* add erc-721 token detection and flag to disable sending
* addressing feedback
* remove redundant provider instantiation
* fix issue caused by unprotected destructuring
* add tests and documentation
* move add isERC721 flag to useTokenTracker hook
* Update and unit tests
* use memoizedTokens in useTokenTracker
Co-authored-by: Dan Miller <danjm.com@gmail.com>
* add erc-721 token detection and flag to disable sending
* addressing feedback
* remove redundant provider instantiation
* fix issue caused by unprotected destructuring
* add tests and documentation
* move add isERC721 flag to useTokenTracker hook
* Update and unit tests
* use memoizedTokens in useTokenTracker
Co-authored-by: Dan Miller <danjm.com@gmail.com>
This script makes it easier to run an individual E2E test. In the past
I've run individual scripts by editing `run-all.sh` manually, but now
that can be done more easily with this script. It also allows setting
the number of retries to use and the browser to use from the CLI.
This script has been added as an npm script as well, called
'test:e2e:single'.
The `run-all.sh` script was rewritten in JavaScript to make it easier
to pass through a `--retries` argument.
The default number of retries has been set to zero to make local
testing easier. It has been set to 2 on CI.
This was mainly done to consolidate the code used to run an E2E test in
one place, to make later improvements easier.
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.
This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
Update `@metamask/controllers` from v6 to v8. The breaking changes were
all in controllers that aren't used by the extension, so no changes
were required.
The `auto-changelog` script has been replaced with the package
`@metamask/auto-changelog`. This package includes a script that has
an `update` command that is roughly equivalent to the old
`auto-changelog.js` script, except better. The script also has a
`validate` command.
The `repository` field was added to `package.json` because it's
utilized by the `auto-changelog` script, and this was easier than
specifying the repository URL with a CLI argument.
* Revert "lint fix"
This reverts commit 6dfab2e3c6.
* Revert "Adding "What's New" notification for Ledger Support Update (#11188)"
This reverts commit 939a34f16c.
* Revert "Disable Ledger Live toggle for Firefox users (#11169)"
This reverts commit dec34fa4c6.
* Revert "Implement Ledger Live bridge (#10293)"
This reverts commit 397417bf09.
* Version v9.5.7
* Update CHANGELOG.md
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Revert "Revert "Implement Ledger Live bridge (#10293)""
This reverts commit 56db48a1c3.
* Revert "Revert "Disable Ledger Live toggle for Firefox users (#11169)""
This reverts commit 6e0da428ac.
* Revert "Revert "Adding "What's New" notification for Ledger Support Update (#11188)""
This reverts commit 7365f87f9e.
* Revert "Revert "lint fix""
This reverts commit 02b442aace.
* Track version in correct place (i.e. package.json) for master to develop sync for v9.5.7
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* add metametrics wrapper
* add history dep
* provide test data and mock react router
* add first confirmaion screen
* figure out a way to mock match.params
* render token approval with data
* fix lockfile
* fix lint
* remove use effect
* lintfix
* add . for src paths
* litfix
* Add knobs to change redux store for confirm-approve component (Storybook) (#11135)
* add knob for domain
* knobify
* remove logs
* remove comment
* lintfix
* fix comments
* add background calls + metriccs event to storybook acctions
* lintfixxxx
This update includes a bug fix that made v9.0.1 incompatible with valid
entries for the `package.json` "repository" field. Specifically, that
field required that the repository be the GitHub repo URL, but the
field is meant to point at the _git_ repo URL (the difference between
the two on GitHub is the `.git` suffix).
Now that that bug as been fixed, we can update the `repository` field
to point at `https://github.com/MetaMask/metamask-extension.git`, which
is what it should be.
* origin/develop: (227 commits)
Improve UI + content for price difference notifications (#11145)
Swaps: Create a new swap (#11124)
Bump @metamask/controllers from 9.0.0 to 9.1.0 (#11150)
Capture exception instead of throw error in useTransactionDisplayData (#11153)
Fixing jest component test output errors (#11139)
Avoid showing "Gas price extremely low" warning in advanced tab for testnets (#11111)
@metamask/auto-changelog@2.0.1 (#11140)
Migrate to new CurrencyRateController (#11005)
bump allow scripts (#11134)
Show Sentry CLI output when uploading artifacts (#11100)
use etherscan-link customBlockExplorer methods with customNetwork usage tracking (#11017)
Adding notification for updated seed phrase wording (#11131)
Bumping package.json
Fix a condition for checking if a token should be added (#11127)
Removing support survey notification from What's New (#11118)
Handling custom token decimal fetch failure due to network error (#10956)
Hide basic tab in advanced gas modal for speedup and cancel when on testnets (#11115)
Migrate Sentry settings to environment variables (#11085)
Update eth-ledger-bridge-keyring to v0.5.0 (#11064)
fix metaRPCClientFactory id handling (#11116)
...
The CurrencyRateController has been migrated to the BaseControllerV2
API, which includes various API changes. These changes include:
* The constructor now expects to be passed a
`RestrictedControllerMessenger`.
* State changes are subscribed to via the `ControllerMessenger` now,
rather than via a `subscribe` function.
* The state and configration are passed in as one "options" object,
rather than as two separate parameters
* The polling needs to be started explicitly by calling `start`. It
can be stopped and started on-demand now as well.
* Changing the current currency or native currency will now throw an
error if we fail to update the conversion rate.
The `ComposableObservableStore` has been updated to accomodate these
new types of controllers. The constructor has been updated to use an
options bag pattern as well, to make the addition of the new required
`controllerMessenger` parameter a bit less unweildly.
A resolution was required to update the version of `lodash` used by
`ganache-core`, and a previous resolution required updating. All other
lodash instances in our dependency tree were within range, and could be
updated in the lockfile.
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.
This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
Update `@metamask/controllers` from v6 to v8. The breaking changes were
all in controllers that aren't used by the extension, so no changes
were required.
A resolution was required to update the version of `lodash` used by
`ganache-core`, and a previous resolution required updating. All other
lodash instances in our dependency tree were within range, and could be
updated in the lockfile.
The `auto-changelog` script has been replaced with the package
`@metamask/auto-changelog`. This package includes a script that has
an `update` command that is roughly equivalent to the old
`auto-changelog.js` script, except better. The script also has a
`validate` command.
The `repository` field was added to `package.json` because it's
utilized by the `auto-changelog` script, and this was easier than
specifying the repository URL with a CLI argument.
* add trezor HD path for ledger wallets (#10616)
Co-authored-by: Barry Gitarts <bgitarts@gmail.com>
* Replace logic for eth swap token in fetchQuotesAndSetQuoteState with getSwapsEthToken call (#10624)
* Ensure permission log will only store JSON-able data (#10524)
* remove transactionCategory in favor of more types (#10615)
* remove transactionCategory in favor of more types
* remove reference to STANDARD in stubs
* Removing double click bug from delete custom network modal (#10628)
FixesMetaMask/metamask-extension#10626
* Hide zero balance tokens at useTokenTracker layer (#10630)
* Setting balance to 0x0 when the original value is undefined (#10634)
* fix: speedup cancellation (#10579)
fixes#7305
* no more node:console (#10640)
* prefer chainId over networkId in most cases (#10594)
* Move swaps constants to the shared constants directory (#10614)
* Position the 3dot menu in the same spot on asset screen and home screen (#10642)
* Ensure swaps detail height doesn't create jump in vertical height (#10644)
* Fix: ETH 'token' now only appears once in the swaps to and from dropdowns. (#10650)
* Prevent network menu highlighting (#10643)
* Allow TextField to receive min and max attributes (#10656)
* colocate tests in flat structure (#10655)
* Fixing migration script generation paths (#10664)
* Improve specificity of `test:unit:lax` npm script (#10661)
The unit test npm script `test:unit:lax` is now more specific about
which tests files to exclude. An `--ignore` CLI option is used to
specify the files to ignore, rather than using the braces glob syntax
to ignore them from the target glob itself.
This makes the option easier to update going forward as we move more
tests into the "strict" group, because the options are exactly the same
between the two scripts. It also ensures we don't accidentally exclude
other subdirectories that happen to also be named `permissions`.
In trying to implement this, I stumbled at first because mocha expects
the ignore pattern to be a relative path if the target is a relative
path (i.e. they need to both start with `./` or neither). The script
`test:unit:strict` has been updated to use a relative target pattern
for consistency.
* Swaps support for local testnet (#10658)
* Swaps support for local testnet
* Create util method for comparison of token addresses/symbols to default swaps token
* Get chainId from txMeta in _trackSwapsMetrics of transaction controller
* Add comment to document purpose of getTransactionGroupRecipientAddressFilter
* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js
* fix: replace dnode background with JSON-RPC (#10627)
fixes#10090
* Don't render faucet row in deposit modal for custom chains (#10674)
FixesMetaMask/metamask-extension#10038
* Change 'Send ETH' title to 'Send' (#10651)
* Fixing incorrectly typed token decimal attribute (#10666)
* refactor incoming tx controller (#10639)
* make migration more safe (#10689)
* Adding default properties to NetworkForm (#10682)
FixesMetaMask/metamask-extension#10681
* deps - remove "remotedev-server" (#10687)
* deps - remove remotedev-server
* Remove stale references from allow-scripts config
Any packages that are no longer in the dependency tree have been
removed from the `allow-scripts` config.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Excluding sourcemaps comment in production builds (#10695)
* Excluding sourcemaps comment in production builds
FixesMetaMask/metamask-extension#7077
* Fix source map explorer script
The source map explorer script now re-adds the source map comment to
each file to ensure the source map visualization still works. Each
module with a sourcemap is copied to a temporary directory along with
the module it corresponds to, and from there it's passed into
`source-map-explorer`. This should ensure the resulting visualization
matches what it was before.
Everything has been moved inside of functions to generally improve
readability, and to allow the use of local variables.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Delete setupFetchDebugging.js (#10636)
* Delete setupFetchDebugging.js
* remove fetch-debugging (now handled corrently by sentry)
* resolve issue with missing template error (#10692)
* resolve issue with missing template error
* also apply filtering to confirmation page
* rename variable
* Add MetaMask to list of BIP44 HD path examples (#10703)
The "BIP44 Standard" HD path option in the Ledger connect flow listed
only Trezor as an example. It seemed appropriate to include MetaMask as
well, since we use the same path. This helps users who have imported
their MetaMask seed phrase onto a Ledger device to discover this
option.
* Removing hard references to 12 word seed phrases in copy (#10704)
Adding translation entry for "Wallet Seed"
Fixed label padding issue by adding missing CSS rule
* rule out empty string for symbol (#10712)
* fix: remove unused `metamask.rpcUrl` from redux state + fix tests to reflect that (#10714)
* Fix 10706 - Prevent autocomplete from add token input (#10700)
* Fix mismatchedChain typo in custom network approval screen (#10723)
* Fix 10562 - Hide the suggested token pane when not on Mainnet or test network (#10702)
* Update @metamask/controllers to v6.2.1 (#10701)
* Additional swaps network support (#10721)
* Add swaps support for bnc chain
* Use single default token address in shared/constants/swaps
* ci - cache deps before patch-package (#10735)
* ci - cache deps before patch-package
* ci - bump dep cache number (cache break)
* build - refactor build system for easier configuration (#10718)
* build - refactor build system for easier configuration of before and after bundle
* build - fix dependenciesToBundle option
* build - fix bify external options and other config
* build - refactor for cleanliness
* build - fix minify argument
* build - fix sourcemaps setup
* scripts - refactor setupBundlerDefaults in anticipation of factor bundles
* build - scripts - remove unused pipeline label
* build - scripts - make filepath entry optional
* build - scripts - rename filepath and filename options to entryFilepath and destFilepath
* Update development/build/scripts.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* security - update SES lockdown (#10663)
* update ses
* build - reference ses directly
* deps - unify regenerator-runtime versions on 0.13.7
* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411
* patches - patch regenerator-runtime for latest ses fix
* reduc patch, new lockdown severe override taming
* updated redux patch
* update redux patch for production
* ignore lockdown in lint
* deps - bump patch-package just in case
* trailing comma
* remove ses as dep
* fix path for frozen promise
* remove js extension in lockdown require
* Revert "ignore lockdown in lint"
This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.
* Revert "build - reference ses directly"
This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.
* deps - update ses
* Revert "fix path for frozen promise"
This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.
Co-authored-by: kumavis <aaron@kumavis.me>
* Allow 11 characters in symbol for RPC (#10670)
* Add error in RPC for zero length symbols
* Increase RPC symbol length allowed to 11
* Add RPC tests for new symbol length checks
* eth-block-tracker@5.0.1 (#10737)
* Ensure swaps gas prices are fetched from the correct chain specific endpoint (#10744)
* Ensure swaps gas prices are fetched from the correct chain specific endpoint
* Just rely on fetchWithCache to cache swaps gas prices, instead of directly using storage in getSwapsPriceEstimatesLastRetrieved
* Empty commit
* update @metamask/etherscan-link to v2.0.0 (#10747)
* Use correct block explorer name and link in swaps when on custom network (#10743)
* Use correct block explorer name and link in swaps when on custom network.
* Fix up custom etherscan link code in build-quote.js
* Use blockExplorerUrl hostname instead of 'blockExplorerBaseUrl'
* Use correct etherscan-link method for token links in build-quote
* Create correct token link in build-quote for mainnet AND custom networks
* Block explorer url improvements in awaiting-swap.js and build-quote.js
* Use swapVerifyTokenExplanation message with substitutable block explorer for all applicable locales
* Ensure that block explorer links are not shown in awaiting-swap if no url is available
* Add New Zealand Dollar to currency options (#10746)
* Ensure that the correct default currency symbols are used for fees on the view quote screen (#10753)
* Fix 10517 - Prevent tokens without addresses from being added to token list (#10593)
* Updating y18n and netmask to resolve dependency issues (#10765)
netmask@1.0.6 -> 2.0.1, y18n@3.2.1 -> 3.2.2, y18n@4.0.0 -> 4.0.1
* Refactor Tx State Manager (#10672)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Ensure that the approval fee in the swaps custom gas modal is in network specific currency (#10763)
* Ensure that priceSlippage fiat amounts are always shown in view-quote.js (#10762)
* Use network specific swaps contract address when checking swap contract token approval (#10774)
* Build - refactor background process to use html (#10769)
* build - declare background as html
* build - fill in empty file when a missing file is expected
* lint - fix
* Update development/build/manifest.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update development/build/manifest.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* build - fix use of empty file to replace unused js files (#10780)
* cache lint results for faster repeat execution (#10773)
* eslint perf improvement (#10775)
* Improve detection of task process exit (#10776)
Our build script waits for the `close` event to determine whether the
task has exited. The `exit` event is a better representation of this,
because if a stream is shared between multiple processes, the process
may exit without the `close` event being emitted.
We aren't sharing streams between processes, so this edge case doesn't
apply to us. This just seemed like a more suitable event to listen to,
since we care about the process exiting not the stream ending.
See this description of the `close` event from the Node.js
documentation [1]:
>The `'close'` event is emitted when the stdio streams of a child
>process have been closed. This is distinct from the `'exit'` event,
>since multiple processes might share the same stdio streams.
And see this description of the `exit` event:
>The `'exit'` event is emitted after the child process ends.
[1]: https://nodejs.org/docs/latest-v14.x/api/child_process.html#child_process_event_exit
* Rewrite changelog script from Bash to JavaScript (#10782)
The `auto-changelog` script has been rewritten from Bash to JavaScript.
Functionally it should behave identically.
* Refactoring ethereum-on.spec.js to use fixtures (#10778)
* Remove useless negation (#10787)
!contentComponent always evaluates to true
* Remove date from changelog release header (#10790)
New changelog release headers now omit the date. These headers are
added automatically when a new release branch is created, and that
rarely ends up being the actual date of the release, so these dates
have all been inaccurate anyway.
The date will be re-added to the changelog later as part of a new
script, after a release has been published.
* Remove script for creating master sync PR (#10791)
The script responsible for creating the "Sync `master` with `develop`"
PR has been removed. We will soon be eliminating the need for a
`master` branch altogether, so we don't need this anymore. Also, this
script hasn't been running correctly in a long time. We've been
creating this PR manually.
* Add changelog entries under release candidate header (#10784)
Instead of always placing new changelog entries under the "Current
Develop Branch" header, the changelog script now places them under the
header for the current release if that release has not yet been tagged.
This eliminates one manual step from the release process.
Relates to #10752
* Prevent duplicate changelog entries (#10786)
The changelog update script now prevents duplicate entries from being
added. Specifically, it will ensure that if a PR has been referenced
already in an entry, it will not add it again.
This should prevent it from adding duplicate entries for changes that
were cherry-picked into hotfix releases.
Note that this duplication prevention only works for entries containing
a PR number. We don't have any way to prevent duplicate entries yet in
cases where we don't know the associated PR. We will be preventing this
possibility entirely pretty soon in some upcoming release automation
changes though, so I'm not concerned about this omission.
* Set the BSC_CONTRACT_ADDRESS to lowercase (#10800)
* only applies rules to the appropriate files (#10788)
* upgrade eslint deps (#10789)
* Ensure correct primary currency image is displayed on home screen and token list (#10777)
* Add release header when updating changelog (#10794)
The changelog update script now adds a release header if it doesn't
find one already that matches the current release candidate version.
* remove node-sass dependency (#10797)
* Add support for locators into driver abstraction (#10802)
* Update changelog headers and fix dates (#10805)
The changelog release header format has been updated to match the "keep
a changelog" [1] format. Each header is now the bracketed version
number followed by a dash, then the release date in ISO-8601 format.
The release dates in each header were also updated to match the date of
the corresponding GitHub Release [2]. Many of these dates were
incorrect because they were set on the day we created the release
candidate, rather than on the day of release.
Any changelog release entries without a corresponding GitHub release
was left with the date already specified.
The three oldest release headers were missing dates. For the first two,
I used the date of the version bump commit. For the third, I removed it
since no changes were listed anyway, and it represented a range of
releases rather than a single one.
The `auto-changelog.js` script has been updated to account for this new
format as well.
[1]: https://keepachangelog.com/en/1.0.0/
[2]: https://github.com/MetaMask/metamask-extension/releases
* Update the changelog when creating an RC (#10795)
The changelog will now be automatically updated when a release branch
is created. A new release header along with changelog entries for any
new commits will be added.
Note that this changelog will still need to be manually cleaned up, but
it's one less manual step at least.
The old Bash script for adding a new release header to the changelog
has been removed, as that functionality is now built into the changelog
update script.
A new script has been added to commit any changes made to the manifest
and changelog. This step used to happen at the end of the bump manifest
version script, but now the changelog update relies upon the manifest
version bump happening first, so it needed to be re-ordered. The
changes should only be committed on the first run of the branch, as
it's contingent upon the manifest changing (due to the version bump).
Further changelog updates won't trigger new automatic commits.
* Refactoring address-book.spec.js to use fixtures (#10804)
* Refactoring send-edit.spec.js to use fixtures (#10792)
* Fix _getPermittedAccounts type safety (#10819)
* Removing unnecessary params from withFixtures function call. (#10831)
* Add links to release headers (#10808)
Each release header now includes a link to the range of commits
included with that release. These links are at the end of the document,
in accordance with the "keep a changelog" [1] format.
For the purpose of this changelog, the "previous release" is the most
recent release mentioned in the changelogs. The diffs ignore any
releases that were omitted from the changelog. This is mainly an issue
with older releases, so it seemed acceptable. All releases have been
documented for a couple of years now, and will be going forward as
well.
The name of the "Current Develop Branch" section was changed to
"Unreleased" to confirm with "keep a changelog".
The `auto-changelog.js` script has been updated to update/add these
links whenever adding a new release header as well.
[1]: https://keepachangelog.com/en/1.0.0/
* Refactoring permissions.spec.js to use fixtures (#10829)
* Add validation for the `fee` property from the `/trades` API response (#10836)
* Refactoring signature-request.spec.js to use fixtures (#10820)
* use locator abstraction in tests folder (#10833)
* Move BSC chain ID, rename some BSC-related vars (#10807)
* Add categories to each changelog release (#10837)
Each changelog release now has category headers. The standard "keep a
changelog" [1] categories are used, along with the addition of
"Uncategorized" for any changes that have not yet been categorized.
The changelog script has been updated to add this "Uncategorized"
header if it isn't already present, and to place any new commits under
this header.
The changelog has been updated to property categorize each change in
recent releases, and to place changes in older releases under the
header "Uncategorized".
[1]: https://keepachangelog.com/en/1.0.0/
* Remove unused CI script (#10840)
This script has not been used since #10795. It is now gone.
* Add `--rc` flag to changelog script (#10839)
The changelog script now accepts an `--rc` flag to tell it whether to
add new changes to `Unreleased` or to the header for the current
version.
Previously this was inferred from whether the current version matched
the most recent tag. However this method only works for the first
update. Using a flag simplifies this logic, and makes it possible to
manually re-run this for further updates to a release candidate.
* Add `--help` flag to changelog script (#10846)
The changelog script now accepts a `--help` flag, which prints a help
text explaining how the script works and what each flag does.
* add abstraction for waitForSelector (#10844)
* Adds jest dependency (#10845)
* Add Jest
* Refactor changelog parsing and generation (#10847)
The `auto-changelog.js` script has been refactoring into various
different modules. This was done in preparation for migrating this to
a separate repository, where it can be used in our libraries as well.
Functionally this should act _mostly_ the same way, but there have been
some changes. It was difficult to make this a pure refactor because of
the strategy used to validate the changelog and ensure each addition
remained valid. Instead of being updated in-place, the changelog is now
parsed upfront and stored as a "Changelog" instance, which is a new
class that was written to allow only valid changes. The new changelog
is then stringified and completely overwrites the old one.
The parsing had to be much more strict, as any unanticipated content
would otherwise be erased unintentionally. This script now also
normalizes the formatting of the changelog (though the individual
change descriptions are still unformatted).
The changelog stringification now accommodates non-linear releases as
well. For example, you can now release v1.0.1 *after* v2.0.0, and it
will be listed in chronological order while also correctly constructing
the `compare` URLs for each release.
* Increase default slippage from 2% to 3%, show Advanced Options by default (#10842)
* Increase default slippage from 2% to 3%, show Advanced Options by default
* Disable opening / closing of Advanced Options on the Swap page
* Pre-select previously used slippage value when going back to the Swap page
* Fix lint issues
* Use a callback for setting up an initial customValue
* Migrate unreleased changes in changelog (#10853)
When updating the changelog for a release candidate, any unreleased
changes are now migrated to the release header.
Generally we don't make a habit of adding changes to the changelog
prior to creating a release candidate, but if any are there we
certainly don't want them duplicated.
* @metamask/eslint-config*@6.0.0 (#10858)
* @metamask/eslint-config*@6.0.0
* Minor eslintrc reorg
* Refactoring threebox.spec.js to use fixtures (#10849)
* Adjust renderWithProvider to accommodate redux-less components (#10857)
* Jest config (#10855)
* Setup jest config
* Adjust test for jest.
* Adjust lint config
* Omit swaps ui folder for unit testing
* Omit swaps from test:unit:lax
* Add jest.config.js to script files
* Restore mocks rather than clearing them.
* Update jest config and adjust lint to include subdirs
* Convert view-quote-price-difference test to jest
* Add jest ci and ci coverage scripts. Add jest unit test to general test command
* Add test coverage to ci
* Use --ignore flag
* Fixup
* Add @metamask/eslint-config-jest
* Update .eslintrc.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Adds jest-coverage/
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add jest-coverage/ to prettierignore (#10865)
* Add jest coverage (#10868)
* Add jest coverage
This will add coverage for any tests ran in jest under the `test:coverage:jest` command, which is currently being used in CI. I set the values to the current test coverage in `ui/app/pages/swaps`.
* Lint
* Fix crash when adding new changelog release header (#10870)
The `auto-changelog.js` script crashes when trying to add a new release
header. This bug was introduced in #10847. The cause was a simple
misnamed parameter.
* Change caching for Swaps APIs from 1 hour to 5 minutes (#10871)
* Change caching for the /tokens API from 1 hour to 5 minutes
* Use 5 minutes caching for /topAssets and /aggregatorMetadata APIs as well
* add key literals to driver (#10854)
* Quote globs in prettier scripts (#10867)
* use waitForSelector instead of until (#10852)
* complete abstraction of until method
* response to feedback
* Adding recovery phrase video to onboarding process (#10717)
* Adding recovery phrase video to onboarding process
Adding english subtitles
* Support textAlign in Box, converting sidebar to Box
* Reduce calls of the `/featureFlag` API (#10859)
* Remove periodic calls to the /featureFlag API
* Always show the Swap button on the main page
* Check if the Swaps feature is enabled, show loading animation while waiting
* Reuse an existing useEffect call
* Use ‘isFeatureFlagLoaded’ in React’s state, resolve lint issues
* Add a watch mode for Jest testing
* Add unit tests for Swaps: fetchSwapsLiveness, add /ducks/swaps into Jest testing
* Remove Swaps Jest tests from Mocha’s ESLint rules
* Ignore Swaps Jest tests while running Mocha, update paths
* Increase test coverage to the current max
* Fix ESLint issues for Swaps
* Enable the Swaps feature by default and after state reset, remove loading screen before seeing Swaps
* Update Jest config, fix tests
* Update Jest coverage threshold to the current maximum
* Update ESLint rule in jest.config.js
* Disable the “Review Swap” button if the feature flag hasn’t loaded yet
* Update jest threshold
* Fix 10036 - Prevent odd localStorage migration error in Firefox (#10884)
* Add jest watch mode script (#10869)
* Refactoring metamask-responsive-ui.spec.js to use fixtures (#10866)
* Handling infura blockage (#10883)
* Handling infura blockage
* Adding blockage home notification
* Updating copy, adding temporary notification dismissal
* Addressing review feedback
* Using eth_blockNumber method to check Infura availability
* Handling network changes in availability check
* Use jest to run ui/**/*.test.js (#10885)
* upgrade ethereumjs util (#10886)
* Swaps: Show a network name dynamically in a tooltip (#10882)
* Swaps: Show a network name dynamically in a tooltip
* Replace “Ethereum” with “$1”, change “Test” to “Testnet”
* Replace 이더리움 with $1
* Translate network names, use ‘Ethereum’ by default if a translation is not available yet
* Reorder messages to resolve ESLint issues
* Add a snapshot test for the FeeCard component, increase Jest threshold
* Enable snapshot testing into external .snap files in ESLint
* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value
* Throw an error if chain ID is not supported by the Swaps feature
* Use string literals when calling the `t` fn,
* Adding option to set Custom Nonce to Confirm Approve Page (#10595)
* Dep Upgrades for Lavamoat Patches (#10902)
* dep upgrades
* apply more patches
* Dep upgrades and patches (#10903)
* apply patches
* lavamoat dep upgrades
* remove lavamoat browserify
* Increase Jest unit test coverage for the Swaps feature to ~25% (#10900)
* Swaps: Show a network name dynamically in a tooltip
* Replace “Ethereum” with “$1”, change “Test” to “Testnet”
* Replace 이더리움 with $1
* Translate network names, use ‘Ethereum’ by default if a translation is not available yet
* Reorder messages to resolve ESLint issues
* Add a snapshot test for the FeeCard component, increase Jest threshold
* Enable snapshot testing into external .snap files in ESLint
* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value
* Throw an error if chain ID is not supported by the Swaps feature
* Use string literals when calling the `t` fn,
* Watch Jest tests silently (no React warnings in terminal, only errors)
* Add @testing-library/jest-dom, import it before running Jest tests
* Add snapshot testing of Swaps’ React components for happy paths, increase minimum threshold for Jest
* Add the test/jest folder for Jest setup and shared functions, use it in Swaps Jest tests
* Fix ESLint issues, update linting config
* Enable ESLint for .snap files (Jest snapshots), throw an error if a snapshot is bigger than 50 lines
* Don’t run lint:fix for .snap files
* Move `createProps` outside of `describe` blocks, move store creation inside tests
* Use translations instead of keys, update a rendering function to load translations
* Make sure all Jest snapshots are shorter than 50 lines (default limit)
* Add / update props for Swaps tests
* Fix React warnings when running tests for Swaps
* Bump @metamask/contract-metadata from 1.23.0 to 1.25.0 (#10899)
Bumps [@metamask/contract-metadata](https://github.com/MetaMask/contract-metadata) from 1.23.0 to 1.25.0.
- [Release notes](https://github.com/MetaMask/contract-metadata/releases)
- [Commits](https://github.com/MetaMask/contract-metadata/compare/v1.23.0...v1.25.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Refactoring from-import-ui.spec.js to use fixtures (#10907)
* Fix 10458 - Understand where to get support (#10895)
* Add contract address validation for token swaps (#10912)
* Fixing ENS input entry in send flow (#10923)
* Fixing ENS input entry in send flow
FixesMetaMask/metamask-extension#10691
* removed unnecessary apostrophe
* Refactoring incremental-security.spec.js to use fixtures (#10917)
* use one segment instance (#10915)
* Implement Ledger Live bridge (#10293)
* add view account-details menu item to token-options menu (#10932)
* add view account-details menu item to token-options menu
* add onViewAccountDetails propType
* Fix 10609 - Prevent overflow of confirmation page hostname (#10935)
* upgrade eth-keyring-controller (#10933)
* [Fix] 10365 My Accounts Removal (#10680)
* pushing my-accounts removal
* removed CONTACT_MY_ACCOUNTS_ROUTE
* removed CONTACT_MY_ACCOUNTS_VIEW_ROUTE
* removing CONTACT_MY_ACCOUNTS_EDIT_ROUTE
* removing CONTACT_MY_ACCOUNTS_EDIT_ROUTE
* removed showingMyAccounts dead code
* removed more dead code related to isMyAccountsPage
* removing more dead code
* fixed linting error(s)
* removing my-accounts component/folder
* added empty contact screen ui
* styled empty contact page ui
* fixed linting, removed add contacts button, and fixed errors
* localized text and centered No Contacts
* pushing localized verification and fixed e2e test
* added listRoute redirect
* added listroute and fixed linting error
* Increase Jest unit test coverage for the Swaps feature to ~43% (#10934)
* add hamburger menu to eth page (#10938)
* add hamburger menu to eth page
* change token-options to asset-options, use more direct selector for user address fetch
* use token custom icons where possible (#10939)
* Whats new popup (#10583)
* Add 'What's New' notification popup
* Move selectors from shared/notifications into ui/ directory
* Use keys for localized message in whats new notifications objects, to ensure notifications will be translated.
* Remove unused swaps intro popup locale messages
* Fix keys of whats new notification locales
* Remove notifications messages and descriptions from comment in shared/notifications
* Move notifcationActionFunctions to shared/notifications and make it stateless
* Get notification data from constants instead of state in whats-new-popup
* Code cleanup
* Fix build quote reference to swapsEthToken, broken during rebase
* Rename notificationFilters to notificationToExclude to clarify its purpose
* Documentation for getSortedNotificationsToShow
* Move notification action functions from shared/ to whats-new-popup.js
* Stop setting swapsWelcomeMessageHasBeenShown to state in app-state controller
* Update e2e tests for whats new popup changes
* Updating migration files
* Addressing feedback part 1
* Addressing feedback part 2
* Remove unnecessary div in whats-new-popup
* Change getNotificationsToExclude to getNotificationsToInclude for use in the getSortedNotificationsToShow selector
* Delete intro-popup directory and test files
* Lint fix
* Add notifiction state to address-entry fixture
* Use two separate functions for rendering first and subsequent notifications in the whats-new-popup
* Ensure that string literals are passed to t for whats new popup text
* Update import-ui fixtures to include notificaiton controller state
* Remove unnecessary, accidental change confirm-approve
* Remove swaps notification in favour of mobile swaps as first notifcation and TBD 3rd notification
* Update whats-new-popup to use intersection observer api to detect if notification has been seen
* Add notifications to send-edit and threebox e2e test fixtures
* Update ui/app/selectors/selectors.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update ui/app/selectors/selectors.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Clean up locale code for whats-new-popup notifications
* Disconnect observers in whats-new-popup when their callback is first called
* Add test case for migration 58 for when the AppStateController does not exist
* Rename popover components containerRef to popoverWrapRef
* Fix messages.json
* Update notification messages and images
* Rename popoverWrapRef -> popoverRef in whats-new-popup and popover.component
* Only create one observer, and only after images have loaded, in whats-new-popup
* Set width and height on whats-new-popup image, instead of setting state on img load
* Update ui/app/components/app/whats-new-popup/whats-new-popup.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Code clean up in whats new popup re: notification rendering and action functions
* Code cleanup in render notification functions of whats-new-popup
* Update ui/app/components/app/whats-new-popup/whats-new-popup.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* lint fix
* Update and localize notification dates
* Clean up date code in shred/notifications/index.js
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Revert "Implement Ledger Live bridge (#10293)"
This reverts commit 15b596ad15.
* Version v9.5.0
* Update changelog for v9.5.0
* yarn allow-scripts and yarn lavamoat:auto for Version-v9.5.0 branch
* Anchor the Need Help text to the bottom of the expanded page (#10955)
* fix transaction sync logic (#10954)
* Add backwards compatibility for ETH <-> WETH contract address validation (#10962)
* Whats new popup design fixes (#10964)
* Remove padding on QR code image
* Allow the qr code to be below the description in the whats new popup
* Fix size and position of QR code in whats new notification
* Add right caret to action links in whats new popup
* Clean up placeImageBelowDescription logic
* Fix display of whats-new-popup image
* Improve spacing and sizing of whats new popup in both full screen and popup view
* refactor
* Ensure method of adding contact when contacts exist (#10963)
* Fixing alignment issue with bottom notification (#10979)
* Revert "Adding recovery phrase video to onboarding process (#10717)"
This reverts commit 9e918b6026.
* Removing recovery video entry from changelog
* Remove tests that are only needed for the commit reverted in 68c5defc
* Fix dependency vulnerability by upgrading xmlhttprequest-ssl via yarn.lock (#10990)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Barry Gitarts <bgitarts@gmail.com>
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Niranjana Binoy <43930900+NiranjanaBinoy@users.noreply.github.com>
Co-authored-by: Shane <jonas.shane@gmail.com>
Co-authored-by: gitpurva <47534619+gitpurva@users.noreply.github.com>
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Etienne Dusseault <etienne.dusseault@gmail.com>
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Grant Bakker <grant@bakker.pw>
Co-authored-by: Michael Standen <screaminghawk@gmail.com>
Co-authored-by: Muhammet Kara <mrkara@users.noreply.github.com>
Co-authored-by: Daniel <80175477+dan437@users.noreply.github.com>
Co-authored-by: Thomas Huang <tmashuang@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas <thomas.b.huang@gmail.com>
Co-authored-by: Alex Donesky <alex.donesky@consensys.net>
Co-authored-by: Austin Akers <austin.akers5@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
* Swaps: Show a network name dynamically in a tooltip
* Replace “Ethereum” with “$1”, change “Test” to “Testnet”
* Replace 이더리움 with $1
* Translate network names, use ‘Ethereum’ by default if a translation is not available yet
* Reorder messages to resolve ESLint issues
* Add a snapshot test for the FeeCard component, increase Jest threshold
* Enable snapshot testing into external .snap files in ESLint
* Add the “networkNameEthereum” key in ko/messages.json, remove default “Ethereum” value
* Throw an error if chain ID is not supported by the Swaps feature
* Use string literals when calling the `t` fn,
* Watch Jest tests silently (no React warnings in terminal, only errors)
* Add @testing-library/jest-dom, import it before running Jest tests
* Add snapshot testing of Swaps’ React components for happy paths, increase minimum threshold for Jest
* Add the test/jest folder for Jest setup and shared functions, use it in Swaps Jest tests
* Fix ESLint issues, update linting config
* Enable ESLint for .snap files (Jest snapshots), throw an error if a snapshot is bigger than 50 lines
* Don’t run lint:fix for .snap files
* Move `createProps` outside of `describe` blocks, move store creation inside tests
* Use translations instead of keys, update a rendering function to load translations
* Make sure all Jest snapshots are shorter than 50 lines (default limit)
* Add / update props for Swaps tests
* Fix React warnings when running tests for Swaps
* Remove periodic calls to the /featureFlag API
* Always show the Swap button on the main page
* Check if the Swaps feature is enabled, show loading animation while waiting
* Reuse an existing useEffect call
* Use ‘isFeatureFlagLoaded’ in React’s state, resolve lint issues
* Add a watch mode for Jest testing
* Add unit tests for Swaps: fetchSwapsLiveness, add /ducks/swaps into Jest testing
* Remove Swaps Jest tests from Mocha’s ESLint rules
* Ignore Swaps Jest tests while running Mocha, update paths
* Increase test coverage to the current max
* Fix ESLint issues for Swaps
* Enable the Swaps feature by default and after state reset, remove loading screen before seeing Swaps
* Update Jest config, fix tests
* Update Jest coverage threshold to the current maximum
* Update ESLint rule in jest.config.js
* Disable the “Review Swap” button if the feature flag hasn’t loaded yet
* Update jest threshold
* Setup jest config
* Adjust test for jest.
* Adjust lint config
* Omit swaps ui folder for unit testing
* Omit swaps from test:unit:lax
* Add jest.config.js to script files
* Restore mocks rather than clearing them.
* Update jest config and adjust lint to include subdirs
* Convert view-quote-price-difference test to jest
* Add jest ci and ci coverage scripts. Add jest unit test to general test command
* Add test coverage to ci
* Use --ignore flag
* Fixup
* Add @metamask/eslint-config-jest
* Update .eslintrc.js
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Adds jest-coverage/
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The `auto-changelog.js` script has been refactoring into various
different modules. This was done in preparation for migrating this to
a separate repository, where it can be used in our libraries as well.
Functionally this should act _mostly_ the same way, but there have been
some changes. It was difficult to make this a pure refactor because of
the strategy used to validate the changelog and ensure each addition
remained valid. Instead of being updated in-place, the changelog is now
parsed upfront and stored as a "Changelog" instance, which is a new
class that was written to allow only valid changes. The new changelog
is then stringified and completely overwrites the old one.
The parsing had to be much more strict, as any unanticipated content
would otherwise be erased unintentionally. This script now also
normalizes the formatting of the changelog (though the individual
change descriptions are still unformatted).
The changelog stringification now accommodates non-linear releases as
well. For example, you can now release v1.0.1 *after* v2.0.0, and it
will be listed in chronological order while also correctly constructing
the `compare` URLs for each release.
* Replace logic for eth swap token in fetchQuotesAndSetQuoteState with getSwapsEthToken call (#10624)
* Move swaps constants to the shared constants directory (#10614)
* Fix: ETH 'token' now only appears once in the swaps to and from dropdowns. (#10650)
* Swaps support for local testnet (#10658)
* Swaps support for local testnet
* Create util method for comparison of token addresses/symbols to default swaps token
* Get chainId from txMeta in _trackSwapsMetrics of transaction controller
* Add comment to document purpose of getTransactionGroupRecipientAddressFilter
* Use isSwapsDefaultTokenSymbol in place of repeated defaultTokenSymbol comparisons in build-quote.js
* Additional swaps network support (#10721)
* Add swaps support for bnc chain
* Use single default token address in shared/constants/swaps
* Ensure swaps gas prices are fetched from the correct chain specific endpoint (#10744)
* Ensure swaps gas prices are fetched from the correct chain specific endpoint
* Just rely on fetchWithCache to cache swaps gas prices, instead of directly using storage in getSwapsPriceEstimatesLastRetrieved
* Empty commit
* update @metamask/etherscan-link to v2.0.0 (#10747)
* Use correct block explorer name and link in swaps when on custom network (#10743)
* Use correct block explorer name and link in swaps when on custom network.
* Fix up custom etherscan link code in build-quote.js
* Use blockExplorerUrl hostname instead of 'blockExplorerBaseUrl'
* Use correct etherscan-link method for token links in build-quote
* Create correct token link in build-quote for mainnet AND custom networks
* Block explorer url improvements in awaiting-swap.js and build-quote.js
* Use swapVerifyTokenExplanation message with substitutable block explorer for all applicable locales
* Ensure that block explorer links are not shown in awaiting-swap if no url is available
* Ensure that the correct default currency symbols are used for fees on the view quote screen (#10753)
* Updating y18n and netmask to resolve dependency issues (#10765)
netmask@1.0.6 -> 2.0.1, y18n@3.2.1 -> 3.2.2, y18n@4.0.0 -> 4.0.1
* Ensure that priceSlippage fiat amounts are always shown in view-quote.js (#10762)
* Ensure that the approval fee in the swaps custom gas modal is in network specific currency (#10763)
* Use network specific swaps contract address when checking swap contract token approval (#10774)
* Set the BSC_CONTRACT_ADDRESS to lowercase (#10800)
* Ensure correct primary currency image is displayed on home screen and token list (#10777)
* [skip e2e] Update changelog for v9.3.0 (#10740)
* Version v9.3.0
* [skip e2e] Update changelog for v9.3.0 (#10803)
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
* update ses
* build - reference ses directly
* deps - unify regenerator-runtime versions on 0.13.7
* patches - apply regenerator-runtime ses compat patch\nhttps://github.com/facebook/regenerator/pull/411
* patches - patch regenerator-runtime for latest ses fix
* reduc patch, new lockdown severe override taming
* updated redux patch
* update redux patch for production
* ignore lockdown in lint
* deps - bump patch-package just in case
* trailing comma
* remove ses as dep
* fix path for frozen promise
* remove js extension in lockdown require
* Revert "ignore lockdown in lint"
This reverts commit 8cefdc94dd25d7781bb09eed8af36441397676da.
* Revert "build - reference ses directly"
This reverts commit 30371a377dcdd781c1bf9abe55e9c8ae34da26b5.
* deps - update ses
* Revert "fix path for frozen promise"
This reverts commit 966e4c60921a25befe8ca8dea58313cc25852f72.
Co-authored-by: kumavis <aaron@kumavis.me>
* deps - remove remotedev-server
* Remove stale references from allow-scripts config
Any packages that are no longer in the dependency tree have been
removed from the `allow-scripts` config.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The unit test npm script `test:unit:lax` is now more specific about
which tests files to exclude. An `--ignore` CLI option is used to
specify the files to ignore, rather than using the braces glob syntax
to ignore them from the target glob itself.
This makes the option easier to update going forward as we move more
tests into the "strict" group, because the options are exactly the same
between the two scripts. It also ensures we don't accidentally exclude
other subdirectories that happen to also be named `permissions`.
In trying to implement this, I stumbled at first because mocha expects
the ignore pattern to be a relative path if the target is a relative
path (i.e. they need to both start with `./` or neither). The script
`test:unit:strict` has been updated to use a relative target pattern
for consistency.
* Unifies the filename suffix to .test.js
* Display @babel/no-invalid-this rule for tx-controller.test.js
* Add test file extension to test:unit:global
The `elliptic` package has been updated to v6.5.4 to address a security
advisory regarding a vulnerability in v6.5.3. We are not affected by
this vulnerability to the best of our knowledge. This is just to stay
on the safe side, and fix our audit check.
* Add warning system for 'confusable' ENS names (#9129)
Uses unicode.org's TR39 confusables.txt to display a warning when
'confusable' unicode points are detected.
Currently only the `AddRecipient` component has been updated, but the new
`Confusable` component could be used elsewhere
The new `unicode-confusables` dependency adds close to 100KB to the
bundle size, and around 30KB when gzipped.
Adds 'tag' prop to the tooltop-v2 component
Use $Red-500 for confusable ens warning
Lint Tooltip component
Update copy for confusing ENS domain warning.
* Fix prop type
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
This script was accidentally broken in #10499, which added the `.sh`
file extension to all Bash scripts. I forgot to update the
`ganache:start` script to use the new file extension.
A CI job has been added to ensure the `allow-scripts` config and the
LavaMoat auto-generated policy is up-to-date. This will only run on
release branches and the `master` branch, because it's too difficult a
requirement to meet for each PR for contributors on macOS, due to
differences in the dependency graph caused by optional dependencies.
The `allow-scripts` and LavaMoat policy have both been updated using
`yarn allow-scripts auto` and `yarn lavamoat:auto`.
This package hasn't been used since #8140, which dropped it for being
too slow and of minimal benefit.
We should consider re-adding this as a CI check to ensure images are
optimized, but I don't think it should be re-added to the build process
itself.
This dependency was added to get Storybook working, but since then it
has been made a direct dependency of Storybook. We no longer use it
directly, and we don't need it in our dependencies.
This package was added as a devDependency to address a peerDependency
warning when installing Storybook v5.3.14. We're now using Storybook
v6, which doesn't list this as a peerDependency.
The `start:dev` script relies upon `electron` and `sqlite`, both of
which had their install scripts disabled by `allow-scripts`. Without
those two packages, `start:dev` crashes immediately.
The manifest has been updated to ensure install scripts run for both
packages. `start:dev` now works.
Fixes#10356
There was a bug in the inpage provider that would mistakenly report
usage of our injected `web3` instance when the `web3.currentProvider`
property was accessed. This was fixed in v8.0.4 of
`@metamask/inpage-provider`.
* ci - run storybook and add to build-artifacts
* ci/storybook - rename storybook build path and fix artifact upload
* ci/storybook - rename link text
* clean - remove accidently committed storybook build dir
* storybook - fix image path to relative (#10364)
* use @lavamoat/allow-scripts for package postinstall allow list
* dnode: set "weak" to false
Co-authored-by: kumavis <kumavis@users.noreply.github.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
The changes made between v1.3.2 and v1.5.0 of `@reduxjs/toolkit` don't
appear to affect us at all. They mostly consist of feature additions
and bug fixes for edge cases we haven't encountered.[1]
The one change that is technically breaking is that v8 of `immer` now
freezes state objects in production rather than just in development.
That would only be breaking if we were mutating Redux state though,
which we aren't doing in the few Redux slices in which we use
`@reduxjs/toolkit`. Even if we were, we would have noticed that it
broke in development already.
[1]: https://github.com/reduxjs/redux-toolkit/releases
This update comes with a breaking change to the Approval controller. It
now requires a `defaultApprovalType` parameter.
I don't think we have any use for a default approval type, but I've
added a "NO_TYPE" one for now because it's a strict requirement. We
should consider making this parameter optional in the future, for cases
like this where it's not needed.
This update will hopefully address some caching issues we've been
seeing with our phishing configuration. See here for more details:
https://github.com/MetaMask/controllers/pull/297
We don't look at coveralls very much. We might occasionally consult it
to see a report on our code coverage, but that report is already
generated entirely locally, and has been added to the MetaMask bot
comment in #10061.
Update `geckodriver` to the latest version, and `selenium-webdriver`
to the second-most-recent version. Updates include various dependency
updates, bug fixes, and minor features. None of the updates seem to
directly affect us, aside from one new feature of `selenium-webdriver`
that updates the `installAddon` function to support `.zip` files, which
will be used in a subsequent PR.
`selenium-webdriver` was pinned one version behind latest because the
latest version caused our Chrome e2e tests to fail with a mysterious
error whenever `getAttribute` was called on a WebElement.
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
* Remove use of ethgassthat; use metaswap /gasPrices api for gas price estimates
* Remove references to ethgasstation
* Pass base to BigNumber constructor in fetchExternalBasicGasEstimates
* Update ui/app/hooks/useTokenTracker.js
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
* Delete gas price chart
* Remove price chart css import
* Delete additional fee chart code
* Lint fix
* Delete more code no longer used after ethgasstation removal
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
An e2e test has been added that uses the new mock Segment server to
verify that the three initial page metric events are sent correctly.
Using the mock Segment server requires a special build with this mock
Segment server hostname embedded, so a distinct job for building and
running this test was required. As such, it was left out of the
`run-all.sh` script.
Our Storybook dependencies have been updated to v6.1.9, from v5. This
was done to address a security vulnerability in a transitive dependency
of these packages (`highlight.js`).
The primary changes required by this Storybook update were the change
in import path for the `withKnobs` hook, the change in background
config format, and the webpack configuration. Storybook seems to work
correctly.
The migration was guided by the Storybook changelog[1] and the
Storybook v6 migration guide[2].
There is one Storybook error remaining; it fails to load the Euclid
font. This is a pre-existing error though, so we can fix it in a later
PR.
The `yarn.lock` file was deduplicated in this PR as well, as it was
required to fix various install warnings that were introduced with this
update.
[1]: https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md
[2]: https://github.com/storybookjs/storybook/blob/next/MIGRATION.md
* Freezeglobals: remove Promise freezing, add lockdown
* background & UI: temp disable sentry
* add loose-envify, dedupe symbol-observable
* use loose envify
* add symbol-observable patch
* run freezeGlobals after sentry init
* use require instead of import
* add lockdown to contentscript
* add error code in message
* try increasing node env heap size to 2048
* change back circe CI option
* make freezeGlobals an exported function
* make freezeGlobals an exported function
* use freezeIntrinsics
* pass down env to child process
* fix unknown module
* fix tests
* change back to 2048
* fix import error
* attempt to fix memory error
* fix lint
* fix lint
* fix mem gain
* use lockdown in phishing detect
* fix lint
* move sentry init into freezeIntrinsics to run lockdown before other imports
* lint fix
* custom lockdown modules per context
* lint fix
* fix global test
* remove run in child process
* remove lavamoat-core, use ses, require lockdown directly
* revert childprocess
* patch package postinstall
* revert back child process
* add postinstall to ci
* revert node max space size to 1024
* put back loose-envify
* Disable sentry to see if e2e tetss pass
* use runLockdown, add as script in manifest
* remove global and require from runlockdown
* add more memory to tests
* upgrade resource class for prep-build & prep-build-test
* fix lint
* lint fix
* upgrade remote-redux-devtools
* skillfully re-add sentry
* lintfix
* fix lint
* put back beep
* remove envify, add loose-envify and patch-package in dev deps
* Replace patch with Yarn resolution (#9923)
Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The command `mocha` was included twice in `test:unit:global`
accidentally. The second occurrence was interpreted as a filename, and
would result in the following warning:
`Warning: Cannot find any files matching pattern "mocha"`
The second instance has been removed, and the warning no longer
appears.
`ganache-core` and `ganache-cli` have been updated to the latest
published versions.
Two Yarn resolutions have been made unnecessary by this update, so they
have been removed. They were added to update dependencies of
`ganache-core` to address security advisories. They have since been
updated in the latest `ganache-core` release.
* Add ses lockdown to build system using lavamoat-core
* use proper object.assign version
* disable lint rules for ses lockdown
* deps - update rtlcss
Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Refs #9663
See [`node/no-unsupported-features/node-builtins`][1] for more information.
This change enables `node/no-unsupported-features/node-builtins` and fixes the issue
raised by the rule.
The `engines.node` version is updated to reflect the version specified by the `.nvmrc`
file and the version used by CircleCI:
```bash
$ cat .nvmrc
v10.18.1
```
```bash
$ docker run --rm -it circleci/node@sha256:e16740707de2ebed45c05d507f33ef204902349c7356d720610b5ec6a35d3d88 node --version
v10.18.1
```
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.
Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.
Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
On Windows, spawn fails if the exact filename
of a binary isn't passed. e.g. `spawn('yarn')` fails
because the binary is named `yarn.cmd`.
Instead, we depend on `cross-spawn` which handles differences
in `spawn` across platforms.
All three of our Sentry packages have been updated to the latest
versions. There appear to have been no breaking changes - just bug
fixes and new features.
This change updates `node-forge` to the latest published version, 0.10.0. This
update resolves a security advisory [1] brought in via our `3box` dependency.
[1]:https://www.npmjs.com/advisories/1561
JSON files are now sorted by key with `prettier`, using the plugin
`prettier-plugin-sort-json`. This does not affect `package.json`
because `prettier` uses a special parser for that file, as it has
a more restrictive format than JSON.
Instead of using `eslint-plugin-json` for linting JSON files,
`prettier` is now used. `prettier` is capable of detecting and
correcting more problems than `eslint-plugin-json` can, such as
indentation.
All JSON files have been run through `prettier`. The changes are all
superficial.
* MetaMask mascot support for provided directions targets and toggling followMouse
* Fixes for mascot.component.js
* Update metamask-logo version to 2.4.0
* Lint fix
* Fix mouse follow updating
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Improve mascot story name
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Update package.json
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Lint fix
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Add react-testing-library
Adds react-testing-library as a dependency, creates a wrapper function with Provider store/I18n context support, and implements it in unconnected-account-alert.
* Refactor renderWithProvider store to extra param, instead of component prop store
This change updates the shared ESLint config to the latest published version,
v3.1.0.
From the config [`CHANGELOG.md`][1]: v3.0.1 has disabled `prefer-object-spread`
by default, so it has been enabled for this project.
[1]:https://github.com/MetaMask/eslint-config/blob/master/CHANGELOG.md
This updates the `copy-webpack-plugin` to the latest published version, 6.0.3,
resolving [a high-severity security advisory][1] with its `serialize-javascript`
dependency.
[1]: https://www.npmjs.com/advisories/1548
See https://www.npmjs.com/advisories/1548 for more information.
The `yarn audit` output:
```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Remote Code Execution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.1.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ copy-webpack-plugin │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ copy-webpack-plugin > serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1548 │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
The relevant [`v6.0.0`][2] breaking changes:
- minimum supported Node.js version is 10.13
- ✅ We use 10.18.1 locally and on CI
- the plugin now accepts an object, you should change `new CopyPlugin(patterns, options)` to `new CopyPlugin({ patterns, options })`
- ✅ Updated `.storybook/webpack.config.js`
[2]:https://github.com/webpack-contrib/copy-webpack-plugin/releases/tag/v6.0.0
We were not affected by the breaking changes introduced with v2.0.0.
This was updated primarily to get a bugfix relating to source maps, and
to update some older transitive dependencies.
The changes between these two versions don't seen to affect us a great
deal. The browserify dependency updates do result in changes to our
production bundle, but the changes have no obvious functional impact.
The output remains identical between these two versions, and none of
the changelog entries appear relevant to us (aside from maybe some of
the bug fixes).
Our source maps were being corrupted during minification, because the
`gulp-terser-js` plugin we were using didn't account for the existence
of sourcemaps in the input. A configuration option to allow the input
of sourcemaps was added in v5.2.0. The plugin has been updated, and we
now use this option.
Previously the generated sourcemaps had an invalid entry in the
"sources" array, with the filename of the bundle itself. This was not a
real source. After this change, this invalid source is no longer
present.
The changes made between v9.10.1 and v13.6.1 don't appear to be
relevant to us, aside from bug fixes that we'd benefit from.
`gulp-stylelint` also needed to be updated, as it's in-step with
`stylelint`. It went from v7 to v13.0.0. The changes aren't notable
here for us either.
* Stylelint: Ignore only top-level directories
The `.stylelintignore` entries lacked leading slashes, so most of the
UI code was ignored (because it fell under the `ui/app` directory, and
`app/` was ignored.
The leading slashes ensure only the intended top-level directories are
ignored.
* Simplify stylelint rules
We use the `stylelint-config-standard` rule-set, so most commonly-used
stylelint rules are inherited from that.
Some of the removed rules were redundant, some of them were more strict
than the rules in `standard` and we hadn't been following them in
practice, and some were obsolete.
* Convert stylelint config to JavaScript
JavaScript is a bit easier than JSON to work with, as it allows
comments.
This was also done to make it easier to merge in the `stylelint-config-
standard`, which is also in JavaScript.
* Inline `stylelint-config-standard`
I intend to go through each of these rules one-by-one, which is easier
with all of these rules inlined. Selectively overriding/disabling them
would have been messy.
* Comment out rules that aren't current working
These rules have been temporarily disabled. They will be re-renabled
one-by-one as they are fixed. This was done to make it easier to split
these changes among separate PRs, as many of the rules require
extensive functional changes.
* Add `stylelint` to `lint` script
`stylelint` is now run as part of the `lint` script. There is also a
separate `lint:styles` script for running just `stylelint`.
The remaining integration tests are all covered by e2e tests, so
they're no longer needed.
All associated scripts, fixtures, and dependencies have also been
removed.
This updated test dapp has a new `personal_sign` button. It also fixes
the `Encrypt` button, which was broken in `v3.0.0`.
The `signature-request` e2e test needed to be updated to find the
'Sign' button by id rather than by text, since there are now two
buttons with the text 'Sign'.
This script is relied upon by our e2e tests. It was broken in #8888,
because `@metamask/test-dapp` was updated to a version with a different
directory structure. The website is now in the `dist` directory instead
of the `website` directory.
* restore and enhance the time est feature
background: we had a feature for showing a time estimate on pending txs
that was accidently removed during the redesign implementation. This PR
restores that feature and also enhances it:
1. Displays the time estimate on all views instead of just fullscreen
2. Uses Intl.RelativeTimeFormat to format the time
3. Adds a way to toggle the feature flag.
4. Uses a hook to calculate the time remaining instead of a component
* Update app/_locales/en/messages.json
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* do not display on test nets
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The fullscreen UI now shows roughly the same design as the popup UI.
A few additional changes depicted in the new fullscreen designs will
be implemented in subsequent PRs (e.g. the inline buttons on assets)
This was done now to make asset pages easier to implement. Implementing
asset pages solely for the popup UI would have been complicated by the
fact that we use viewport size to switch between the two layouts, so we
would have had to re-route upon resizing the window.
The account options menu is now much faster, and it correctly closes
when 'Switch account' is selected.
A static width had to be set on the menu so that it could be positioned
reliably. Without this width set, it was rendered as a different size
before positioning than after, which resulted in it being positioned
incorrectly. A `z-index` had to be added (equal to the `z-index` used
by the popover component) to ensure it wasn't rendered beneath the
popover.
The menu is automatically positioned relative to the account options
button, appearing below the button by default but above it instead if
there isn't room below. It is positioned to be inside the bounds of the
popover as well.
The account options button is now a `<button>` rather than a `<i>`.
This required a few additional style rules to overrule the default
button styles. Additionally the size was increased so that it matches
the designs more closely.
The callbacks for connecting, disconnecting, and switching accounts
have been updated to use state and props to determine the correct
address to use, rather than being bound to the correct address
parameter in the render function. This means we aren't creating a new
function upon each render anymore.
The `showAccountOptions` method still needs to be bound once per
account, but this was switched to use more readable syntax (`.bind`,
instead of the double arrow function).
`react-popper` and `@popperjs/core` were both added as dependencies.
These should be used for any UI requiring relative positioning (e.g.
tooltips, menus, etc.). Older versions of these libraries are already
in our codebase as transitive dependencies of the tooltip library we're
using.
An alert is now shown when the user switches from an account that is
connected to the active tab to an account that is not connected. The
alert prompts the user to dismiss the alert or connect the account
they're switching to.
The "loading" state is handled by disabling the buttons, and the error
state is handled by displaying a generic error message and disabling
the connect button.
The new reducer for this alert has been created with `createSlice` from
the Redux Toolkit. This utility is recommended by the Redux team, and
represents a new style of writing reducers that I hope we will use more
in the future (or at least something similar). `createSlice` constructs
a reducer, actions, and action creators automatically. The reducer is
constructed using their `createReducer` helper, which uses Immer to
allow directly mutating the state in the reducer but exposing these
changes as immutable.
`pify` v5.0.0 will preserve `this` references correctly, so explicit
binding of objects passed to `pify` is no longer needed.
There are no breaking changes that affect us; the only breaking change
in v4 and v5 is to update the minimum Node.js version to v10.
Previously all browser globals were allowed to be used anywhere by
ESLint because we had set the `env` property to `browser` in the ESLint
config. This has made it easy to accidentally use browser globals
(e.g. #8338), so it has been removed. Instead we now have a short list
of allowed globals.
All browser globals are now accessed as properties on `window`.
Unfortunately this change resulted in a few different confusing unit
test errors, as some of our unit tests setup assumed that a particular
global would be used via `window` or `global`. In particular,
`window.fetch` didn't work correctly because it wasn't patched by the
AbortController polyfill (only `global.fetch` was being patched).
The `jsdom-global` package we were using complicated matters by setting
all of the JSDOM `window` properties directly on `global`, overwriting
the `AbortController` for example.
The `helpers.js` test setup module has been simplified somewhat by
removing `jsdom-global` and constructing the JSDOM instance manually.
The JSDOM window is set on `window`, and a few properties are set on
`global` as well as needed by various dependencies. `node-fetch` and
the AbortController polyfill/patch now work as expected as well,
though `fetch` is only available on `window` now.
The Font Awesome font wasn't loaded correctly in the Storybook build.
Unlike our other fonts, Font Awesome is copied from `node_modules` at
build-time rather than being saved directly in `app/fonts`.
The `copy-webpack-plugin` plugin is now used in the Storybook webpack
build to copy the fonts explicitly from `node_modules` into the build
output directory. The font now seems to load correctly in Storybook.
The official npm package for Font Awesome Free is now used instead of
the vendored styles. Previously we had been using v4.4.0, now we're
using v5.13.0.
We're now importing the Font Awesome SCSS modules instead of using the
minified CSS bundle. This integrates more cleanly into our build
system, and it lets us use their mixins directly in the future if we
need to.
The variable `fa-font-path` has been set to reference our font
directory, as instructed here:
https://fontawesome.com/how-to-use/on-the-web/using-with/sass#compile
Various SVGs were being imported directly in components using Webpack
loaders. This was done to get these components to work correctly in
storybook, which uses Webpack. However we don't use Webpack for our
actual build system, so these components would fail when you attempted
to use them.
Instead the storybook script has been updated to use the `--static-dir`
flag, which allows specifying a directory of files to serve statically.
The `app` directory is served statically, so all of the relative URLs
we use in practice to reference fonts and images should just work.
The storybook build command has been updated to use the same flag.
Unfortunately this also means that the uncompiled background code is
now included in the build as well, because it's alongside our static
files. This shouldn't have any impact upon the build though.
The use of this `static-dir` option as made much of the existing
storybook Webpack configuration unnecessary, so it has been reduced to
just the essential steps.
The token list would be stuck on "Loading" when there was at least one
token, but the balance of all tokens was zero. This bug was only
present on `develop`, and has not affected any published version of the
extension.
This was introduced in #8223, which removed what at the time seemed to
be an unnecessary update step. It turns out that the step was required
as a workaround to this bug with the token tracker.
The bug was fixed in https://github.com/MetaMask/eth-token-tracker/pull/33
and published in v2.0.0 of `@metamask/eth-token-tracker`.
The `@storybook/addon-backgrounds' addon has been added, which allows
changing the component preview background. By default no background
colors are defined, though there is a helpful grid button. A "light"
and "dark" background option has been added globally. Additional
story-specific backgrounds or global backgrounds can be added later if
necessary.
This warning was resolved by updating `pubnub`, which is the dependency
that uses `superagent-proxy` which is causing this warning. The
resolution we added to address a security advisory is also no longer
required.
This was primarily done to make explicit that we're using v5.3.x. Our
manifest listed `^5.2.x` but we had already updated to `v5.3.9` in the
lockfile. v5.3.0 lays much of the groundwork for the planned v6.0
release, and includes many changes.
The changes between v5.3.9 and v5.3.14 include various bug fixes, none
of which affect us as far as I know.
Peer dependencies required by Storybook have also been added. These
were already in our dependencies indirectly either way.
Implement `eth_decrypt` and `eth_getEncryptionPublicKey`. This allows decryption backed by the user's private key. The message decryption uses a confirmation flow similar to the messaging signing flow, where the message to be decrypted is also able to be decrypted inline for the user to read directly before confirming.
* Use @metamask/eslint-config@1.1.0
* Use eslint-plugin-mocha@6.2.2
* Mark root ESLint config as root
* Update Mocha ESLint rules with shared ESLint config
These two functions differ slightly in options, but none of those
options are being used by us, so in these cases they're functionally
equivalent. They're even both descendants of the original `debounce`
function from `underscore`.
This was done to reduce the number of direct dependencies we have. It
should not affect bundle size, as we still depend upon the `debounce`
package transitively.
This was done to reduce the number of direct dependencies we have. It
should be functionally equivalent. The bundle size should not change,
as we use `clone` as a transitive dependency in a number of places.
* Use ref instead of findDOMNode in jazzicon component
The jazzicon component was using `findDOMNode` to get the DOM node for
the main div returned by the component, which is generally not
recommended. Instead a ref is now used.
* Update Jazzicon to v2
This version drops the dependency upon `raphael`, and no longer uses
the function `createSVGMatrix` which was causing unit tests to fail
(because it's not supported by jsdom).
Our JSDoc documentation has not been updated in a very long time, and
we don't use JSDoc in enough places for the docs to have been
especially useful. The tools and scripts used to generate and publish
these docs have been removed.
References to this documentation have also been removed from the
README.
Hopefully once the TypeScript migration has made substantial progress,
we can generate more useful documentation using something like TypeDoc.
Update accounts permission history on accountsChanged
Create PermissionsLogController
Fix permissions activity log pruning
Add selectors, background hooks for better UX
Make selected account the first account returned
Use enums for store keys in log controller
Add last selected address history to PreferencesController
* Update lodash
All versions of the full `lodash` package have been updated to 4.17.15.
The only exception is v4.17.14 which is pinned by `ganache-core`.
* Switch to using `lodash` instead of per-method packages
We have the full lodash package _ten times_ as a production transitive
dependency, so including per-method packages is not saving space (it
might instead result in slightly more space being used).
Unhandled rejections are now caught using built-in Node.js APIs instead
of with `bluebird`. `bluebird` was added as a production dependency but
was only used for this purpose. The code responsible for catching
unhandled rejection in the browser was removed, as this test helper is
never run in the browser.
Additionally, unhandled rejections are tracked over the course of all
tests, and result in a non-zero exit code if they remain at the end.
This was done because it is possible for errors to trigger the
`uncaughtRejection` event but then still be handled later on. This is
uncommon, and doesn't seem to happen in our test suite. But if it does
in the future, it'll be logged but won't result in a non-zero exit
code.
This patch update includes a bug fix for ES6 imports. The bug doesn't
affect our use of this module, but it ensures that we can safely
use the `dedupe` and `bind` APIs as ES6 imports if we decide to.
* Minimum changes to get storybook working
Undo path changes
* Add build:storybook scripts to package.json
* Add storybook deployer
* Add storybook:deploy to package.json
* Update circle ci config
* Update yarn.lock
* Remove addon-info
* Update yarn.lock file to reflect removing of addon-info
Co-authored-by: Dan J Miller <danjm.com@gmail.com>
`node-fetch` is a smaller and simpler project than `request-promise`,
and we already have it as a transitive dependency.
`request-promise` was also incorrectly listed as a production
dependency. `node-fetch` has been added as a `devDependency` to replace
it, as it was only used in one CI script.
The only web API that our usage of DetectRTC relied upon was
'enumerateDevices', which is supported and stable among all of our
supported browsers.
Note that the error handling here is a little... non-standard, and the
logic around how Firefox and Brave are handled should be justified, but
I've left the logic as-is for now to keep this PR small.
The WebRTC spec is fairly stable these days, particularly among the
browsers we support. We don't need this shim for anything. I'm guessing
it may have been added primarily with IE in mind.
A margin of error metric has been added, which is calculated from a 95%
confidence interval. This confidence interval is calculated using
Student's t-distribution, which is generally preferred for smaller
sample sizes (< ~30) of populations following a normal distribution.
The script `benchmark.js` will collect page load metrics from the
extension, and print them to a file or the console. A method for
collecting metrics was added to the web driver to help with this.
This script will calculate the min, max, average, and standard
deviation for four metrics: 'firstPaint', 'domContentLoaded', 'load',
and 'domInteractive'. The variation between samples is sometimes high,
with the results varying between samples if only 3 were taken. However,
all tests I've done locally with 5 samples have produced results within
one standard deviation of each other. The default number of samples has
been set to 10, which should be more than enough to produce consistent
results.
The benchmark can be run with the npm script `benchmark:chrome` or
`benchmark:firefox`, e.g. `yarn benchmark:chrome`.
The "blockies" style identicon is handled by a module that was copied
from MyEtherWallet and inlined. This has been removed, and replaced
with the upstream package it was originally derived from.
Update `selenium-webdriver` to v4.0.0-alpha.5. Despite the fact that
this version has "alpha" in the name, the maintainer of
`selenium-webdriver` has described this release as stable [1].
A few APIs were removed or changed in v4, which required changes to our
Firefox webdriver.
The port used for webdriver communication can now be specified
manually. This was required to ensure the threebox tests kept working,
because they used two different driver instances. This new version of
`selenium-webdriver` now uses the same port for each instance of the
webdriver (unlike the old version, which generated a new port for each
one), so it was necessary to manually specify the port to prevent the
same port from being used for both instances.
`chromedriver` required an update, as the version we were using was not
compatible with the new W3C WebDriver protocol. I've updated
`geckodriver` as well, just to bring it in line with the version of
Firefox we are using.
[1]: https://github.com/SeleniumHQ/selenium/issues/5617#issuecomment-373446249
* Remove unused onboarding stream
* Pass `sender` through to `setupProviderEngine`
The Port `sender` has been passed down a few more layers. This allows
us to get more information from the sender deeper in the stack, but
also simplifies things a bit as well. For example, now the "fake"
URL object with the `metamask` hostname is no longer needed.
* Create onboarding middleware
This middleware intercepts `wallet_registerOnboarding` RPC messages. It
will register the sender as an oboarding initiator if possible, and
otherwise ignores the message.
* Add lint:shellcheck:package
* Add double quote as per jq suggestion
* Use single quotes
* Ignore SC2016
* Use shellcheck script
* Set some flags
* Put shellcheck --version on new line
* Disable SC2016 (singe quotes is actually what we want here)
* Add network store for testing
An alternative persistent state store has been created for use with e2e
tests. Instead of reading state from disk, it tries to load state from
a local fixture server running on port `12345` and serving state from
the path `/state.json`, and returns a blank state otherwise.
* Add e2e test fixture server
A fixture server has been added for serving background state, which the
background will read upon startup as part of restoring persisted state.
The `signature-request` e2e test has been updated to use a fixture to
bypass the registration step. The fixture used (`imported-account`) was
generated by pausing midway through that test run
* Use arrow property initializer functions
* Use pure components where applicable
* Add UNSAFE_ prefix for deprecated lifecycle hooks
* Add allow UNSAFE_
* Removed unused "Component"
* Replace boron with 'fade-modal'
* Upgrade react/no-deprecated to an error
* Paste react-tooltip-component source directly
* Use arrow functions to bind `this`
* Add UNSAFE_ prefix
* Update react-redux, react-router-dom
* Remove things from inlined 'fade-modal'
* Adjust mountWithRouter to get unit tests passing again
* Remove domkit
* Add Wrapper to render-helpers
* Upgrade @storybook/addon-knobs
* add PermissionsController
remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata
add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales
Add external extension id to metadata (#7396)
update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages
* Login Per Site UI (#7368)
* LoginPerSite original UI changes to keep
* First commit
* Get necessary connected tab info for redirect and icon display for permissioned sites
* Fix up designs and add missing features
* Some lint fixes
* More lint fixes
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Code cleanup for LoginPerSite-ui
* Update e2e tests to use new connection flow
* Fix display of connect screen and app header after login when connect request present
* Update metamask-responsive-ui.spec for new item in accounts dropdown
* Fix approve container by replacing approvedOrigins with domainMetaData
* Adds test/e2e/permissions.spec.js
* Correctly handle cancellation of a permissions request
* Redirect to home after disconnecting all sites / cancelling all permissions
* Fix display of site icons in menu
* Fix height of permissions page container
* Remove unused locale messages
* Set default values for openExternalTabs and tabIdOrigins in account-menu.container
* More code cleanup for LoginPerSite-ui
* Use extensions api to close tab in permissions-connect
* Remove unnecessary change in domIsReady() in contentscript
* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.
* Adds getOriginOfCurrentTab selector
* Adds IconWithFallback component and substitutes for appropriate cases
* Add and utilize font mixins
* Remove unused method in disconnect-all.container.js
* Simplify buttonSizeLarge code in page-container-footer.component.js
* Add and utilize getAccountsWithLabels selector
* Remove console.log in ui/app/store/actions.js
* Change last connected time format to yyyy-M-d
* Fix css associated with IconWithFallback change
* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes
* Code cleanup for LoginPerSite-ui
* Use reusable function for modifying openNonMetamaskTabsIDs in background.js
* Enables automatic switching to connected account when connected domain is open
* Prevent exploit of tabIdOriginMap in background.js
* Remove unneeded code from contentscript.js
* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs
* Design and styling fixes for LoginPerSite-ui
* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts
* Front end changes to support display of lastConnected time in connected and permissions screens
* Fix lint errors
* Refactor structure of permissionsHistory
* Fix default values and object modifications for domain and permissionsHistory related data
* Fix connecting to new accounts from modal
* Replace retweet.svg with connect-white.svg
* Fix signature-request.spec
* Update metamask-inpage-provider version
* Fix permissions e2e tests
* Remove unneeded delay from test/e2e/signature-request.spec.js
* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec
* Use requestAccountTabIds strategy for determining tab id that opened a given window
* Improve default values for permissions requests
* Add some message descriptions to app/_locales/en/messages.json
* Code clean up in permission controller
* Stopped deep cloning object in mapObjectValues
* Bump metamask-inpage-provider version
* Add missing description in app/_locales/en/messages.json
* Return promises from queryTabs and switchToTab of extension.js
* Remove unused getAllPermissions function
* Use default props in icon-with-fallback.component.js
* Stop passing to permissions controller
* Delete no longer used clear-approved-origins modal code
* Remove duplicate imports in ui/app/components/app/index.scss
* Use URL instead of regex in getOriginFromUrl()
* Add runtime error checking to platform, promise based extension.tab methods
* Support permission requests from external extensions
* Improve font size and colour of the domain origin on the permission confirmation screen
* Add support for toggling permissions
* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions
* Remove unused code from LoginPerSite-ui branch
* Ensure modal closes on Enter press for new-account-modal.component.js
* Lint fix
* fixup! Login Per Site UI (#7368)
* Some code cleanup for LoginPerSite
* Adds UX for connecting to dapps via the connected sites screen (#7593)
* Adds UX for connecting to dapps via the connected sites screen
* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask
* Delete unused permissions controller methods
* Fixes two small bugs in the LoginPerSite ui (#7595)
* Restore `providerRequest` message translations (#7600)
This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.
* Login per site no sitemetadata fix (#7610)
* Support connected sites for which we have no site metadata.
* Change property containing subtitle info often populated by origin to a more accurate of purpose name
* Lint fix
* Improve disconnection modal messages (#7612)
* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages
* Update disconnectAccountModalDescription app/_locales/en/messages.json
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
* Improve disconnectAccount modal message clarity
* Adds cancel button to the account selection screen of the permissions request flow (#7613)
* Fix eth_accounts permission language & selectability (#7614)
* fix eth_accounts language & selectability
* fix MetaMask capitalization in all messages
* Close sidebar when opening connected sites (#7611)
The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.
It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.
I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.
* Reject permissions request upon tab close (#7618)
Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617
* Handle tab update failure (#7619)
`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.
* Login per site tab popup fixes (#7617)
* Handle redirect in response to state update in permissions-connect
* Ensure origin is available to permissions-connect subcomponents during redirect
* Hide app bar whenever on redirect route
* Improvements to handling of redirects in permissions-connect
* Ensure permission request id change handling only happens when page is not null
* Lint fix
* Decouple confirm transaction screen from the selected address (#7622)
* Avoid race condtion that could prevent contextual account switching (#7623)
There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.
The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.
* Only redirect back to dapp if current tab is active (#7621)
The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.
* Fix JSX style lint errors
* Remove unused state
* Add support for one-click onboarding
MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.
At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.
If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.
Closes#6161
* Add onboarding button to contract test dapp
The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.
* Add new static server for test dapp
The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.
Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.
* Add `@metamask/onboarding` and `@metamask/forwarder`
Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
* Add shellcheck lint script
* Add to build
* Add shellcheck lint to main lint task
* Put shellcheck in the right place, hopefully?
* Fix declared multiple executor types
* Add sudo
* Address shellcheck warnings
* Add test-lint-shellcheck
* Add test-lint-shellcheck to workflow
* Use correct lint task
* output version which could be helpful for debugging
* Address PR feedback
* consistency++
This is a major version update, but it appears that the reason for the
breaking change was that the dependency on `web3` was dropped in favour
of using two `web3` utility libraries instead. I could find no
indication of a breaking change to the API of `abi-decoder` itself.
Maker has upgraded its Dai token to "Multi-Collateral Dai" (MCD) and requires
all users interacting with Dai migrate their tokens to the new version. Dai
now exclusively refers to Multi-Collateral Dai and what was previouly called
Dai is now Sai (Single Collateral Dai).
In this description, Sai refers to what was (prior to the 2019-11-18) known as Dai.
Dai is the _new_ token.
This changeset:
1. Only affects users who had non-zero Sai at the old contract address
2. Displays a persistent notification for users with Sai
3. Updates the token symbol for users already tracking the Sai token
4. Bumps our direct and indirect eth-contract-metadata dependencies
The notification copy:
> A message from Maker: The new Multi-Collateral Dai token has been released. Your old tokens are now called Sai. Please upgrade your Sai tokens to the new Dai.
The copy is from the Maker team.
Most of the rules in the import plugin are only useful for projects
using purely ES6 imports. The `no-unresolved` rule works with mixed
CommonJS and ES6 though, so we at least benefit from that in the
meantime.
* ENS Reverse Resolution support
* Save punycode for ENS domains with Unicode characters
* Update SenderToRecipient recipientEns tooltip
* Use cached results when reverse-resolving ENS names
* Display ENS names in tx activity log
`ethereumjs-util` is now pinned at `5.1.0`, instead of at the commit
`ac5d0908536b447083ea422b435da27f26615de9`. That commit immediately
preceded v5.1.0, so there are no functional differences. This was
done mainly to remove our last GitHub/git dependency, and to make it
more obvious which version we're using.
Security advisory: https://www.npmjs.com/advisories/1184
This advisory was already addressed in #7289 but subsequent releases
have made this simpler resolution possible.
This simplifies the logic of signing and improves security:
- Private keys are never moved to the base controller.
- Hardware wallets are abstracted in the same way as local keys.
This also paves the way for allowing even more modular accounts,
provided by plugins:
https://github.com/MetaMask/metamask-plugin-beta/pull/63Fixes#7075.
Security advisory: https://www.npmjs.com/advisories/1184
The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.
* ci - install deps - limit install scripts to those needed for build
* Update .circleci/scripts/deps-install.sh
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
* ci - install deps - expand install scripts needed for tests
* ci - install deps - expand install scripts needed for integration tests
* ci - install deps - fix node-sass script ref
* github - set codeowners for scripts/deps-install
* development - add utility to show deps with install scripts
* lint fix
* deps - move read-installed to devDeps
* Optimize images only during production build
Image optimization is fairly slow (over a minute), and isn't necessary
for test or development builds. It is now only run as part of the
`build` gulp task, which is used during `gulp dist`.
* Remove unused gulp tasks
There were two high-level tasks and one style formatting task that
were not used by any npm scripts, so were probably unused generally.
The `dev` task was a duplcate of `dev:extension`. The `build:extension`
task was useful for just building the extension without performing
other steps required by the final production bundle, but it was
broken. It didn't correctly build the ui-libs and bg-libs required.
Instead of fixing it, it has been removed until the handling of those
separate library bundles is simplified.
The style formatting task seems like it could be useful, but I'm unsure
about keeping it around as opt-in, as in practice it'll just end up
being ignored. Moreover the library authors themselves are recommending
switching to `prettier`, so I think we're better off removing it for
now, then considering using `prettier` if we want to introduce
something like this again.
The stylelint dependency was added because it's a peer dependency of
gulp-stylelint that should have already been listed among our
dependencies. It hadn't caused a problem before because it happened to
be a transitive dependency of gulp-stylefmt, which is no longer needed
and has been removed.
* Add '--quiet' flag to verify locales script
The `--quiet` flag reduces the console output to just the essential
information for running in a CI environment. For each locale, it will
print the number of unused messages (if any).
* Add `verify-locales` script to lint CI job
The locales are now verified as part of the lint CI job. Any unused
messages detected will result in the job failing.
* Switch to using string literals for locale keys
Various message keys were being specified with a string template
instead of a string literal. They have been switched to use string
literals so that the script for detecting unused messages can find
them.
* Remove unused locale messages
A number of unused locale messages have been removed - probably
leftover from old UI elements that have since been removed.
The `verify_locale_strings` script has been augmented to search the UI
for string literals, and match those against the locale message keys in
the `en` locale. Any messages without a corresponding string literal
are assumed to be unused.
The script has also been updated with an optional `--fix` parameter,
which will automatically delete any unused messages from locales.
148 unused messages were found in this case, out of a total of about
650 messages. Another 70 messages are _potentially_ unused and require
further investigation, but weren't as easy to rule out because they
were found in string literals.
* Remove additional unused locale messages
The following messages were more difficult to rule out because they
were present as string literals in the UI. They do appear to be
unused as locale keys though.
* Adds threebox controller
* Adds threebox approval modal
* Fix unit tests and lint after addition of threebox
* Correct threebox behaviour after rejecting request for backup; fixes e2e tests.
* Update threebox controller for automatic syncing
* Ensure frontend locale updates when preferences are changed via direct update within controller
* Add toggle in settings for 3box syncing
* Update threebox controller for latest 3box version
* Delete unnecessary frontend changes for threebox integration
* Backing up address book contacts with threebox
* Update unit tests for 3box-integration additions
* Only enable threebox by default for new wallets
* Mock globals for correct unit tests
* 3box '1.10.2' -> '^1.10.2'
* Correct capilalization on 3Box
* Use log.debug instead of console.log in threebox controller
* Update yarn.lock
* Remove edge build
* Split 3box module into background deps js file
* extra bundle opts for bg-libs
* sync yarn.lock
* new3Box logic
* Show confirm threebox restore after import
* Remove bg-libs.js from manifest file for dev builds
* Switch 3Box controller to using the spaces api (instead of the profile api)
* Finalize switching to spaces api and only restoring from 3box after import
* Update metamask-controller-test.js for threebox controller changes
* Make threebox modal style consistent with others and update success button wording
* Use mock 3box when in test
* Correct 3box modal header
* Remove unnecessary property of threebox controller provider
* Remove unnecessary method calls after restoration from 3box in the threebox-restore-confirm modal.
* Replace setThreeBoxSyncingPermission calls in routes/index.js with turnThreeBoxSyncingOn
* Replace erroneous use of with
* Replace erroneous use of threeboxSyncing with threeBoxSyncingAllowed in advancted-tab directory
* Lint fixes for 3box changes
* Log errors encountered when updating 3Box
* Remove unnecessary parameter from state update
* Add timeout to initial 3Box sync
The initial 3Box sync will now timeout after 1 minute. If the timeout
is triggered, 3Box is disabled and cannot be re-enabled unless the
initial sync does finally finish. If it never finishes, 3Box cannot
be enabled unless the extension is reinstalled.
The Advanced Settings page was updated to show this option as disabled
in that circumstance, with a new discription explaining why it's
disabled. The UI here could certainly be improved.
Additionally, "on" and "off" labels were added to the toggle to match
the other toggles on the Advanced Settings page.
* Use non-minified 3Box module
We had previously used the minified 3Box module to avoid a build error
encountered when `envify` was processing the `libp2p` module (which is
used by 3Box). The build would fail because `esprima` (used by `envify`)
is incompatible with the object spread/rest operator (which is used in
`libp2p`).
That issue has been solved by adding a global Babelify transformation
specifically for transpiling out the object rest/spread operator from
dependencies. It has been targetted to only affect `libp2p` to avoid
extending the build time too much. This workaround can be used until
a new version of `esprima` is released that includes this bug fix.
* Use app key addresses for threebox
* Replace use of modal for confirming 3box restoration with a home notification
* Adds e2e tests for restoring from threebox
* Update eth-keyring-controller to 5.1.0
* Correct parameters passed to getAppKeyAddress in threebox.js
* Add prefix to origin passed to getAppKeyAddress in threebox.js
* Remove unused locale message.
* Prevent CORS errors in firefox e2e tests
* Ensure extraneous scripts are excluded from the local test dev build
* Move threeBoxLastUpdate state from home.component to redux
* Threebox PR code cleanup
* Always use first address when initializing threebox
* Replace setRestoredFromThreeBox api with setRestoredFromThreeBoxToFalse and setRestoredFromThreeBoxToTrue
* Update development/metamaskbot-build-announce.js to include ui-libs and bg-libs in hard coded bundle list
* Update test/e2e/threebox.spec.js to use new helpers added with pull #7144
* Make setFeatureFlag available on the ui window during testing
* Hide threebox feature behind a feature flag that can only be activated via dev console
* Remove unnecessary migration of threebox feature flag
* Prevent this.init() call in threebox constructor if feature flag is not turned on
* Prevent threebox notification from showing if feature flag is falsy
* http://localhost/8889 -> http://localhost/* in gulp manifest:testing tasks
* Replace `undefined` selectedAddress with `null`
The `runtime.Port.postMessage` API will drop keys with a value of
`undefined` on Chrome, but not on Firefox. This was a problem for the
`publicConfig` stream, which passed the key `selectedAddress` with the
value of `undefined` to communicate to dapps that the user had logged
out.
Instead a `null` is now passed for `selectedAddress` upon logout, which
is correctly sent by the `runtime.Port.postMessage` API on both Chrome
and Firefox.
closes#7101closes#7109
* Update `metamask-inpage-provider` to v3.0.0
The v3.0.0 update includes a change to the `accountsChanged` event. The
event will now emit an empty array instead of an array with `undefined`
or `null`.
The previous behavior was to emit `[undefined]`. The previous commit
would have changed that to `[null]` anyway, so we figured if we're
going to make a public-facing change to the event anyway we should
change it to be correct. `[undefined]` was never intended, and it
technically violates EIP-1193, which states that the `accountsChanged`
event should emit an array of strings.
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.
I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
* ci - create source-map-explorer build-artifacts
* ci - add source-map-explorer builds to metamaskbot comment
* lint fix
* ci - source-map-explorer - include all bundles
* Make chainId available in the metamask-inpage-provider
* Update metamask-inpage-provider to 2.1.0
* Add e2e tests for ethereum.on events
* Move chainId constants to lib/enums.js
* Don't use new chainId enums in createInfuraClient
* Fix app/scripts/lib/select-chain-id.js
* Create RTL stylesheets using `gulp-rtl`
* Handle RTL stylesheet special cases
Certain blocks of Sass were set to bypass "rtlcss" using ignore
comments. Certain icons had to be flipped 180 degrees.
* Switch stylesheets when locale changes
A second stylesheet has been added to each HTML page for use with
right-to-left locales. It is disabled by default. It is enabled on
startup if a RTL locale is set, and when switching to a RTL locale.
Similarly the LTR stylesheet is disabled when a RTL locale is used.
Unfortunately there is an unpleasant flash of unstyled content when
switching between a LTR and a RTL locale. There is also a slightly
longer page load time when using a RTL locale (<1s difference). We
couldn't think of an easy way to avoid these problems.
* Set `dir="auto"` as default on `TextFields`
Babel 7 moved to a new configuration format, and they've scoped all of
their packages under `@babel/`. This brings MetaMask in-line with
dependencies we use that _already_ use Babel 7, and it eliminates a
few unfortunate edge cases that can prevent dependencies from being
correctly transpiled.
* Implements ability to defer seed phrase backup to later
* Adds incremental-security.spec.js, including test dapp that sends signed tx with stand alone localhost provider
* Update metamask-responsive-ui for incremental account security changes
* Update backup-notification style and fix responsiveness of seed phrase screen
* Remove uneeded files from send-eth-with-private-key-test/
* Apply linguist flags in .gitattributes for send-eth-with-private-key-test/ethereumjs-tx.js
* Improve docs in controllers/onboarding.js
* Clean up metamask-extension/test/e2e/send-eth-with-private-key-test/index.html
* Remove unnecessary newlines in a couple first-time-flow/ files
* Fix import of backup-notification in home.component
* Fix git attrs file
* Style Send Header
* Move Send to-row to send view and restyle
* Add "Recents" group to select recipient view
* Rename SendToRow to AddRecipient
* Basic UI and Layout
* New ENSInput component
* wip - fuzzy search for input
* small refactor
* Add Dialog
* contact list initial
* initial error on invalid address
* clean up edit
* Click to open modal
* Create AddToAddressBookModal component
* Modal styling and layout
* modal i18n
* Add to Addressbook
* ens wip
* ens wip
* ENS Resolution
* Reset input
* Send to explicit address
* Happy Path Complete
* Add back error checking
* Reset send-to when emptying input
* Add back warning object
* Fix linter
* Fix unit test #1 - fix import paths
* Remove dead tests
* One more to go
* Fix all unit tests
* add unit test for reducers and actions
* test rendering AddRecipient
* Add tests for dialog boxes in AddRecipient
* Add test for validating
* Fix linter
* Fix e2e tests
* Token send e2e fix
* Style View Contact
* Style edit-contact
* Fix e2e
* Fix from-import-beta-ui e2e spec
* Make section header say "add recipient” by default
* Auto-focus add recipient input
* Update placeholder text
* Update input title font size
* Auto advance to next step if user paste a valid address
* Ellipsify address when recipient is selected
* Fix app header background color on desktop
* Give each form row a margin of 16px
* Use .container/.component naming pattern for ens-input
* Auto-focus on input when add to addressbook modal is opened; Save on Enter
* Fix and add unit test
* Fix selectors name in e2e tests
* Correct e2e test token amount for address-book-send changes
* Adds e2e test for editing a transaction
* Delete test/integration/lib/send-new-ui.js
* Add tests for amount max button and high value error on send screen to test/e2e/metamask-ui.spec.js
* lint and revert to address as object keys
* add chainId based on current network to address book entry
* fix test
* only display contacts for the current network
* Improve ENS message when not found on current network
* Add error to indicate when network does not support ENS
* bump gaba
* address book, resolve comments
* Move contact-list to its own component
* De-duplicate getaddressbook selector and refactor name selection logic in contact-list-tab/
* Use contact-list component in contact-list-tab.component (i.e. in settings)
* Improve/fix settings headers for popup and browser views
* Lint fixes related to address book updates
* Add 'My accounts' page to settings address book
* Update add new contact button in settings to match floating circular design
* Improve styles of view contact page
* Improve styles and labels of the add-contact.component
* Further lint fixes related to address book updates
* Update unit tests as per address book updates
* Ensure that contact list groups are sorted alphabetically
* Refactor settings component to use a container for connection to redux; allow display of addressbook name in settings header
* Decouple ens-input.component from send context
* Add ens resolution to add contact screen in settings
* Switching networks when an ens address is shown on send form removes the ens address.
* Resolve send screen search for ensAddress to matching address book entry if it exists
* Show resolved ens icon and address if exists (settings: add-contact.component)
* Make the displayed and copied address in view-contact.component the checksummed address
* Default alias state prop in AddToAddressBookModal to empty string
* Use keyCode to detect enter key in AddToAddressBookModal
* Ensure add-contact component properly updates after QR code detection
* Fix display of all recents after clicking 'Load More' in contact list
* Fix send screen contact searching after network switching
* Code cleanup related to address book changes
* Update unit tests for address book changes
* Update ENS name not found on network message
* Add ens registration error message
* Cancel on edit mode takes user back to view screen
* Adds support for memo to settings contact list view and edit screens
* Modify designs of edit and view contact in popup environment
* Update settings content list UX to show split columns in fullscreen and proper internal navigation
* Correct background address book API usages in UI
As a solution to the constant lockfile churn issues we've had with
`npm`, the project now uses `yarn` to manage dependencies.
The `package-lock.json` file has been replaced with `yarn.lock`, which
was created using `yarn import`. It should approximate the contents of
`package-lock.json` fairly well, though there may be some changes due to
deduplication. The codeowners file has been updated to reference this
new lockfile.
All documentation and npm scripts have been updated to reference `yarn`
rather than `npm`. Note that running scripts using `npm run` still works
fine, but it seemed better to switch those to `yarn` as well to avoid
confusion.
The `npm-audit` Bash script has been replaced with `yarn-audit`. The
output of `yarn audit` is a bit different than `npm audit` in that it
returns a bitmask to describe which severity issues were found. This
made it simpler to check the results directly from the Bash script, so
the associated `npm-audit-check.js` script was no longer required. The
output should be exactly the same, and the information is still sourced
from the same place (the npm registry).
The new `yarn-audit` script does have an external dependency: `jq`.
However, `jq` is already assumed to be present by another CI script, and
is present on all CI images we use. `jq` was not added to `package.json`
as a dependency because there is no official package on the npm
registry, just wrapper scripts. We don't need it anywhere exept on CI
anyway.
The section in `CONTRIBUTING` about how to develop inside the
`node_modules` folder was removed, as the advice was a bit dated, and
wasn't specific to this project anyway.
The CSS is now served as an external file instead of being injected.
This was done to improve performance. Ideally we would come to a middle
ground between this and the former behaviour by injecting only the CSS
that was required for the initial page load, then lazily loading the
rest. However that change would be more complex. The hope was that
making all CSS external would at least be a slight improvement.
Performance metrics were collected before and after this change to
determine whether this change actually helped. The metrics collected
were the timing events provided by Chrome DevTools:
* DOM Content Loaded (DCL) [1]
* Load (L) [2]
* First Paint (FP) [3]
* First Contentful Paint (FCP) [3]
* First Meaningful Paint (FMP) [3]
Here are the results (units in milliseconds):
Injected CSS:
| Run | DCL | L | FP | FCP | FMP |
| :--- | ---: | ---: | ---: | ---: | ---: |
| 1 | 1569.45 | 1570.97 | 1700.36 | 1700.36 | 1700.36 |
| 2 | 1517.37 | 1518.84 | 1630.98 | 1630.98 | 1630.98 |
| 3 | 1603.71 | 1605.31 | 1712.56 | 1712.56 | 1712.56 |
| 4 | 1522.15 | 1523.72 | 1629.3 | 1629.3 | 1629.3 |
| **Min** | 1517.37 | 1518.84 | 1629.3 | 1629.3 | 1629.3 |
| **Max** | 1603.71 | 1605.31 | 1712.56 | 1712.56 | 1712.56 |
| **Mean** | 1553.17 | 1554.71 | 1668.3 | 1668.3 | 1668.3 |
| **Std. dev.** | 33.41 | 33.43 | 38.16 | 38.16 | 38.16 |
External CSS:
| Run | DCL | L | FP | FCP | FMP |
| :--- | ---: | ---: | ---: | ---: | ---: |
| 1 | 1595.4 | 1598.91 | 284.97 | 1712.86 | 1712.86 |
| 2 | 1537.55 | 1538.99 | 199.38 | 1633.5 | 1633.5 |
| 3 | 1571.28 | 1572.74 | 268.65 | 1677.03 | 1677.03 |
| 4 | 1510.98 | 1512.33 | 206.72 | 1607.03 | 1607.03 |
| **Min** | 1510.98 | 1512.33 | 199.38 | 1607.03 | 1607.03 |
| **Max** | 1595.4 | 1598.91 | 284.97 | 1712.86 | 1712.86 |
| **Mean** | 1553.8025 | 1555.7425 | 239.93 | 1657.605 | 1657.605 |
| **Std. dev.** | 29.5375 | 30.0825 | 36.88 | 37.34 | 37.34 |
Unfortunately, using an external CSS file made no discernible improvement
to the overall page load time. DCM and L were practically identical, and
FCP and FMP were marginally better (well within error margins).
However, the first paint time was _dramatically_ improved. This change
seems worthwhile for the first paint time improvement alone. It also
allows us to delete some code and remove a dependency.
The old `css.js` module included two third-party CSS files as well, so
those have been imported into the main Sass file. This was easier than
bundling them in the gulpfile.
The resulting CSS bundle needs to be served from the root because we're
using a few `@include` rules that make this assumption. We could move
this under `/css/` if desired, but we'd need to update each of these
`@include` rules.
Relates to #6646
[1]: https://developer.mozilla.org/en-US/docs/Web/Events/DOMContentLoaded
[2]: https://developer.mozilla.org/en-US/docs/Web/Events/load
[3]: https://developers.google.com/web/fundamentals/performance/user-centric-performance-metrics
The Babel config had previously supported all browsers with greater than
0.25% global usage (according to `browserlist`). This resulted in
`babel-preset-env` including plugins sufficient to support the following
minimum browser versions:
```
{
"chrome": "49",
"android": "4.4",
"edge": "16",
"firefox": "52",
"ios": "9.3",
"safari": "11"
}
```
Instead, the babel config now explicitly supports chrome >= 58 and
firefox >= 53. Chrome and Firefox are the only browsers we currently
publish to, and these were the minimum versions with no additional Babel
transformations.
The minimum browser versions we support should be re-evaluated later,
when we have added tests and documentation.
The plugin 'transform-async-to-generator' has also been removed. It was
used to translate async/await, but our browser targets all support
async/await.
Removing some of these transformations exposed bugs in `uglify-es` that
only presented themselves in the production build. `gulp-uglify-es` has
been updated to a version that uses `terser` instead of `uglify-es`,
which has resolved these issues.
Relates to #6805
The Drizzle tests have not been used for some time. They were used to
ensure compatibility with newer versions of `web3` v1. If we want to
re-add tests to ensure compatibility with newer `web3` versions, we
should find some way of doing that more reliably than was done here -
these tests were somewhat flaky and unreliable.
We've been using the `eslint-plugin-json` plugin for some time, but we
haven't been visiting `.json` files in the lint script. The lint script
has now been updated to incude `.json` files, which means any invalid
JSON will result in a lint error.
Unfortunately this JSON plugin doesn't seem to apply the other eslint
rules (such as `key-spacing`) to the JSON files. I wasn't able to find a
way to get that to work. Instead I manually auto-formatted each of the
locale `message.json` files, which fixed many whitespace
inconsistencies.
The `states.json` file was deleted completely, as it appears to be
unused. It wasn't a valid JSON file anyway, it was JavaScript. It looks
like a `states.js` file is automatically generated, but an old copy was
accidentally saved as `states.json` and included in the repo.
Many duplicate key errors were found and fixed in the
`development/states/` JSON files.
`package-lock.json` was added to `.eslintignore` because it was very
slow to lint, and linting it doesn't provide much value.
We had forgotten to add `eslint` as a dependency, even though we use it
directly. It had always worked because we have dependencies that also
depend upon it.
`eslint` has also been updated to v6, which necessitated two minor
changes.
The AppVeyor configuration appears to be unused - this project is not
connected to AppVeyor.
After deleting the AppVeyor config, the JSDoc config was the last thing
in the `development/tools` directory. That felt a little silly, so I
moved it up to `development`.
* Add React and Redux DevTools
* Conditionally load react-devtools
* Add start:dev npm script to run the app with devtools
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
This package is deprecated, and is incompatible with React v16. It has
been replaced by `react-test-renderer`, which has a drop-in replacement
for `react-addons-css-transition-group`.
Strangely, `react-test-renderer` was already listed as a dependency
despite not being used. I had to downgrade it, as the version already
listed was for React v16, and we're still using React v15.
The `stage-0` Babel preset has been replaced with the specific Babel
plugins that we depend upon. We don't use most of `stage-0`, so this
allowed us to remove many unnecessary transformations. We had to remove
this preset soon anyway, because all of the stage presets are
deprecated in Babel 7.
The `stage-0` preset consisted of these plugins:
```
"transform-do-expressions"
"transform-function-bind"
"transform-class-constructor-call"
"transform-export-extensions"
"transform-class-properties"
"transform-decorators"
"syntax-dynamic-import"
"syntax-trailing-function-commas"
"transform-async-generator-functions"
"transform-async-to-generator"
"transform-exponentiation-operator"
"transform-object-rest-spread"
```
Of that list, only 'transform-class-properties', 'transform-object-
rest-spread', and 'transform-async-to-generator' were being used.
The `disc` gulp command no longer works. I wasn't able to fix this
easily, so instead it has been removed. We can probably find something
better to replace it with.
The integration tests are slow, and rather inconvenient to run in
development on a regular basis (they break if you move the mouse). They
have been removed from the `test` script, to make running `test`
frequently during development less painful.
This silences a warning message that was printed to the console whenever
this module was loaded during tests.
The API changes between these two versions were reviewed carefully for
differences. The only difference made was to `PBKDF2_HMAC_SHA256.bytes`,
which was replaced by `Pbkdf2HmacSha256`.
The length argument no longer has a default value, so it has been set
to match what the default value was in the previous version we used,
which is 32 (the SHA256 hash size).
The flat tests also rely upon these transformations, yet invoke
browserify from the command line rather than using the gulpfile. The
transformations have been specified on the command line for those
instead.
Of course it's not ideal to have the same transformations listed in two
different places, but the plan is to delete the flat tests soon anyway,
so this should suffice until then.
Closes#4538
The source maps generated previously were mapping the bundled files to
the post-Babel files - they weren't showing mapping to the source files
as written.
It looks like this was a result of `reactify` being used in addition to
babel - that transformation must have dropped the source maps.
`reactify` still needs to be listed as a dependency because it is
an unlisted requirement of the `boron` package, which we use. We don't
need to use it to create our bundles though, as Babel already performs
the transformations we need.
The `watch` npm script did not work - it must have gone unused for some
time. The following changes were required for it to work:
* Use the `--watch` flag, rather than the `watch` command (which appears
to not exist)
* Set the `METAMASK_ENV` environment variable to "test"
* Include the tests in the `ui` directory
* require the `test/setup.js` file before running the tests
The reporter was also changed to `min`, which is generally recommended
for use with the `--watch` flag.
