1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-29 23:58:06 +01:00
Commit Graph

10622 Commits

Author SHA1 Message Date
Mark Stacey
b34dbe9ae1 Merge remote-tracking branch 'origin/develop' into Version-v8.0.0
* origin/develop:
  Restore list item title attributes (#8858)
  Fix mobile sync redirect (#8860)
  Align copy tooltip text and icon (#8861)
  Update inpage provider, deprecation warnings (#8854)
  Update test-dapp (#8856)
  Return after 'reject' in Promise constructor (#8857)
  Replace removed 'copy-to-clipboard' icon (#8853)
  Stop upper-casing exported private key (#8850)
2020-06-24 19:42:34 -03:00
Brad Decker
83fbf6608b
Restore list item title attributes (#8858) 2020-06-24 19:41:30 -03:00
Mark Stacey
5121fded67
Fix mobile sync redirect (#8860)
The mobile sync redirect was failing due to a typo in a prop. It would
fail to redirect correctly in the event of a timeout, or after pressing
'Cancel'.
2020-06-24 19:34:39 -03:00
Thomas Huang
85c81a5cfe
Align copy tooltip text and icon (#8861)
Add style prop to ReactTippy to override the inline display to flex display and align items to center
2020-06-24 15:34:18 -07:00
Erik Marks
242db43700
Update inpage provider, deprecation warnings (#8854) 2020-06-24 15:21:57 -07:00
Erik Marks
3bd4528d9d
Update test-dapp (#8856)
* update test-dapp
2020-06-24 14:16:51 -07:00
Mark Stacey
46e8f1b4a5
Update changelog for v8 (#8849)
Any changes that were development-focused, or that solely affected
newly-introduced features, have been omitted.

A duplicate '7.0' title has also been removed. It was accidentally
added in a merge conflict.
2020-06-24 17:32:21 -03:00
Mark Stacey
828ec0530a
Return after 'reject' in Promise constructor (#8857)
There were three cases where execution unintentionally continued after
an error was encountered. These cases likely are impossible to
encounter in practice due to recent validation improvements in the
`eth-json-rpc-middleware/wallet` module, but they were broken
nonetheless.

Execution inside the Promise constructor now halts immediately after
`reject` is called.
2020-06-24 16:38:53 -03:00
Mark Stacey
1d2644423e
Replace removed 'copy-to-clipboard' icon (#8853)
The 'copy-to-clipboard' icon was removed in #8190, and replaced with a
new 'Copy' icon component. It was still being used in two places
though, on the confirmation page for decryption and on the reveal seed
phrase screen..

The new Copy icon is now used in these two places instead. It has been
given a size of '17' to match the old icon size.
2020-06-24 12:10:29 -03:00
Mark Stacey
310d35c044
Stop upper-casing exported private key (#8850)
We were showing exported private keys in all upper case. This is
atypical, and many other wallets (e.g. MyCrypto) expect private keys
for imported accounts to be lower-cased. Our own account import is
tolerant of either case.
2020-06-24 10:34:10 -03:00
Mark Stacey
ce2562bf5c Merge remote-tracking branch 'origin/develop' into Version-v8.0.0
* origin/develop:
  Update eth-json-rpc-middleware (#8847)
2020-06-23 17:41:18 -03:00
Erik Marks
be3ac50791
Update eth-json-rpc-middleware (#8847) 2020-06-23 13:08:41 -07:00
Mark Stacey
cee773e1b5 Merge remote-tracking branch 'origin/develop' into Version-v8.0.0
* origin/develop:
  Fix signing method bugs (#8833)
  replace icons with Checkbox component (#8830)
  Use gulp-cli@2.3.0 (#8845)
  Use node-sass@4.14.1 (#8844)
  Call getMethodDataAsync when knownMethodData[fourBytePrefix] object is empty (#8836)
  Update connected status popover content (#8834)
  Use @metamask/controllers@2.0.1 (#8832)
  ParseInt nextworkNextNonce correction (#8827)
  Fix first time onboarding popup position (#8829)
  fix overflowing contract names and origins (#8823)
  Hide 'Expand view' button in fullscreen (#8826)
2020-06-23 13:13:52 -03:00
Erik Marks
04de9a92c5
Fix signing method bugs (#8833)
* update signTypedData validation

* update tests for new eth-json-rpc-middleware

* remove lowercasing of tx 'from' addresses
2020-06-23 09:12:11 -07:00
Brad Decker
41c8e486af
replace icons with Checkbox component (#8830)
in both permission flows the checkboxes were using the fa-check icon, and in the case
of the connected accounts popover the color of the icon was wrong. It occurred to me
while simply fixing that color would have been easier, we will be adding permissions
at some point in the future that a user will be able to 'uncheck'. This PR replaces
the usages of those icons with the Checkbox component that is equipped to handle the
interactivity of checking/unchecking.
2020-06-23 09:26:33 -05:00
Whymarrh Whitby
3673d69816
Use gulp-cli@2.3.0 (#8845) 2020-06-23 05:51:55 -02:30
Whymarrh Whitby
2abbeadbfb
Use node-sass@4.14.1 (#8844)
This change updates our `node-sass` dependency to the latest version, 4.14.1.
This resolves two security advisories brought in by an outdated `yargs-parser`
subdependency.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ node-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ node-sass > sass-graph > yargs > yargs-parser                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp-sass > node-sass > sass-graph > yargs > yargs-parser    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-23 05:51:43 -02:30
Thomas Huang
4354e9eb93
Call getMethodDataAsync when knownMethodData[fourBytePrefix] object is empty (#8836)
Fixes #8835

In cases where the registry failed to load, and the sig is set to `{}` on this line: e85b162651/ui/app/helpers/utils/transactions.util.js (L78) this proceeds to set the method prefix to `{}` in knownMethodData.

Additionally check if the method prefix object is empty to proceed call getMethodDataAsync again.

I could only reproduce by intentionally failing the method registry lookup and found this solution. I could not find an instance where the registry consistently failed to lookup even on slow/throttled/high latency networks.
2020-06-22 21:30:45 -07:00
Erik Marks
b090625dc1
Update connected status popover content (#8834)
* update connected status popover content

* update highlight styling
2020-06-21 14:00:06 -07:00
Whymarrh Whitby
dc398191e0
Use @metamask/controllers@2.0.1 (#8832) 2020-06-18 12:10:01 -02:30
Thomas Huang
753a3eb4c9
ParseInt nextworkNextNonce correction (#8827)
* networkNextNonce toNumber

* nonceBN for all getTransactionCount

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-17 14:13:33 -07:00
Mark Stacey
c8be5d0779
Fix first time onboarding popup position (#8829)
The connected status indicator had been moved left since this popup was
first written. The position of the highlighted portion of the
background has been updated reflect this.
2020-06-17 15:12:41 -03:00
Brad Decker
c07bf62a73
fix overflowing contract names and origins (#8823)
* fix overflowing contract names and origins

Moves heading and subtitle into divs with h3/h2 children so that the
div can be display flex and still have ellipses overflow. Only the
heading was display flex but I wanted the two to have similar structure.
this allows subheading to be display flex in the future.

Also uses stripHttpSchemes to remove that from origin in the subheading

* rtl ellipses on domain

* Update ui/app/components/app/transaction-list-item/index.scss

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-17 11:38:15 -05:00
Mark Stacey
dafc5046ff
Hide 'Expand view' button in fullscreen (#8826)
The 'Expand view' button in the 'Account Options' menu was still being
shown on the fullscreen UI. This button is not useful in fullscreen, as
all it does is open the fullscreen UI. It is now hidden on the
fullscreen UI.
2020-06-17 00:40:56 -03:00
Mark Stacey
d730c28cd9 Merge remote-tracking branch 'origin/develop' into Version-v8.0.0
* origin/develop:
  Use error.value.message with error.message as fallback (#8825)
  Fix dropped tx detection (#8824)
  delete targetDomainMetadata selector
  remove top/bottom margin on info icon (#8822)
  add send token button on fullscreen asset list (#8812)
  fix getTargetDomainMetadata selector
  select current address in permissions connect (#8811)
  Fix encrypt/decrypt beforeunload bugs (#8816)
2020-06-17 00:30:42 -03:00
Thomas Huang
792366a20f
Use error.value.message with error.message as fallback (#8825)
* Use  over the whole stringified error object which doesn't show the actual error message that is set as the

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Feedback commit
2020-06-16 16:21:56 -07:00
Mark Stacey
3b2bbe0705
Fix dropped tx detection (#8824)
The code for checking whether a transaction was dropped or not was
refactored in #8398, but in the process an off-by-one error was
introduced.

The old version of `_checkIfTxWasDropped` would query for an updated
transaction count from the network, and would consider the pending
transaction to be dropped if the count was above the nonce. However,
the version introduced in #8398 considers the transaction to be dropped
if the count is above *or equal to* the nonce.

The pending transaction nonce is expected to be equal to the
transaction count, because the nonce starts at zero. The transaction
count is equal to the expected next nonce.

The variable name has been updated to make this more clear
(`networkNextNonce` is how the `nonce-tracker` refers to this value).

`parseInt` is now called with an explicit radix of `16` as well, to
ensure both nonce strings are always parsed as hex. In all cases I am
aware of, these nonce strings were prefixed by `0x`, meaning that
`parseInt` would default to a radix of `16`, so this likely doesn't
constitute a functional change.

Fixes #8688
2020-06-16 18:05:48 -03:00
Erik Marks
b0187d3247
Fix permissions domain metadata retrieval (#8821)
* delete targetDomainMetadata selector

* fix permissions connect target domain metadata handling
2020-06-16 13:48:35 -07:00
Erik Marks
28cf728067 delete targetDomainMetadata selector 2020-06-16 11:34:08 -07:00
Brad Decker
4f3e9d70fa
remove top/bottom margin on info icon (#8822) 2020-06-16 13:05:03 -05:00
Brad Decker
61d9fcde35
add send token button on fullscreen asset list (#8812) 2020-06-16 13:04:51 -05:00
Erik Marks
d79bf8db2e fix getTargetDomainMetadata selector 2020-06-16 10:15:53 -07:00
Brad Decker
53e88b06b6
select current address in permissions connect (#8811)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-16 11:16:57 -05:00
Erik Marks
0813cc5c88
Fix encrypt/decrypt beforeunload bugs (#8816) 2020-06-16 07:40:00 -07:00
Mark Stacey
584ff9ec8a Merge remote-tracking branch 'origin/develop' into Version-v8.0.0
* origin/develop: (58 commits)
  Fix site icon fallback letter (#8815)
  add hover style to list-item (#8813)
  Fix site icon size (#8814)
  Consolidate connected account alerts (#8802)
  lowercase web3
  Use markdown-to-jsx@6.11.4 (#8809)
  Update app/_locales/en/messages.json
  Update app/_locales/en/messages.json
  also remove 'dapp' from descriptions
  remove all user-facing instances of 'dapp'
  update button styling on home/asset page (#8800)
  Fix handling of permissions of removed accounts (#8803)
  Clear permssions during createNewVaultAndRestore (#8804)
  Hide token transfers on ETH asset page (#8799)
  Fix account name editing (#8801)
  Fix connect flow account list height (#8798)
  Update color of menu item icons (#8797)
  Update "Connected accounts" empty description (#8796)
  Stop reporting failed transactions to Sentry (#8795)
  Omit state snapshot from Sentry errors (#8794)
  ...
2020-06-16 10:03:14 -03:00
Mark Stacey
ec10323495
Fix site icon fallback letter (#8815)
The letter chosen for the fallback site icon was being set
inconsistently throughout the extension. The connect flow was using the
first letter of the `origin` for the letter (which was always `H`,
because `HTTP`), but the connect sites list and the account menu were
using the `name` from the domain metadata.

The `name` is now used for the fallback icon everywhere. A selector
that supplied a default domain metadata object has also been augmented
to use the `hostname` rather than the `origin` as a fallback name, to
match the behavior of the inpage provider.
2020-06-16 09:57:21 -03:00
Brad Decker
a6ee23cf9a
add hover style to list-item (#8813) 2020-06-15 17:36:32 -05:00
Mark Stacey
ad5e16cfa7
Fix site icon size (#8814)
A new `SiteIcon` component has been created for showing icons
representing web3 sites. The icon has a border and background, and it
has a fallback in case no icon is given. This new component accepts a
`size` prop that controls the size of the icon.

The old `IconWithFallback` component had a hard-coded size in the
SCSS styles for the icon, which was being overridden in a few places.
It was difficult to customize, and overly complicated.

The old `IconWithFallback` component is still used, but it's now
simpler. It only handles rendering the underlying `img` for the icon,
or the fallback letter if no image is given.

A separate `IconBorder` component has been created for the border and
white background used. It's solely used by `SiteIcon` for now, but I
intend to use it elsewhere as well, where this same pattern of a white
background is embedded.
2020-06-15 19:24:23 -03:00
Erik Marks
a332c3edc1
Remove all user- and translator-facing instances of 'dapp' (#8810)
* remove all user- and translator-facing instances of 'dapp'

Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 12:55:21 -07:00
Erik Marks
c391291f43
Merge branch 'develop' into remove-the-word-dapp 2020-06-15 12:11:10 -07:00
Erik Marks
4dfe4e7463
Consolidate connected account alerts (#8802)
* update connected accounts appearance

* consolidate account alerts

* UnconnectedAccountAlert: use ConnectedAccountsList

* move switch account action out of menu in all views

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-15 12:08:53 -07:00
Erik Marks
a48ec51c36 lowercase web3 2020-06-15 11:54:51 -07:00
Whymarrh Whitby
3f8fa161ca
Use markdown-to-jsx@6.11.4 (#8809)
This change updates the `markdown-to-jsx` dependency to the latest version,
resolving XSS security advisories.

See https://www.npmjs.com/advisories/1219 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-actions                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-actions > @storybook/components >           │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-backgrounds                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-backgrounds > @storybook/components >       │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-knobs                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-knobs > @storybook/components >             │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > @storybook/components >    │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ @storybook/components > markdown-to-jsx                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > markdown-to-jsx            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-15 16:13:45 -02:30
Erik Marks
7f47eb53ed
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:57 -07:00
Erik Marks
22679622f5
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:51 -07:00
Erik Marks
b1fd1e5bde also remove 'dapp' from descriptions 2020-06-15 11:35:15 -07:00
Erik Marks
fc7930f6bc remove all user-facing instances of 'dapp' 2020-06-15 11:30:56 -07:00
Brad Decker
955625278b
update button styling on home/asset page (#8800) 2020-06-15 12:02:38 -05:00
Mark Stacey
6ca18c3573
Fix handling of permissions of removed accounts (#8803)
Imported accounts can be removed, but the permissions controller is not
informed when this happens. Permissions are now removed as part of the
account removal process.

Additionally, the `getPermittedIdentitiesForCurrentTab` selector now
filters out any non-existent accounts, in case a render occurs in the
middle of an account removal.

This was resulting in a render crash upon opening the popup on a site
that was connected to the removed account.
2020-06-15 10:27:27 -03:00
Thomas Huang
d9a4c60d99
Clear permssions during createNewVaultAndRestore (#8804)
One possible solution to #8787.
2020-06-13 18:42:39 -07:00