1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-11 20:27:12 +01:00
Commit Graph

94 Commits

Author SHA1 Message Date
Erik Marks
d4c71b8683
Add per-build type LavaMoat policies (#12702)
This PR adds one LavaMoat background script policy or each build type. It also renames the build system policy directory from `node` to `build-system` to make its purpose more clear. Each build type has the original `policy-override.json` for `main` builds. The `.prettierignore` file has been updated to match the locations of the new auto-generated policy files.

We need to maintain separate policies for each build type because each type will produce different bundles with different internal and external modules.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-11-15 14:23:46 -08:00
Mark Stacey
faebdd0ccd
Add platform-specific build type manifest modifications (#12638)
The build system now supports platform-specific modifications to the
manifest for each build type. The need to customize the `id` on Firefox
motivated this change.

To support this, a new directory was made in each build type directory
for manifest changes. The images currently in this directory were moved
into an `images` subdirectory.

This new `manifest` directory can include each manifest file currently
in `app/manifest`. The `_base.json` file is assumed to exist, but the
platform manifest modifications are optional.
2021-11-10 19:33:59 -03:30
kumavis
a4053b6b88
Lavamoat - enable lavamoat for the webapp background (#12566)
* lavamoat - update policy for current repo state

* lavamoat - enable for webapp background

* lavamoat - update policy for current repo state
2021-11-10 09:33:19 -10:00
Jyoti Puri
3dfc1cc5f6
Edit transaction screen changes for EIP-1559 V2 (#12493)
Edit transaction screen changes for EIP-1559 V2
2021-11-05 22:53:15 +05:30
Erik Marks
5560b7c3e5
Update build system lockdown parameter (#12556)
* Update build system lockdown parameter

* Add @reduxjs/toolkit patch

* Fix Mozilla lint syntax error

* Standardize a thing

* Remove redundant check for globalThis
2021-11-01 22:13:22 -10:00
Erik Marks
a2d3d942ec
Exclude files from builds by build type (#12521)
This PR enables the exclusion of JavaScript and JSON source by `buildType`, and enables the running of `eslint` under LavaMoat. 80-90% of the changes in this PR are `.patch` files and LavaMoat policy additions.

The file exclusion is designed to work in conjunction with our code fencing. If you forget to fence an import statement of an excluded file, the application will now error on boot. **This PR commits us to a particular naming convention for files intended only for certain builds.** Continue reading for details.

### Code Fencing and ESLint

When a file is modified by the code fencing transform, we run ESLint on it to ensure that we fail early for syntax-related issues. This PR adds the first code fences that will be actually be removed in production builds. As a consequence, this was also the first time we attempted to run ESLint under LavaMoat. Making that work required a lot of manual labor because of ESLint's use of dynamic imports, but the manual changes necessary were ultimately quite minor.

### File Exclusion

For all builds, any file in `app/`, `shared/` or `ui/` in a sub-directory matching `**/${otherBuildType}/**` (where `otherBuildType` is any build type except `main`) will be added to the list of excluded files, regardless of its file extension. For example, if we want to add one or more pages to the UI settings in Flask, we'd create the folder `ui/pages/settings/flask`, add any necessary files or sub-folders there, and fence the import statements for anything in that folder. If we wanted the same thing for Beta, we would name the directory `ui/pages/settings/beta`.

As it happens, we already organize some of our source files in this way, namely the logo JSON for Beta and Flask builds. See `ui/helpers/utils/build-types.js` to see how this works in practice.

Because the list of ignored filed is only passed to `browserify.exclude()`, any files not bundled by `browserify` will be ignored. For our purposes, this is mostly relevant for `.scss`. Since we don't have anything like code fencing for SCSS, we'll have to consider how to handle our styles separately.
2021-11-01 20:20:31 -07:00
Erik Marks
2e8752183f
Fix off-by-one error in code fence transform (#12540)
The code fence transform was including contents after the final END directive twice. That was not covered by the tests, because none of the examples contained any content after the final END directive, and concatenating the empty string twice does not produce an observable difference in the test results.

This bug was due to an off-by-one error in the loop of the multiSplice function. The error has been fixed, and more test cases have been added.
2021-10-29 16:45:27 -07:00
Mark Stacey
90e55a445e
Add static files for the Flask build (#12518)
Static files have been added for the Flask build. This includes logos
of each size and variety that we use, and it includes the 3D model JSON
file.

Closes #12427
2021-10-28 23:05:58 -02:30
ryanml
05a80ebeba
Adding collectibles feature flag, default NFT tab (#12463)
* Adding COLLECTIBLES_V1 feature flag

* Adding NFT's tab to home screen, default CollectiblesList view

* Handling null children in Tabs component
2021-10-27 09:55:14 -07:00
Mark Stacey
8e5acee421
Fix production builds (#12488)
The production build was accidentally broken in #12440 because of a
merge conflict with a #12441 that wasn't initially noticed. The
conflict was the renaming of the `BuildTypes` variable to `BuildType`.

This variable is used to check the current build type, but only for
production builds. `BuildTypes` is `undefined`, so this would result in
a crash when that enum was used.
2021-10-27 13:20:55 -02:30
Mark Stacey
17e3ed9437
Add secrets for beta and Flask builds (#12440)
The build script has been updated to embed the correct Infura project
ID and Segment write key for beta and Flask builds. These are set via
environment variable or config file. They have already been added in CI
as environment variables.

The Segment production write key has also been moved into the set of
environment variables that can be set in the configuration file. This
was to make the way we reference it more consistent.

The new project IDs and keys are only used in the "production"
environment, which right now is the merge step into the `master`
branch. This is appropriate for Flask, but it doesn't match our plan
for how the beta release would get created. In a future PR, when the
beta release automation work is completed, the conditions for when
the beta secrets are used should be updated to ensure they're used only
for the beta builds.

Closes #11896
2021-10-26 15:02:20 -02:30
Mark Stacey
4338454e1d
Fix builds from forks (#12485)
Recently validation was added for our build configuration as part of
the PR #12438. This had the unintended consequence of making all builds
from forks fail because they don't get secrets injected. Specifically
it was the missing `INFURA_PROJECT_ID` that made the builds fail.

The Infura project ID is no longer required for building. In practice
it's still required for doing anything with a build but running e2e
tests, but that's all we need to do in CI anyway.
2021-10-26 10:41:39 -02:30
Mark Stacey
345ed9f6f2
Add build type to Sentry environment (#12441)
The build type (i.e. the distribution) is now included in the Sentry
environment during setup, for all builds except the "main" build. This
will allow us to track Flask and beta errors separately from other
errors.

A constant was created for the build types. The equivalent constant in
our build scripts was updated to match it more closely, for
consistency. We can't use the same constant in both places because our
shared constants are in modules that use ES6 exports, and our build
script does not yet support ES6 exports.

The singular `BuildType` was used rather than `BuildTypes` to match our
naming conventions elsewhere for enums. We name them like classes or
types, rather than like a collection.

Relates to #11896
2021-10-25 14:27:30 -02:30
Mark Stacey
8c3a22f994
Use separate Infura project ID for production (#12438)
We now use two separate Infura project IDs for production builds, and
for all other builds. Previously all CI builds used the production
Infura project ID. Separating them will make our Infura dashboard
metrics more representative of real production usage.

The new environment variable for production has been setup in CI
already, but the old environment variable will remain set to the
production project ID until this commit is included in a release.
We can't switch the old environment variable out until we're confident
that it won't get used for a production build.

We now use constants for the various different build environments. This
was done to improve the JSDoc types of the `getInfuraProjectId` helper
method.

The `getConfigValue` function was added to make it easier to validate
that required config values are set. This should ensure builds fail
early with an informative error message when they are missing the
necessary configuration.
2021-10-25 13:04:02 -02:30
Mark Stacey
3068324ae0
Remove unused SEGMENT_LEGACY_WRITE_KEY (#12429)
This key has not been used since #10915, which is where we stopped
using the legacy Segment key.
2021-10-22 10:34:37 -02:30
David Walsh
77f8ec4d3a
Fix 12265 - Update onboarding welcome screen (#12275) 2021-10-13 09:22:51 -05:00
Mark Stacey
3a5538bd50
Migrate beta version to the main version field (#12246)
The main `version` field in `package.json` will now include the beta
version (if present) rather than it being passed in via the CLI when
building. The `version` field is now a fully SemVer-compatible version,
with the added restriction that any prerelease portion of the version
must match the format `<build type>.<build version>`.

This brings the build in-line with the future release process we will
be using for the beta version. The plan is for each future release to
enter a "beta phase" where the version would get updated to reflect
that it's a beta, and we would increment this beta version over time as
we update the beta. The manifest gives us a place to store this beta
version. It was also important to replace the automatic minor bump
logic that was being used previously, because the version in beta might
not be a minor bump.

Additionally, the filename logic used for beta builds was updated to
be generic across all build types rather than beta-specific. This will
be useful for Flask builds in the future.
2021-10-06 15:14:48 -02:30
kumavis
cb174ff8e6
Lavamoat build system integration for WebApp (#12242)
* lavamoat - add lavamoat to webapp background

* test:e2e - add delay to resolve failure

* test:e2e - add delay to resolve failure

* build - add a switch for applying lavamoat, currently off for all

* test/e2e - remove delays added for lavamoat

* Revert "test/e2e - remove delays added for lavamoat"

This reverts commit 79c3479f15c072ed362ba1d4f1af41ea11a17d63.
2021-10-05 12:06:31 -10:00
kumavis
f9ea9e4b43
lockdown - breakout making globalThis properties non-writable (#12258)
* lockdown - breakout making globalThis properties non-writable into lockdown-more.js

* Update app/scripts/lockdown-more.js

Co-authored-by: David Walsh <davidwalsh83@gmail.com>

* Update app/scripts/lockdown-more.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-10-01 08:53:12 -10:00
Alex Donesky
9355fb21c7
Establish onboarding-flow wrapper/router base and feature flag env variable (#12247)
* establish onboarding-flow wrapper/router base and feature flag env variable

* small cleanup

* addressing feedback
2021-09-30 16:34:11 -05:00
Mark Stacey
4c38d12c5f
Fix assets for beta dev build (#12233)
The MetaMask logo used for beta development builds was wrong. The lock
screen (and any other place using the `@metamask/logo` logo) showed the
correct logo, but all of our static assets used the "regular" logo.

Now the beta logo should be used everywhere for beta development
builds.
2021-09-28 19:15:00 -02:30
Mark Stacey
3f577700c6
Replace isBeta with buildType (#12231)
This is a refactor to replace the `isBeta` boolean with `buildType`
throughout the build system. This will allow us to modify the behaviour
of each step of the build process for Flask as well.

This should result in no functional changes.
2021-09-28 13:43:26 -02:30
Erik Marks
2b104603d5
Build: Lint files after removing their code fences (#12075)
* Add linting

* Type the eslintInstance variable

* Update documentation
2021-09-15 17:18:28 -10:00
Erik Marks
3de3765425
Add build-time code exclusion using code fencing (#12060)
This PR adds build-time code exclusion by means of code fencing. For details, please see the README in `./development/build/transforms`. Note that linting of transformed files as a form of validation is added in a follow-up, #12075.

Hopefully exhaustive tests are added to ensure that the transform works according to its specification. Since these tests are Node-only, they required their own Jest config. The recommended way to work with multiple Jest configs is using the `projects` field in the Jest config, however [that feature breaks coverage collection](https://github.com/facebook/jest/issues/9628). That being the case, I had to set up two separate Jest configs. In order to get both test suites to run in parallel, Jest is now invoked via a script, `./test/run-jest.sh`.

By way of example, this build system feature allows us to add fences like this:

```javascript
this.store.updateStructure({
  ...,
  GasFeeController: this.gasFeeController,
  TokenListController: this.tokenListController,
  ///: BEGIN:ONLY_INCLUDE_IN(beta)
  PluginController: this.pluginController,
  ///: END:ONLY_INCLUDE_IN
});
```

Which at build time are transformed to the following if the build type is not `beta`:

```javascript
this.store.updateStructure({
  ...,
  GasFeeController: this.gasFeeController,
  TokenListController: this.tokenListController,
});
```

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-09-14 10:00:04 -07:00
Erik Marks
413700afc7
Rationalize build system arguments (#12047)
This rationalizes how arguments are passed to and parsed by the build system. To accomplish this, everything that isn't an environment variable from `.metamaskrc` or our CI environment is now passed as an argument on the command line.

Of such arguments, the `entryTask` is still expected as a positional argument in the first position (i.e. `process.argv[2]`), but everything else must be passed as a named argument. We use `minimist` to parse the arguments, and set defaults to preserve existing behavior.

Arguments are parsed in a new function, `parseArgv`, in `development/build/index.js`. They are assigned to environment variables where convenient, and otherwise returned from `parseArgv` to be passed to other functions invoked in the same file.

This change is motivated by our previous inconsistent handling of arguments to the build system, which will grow increasingly problematic as the build system grows in complexity. (Which it will very shortly, as we introduce Flask builds.)

Miscellaneous changes:
- Adds a build system readme at `development/build/README.md`
- Removes the `beta` package script. Now, we can instead call: `yarn dist --build-type beta`
- Fixes the casing of some log messages and reorders some parameters in the build system
2021-09-09 12:44:57 -07:00
David Walsh
7b827ca5e7
Create MetaMask Beta build (#10985) 2021-09-08 15:08:23 -05:00
Daniel
93cdd3c159
Use Swaps dev APIs based on an env variable (#11924) 2021-09-08 19:26:37 +02:00
ryanml
4b4303c108
Using a normal bundle instead of a factored bundle for phishing-detect (build sys) (#11972) 2021-08-30 17:58:50 -10:00
Erik Marks
290fcbf89e
Allow excluding lockdown at build time (#11937)
This adds an `--omit-lockdown` flag to our build script, which will cause SES `lockdown` to be omitted from the resulting bundle. Useful for development when we don't want the environment to be locked down.

Thanks to @kumavis for the suggestion.
2021-08-30 16:49:39 -07:00
Erik Marks
1175b4bfa7
Make all named intrinsics non-modifiable (#11953)
This PR makes ~all named intrinsics in all of our JavaScript processes non-modifiable. A named intrinsic is any property specified by the ECMAScript specification that exists on `globalThis` when the JavaScript process starts. We say that a property is non-modifiable if it is non-configurable and non-writable. We make exceptions for properties that meet any of the following criteria:

1. Properties that are non-configurable by the time `lockdown-run.js` is executed are not modified, because they can't be.
2. Properties that have accessor properties (`get` or `set`) are made non-configurable, but their writability cannot be modified, and is therefore left unchanged. It's unclear how many of the named intrinsics this applies to, if any, but it's good defensive programming, regardless.
2021-08-30 14:30:48 -07:00
ryanml
659da36243
Adding trezor script/html to standardSubtask (build system) (#11874) 2021-08-18 04:26:44 -07:00
Mark Stacey
1f4d26d982
Fix Sentry release configuration (#11813)
The Sentry `release` was not being configured correctly. It was being
left blank. This is because the location of the extension version was
moved in #11029. The build script was correctly updated in that PR, but
that work was accidentally undone in a merge error that was included
in #11080.
2021-08-11 14:43:02 -02:30
Alex Donesky
8a42258e10
Remove the SHOW_EIP_1559_UI environment variable, replace with network detection where appropriate (#11694)
Fixing up tests and add back old custom gas modal for non-eip1559 compliant networks

Remove unnecessary props from send-gas-row.component

fix breaking test

Fix primary and secondary title overrides

fix rebase issue

Fix rebase conflict

Co-authored-by: David Walsh <davidwalsh83@gmail.com>
2021-07-30 22:59:21 -02:30
kumavis
284c03879e
build - log the bundle completion (#11555) 2021-07-20 09:23:39 -07:00
kumavis
9f4820ee98
Build - refactor for bundle factoring and swappable runtime (#11080)
* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* Updating lockfile

* lint fix

* build/dev - patch watchifys incompatible binary stats output

* ui - add comment about conditional import

* build - improve comment

* Update development/stream-flat-map.js

Co-authored-by: Brad Decker <git@braddecker.dev>

* Outputting all bundle file links (metamaskbot)

Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
2021-07-15 10:59:34 -07:00
Etienne Dusseault
b9cf309404
don't run subprocesses in lavamoat if main process not run in lavamoat (#11417) 2021-06-30 12:37:03 +08:00
David Walsh
d68f8f27c6
Implements the new EIP1559 UI components (#11384) 2021-06-28 09:45:08 -05:00
David Walsh
6fa36cdf51
Provide New UI Components for EIP-1559 Designs (#11357) 2021-06-23 18:39:44 -05:00
Brad Decker
c30cb7d33a
Refactor send page state management (#10965) 2021-06-23 16:35:25 -05:00
Dan J Miller
be244f4908
Fix chromereload while on development (#11359) 2021-06-22 15:02:54 -02:30
Mark Stacey
37dc19a352
Migrate Sentry settings to environment variables (#11085)
Sentry is now configured with environment variables, rather than with
hard-coded values. This makes it easier to test Sentry functionality
using a different Sentry account, as we did recently during QA of
v9.5.1.

The only change for the normal build process is the introduction of the
`SENTRY_DSN_DEV` variable, which can be set via `.metamaskrc` or via an
environment variable. This determines where error reports are sent. It
still defaults to our team Sentry account's `metamask-testing` project.

The `sentry:publish` script now requires SENTRY_ORG and SENTRY_PROJECT
to be set in order to publish release artifacts. The CircleCI
configuration has been updated with these values, so it should act the
same as it did before. Previously we had used a CLI flag to specify the
organization and project, but Sentry already natively supports these
environment variables [1].

[1]: https://docs.sentry.io/product/cli/configuration/#configuration-values
2021-05-18 13:56:22 -02:30
Mark Stacey
36869a4350
Migrate version from _base manifest to package.json (#11029)
The version field is now stored in the main `package.json` file rather
than in the base manifest. It is built into the final manifest during
the build script.

This makes it easier to communicate what the current version should be
to our `auto-changelog` script. It's also generally a more conventional
place to keep track of the version, even considering that we're not
publishing to npm.
2021-05-10 14:16:03 -07:00
Brad Decker
09d81ac5f2
remove the ui/app and ui/lib folders (#10911) 2021-04-28 14:53:59 -05:00
Brad Decker
f5c89843b1
remove node-sass dependency (#10797) 2021-04-02 11:57:05 -02:30
Mark Stacey
b124ac29fc
Improve detection of task process exit (#10776)
Our build script waits for the `close` event to determine whether the
task has exited. The `exit` event is a better representation of this,
because if a stream is shared between multiple processes, the process
may exit without the `close` event being emitted.

We aren't sharing streams between processes, so this edge case doesn't
apply to us. This just seemed like a more suitable event to listen to,
since we care about the process exiting not the stream ending.

See this description of the `close` event from the Node.js
documentation [1]:

>The `'close'` event is emitted when the stdio streams of a child
>process have been closed. This is distinct from the `'exit'` event,
>since multiple processes might share the same stdio streams.

And see this description of the `exit` event:

>The `'exit'` event is emitted after the child process ends.

[1]: https://nodejs.org/docs/latest-v14.x/api/child_process.html#child_process_event_exit
2021-03-31 13:13:17 -02:30
kumavis
0040b66e5c
build - fix use of empty file to replace unused js files (#10780) 2021-03-31 16:13:37 +08:00
kumavis
952adbce44
Build - refactor background process to use html (#10769)
* build - declare background as html

* build - fill in empty file when a missing file is expected

* lint - fix

* Update development/build/manifest.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update development/build/manifest.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-31 11:12:28 +08:00
kumavis
715f699ed9
build - refactor build system for easier configuration (#10718)
* build - refactor build system for easier configuration of before and after bundle

* build - fix dependenciesToBundle option

* build - fix bify external options and other config

* build - refactor for cleanliness

* build - fix minify argument

* build - fix sourcemaps setup

* scripts - refactor setupBundlerDefaults in anticipation of factor bundles

* build - scripts - remove unused pipeline label

* build - scripts - make filepath entry optional

* build - scripts - rename filepath and filename options to entryFilepath and destFilepath

* Update development/build/scripts.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-26 12:26:19 +08:00
ryanml
91e5b85955
Excluding sourcemaps comment in production builds (#10695)
* Excluding sourcemaps comment in production builds

Fixes MetaMask/metamask-extension#7077

* Fix source map explorer script

The source map explorer script now re-adds the source map comment to
each file to ensure the source map visualization still works. Each
module with a sourcemap is copied to a temporary directory along with
the module it corresponds to, and from there it's passed into
`source-map-explorer`. This should ensure the resulting visualization
matches what it was before.

Everything has been moved inside of functions to generally improve
readability, and to allow the use of local variables.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-03-22 19:41:23 -07:00
Mark Stacey
23013b1ee9
Reduce build warnings related to Sass (#10494)
Build warnings related to Sass have been reduced by dynamically
importing `gulp-sass` and `sass-compiler` at the point where it's first
used. This ensures that the four Dart-related build warnings are only
emitted for the build process that is actually running Sass, rather
than by _every_ build process.
2021-02-23 13:04:14 -03:30