis <aaron@kumavis.me>

* Allow 11 characters in symbol for RPC (#10670)

* Add error in RPC for zero length symbols

* Increase RPC symbol length allowed to 11

* Add RPC tests for new symbol length checks

* eth-block-tracker@5.0.1 (#10737)

* Ensure swaps gas prices are fetched from the correct chain specific endpoint (#10744)

* Ensure swaps gas prices are fetched from the correct chain specific endpoint

* Just rely on fetchWithCache to cache swaps gas prices, instead of directly using storage in getSwapsPriceEstimatesLastRetrieved

* Empty commit

* update @metamask/etherscan-link to v2.0.0 (#10747)

* Use correct block explorer name and link in swaps when on custom network (#10743)

* Use correct block explorer name and link in swaps when on custom network.

* Fix up custom etherscan link code in build-quote.js

* Use blockExplorerUrl hostname instead of 'blockExplorerBaseUrl'

* Use correct etherscan-link method for token links in build-quote

* Create correct token link in build-quote for mainnet AND custom networks

* Block explorer url improvements in awaiting-swap.js and build-quote.js

* Use swapVerifyTokenExplanation message with substitutable block explorer for all applicable locales

* Ensure that block explorer links are not shown in awaiting-swap if no url is available

* Add New Zealand Dollar to currency options (#10746)

* Ensure that the correct default currency symbols are used for fees on the view quote screen (#10753)

* Fix 10517 - Prevent tokens without addresses from being added to token list (#10593)

* Updating y18n and netmask to resolve dependency issues (#10765)

netmask@1.0.6 -> 2.0.1, y18n@3.2.1 -> 3.2.2, y18n@4.0.0 -> 4.0.1

* Refactor Tx State Manager (#10672)

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Ensure that the approval fee in the swaps custom gas modal is in network specific currency (#10763)

* Ensure that priceSlippage fiat amounts are always shown in view-quote.js (#10762)

* Use network specific swaps contract address when checking swap contract token approval (#10774)

* Build - refactor background process to use html (#10769)

* build - declare background as html

* build - fill in empty file when a missing file is expected

* lint - fix

* Update development/build/manifest.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update development/build/manifest.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* build - fix use of empty file to replace unused js files (#10780)

* cache lint results for faster repeat execution (#10773)

* eslint perf improvement (#10775)

* Improve detection of task process exit (#10776)

Our build script waits for the `close` event to determine whether the
task has exited. The `exit` event is a better representation of this,
because if a stream is shared between multiple processes, the process
may exit without the `close` event being emitted.

We aren't sharing streams between processes, so this edge case doesn't
apply to us. This just seemed like a more suitable event to listen to,
since we care about the process exiting not the stream ending.

See this description of the `close` event from the Node.js
documentation [1]:

>The `'close'` event is emitted when the stdio streams of a child
>process have been closed. This is distinct from the `'exit'` event,
>since multiple processes might share the same stdio streams.

And see this description of the `exit` event:

>The `'exit'` event is emitted after the child process ends.

[1]: https://nodejs.org/docs/latest-v14.x/api/child_process.html#child_process_event_exit

* Rewrite changelog script from Bash to JavaScript (#10782)

The `auto-changelog` script has been rewritten from Bash to JavaScript.
Functionally it should behave identically.

* Refactoring ethereum-on.spec.js to use fixtures (#10778)

* Remove useless negation (#10787)

!contentComponent always evaluates to true

* Remove date from changelog release header (#10790)

New changelog release headers now omit the date. These headers are
added automatically when a new release branch is created, and that
rarely ends up being the actual date of the release, so these dates
have all been inaccurate anyway.

The date will be re-added to the changelog later as part of a new
script, after a release has been published.

* Remove script for creating master sync PR (#10791)

The script responsible for creating the "Sync `master` with `develop`"
PR has been removed. We will soon be eliminating the need for a
`master` branch altogether, so we don't need this anymore. Also, this
script hasn't been running correctly in a long time. We've been
creating this PR manually.

* Add changelog entries under release candidate header (#10784)

Instead of always placing new changelog entries under the "Current
Develop Branch" header, the changelog script now places them under the
header for the current release if that release has not yet been tagged.

This eliminates one manual step from the release process.

Relates to #10752

* Prevent duplicate changelog entries (#10786)

The changelog update script now prevents duplicate entries from being
added. Specifically, it will ensure that if a PR has been referenced
already in an entry, it will not add it again.

This should prevent it from adding duplicate entries for changes that
were cherry-picked into hotfix releases.

Note that this duplication prevention only works for entries containing
a PR number. We don't have any way to prevent duplicate entries yet in
cases where we don't know the associated PR. We will be preventing this
possibility entirely pretty soon in some upcoming release automation
changes though, so I'm not concerned about this omission.

* Set the BSC_CONTRACT_ADDRESS to lowercase (#10800)

* only applies rules to the appropriate files (#10788)

* upgrade eslint deps (#10789)

* Ensure correct primary currency image is displayed on home screen and token list (#10777)

* Add release header when updating changelog (#10794)

The changelog update script now adds a release header if it doesn't
find one already that matches the current release candidate version.

* remove node-sass dependency (#10797)

* Add support for locators into driver abstraction (#10802)

* Update changelog headers and fix dates (#10805)

The changelog release header format has been updated to match the "keep
a changelog" [1] format. Each header is now the bracketed version
number followed by a dash, then the release date in ISO-8601 format.

The release dates in each header were also updated to match the date of
the corresponding GitHub Release [2]. Many of these dates were
incorrect because they were set on the day we created the release
candidate, rather than on the day of release.

Any changelog release entries without a corresponding GitHub release
was left with the date already specified.

The three oldest release headers were missing dates. For the first two,
I used the date of the version bump commit. For the third, I removed it
since no changes were listed anyway, and it represented a range of
releases rather than a single one.

The `auto-changelog.js` script has been updated to account for this new
format as well.

[1]: https://keepachangelog.com/en/1.0.0/
[2]: https://github.com/MetaMask/metamask-extension/releases

* Update the changelog when creating an RC (#10795)

The changelog will now be automatically updated when a release branch
is created. A new release header along with changelog entries for any
new commits will be added.

Note that this changelog will still need to be manually cleaned up, but
it's one less manual step at least.

The old Bash script for adding a new release header to the changelog
has been removed, as that functionality is now built into the changelog
update script.

A new script has been added to commit any changes made to the manifest
and changelog. This step used to happen at the end of the bump manifest
version script, but now the changelog update relies upon the manifest
version bump happening first, so it needed to be re-ordered. The
changes should only be committed on the first run of the branch, as
it's contingent upon the manifest changing (due to the version bump).
Further changelog updates won't trigger new automatic commits.

* Refactoring address-book.spec.js to use fixtures (#10804)

* Refactoring send-edit.spec.js to use fixtures (#10792)

* Fix _getPermittedAccounts type safety (#10819)

* Removing unnecessary params from withFixtures function call. (#10831)

* Add links to release headers (#10808)

Each release header now includes a link to the range of commits
included with that release. These links are at the end of the document,
in accordance with the "keep a changelog" [1] format.

For the purpose of this changelog, the "previous release" is the most
recent release mentioned in the changelogs. The diffs ignore any
releases that were omitted from the changelog. This is mainly an issue
with older releases, so it seemed acceptable. All releases have been
documented for a couple of years now, and will be going forward as
well.

The name of the "Current Develop Branch" section was changed to
"Unreleased" to confirm with "keep a changelog".

The `auto-changelog.js` script has been updated to update/add these
links whenever adding a new release header as well.

[1]: https://keepachangelog.com/en/1.0.0/

* Refactoring permissions.spec.js to use fixtures (#10829)

* Add validation for the `fee` property from the `/trades` API response (#10836)

* Refactoring signature-request.spec.js to use fixtures (#10820)

* use locator abstraction in tests folder (#10833)

* Move BSC chain ID, rename some BSC-related vars (#10807)

* Add categories to each changelog release (#10837)

Each changelog release now has category headers. The standard "keep a
changelog" [1] categories are used, along with the addition of
"Uncategorized" for any changes that have not yet been categorized.

The changelog script has been updated to add this "Uncategorized"
header if it isn't already present, and to place any new commits under
this header.

The changelog has been updated to property categorize each change in
recent releases, and to place changes in older releases under the
header "Uncategorized".

[1]: https://keepachangelog.com/en/1.0.0/

* Remove unused CI script (#10840)

This script has not been used since #10795. It is now gone.

* Add `--rc` flag to changelog script (#10839)

The changelog script now accepts an `--rc` flag to tell it whether to
add new changes to `Unreleased` or to the header for the current
version.

Previously this was inferred from whether the current version matched
the most recent tag. However this method only works for the first
update. Using a flag simplifies this logic, and makes it possible to
manually re-run this for further updates to a release candidate.

* Add `--help` flag to changelog script (#10846)

The changelog script now accepts a `--help` flag, which prints a help
text explaining how the script works and what each flag does.

* add abstraction for waitForSelector (#10844)

* Adds jest dependency (#10845)

* Add Jest

* Refactor changelog parsing and generation (#10847)

The `auto-changelog.js` script has been refactoring into various
different modules. This was done in preparation for migrating this to
a separate repository, where it can be used in our libraries as well.

Functionally this should act _mostly_ the same way, but there have been
some changes. It was difficult to make this a pure refactor because of
the strategy used to validate the changelog and ensure each addition
remained valid. Instead of being updated in-place, the changelog is now
parsed upfront and stored as a "Changelog" instance, which is a new
class that was written to allow only valid changes. The new changelog
is then stringified and completely overwrites the old one.

The parsing had to be much more strict, as any unanticipated content
would otherwise be erased unintentionally. This script now also
normalizes the formatting of the changelog (though the individual
change descriptions are still unformatted).

The changelog stringification now accommodates non-linear releases as
well. For example, you can now release v1.0.1 *after* v2.0.0, and it
will be listed in chronological order while also correctly constructing
the `compare` URLs for each release.

* Increase default slippage from 2% to 3%, show Advanced Options by default (#10842)

* Increase default slippage from 2% to 3%, show Advanced Options by default

* Disable opening / closing of Advanced Options on the Swap page

* Pre-select previously used slippage value when going back to the Swap page

* Fix lint issues

* Use a callback for setting up an initial customValue

* Migrate unreleased changes in changelog (#10853)

When updating the changelog for a release candidate, any unreleased
changes are now migrated to the release header.

Generally we don't make a habit of adding changes to the changelog
prior to creating a release candidate, but if any are there we
certainly don't want them duplicated.

* @metamask/eslint-config*@6.0.0 (#10858)

* @metamask/eslint-config*@6.0.0

* Minor eslintrc reorg

* Refactoring threebox.spec.js to use fixtures (#10849)

* Adjust renderWithProvider to accommodate redux-less components (#10857)

* Jest config (#10855)

* Setup jest config

* Adjust test for jest.

* Adjust lint config

* Omit swaps ui folder for unit testing

* Omit swaps from test:unit:lax

* Add jest.config.js to script files

* Restore mocks rather than clearing them.

* Update jest config and adjust lint to include subdirs

* Convert view-quote-price-difference test to jest

* Add jest ci and ci coverage scripts. Add jest unit test to general test command

* Add test coverage to ci

* Use --ignore flag

* Fixup

* Add @metamask/eslint-config-jest

* Update .eslintrc.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Adds jest-coverage/

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Add jest-coverage/ to prettierignore (#10865)

* Add jest coverage (#10868)

* Add jest coverage

This will add coverage for any tests ran in jest under the `test:coverage:jest` command, which is currently being used in CI. I set the values to the current test coverage in `ui/app/pages/swaps`.

* Lint

* Fix crash when adding new changelog release header (#10870)

The `auto-changelog.js` script crashes when trying to add a new release
header. This bug was introduced in #10847. The cause was a simple
misnamed parameter.

* Change caching for Swaps APIs from 1 hour to 5 minutes (#10871)

* Change caching for the /tokens API from 1 hour to 5 minutes

* Use 5 minutes caching for /topAssets and /aggregatorMetadata APIs as well

* add key literals to driver (#10854)

* Quote globs in prettier scripts (#10867)

* use waitForSelector instead of until (#10852)

* complete abstraction of until method

* response to feedback

* Adding recovery phrase video to onboarding process (#10717)

* Adding recovery phrase video to onboarding process

Adding english subtitles

* Support textAlign in Box, converting sidebar to Box

* Reduce calls of the `/featureFlag` API (#10859)

* Remove periodic calls to the /featureFlag API

* Always show the Swap button on the main page

* Check if the Swaps feature is enabled, show loading animation while waiting

* Reuse an existing useEffect call

* Use ‘isFeatureFlagLoaded’ in React’s state, resolve lint issues

* Add a watch mode for Jest testing

* Add unit tests for Swaps: fetchSwapsLiveness, add /ducks/swaps into Jest testing

* Remove Swaps Jest tests from Mocha’s ESLint rules

* Ignore Swaps Jest tests while running Mocha, update paths

* Increase test coverage to the current max

* Fix ESLint issues for Swaps

* Enable the Swaps feature by default and after state reset, remove loading screen before seeing Swaps

* Update Jest config, fix tests

* Update Jest coverage threshold to the current maximum

* Update ESLint rule in jest.config.js

* Disable the “Review Swap” button if the feature flag hasn’t loaded yet

* Update jest threshold

* Fix 10036 - Prevent odd localStorage migration error in Firefox (#10884)

* Add jest watch mode script (#10869)

* Refactoring metamask-responsive-ui.spec.js to use fixtures  (#10866)

* Handling infura blockage (#10883)

* Handling infura blockage

* Adding blockage home notification

* Updating copy, adding temporary notification dismissal

* Addressing review feedback

* Using eth_blockNumber method to check Infura availability

* Handling network changes in availability check

* Use jest to run ui/**/*.test.js (#10885)

* upgrade ethereumjs util (#10886)

* Swaps: Show a network name dynamically in a tooltip (#10882)

* Swaps: Show a network name dynamically in a tooltip

* Replace “Ethereum” with “$1”, change “Test” to “Testnet”

* Replace 이더리움 with $1

* Translate network names, use ‘Ethereum’ by default if a translation is not available yet

* Reorder messages to resolve ESLint issues

* Add a snapshot test for the FeeCard component, increase Jest threshold

* Enable snapshot testing into external .snap files in ESLint

* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value

* Throw an error if chain ID is not supported by the Swaps feature

* Use string literals when calling the `t` fn,

* Adding option to set Custom Nonce to Confirm Approve Page (#10595)

* Dep Upgrades for Lavamoat Patches (#10902)

* dep upgrades

* apply more patches

* Dep upgrades and patches (#10903)

* apply patches

* lavamoat dep upgrades

* remove lavamoat browserify

* Increase Jest unit test coverage for the Swaps feature to ~25% (#10900)

* Swaps: Show a network name dynamically in a tooltip

* Replace “Ethereum” with “$1”, change “Test” to “Testnet”

* Replace 이더리움 with $1

* Translate network names, use ‘Ethereum’ by default if a translation is not available yet

* Reorder messages to resolve ESLint issues

* Add a snapshot test for the FeeCard component, increase Jest threshold

* Enable snapshot testing into external .snap files in ESLint

* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value

* Throw an error if chain ID is not supported by the Swaps feature

* Use string literals when calling the `t` fn,

* Watch Jest tests silently (no React warnings in terminal, only errors)

* Add @testing-library/jest-dom, import it before running Jest tests

* Add snapshot testing of Swaps’ React components for happy paths, increase minimum threshold for Jest

* Add the test/jest folder for Jest setup and shared functions, use it in Swaps Jest tests

* Fix ESLint issues, update linting config

* Enable ESLint for .snap files (Jest snapshots), throw an error if a snapshot is bigger than 50 lines

* Don’t run lint:fix for .snap files

* Move `createProps` outside of `describe` blocks, move store creation inside tests

* Use translations instead of keys, update a rendering function to load translations

* Make sure all Jest snapshots are shorter than 50 lines (default limit)

* Add / update props for Swaps tests

* Fix React warnings when running tests for Swaps

* Bump @metamask/contract-metadata from 1.23.0 to 1.25.0 (#10899)

Bumps [@metamask/contract-metadata](https://github.com/MetaMask/contract-metadata) from 1.23.0 to 1.25.0.
- [Release notes](https://github.com/MetaMask/contract-metadata/releases)
- [Commits](https://github.com/MetaMask/contract-metadata/compare/v1.23.0...v1.25.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Refactoring from-import-ui.spec.js to use fixtures (#10907)

* Fix 10458 - Understand where to get support (#10895)

* Add contract address validation for token swaps (#10912)

* Fixing ENS input entry in send flow (#10923)

* Fixing ENS input entry in send flow

Fixes MetaMask/metamask-extension#10691

* removed unnecessary apostrophe

* Refactoring incremental-security.spec.js to use fixtures (#10917)

* use one segment instance (#10915)

* Implement Ledger Live bridge (#10293)

* add view account-details menu item to token-options menu (#10932)

* add view account-details menu item to token-options menu

* add onViewAccountDetails propType

* Fix 10609 - Prevent overflow of confirmation page hostname (#10935)

* upgrade eth-keyring-controller (#10933)

* [Fix] 10365 My Accounts Removal (#10680)

* pushing my-accounts removal

* removed CONTACT_MY_ACCOUNTS_ROUTE

* removed CONTACT_MY_ACCOUNTS_VIEW_ROUTE

* removing CONTACT_MY_ACCOUNTS_EDIT_ROUTE

* removing CONTACT_MY_ACCOUNTS_EDIT_ROUTE

* removed showingMyAccounts dead code

* removed more dead code related to isMyAccountsPage

* removing more dead code

* fixed linting error(s)

* removing my-accounts component/folder

* added empty contact screen ui

* styled empty contact page ui

* fixed linting, removed add contacts button, and fixed errors

* localized text and centered No Contacts

* pushing localized verification and fixed e2e test

* added listRoute redirect

* added listroute and fixed linting error

* Increase Jest unit test coverage for the Swaps feature to ~43% (#10934)

* add hamburger menu to eth page (#10938)

* add hamburger menu to eth page

* change token-options to asset-options, use more direct selector for user address fetch

* use token custom icons where possible (#10939)

* Whats new popup (#10583)

* Add 'What's New' notification popup

* Move selectors from shared/notifications into ui/ directory

* Use keys for localized message in whats new notifications objects, to ensure notifications will be translated.

* Remove unused swaps intro popup locale messages

* Fix keys of whats new notification locales

* Remove notifications messages and descriptions from comment in shared/notifications

* Move notifcationActionFunctions to shared/notifications and make it stateless

* Get notification data from constants instead of state in whats-new-popup

* Code cleanup

* Fix build quote reference to swapsEthToken, broken during rebase

* Rename notificationFilters to notificationToExclude to clarify its purpose

* Documentation for getSortedNotificationsToShow

* Move notification action functions from shared/ to whats-new-popup.js

* Stop setting swapsWelcomeMessageHasBeenShown to state in app-state controller

* Update e2e tests for whats new popup changes

* Updating migration files

* Addressing feedback part 1

* Addressing feedback part 2

* Remove unnecessary div in whats-new-popup

* Change getNotificationsToExclude to getNotificationsToInclude for use in the getSortedNotificationsToShow selector

* Delete intro-popup directory and test files

* Lint fix

* Add notifiction state to address-entry fixture

* Use two separate functions for rendering first and subsequent notifications in the whats-new-popup

* Ensure that string literals are passed to t for whats new popup text

* Update import-ui fixtures to include notificaiton controller state

* Remove unnecessary, accidental change confirm-approve

* Remove swaps notification in favour of mobile swaps as first notifcation and TBD 3rd notification

* Update whats-new-popup to use intersection observer api to detect if notification has been seen

* Add notifications to send-edit and threebox e2e test fixtures

* Update ui/app/selectors/selectors.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update ui/app/selectors/selectors.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Clean up locale code for whats-new-popup notifications

* Disconnect observers in whats-new-popup when their callback is first called

* Add test case for migration 58 for when the AppStateController does not exist

* Rename popover components containerRef to popoverWrapRef

* Fix messages.json

* Update notification messages and images

* Rename popoverWrapRef -> popoverRef in whats-new-popup and popover.component

* Only create one observer, and only after images have loaded, in whats-new-popup

* Set width and height on whats-new-popup image, instead of setting state on img load

* Update ui/app/components/app/whats-new-popup/whats-new-popup.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Code clean up in whats new popup re: notification rendering and action functions

* Code cleanup in render notification functions of whats-new-popup

* Update ui/app/components/app/whats-new-popup/whats-new-popup.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* lint fix

* Update and localize  notification dates

* Clean up date code in shred/notifications/index.js

Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Revert "Implement Ledger Live bridge (#10293)"

This reverts commit 15b596ad15.

* Version v9.5.0

* Update changelog for v9.5.0

* yarn allow-scripts and yarn lavamoat:auto for Version-v9.5.0 branch

* Anchor the Need Help text to the bottom of the expanded page (#10955)

* fix transaction sync logic (#10954)

* Add backwards compatibility for ETH <-> WETH contract address validation (#10962)

* Whats new popup design fixes (#10964)

* Remove padding on QR code image

* Allow the qr code to be below the description in the whats new popup

* Fix size and position of QR code in whats new notification

* Add right caret to action links in whats new popup

* Clean up placeImageBelowDescription logic

* Fix display of whats-new-popup image

* Improve spacing and sizing of whats new popup in both full screen and popup view

* refactor

* Ensure method of adding contact when contacts exist (#10963)

* Fixing alignment issue with bottom notification (#10979)

* Revert "Adding recovery phrase video to onboarding process (#10717)"

This reverts commit 9e918b6026.

* Removing recovery video entry from changelog

* Remove tests that are only needed for the commit reverted in 68c5defc

* Fix dependency vulnerability by upgrading xmlhttprequest-ssl via yarn.lock (#10990)

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Barry Gitarts <bgitarts@gmail.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Niranjana Binoy <43930900+NiranjanaBinoy@users.noreply.github.com>
Co-authored-by: Shane <jonas.shane@gmail.com>
Co-authored-by: gitpurva <47534619+gitpurva@users.noreply.github.com>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Etienne Dusseault <etienne.dusseault@gmail.com>
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Grant Bakker <grant@bakker.pw>
Co-authored-by: Michael Standen <screaminghawk@gmail.com>
Co-authored-by: Muhammet Kara <mrkara@users.noreply.github.com>
Co-authored-by: Daniel <80175477+dan437@users.noreply.github.com>
Co-authored-by: Thomas Huang <tmashuang@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas <thomas.b.huang@gmail.com>
Co-authored-by: Alex Donesky <alex.donesky@consensys.net>
Co-authored-by: Austin Akers <austin.akers5@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2021-05-05 11:08:59 -07:00
Dan J Miller
838fe95753
Fix dependency vulnerability by upgrading xmlhttprequest-ssl via yarn.lock (#10990) 2021-05-05 12:02:41 -02:30
Brad Decker
09d81ac5f2
remove the ui/app and ui/lib folders (#10911) 2021-04-28 14:53:59 -05:00
Daniel
37159a58e1
Increase Jest unit test coverage for the Swaps feature to ~43% (#10934) 2021-04-27 15:16:17 -05:00
Brad Decker
cbce07e983
upgrade eth-keyring-controller (#10933) 2021-04-27 12:03:58 -05:00
David Walsh
15b596ad15
Implement Ledger Live bridge (#10293) 2021-04-26 13:05:48 -05:00
Niranjana Binoy
d97a9e8acc
Refactoring incremental-security.spec.js to use fixtures (#10917) 2021-04-26 11:02:29 -04:00
Daniel
fbbdaf04ed
Increase Jest unit test coverage for the Swaps feature to ~25% (#10900)
* Swaps: Show a network name dynamically in a tooltip

* Replace “Ethereum” with “$1”, change “Test” to “Testnet”

* Replace 이더리움 with $1

* Translate network names, use ‘Ethereum’ by default if a translation is not available yet

* Reorder messages to resolve ESLint issues

* Add a snapshot test for the FeeCard component, increase Jest threshold

* Enable snapshot testing into external .snap files in ESLint

* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value

* Throw an error if chain ID is not supported by the Swaps feature

* Use string literals when calling the `t` fn,

* Watch Jest tests silently (no React warnings in terminal, only errors)

* Add @testing-library/jest-dom, import it before running Jest tests

* Add snapshot testing of Swaps’ React components for happy paths, increase minimum threshold for Jest

* Add the test/jest folder for Jest setup and shared functions, use it in Swaps Jest tests

* Fix ESLint issues, update linting config

* Enable ESLint for .snap files (Jest snapshots), throw an error if a snapshot is bigger than 50 lines

* Don’t run lint:fix for .snap files

* Move `createProps` outside of `describe` blocks, move store creation inside tests

* Use translations instead of keys, update a rendering function to load translations

* Make sure all Jest snapshots are shorter than 50 lines (default limit)

* Add / update props for Swaps tests

* Fix React warnings when running tests for Swaps
2021-04-21 12:34:35 -07:00
Etienne Dusseault
d01bc9bb51
Dep upgrades and patches (#10903)
* apply patches

* lavamoat dep upgrades

* remove lavamoat browserify
2021-04-20 13:39:49 +08:00
Etienne Dusseault
1baa94d1ab
Dep Upgrades for Lavamoat Patches (#10902)
* dep upgrades

* apply more patches
2021-04-20 11:37:21 +08:00
Brad Decker
d1f8171877
upgrade ethereumjs util (#10886) 2021-04-16 10:05:13 -05:00
Thomas Huang
b99c4fb5cf
Use jest to run ui/**/*.test.js (#10885) 2021-04-15 11:01:46 -07:00
Daniel
e7d7d24d83
Reduce calls of the /featureFlag API (#10859)
* Remove periodic calls to the /featureFlag API

* Always show the Swap button on the main page

* Check if the Swaps feature is enabled, show loading animation while waiting

* Reuse an existing useEffect call

* Use ‘isFeatureFlagLoaded’ in React’s state, resolve lint issues

* Add a watch mode for Jest testing

* Add unit tests for Swaps: fetchSwapsLiveness, add /ducks/swaps into Jest testing

* Remove Swaps Jest tests from Mocha’s ESLint rules

* Ignore Swaps Jest tests while running Mocha, update paths

* Increase test coverage to the current max

* Fix ESLint issues for Swaps

* Enable the Swaps feature by default and after state reset, remove loading screen before seeing Swaps

* Update Jest config, fix tests

* Update Jest coverage threshold to the current maximum

* Update ESLint rule in jest.config.js

* Disable the “Review Swap” button if the feature flag hasn’t loaded yet

* Update jest threshold
2021-04-14 04:46:27 -02:30
Erik Marks
7fb4e09e6f
Quote globs in prettier scripts (#10867) 2021-04-13 10:40:19 -07:00
Thomas Huang
253efc6f8c
Jest config (#10855)
* Setup jest config

* Adjust test for jest.

* Adjust lint config

* Omit swaps ui folder for unit testing

* Omit swaps from test:unit:lax

* Add jest.config.js to script files

* Restore mocks rather than clearing them.

* Update jest config and adjust lint to include subdirs

* Convert view-quote-price-difference test to jest

* Add jest ci and ci coverage scripts. Add jest unit test to general test command

* Add test coverage to ci

* Use --ignore flag

* Fixup

* Add @metamask/eslint-config-jest

* Update .eslintrc.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Adds jest-coverage/

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-04-09 10:20:32 -07:00
Erik Marks
e18deda0da
@metamask/eslint-config*@6.0.0 (#10858)
* @metamask/eslint-config*@6.0.0

* Minor eslintrc reorg
2021-04-08 14:34:55 -07:00
Mark Stacey
312f2afc41
Refactor changelog parsing and generation (#10847)
The `auto-changelog.js` script has been refactoring into various
different modules. This was done in preparation for migrating this to
a separate repository, where it can be used in our libraries as well.

Functionally this should act _mostly_ the same way, but there have been
some changes. It was difficult to make this a pure refactor because of
the strategy used to validate the changelog and ensure each addition
remained valid. Instead of being updated in-place, the changelog is now
parsed upfront and stored as a "Changelog" instance, which is a new
class that was written to allow only valid changes. The new changelog
is then stringified and completely overwrites the old one.

The parsing had to be much more strict, as any unanticipated content
would otherwise be erased unintentionally. This script now also
normalizes the formatting of the changelog (though the individual
change descriptions are still unformatted).

The changelog stringification now accommodates non-linear releases as
well. For example, you can now release v1.0.1 *after* v2.0.0, and it
will be listed in chronological order while also correctly constructing
the `compare` URLs for each release.
2021-04-08 16:14:30 -02:30
Thomas Huang
c339f28ce8
Adds jest dependency (#10845)
* Add Jest
2021-04-08 10:25:05 -07:00
Brad Decker
9079fb87ec
add abstraction for waitForSelector (#10844) 2021-04-08 10:41:23 -05:00
MetaMask Bot
14b5c389ed
Version v9.3.0 RC (#10739)
* Replace logic for eth swap token in fetchQuotesAndSetQuoteState with getSwapsEthToken call (#10624)

* Move swaps constants to the shared constants directory (#10614)

* Fix: ETH 'token' now only appears once in the swaps to and from dropdowns. (#10650)

* Swaps support for local testnet (#10658)

* Swaps support for local testnet

* Create util method for comparison of token addresses/symbols to default swaps token

* Get chainId from txMeta in _trackSwapsMetrics of transaction controller

* Add comment to document purpose of getTransactionGroupRecipientAddressFilter

* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js

* Additional swaps network support (#10721)

* Add swaps support for bnc chain

* Use single default token address in shared/constants/swaps

* Ensure swaps gas prices are fetched from the correct chain specific endpoint (#10744)

* Ensure swaps gas prices are fetched from the correct chain specific endpoint

* Just rely on fetchWithCache to cache swaps gas prices, instead of directly using storage in getSwapsPriceEstimatesLastRetrieved

* Empty commit

* update @metamask/etherscan-link to v2.0.0 (#10747)

* Use correct block explorer name and link in swaps when on custom network (#10743)

* Use correct block explorer name and link in swaps when on custom network.

* Fix up custom etherscan link code in build-quote.js

* Use blockExplorerUrl hostname instead of 'blockExplorerBaseUrl'

* Use correct etherscan-link method for token links in build-quote

* Create correct token link in build-quote for mainnet AND custom networks

* Block explorer url improvements in awaiting-swap.js and build-quote.js

* Use swapVerifyTokenExplanation message with substitutable block explorer for all applicable locales

* Ensure that block explorer links are not shown in awaiting-swap if no url is available

* Ensure that the correct default currency symbols are used for fees on the view quote screen (#10753)

* Updating y18n and netmask to resolve dependency issues (#10765)

netmask@1.0.6 -> 2.0.1, y18n@3.2.1 -> 3.2.2, y18n@4.0.0 -> 4.0.1

* Ensure that priceSlippage fiat amounts are always shown in view-quote.js (#10762)

* Ensure that the approval fee in the swaps custom gas modal is in network specific currency (#10763)

* Use network specific swaps contract address when checking swap contract token approval (#10774)

* Set the BSC_CONTRACT_ADDRESS to lowercase (#10800)

* Ensure correct primary currency image is displayed on home screen and token list (#10777)

* [skip e2e] Update changelog for v9.3.0 (#10740)

* Version v9.3.0

* [skip e2e] Update changelog for v9.3.0 (#10803)

Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2021-04-02 17:00:57 -02:30
Brad Decker
f5c89843b1
remove node-sass dependency (#10797) 2021-04-02 11:57:05 -02:30
Brad Decker
1e44c34e1e
upgrade eslint deps (#10789) 2021-04-01 13:44:42 -05:00
Mark Stacey
b1dcbcec2c
Rewrite changelog script from Bash to JavaScript (#10782)
The `auto-changelog` script has been rewritten from Bash to JavaScript.
Functionally it should behave identically.
2021-03-31 14:15:53 -02:30
Brad Decker
d5bfce3243
eslint perf improvement (#10775) 2021-03-31 10:19:20 -05:00
Brad Decker
95fbf92cc5
cache lint results for faster repeat execution (#10773) 2021-03-31 10:19:03 -05:00
ryanml
e0b7d08ffb
Updating y18n and netmask to resolve dependency issues (#10765)
netmask@1.0.6 -> 2.0.1, y18n@3.2.1 -> 3.2.2, y18n@4.0.0 -> 4.0.1
2021-03-29 22:47:56 -07:00
Dan J Miller
254164aec4
update @metamask/etherscan-link to v2.0.0 (#10747) 2021-03-28 12:32:43 -02:30
Erik Marks
6d1add7afe
eth-block-tracker@5.0.1 (#10737) 2021-03-26 10:03:44 -07:00
Etienne Dusseault
8fc2c3272a
security - update SES lockdown (#10663)
* update ses

* build - reference ses directly

* deps - unify regenerator-runtime versions on 0.13.7

* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411

* patches - patch regenerator-runtime for latest ses fix

* reduc patch, new lockdown severe override taming

* updated redux patch

* update redux patch for production

* ignore lockdown in lint

* deps - bump patch-package just in case

* trailing comma

* remove ses as dep

* fix path for frozen promise

* remove js extension in lockdown require

* Revert "ignore lockdown in lint"

This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.

* Revert "build - reference ses directly"

This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.

* deps - update ses

* Revert "fix path for frozen promise"

This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.

Co-authored-by: kumavis <aaron@kumavis.me>
2021-03-26 12:27:25 +08:00
kumavis
715f699ed9
build - refactor build system for easier configuration (#10718)
* build - refactor build system for easier configuration of before and after bundle

* build - fix dependenciesToBundle option

* build - fix bify external options and other config

* build - refactor for cleanliness

* build - fix minify argument

* build - fix sourcemaps setup

* scripts - refactor setupBundlerDefaults in anticipation of factor bundles

* build - scripts - remove unused pipeline label

* build - scripts - make filepath entry optional

* build - scripts - rename filepath and filename options to entryFilepath and destFilepath

* Update development/build/scripts.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-26 12:26:19 +08:00
kumavis
d169f151cd ci - cache deps before patch-package (#10735)
* ci - cache deps before patch-package

* ci - bump dep cache number (cache break)
2021-03-26 01:54:25 -02:30
kumavis
b668a90303
ci - cache deps before patch-package (#10735)
* ci - cache deps before patch-package

* ci - bump dep cache number (cache break)
2021-03-26 11:55:03 +08:00
Dan J Miller
9573aa7515
Update @metamask/controllers to v6.2.1 (#10701) 2021-03-25 17:37:52 -02:30
kumavis
ff86465a24
deps - remove "remotedev-server" (#10687)
* deps - remove remotedev-server

* Remove stale references from allow-scripts config

Any packages that are no longer in the dependency tree have been
removed from the `allow-scripts` config.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-22 15:32:25 -02:30
Shane
b50fe3184a
fix: replace dnode background with JSON-RPC (#10627)
fixes #10090
2021-03-18 11:23:46 -07:00
Mark Stacey
1c573ef852
Improve specificity of test:unit:lax npm script (#10661)
The unit test npm script `test:unit:lax` is now more specific about
which tests files to exclude. An `--ignore` CLI option is used to
specify the files to ignore, rather than using the braces glob syntax
to ignore them from the target glob itself.

This makes the option easier to update going forward as we move more
tests into the "strict" group, because the options are exactly the same
between the two scripts. It also ensures we don't accidentally exclude
other subdirectories that happen to also be named `permissions`.

In trying to implement this, I stumbled at first because mocha expects
the ignore pattern to be a relative path if the target is a relative
path (i.e. they need to both start with `./` or neither). The script
`test:unit:strict` has been updated to use a relative target pattern
for consistency.
2021-03-17 10:50:59 -02:30
Brad Decker
5a233e4634
colocate tests in flat structure (#10655) 2021-03-16 16:00:08 -05:00
Erik Marks
a29fc51838
Ensure permission log will only store JSON-able data (#10524) 2021-03-10 11:50:06 -08:00
Mark Stacey
df9b4f933a Revert "add fsevents entry from allow-scripts for mac os x (#10605)"
This reverts commit 59f516ade2.
2021-03-10 15:37:18 -03:30
Brad Decker
38fe75b7d9
prefer chainId when building block explorer urls (#10587) 2021-03-09 15:37:19 -06:00
David Walsh
92680cf56f
Add support for multiple Ledger & Trezor hardware accounts (#10505) 2021-03-09 14:39:16 -06:00
Thomas Huang
3ba91df387
Unifies unit tests filename suffix to .test.js (#10607)
* Unifies the filename suffix to .test.js

* Display @babel/no-invalid-this rule for tx-controller.test.js

* Add test file extension to test:unit:global
2021-03-09 11:08:06 -08:00
Brad Decker
59f516ade2
add fsevents entry from allow-scripts for mac os x (#10605) 2021-03-08 15:53:06 -06:00
Brad Decker
80266cf33c
update @metamask/etherscan-link to v1.5.0 (#10603) 2021-03-08 13:52:24 -06:00
Mark Stacey
a09dab4f6b
Update elliptic to v6.5.4 to address security advisory (#10602)
The `elliptic` package has been updated to v6.5.4 to address a security
advisory regarding a vulnerability in v6.5.3. We are not affected by
this vulnerability to the best of our knowledge. This is just to stay
on the safe side, and fix our audit check.
2021-03-08 14:25:06 -03:30
Mark Stacey
83371dff3e
Update @lavamoat/allow-scripts to v1.0.4 (#10599)
This patch update fixes an install issue encountered when trying to
update `eth-trezor-keyring` from v0.5.2 to v0.6.0.
2021-03-05 14:38:01 -03:30
Etienne Dusseault
3128d183e1
make lavamoat optional for dev mode (#10538) 2021-03-03 15:52:42 +08:00
ryanml
b74b70df2a
Resolving pull-ws to v3.3.2 (#10543) 2021-03-02 10:34:58 +08:00
ty
b04120dd0f
Warn users when an ENS name contains 'confusable' characters (#9187)
* Add warning system for 'confusable' ENS names (#9129)

Uses unicode.org's TR39 confusables.txt to display a warning when
'confusable' unicode points are detected.

Currently only the `AddRecipient` component has been updated, but the new
`Confusable` component could be used elsewhere

The new `unicode-confusables` dependency adds close to 100KB to the
bundle size, and around 30KB when gzipped.

Adds 'tag' prop to the tooltop-v2 component

Use $Red-500 for confusable ens warning

Lint Tooltip component

Update copy for confusing ENS domain warning.

* Fix prop type

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-02-27 01:56:04 -03:30
Mark Stacey
59058b2f73
Fix ganache:start npm script (#10515)
This script was accidentally broken in #10499, which added the `.sh`
file extension to all Bash scripts. I forgot to update the
`ganache:start` script to use the new file extension.
2021-02-24 18:02:29 -03:30
Mark Stacey
681db78ff8
Add CI check to ensure LavaMoat policy is updated (#10493)
A CI job has been added to ensure the `allow-scripts` config and the
LavaMoat auto-generated policy is up-to-date. This will only run on
release branches and the `master` branch, because it's too difficult a
requirement to meet for each PR for contributors on macOS, due to
differences in the dependency graph caused by optional dependencies.

The `allow-scripts` and LavaMoat policy have both been updated using
`yarn allow-scripts auto` and `yarn lavamoat:auto`.
2021-02-24 12:22:28 -03:30
Brad Decker
aabe653240
Add Custom Network UI (#10310) 2021-02-22 10:20:42 -06:00
Etienne Dusseault
f196c9feb8
Add Lavamoat to build system (#9939)
* lavamoat - run build system in lavamoat

* lavamoat/allow-scripts - add missing policy entry

* update viz and lavvamoat

* trim policy file

* bump viz

* prue policy override

* regen policy file

* Update package.json

* Update package.json

* Apply suggestions from code review

Co-authored-by: kumavis <kumavis@users.noreply.github.com>

* update policy, remove redundant patches

* use yarn setup in CI

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-22 22:43:29 +08:00
David Walsh
3d579dfcef
Remove react-select and SimpleDropdown, use Dropdown (#10468) 2021-02-19 13:03:44 -06:00
Austin Akers
2122b8cf16
Hide links to etherscan when no block explorer is specified for a custom network (#10455)
Conditionally render view on Etherscan text if it's a custom network

Fixes: #5631
2021-02-17 09:45:30 -03:30
Mark Stacey
8a76dcc18a
Remove gulp-imagemin (#10435)
This package hasn't been used since #8140, which dropped it for being
too slow and of minimal benefit.

We should consider re-adding this as a CI check to ensure images are
optimized, but I don't think it should be re-added to the build process
itself.
2021-02-15 11:50:01 -03:30
Mark Stacey
932794a5dd
Remove gulp-babel package (#10437)
This has not been used in some time. The last import was removed in
the PR #4712
2021-02-15 11:03:51 -03:30
Mark Stacey
cbf375a6a2
Remove gulp-debug (#10436)
This dependency was added in #3781, but appears to have never actually
been used.
2021-02-13 17:05:34 -03:30
Mark Stacey
bc5a136af1
Remove unused react-test-renderer (#10431)
This package seems to have always been unused. I suspect it was added
years ago by mistake.
2021-02-13 17:03:13 -03:30
Mark Stacey
50c3b06563
Remove chai (#10440)
We don't seem to use chai assertions anywhere anymore. I'm unsure when
the last was removed.
2021-02-12 18:53:47 -03:30
Mark Stacey
eb879a7930
Remove deps-dump dependency (#10438)
This dependency was used in the Sesify bundle build task, which was
removed in #9514.
2021-02-12 18:11:37 -03:30
Mark Stacey
03562ff711
Remove file-loader package (#10439)
This dependency has not been used since #8249.
2021-02-12 17:50:31 -03:30
Mark Stacey
ff909d724e
Remove browserify-derequire (#10441)
This was used for the Sesify build, which was removed in #9514
2021-02-12 17:50:16 -03:30
Mark Stacey
d9e393f827
Remove babel-loader (#10442)
This dependency was added to get Storybook working, but since then it
has been made a direct dependency of Storybook. We no longer use it
directly, and we don't need it in our dependencies.
2021-02-12 17:49:56 -03:30
Mark Stacey
81ef9330c7
Remove multihashes (#10443)
This dependency was used in our IPFS ENS resolver, but it has not been
used directly since #6402.
2021-02-12 17:49:32 -03:30
Mark Stacey
036e1cf8ce
Remove regenerator-runtime (#10430)
This package was added as a devDependency to address a peerDependency
warning when installing Storybook v5.3.14. We're now using Storybook
v6, which doesn't list this as a peerDependency.
2021-02-12 14:20:12 -03:30
Mark Stacey
a9a6614290
Remove gulp-replace (#10432)
This package has not been used since #4712.
2021-02-12 14:19:43 -03:30
Mark Stacey
906324cb5e
Remove gulp-multi-process (#10434)
This package has not been used since #8140. We now spawn separate
processes directly in our build script rather than using this gulp
plugin to do so.
2021-02-12 14:16:25 -03:30
Mark Stacey
b9a3d3442f
Update react-devtools (#10429)
This update includes various improvements and bug fixes.
2021-02-12 14:06:43 -03:30
Mark Stacey
aadb8ac0ac
Fix start:dev script (#10399)
The `start:dev` script relies upon `electron` and `sqlite`, both of
which had their install scripts disabled by `allow-scripts`. Without
those two packages, `start:dev` crashes immediately.

The manifest has been updated to ensure install scripts run for both
packages. `start:dev` now works.
2021-02-08 12:36:32 -03:30
kumavis
1e086aeb06
storybook/i18n - add i18n party button (#10382) 2021-02-08 23:45:06 +08:00
Mark Stacey
9dc88397dc
Update @metamask/inpage-provider from v8.0.3 to v8.0.4 (#10378)
Fixes #10356

There was a bug in the inpage provider that would mistakenly report
usage of our injected `web3` instance when the `web3.currentProvider`
property was accessed. This was fixed in v8.0.4 of
`@metamask/inpage-provider`.
2021-02-08 20:41:39 +08:00
kumavis
b0215738a2
storybook - i18n toolbar (#10381)
* storybook - i18n toolbar

* lint fix
2021-02-06 10:28:54 +08:00
kumavis
6a6b27a04d
"yarn setup" - the new way to install your deps (#10379)
* deps - run "yarn setup" to install deps

* doc - add "yarn setup" to local dev instructions
2021-02-05 12:11:45 -03:30
Erik Marks
2d777c9178
Update allow-scripts config (#10375) 2021-02-04 10:41:21 -08:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
kumavis
efd280172f
ci - run storybook and add to build-artifacts (#10360)
* ci - run storybook and add to build-artifacts

* ci/storybook - rename storybook build path and fix artifact upload

* ci/storybook - rename link text

* clean - remove accidently committed storybook build dir

* storybook - fix image path to relative (#10364)
2021-02-04 22:30:22 +08:00
kumavis
b2d40f4e3a
deps - bump allow-scripts (#10370) 2021-02-04 09:39:45 -03:30
Etienne Dusseault
fc409a103b
Add .yarnrc to disable scripts (#10354)
* add yarn rc file to disable scripts

* remove ignore scripts in CI

* re-add entry

* add lavamoat preinstall always fail

* allow-scripts - add missing package to denylist

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
2021-02-03 21:53:12 -03:30
kumavis
b98cef16af
Update to Node v14 (#9514)
* manual rebase against develop

* Update .nvmrc
2021-02-03 13:45:38 +08:00
Etienne Dusseault
6b34fb4184
Use @lavamoat/allow-scripts (#10009)
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false

Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-02-01 20:08:42 -08:00
Erik Marks
bd57705b5f
@metamask/contract-metadata@1.22.0 (#10285) 2021-01-25 12:17:01 -08:00
David Walsh
9b4715cc8f
Update postMessage structure for TrezorConnect 8 (#10192) 2021-01-21 11:12:54 -06:00
Mark Stacey
6de41a1cf6
Update @reduxjs/toolkit from v1.3.2 to v1.5.0 (#10228)
The changes made between v1.3.2 and v1.5.0 of `@reduxjs/toolkit` don't
appear to affect us at all. They mostly consist of feature additions
and bug fixes for edge cases we haven't encountered.[1]

The one change that is technically breaking is that v8 of `immer` now
freezes state objects in production rather than just in development.
That would only be breaking if we were mutating Redux state though,
which we aren't doing in the few Redux slices in which we use
`@reduxjs/toolkit`. Even if we were, we would have noticed that it
broke in development already.

[1]: https://github.com/reduxjs/redux-toolkit/releases
2021-01-21 10:04:03 -03:30
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
118281b9a9
@metamask/inpage-provider@8.0.3 (#10219)
Restores the provider `data` event.
2021-01-20 10:42:59 -08:00
Brad Decker
acbe38c260
use dart sass, and update related modules (#10208) 2021-01-19 10:54:32 -06:00
Erik Marks
849a47afba
@metamask/inpage-provider@8.0.2 (#10178) 2021-01-12 14:22:22 -08:00
Erik Marks
d7c648db98
eth-method-registry@2.0.0 (#10169) 2021-01-11 08:27:51 -08:00
Erik Marks
6abb32f042
@metamask/contract-metadata@1.21.0 (#10142) 2021-01-05 11:08:23 -08:00
Brad Decker
7a65b33788
add module resolution for node-analytics/axios (#10139) 2021-01-04 17:44:16 -06:00
Erik Marks
2f6f8966bb
@metamask/contract-metadata@1.20.0 (#10116) 2020-12-21 12:07:32 -08:00
Mark Stacey
bba2b9646d
Update @metamask/controllers to v5.1.0 (#10096)
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.

I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.

This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
2020-12-17 12:06:29 -03:30
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
Mark Stacey
da1aae772b
Remove coveralls (#10063)
We don't look at coveralls very much. We might occasionally consult it
to see a report on our code coverage, but that report is already
generated entirely locally, and has been added to the MetaMask bot
comment in #10061.
2020-12-11 16:20:45 -03:30
Mark Stacey
4a5a2881d0
Update selenium-webdriver and geckodriver (#10057)
Update `geckodriver` to the latest version, and `selenium-webdriver`
to the second-most-recent version. Updates include various dependency
updates, bug fixes, and minor features. None of the updates seem to
directly affect us, aside from one new feature of `selenium-webdriver`
that updates the `installAddon` function to support `.zip` files, which
will be used in a subsequent PR.

`selenium-webdriver` was pinned one version behind latest because the
latest version caused our Chrome e2e tests to fail with a mysterious
error whenever `getAttribute` was called on a WebElement.
2020-12-11 12:03:20 -03:30
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Mark Stacey
d13aabde23
Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-08 15:08:31 -03:30
Dan J Miller
97d268c8ee
Remove use of ethgasstation; use metaswap /gasPrices api for gas price estimates (#9867)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates

* Remove references to ethgasstation

* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates

* Update ui/app/hooks/useTokenTracker.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

* Delete gas price chart

* Remove price chart css import

* Delete additional fee chart code

* Lint fix

* Delete more code no longer used after ethgasstation removal

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-12-02 19:55:19 -03:30
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Erik Marks
df209612d5
@metamask/etherscan-link@1.4.0 (#9970) 2020-12-02 08:59:04 -08:00
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00
Mark Stacey
cc1161a52a
Add metrics e2e test (#9784)
An e2e test has been added that uses the new mock Segment server to
verify that the three initial page metric events are sent correctly.

Using the mock Segment server requires a special build with this mock
Segment server hostname embedded, so a distinct job for building and
running this test was required. As such, it was left out of the
`run-all.sh` script.
2020-12-01 17:54:56 -03:30
Mark Stacey
429847a686
Update to @storybook/*@6 (#9956)
Our Storybook dependencies have been updated to v6.1.9, from v5. This
was done to address a security vulnerability in a transitive dependency
of these packages (`highlight.js`).

The primary changes required by this Storybook update were the change
in import path for the `withKnobs` hook, the change in background
config format, and the webpack configuration. Storybook seems to work
correctly.

The migration was guided by the Storybook changelog[1] and the
Storybook v6 migration guide[2].

There is one Storybook error remaining; it fails to load the Euclid
font. This is a pre-existing error though, so we can fix it in a later
PR.

The `yarn.lock` file was deduplicated in this PR as well, as it was
required to fix various install warnings that were introduced with this
update.

[1]: https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md
[2]: https://github.com/storybookjs/storybook/blob/next/MIGRATION.md
2020-11-30 16:40:46 -03:30
Niranjana Binoy
6a9c15d4a4
updating the version of extension-port-stream to latest (#9942) 2020-11-24 14:32:06 -05:00
David Walsh
bf65c979d2
Use async storage instead of localstorage (#9919) 2020-11-24 09:38:04 -06:00
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
Erik Marks
f8f3faf539
resolve-url-loader@3.1.2 (#9925) 2020-11-20 13:52:07 -08:00
Dan J Miller
a9fcf0ea86
Use getTokenTrackerLink for asset view etherscan link in token-asset.js (#9913) 2020-11-19 00:59:42 -03:30
Erik Marks
74839831c0
@metamask/controllers@4.2.0 (#9849) 2020-11-13 11:04:48 -08:00
Erik Marks
aa85533368
@metamask/controllers@4.0.2 (#9839) 2020-11-09 18:19:42 -08:00
Erik Marks
80834b775d
@metamask/controllers@4.0.0 (#9838) 2020-11-09 14:00:10 -08:00
Erik Marks
6aa6052318 eth-sig-util@3.0.0 2020-11-09 08:57:18 -08:00
David Walsh
dcd2927f03
Update etherscan-link to 1.2.0 (#9789) 2020-11-04 17:05:38 -06:00
Erik Marks
a6f676764f @metamask/test-dapp@4.0.1 2020-11-04 10:17:10 -08:00
Erik Marks
d2dc4a62c4 @metamask/test-dapp@4.0.0 2020-11-03 21:35:03 -08:00
Brad Decker
3c171de44c
potential fix for METAMASK-GKCN (#9768) 2020-11-03 11:58:22 -06:00
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
d0d7a3d01f
Remove redundant mocha command (#9738)
The command `mocha` was included twice in `test:unit:global`
accidentally. The second occurrence was interpreted as a filename, and
would result in the following warning:

`Warning: Cannot find any files matching pattern "mocha"`

The second instance has been removed, and the warning no longer
appears.
2020-10-28 05:03:05 -02:30
Mark Stacey
d1b4d29219
Update ganache-core and ganache-cli (#9725)
`ganache-core` and `ganache-cli` have been updated to the latest
published versions.

Two Yarn resolutions have been made unnecessary by this update, so they
have been removed. They were added to update dependencies of
`ganache-core` to address security advisories. They have since been
updated in the latest `ganache-core` release.
2020-10-26 21:08:49 -02:30
Brad Decker
7d50357684
remove matomo and route to segment (#9646) 2020-10-26 14:05:57 -05:00
Erik Marks
bb2eed6a8d
@metamask/test-dapp@3.2.0 (#9707) 2020-10-23 20:59:49 -07:00
Etienne Dusseault
69d45ab46c
Add ses lockdown to build system (#9568)
* Add ses lockdown to build system using lavamoat-core

* use proper object.assign version

* disable lint rules for ses lockdown

* deps - update rtlcss

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-10-23 21:04:42 -02:30
Whymarrh Whitby
10227266f9
Fix node/no-unsupported-features/node-builtins issues (#9684)
Refs #9663

See [`node/no-unsupported-features/node-builtins`][1] for more information.

This change enables `node/no-unsupported-features/node-builtins` and fixes the issue
raised by the rule.

The `engines.node` version is updated to reflect the version specified by the `.nvmrc`
file and the version used by CircleCI:

```bash
$ cat .nvmrc
v10.18.1
```

```bash
$ docker run --rm -it circleci/node@sha256:e16740707de2ebed45c05d507f33ef204902349c7356d720610b5ec6a35d3d88 node --version
v10.18.1
```
2020-10-22 16:24:57 -02:30
Mark Stacey
7d0a7ab301
Update @metamask/eslint-config to v4.1.0 (#9663)
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.

Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.

Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
2020-10-21 14:01:03 -02:30
Ari Lotter
c3fafe311e
Spawn yarn processes in a cmd subshell on Windows (#9628)
On Windows, spawn fails if the exact filename
of a binary isn't passed. e.g. `spawn('yarn')` fails
because the binary is named `yarn.cmd`.
Instead, we depend on `cross-spawn` which handles differences
in `spawn` across platforms.
2020-10-20 01:37:23 -02:30
Mark Stacey
aae176537f
Update Sentry to the latest version. (#9597)
All three of our Sentry packages have been updated to the latest
versions. There appear to have been no breaking changes - just bug
fixes and new features.
2020-10-14 13:30:28 -02:30
Whymarrh Whitby
3353c33981
Use eth-contract-metadata@1.16.0 (#9540) 2020-10-09 13:07:23 -02:30
Whymarrh Whitby
e20cf61915
Fix Storybook build (#9526)
[skip e2e]
2020-10-08 15:33:30 -02:30
Dan J Miller
30d13422b5
Add MetaMask Swaps (#9482) 2020-10-06 15:58:38 -02:30
Whymarrh Whitby
8f3b81f67a
Use node-forge@0.10.0 (#9473)
This change updates `node-forge` to the latest published version, 0.10.0. This
update resolves a security advisory [1] brought in via our `3box` dependency.

  [1]:https://www.npmjs.com/advisories/1561
2020-10-01 16:37:07 -02:30
ricky
b00cd344d9
Use ethers to validate mnemonic during import (#9463) 2020-09-28 18:43:42 -02:30
Erik Marks
48e2880731
rpc-cap@3.2.0 (#9461) 2020-09-24 08:33:48 -07:00
Erik Marks
60d4b6aa41
@metamask/controllers@3.1.0 (#9460) 2020-09-23 13:24:24 -07:00
Mark Stacey
97b49b7614
Add prettier-plugin-sort-json (#9450)
JSON files are now sorted by key with `prettier`, using the plugin
`prettier-plugin-sort-json`. This does not affect `package.json`
because `prettier` uses a special parser for that file, as it has
a more restrictive format than JSON.
2020-09-23 12:21:42 -02:30
Erik Marks
3f2a7fd6ac
eth-json-rpc-filters@4.2.1 (#9452) 2020-09-22 21:55:59 -07:00
Erik Marks
242a5b3f23
eth-json-rpc-infura@5.1.0 (#9451) 2020-09-22 20:46:02 -07:00
Erik Marks
6b81da2a73
json-rpc-engine@5.3.0 (#9449) 2020-09-22 19:03:26 -07:00
Erik Marks
2eb8a9aca9
eth-json-rpc-middleware@6.0.0 (#9448) 2020-09-22 19:03:12 -07:00
Whymarrh Whitby
b83bca7223
Use eth-phishing-detect@1.1.14 (#9423) 2020-09-16 16:24:56 -02:30
Whymarrh Whitby
3b70cf64ec
Use @metamask/controllers@3.0.1 (#9416) 2020-09-16 14:34:28 -02:30
Whymarrh Whitby
34b3953815
Use eth-json-rpc-middleware@5.0.3 (#9405) 2020-09-14 19:17:29 -02:30
dependabot[bot]
b1665dedc6
Bump node-fetch from 2.6.0 to 2.6.1 (#9399)
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 15:45:42 -02:30
Brad Decker
8b24f624dd
add segment implementation of metametrics (#9382)
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-09-14 12:04:05 -05:00
Mark Stacey
9391eac670
Update @metamask/eth-token-tracker from v3.0.0 to v3.0.1 (#9398)
`v3.0.1` of `@metamask/eth-token-tracker` fixes how token balances are
displayed when they are between 1 and 0.1. See here for more details:
https://github.com/MetaMask/eth-token-tracker/pull/47
2020-09-11 19:03:24 -03:00
Mark Stacey
ce66ddcf0d
Use prettier for JSON linting (#9396)
Instead of using `eslint-plugin-json` for linting JSON files,
`prettier` is now used. `prettier` is capable of detecting and
correcting more problems than `eslint-plugin-json` can, such as
indentation.

All JSON files have been run through `prettier`. The changes are all
superficial.
2020-09-11 10:57:39 -03:00
Whymarrh Whitby
e2dedaacdb
Use Infura v3 API (#9368)
* Use eth-json-rpc-infura@5.0.0
* Use Infura v3 API
* Add example .metamaskrc file
2020-09-10 13:46:00 -02:30
Whymarrh Whitby
1e99a7b0c3
Migrate to scoped @metamask/jazzicon (#9341) 2020-09-02 12:37:56 -02:30
Whymarrh Whitby
a6e93a6344
Use ganache-core/websocket@1.0.32 (#9340)
This change updates `websocket` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ ganache-core                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ ganache-core > websocket > gulp > gulp-cli > yargs >         │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-09-02 12:36:12 -02:30
Whymarrh Whitby
72313f011d
Use derequire@2.1.1 (#9332)
This change updates `derequire` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ browserify-derequire                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ browserify-derequire > derequire > yargs > yargs-parser      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-08-31 21:54:06 -02:30
Whymarrh Whitby
1024f49275
Use @metamask/eslint-config@3.2.0 (#9330) 2020-08-31 13:11:15 -02:30
Erik Marks
3aaa41ef44
Replace abi-decoder with ethers (#9290)
* replace abi-decoder with ethers

* handle transaction parsing errors

* update token param getter function names

* add docstrings
2020-08-21 19:29:19 -07:00
Erik Marks
02d318d493
Add @metamask/logo (#9281)
* Remove metamask-logo
2020-08-20 10:48:43 -07:00
Dan J Miller
42f4c2e407
MetaMask mascot support for provided directions targets and toggling followMouse (#9166)
* MetaMask mascot support for provided directions targets and toggling followMouse

* Fixes for mascot.component.js

* Update metamask-logo version to 2.4.0

* Lint fix

* Fix mouse follow updating

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Improve mascot story name

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update package.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Lint fix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-20 05:29:03 -02:30
Thomas Huang
5f11273550
Add react-testing-library/react (#9249)
* Add react-testing-library

Adds react-testing-library as a dependency, creates a wrapper function with Provider store/I18n context support, and implements it in unconnected-account-alert.

* Refactor renderWithProvider store to extra param, instead of component prop store
2020-08-19 21:13:59 -07:00
Whymarrh Whitby
2b7a692658
Use @metamask/eslint-config@3.1.0 (#9275)
This change updates the shared ESLint config to the latest published version,
v3.1.0.

From the config [`CHANGELOG.md`][1]: v3.0.1 has disabled `prefer-object-spread`
by default, so it has been enabled for this project.

  [1]:https://github.com/MetaMask/eslint-config/blob/master/CHANGELOG.md
2020-08-19 17:34:58 -02:30
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
5c74420850
Use @metamask/controllers@2.0.5 (#9266) 2020-08-18 21:37:02 -02:30
Whymarrh Whitby
e8b31a77b9
Use copy-webpack-plugin@6.0.3 (#9197)
This updates the `copy-webpack-plugin` to the latest published version, 6.0.3,
resolving [a high-severity security advisory][1] with its `serialize-javascript`
dependency.

  [1]: https://www.npmjs.com/advisories/1548

See https://www.npmjs.com/advisories/1548 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Remote Code Execution                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ serialize-javascript                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=3.1.0                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ copy-webpack-plugin                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ copy-webpack-plugin > serialize-javascript                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1548                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```

The relevant [`v6.0.0`][2] breaking changes:

- minimum supported Node.js version is 10.13
    -  We use 10.18.1 locally and on CI
- the plugin now accepts an object, you should change `new CopyPlugin(patterns, options)` to `new CopyPlugin({ patterns, options })`
    -  Updated `.storybook/webpack.config.js`

  [2]:https://github.com/webpack-contrib/copy-webpack-plugin/releases/tag/v6.0.0
2020-08-12 22:02:40 -02:30
Erik Marks
5527a6d9e9
Remove web3 e2e tests (#9159) 2020-08-07 12:29:50 -07:00
Whymarrh Whitby
d0366ad8f2
Use luxon@1.24.1 (#9154) 2020-08-07 12:33:03 -02:30
Thomas Huang
9e1aed88c2
Update 'react-devtools' to ^4.8.0 (#9140)
* bump-react-devtools

* Completed yarn lock after version bump of react-devtools
2020-08-06 12:30:28 -07:00
Mark Stacey
96dd435538
Add validate-source-maps npm script (#9134)
This script executes the `sourcemap-validator.js` script to validate
the source maps in the `dist` directory.
2020-08-04 12:10:28 -03:00
Mark Stacey
c7db4c5a4d
Update brfs from v1.6.1 to v2.0.2 (#9115)
We were not affected by the breaking changes introduced with v2.0.0.
This was updated primarily to get a bugfix relating to source maps, and
to update some older transitive dependencies.
2020-07-30 17:44:13 -03:00
Mark Stacey
b19e048f58
Update browserify from v16.2.3 to v16.5.1 (#9113)
The changes between these two versions don't seen to affect us a great
deal. The browserify dependency updates do result in changes to our
production bundle, but the changes have no obvious functional impact.
2020-07-30 16:02:27 -03:00
Mark Stacey
081153a0df
Update sesify-viz from v3.0.9 to v3.0.10 (#9111)
The changes between v3.0.9 and v3.0.10 are minimial - just some minor
improvements to error handling.
2020-07-30 14:55:46 -03:00
Mark Stacey
ee291d48e9
Update gulp-rename from v1.4.0 to v2.0.0 (#9112)
The changes between these versions don't affect us. The breaking change
was related to passing in a function to `gulp-rename`, which we don't
do.
2020-07-30 14:55:26 -03:00
Mark Stacey
3f53db1846
Update source-map-explorer from v2.0.1 to v2.4.2 (#9110)
The output remains identical between these two versions, and none of
the changelog entries appear relevant to us (aside from maybe some of
the bug fixes).
2020-07-30 14:43:02 -03:00
Whymarrh Whitby
d990de4a0c
Update dependencies (#9105)
This change updates the following two dependencies to address high severity advisories in the production dependencies:

* Use elliptic@6.5.3
* Use dot-prop@5.2.0

The public advisories:

- `elliptic`: [npm](https://www.npmjs.com/advisories/1547)
- `dot-prop`: [npm](https://www.npmjs.com/advisories/1213), [GHSA-ff7x-qrg7-qggm](https://github.com/advisories/GHSA-ff7x-qrg7-qggm)

I don't believe there to be any functional changes here:

- I don't think we hit any (important?) codepaths of the whole `ipld-zcash/zcash-bitcore-lib/elliptic` subtree of 3Box
- `dot-prop` doesn't have a changelog but;
    - Looking through [`v3.0.0...v4.0.0`](https://github.com/sindresorhus/dot-prop/compare/v3.0.0...v4.0.0) it would seem that the breaking change was requiring Node.js 4 ([`88b6eb6`](88b6eb66cf))
    - The only breaking change listed for [v5.0.0](https://github.com/sindresorhus/dot-prop/releases/tag/v5.0.0) was requiring Node.js 8.
2020-07-29 19:39:47 -02:30
Mark Stacey
a69245d9ba
Improve source maps (#9101)
Our source maps were being corrupted during minification, because the
`gulp-terser-js` plugin we were using didn't account for the existence
of sourcemaps in the input. A configuration option to allow the input
of sourcemaps was added in v5.2.0. The plugin has been updated, and we
now use this option.

Previously the generated sourcemaps had an invalid entry in the
"sources" array, with the filename of the bundle itself. This was not a
real source. After this change, this invalid source is no longer
present.
2020-07-29 17:31:01 -03:00
Erik Marks
a3cad5d52e
rpc-cap@3.1.0 (#9103) 2020-07-29 12:56:24 -07:00
Erik Marks
99899b5df9
json-rpc-engine@5.2.0 (#9091) 2020-07-28 10:01:24 -07:00
ryanml
b4663eb78b
Fixes MetaMask/metamask-extension#8626 - verifies password on requesting seed phrase (#9063) 2020-07-24 19:47:40 -03:00