1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

10530 Commits

Author SHA1 Message Date
Erik Marks
be3ac50791
Update eth-json-rpc-middleware (#8847) 2020-06-23 13:08:41 -07:00
Erik Marks
04de9a92c5
Fix signing method bugs (#8833)
* update signTypedData validation

* update tests for new eth-json-rpc-middleware

* remove lowercasing of tx 'from' addresses
2020-06-23 09:12:11 -07:00
Brad Decker
41c8e486af
replace icons with Checkbox component (#8830)
in both permission flows the checkboxes were using the fa-check icon, and in the case
of the connected accounts popover the color of the icon was wrong. It occurred to me
while simply fixing that color would have been easier, we will be adding permissions
at some point in the future that a user will be able to 'uncheck'. This PR replaces
the usages of those icons with the Checkbox component that is equipped to handle the
interactivity of checking/unchecking.
2020-06-23 09:26:33 -05:00
Whymarrh Whitby
3673d69816
Use gulp-cli@2.3.0 (#8845) 2020-06-23 05:51:55 -02:30
Whymarrh Whitby
2abbeadbfb
Use node-sass@4.14.1 (#8844)
This change updates our `node-sass` dependency to the latest version, 4.14.1.
This resolves two security advisories brought in by an outdated `yargs-parser`
subdependency.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ node-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ node-sass > sass-graph > yargs > yargs-parser                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp-sass                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp-sass > node-sass > sass-graph > yargs > yargs-parser    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-23 05:51:43 -02:30
Thomas Huang
4354e9eb93
Call getMethodDataAsync when knownMethodData[fourBytePrefix] object is empty (#8836)
Fixes #8835

In cases where the registry failed to load, and the sig is set to `{}` on this line: e85b162651/ui/app/helpers/utils/transactions.util.js (L78) this proceeds to set the method prefix to `{}` in knownMethodData.

Additionally check if the method prefix object is empty to proceed call getMethodDataAsync again.

I could only reproduce by intentionally failing the method registry lookup and found this solution. I could not find an instance where the registry consistently failed to lookup even on slow/throttled/high latency networks.
2020-06-22 21:30:45 -07:00
Erik Marks
b090625dc1
Update connected status popover content (#8834)
* update connected status popover content

* update highlight styling
2020-06-21 14:00:06 -07:00
Whymarrh Whitby
dc398191e0
Use @metamask/controllers@2.0.1 (#8832) 2020-06-18 12:10:01 -02:30
Thomas Huang
753a3eb4c9
ParseInt nextworkNextNonce correction (#8827)
* networkNextNonce toNumber

* nonceBN for all getTransactionCount

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-17 14:13:33 -07:00
Mark Stacey
c8be5d0779
Fix first time onboarding popup position (#8829)
The connected status indicator had been moved left since this popup was
first written. The position of the highlighted portion of the
background has been updated reflect this.
2020-06-17 15:12:41 -03:00
Brad Decker
c07bf62a73
fix overflowing contract names and origins (#8823)
* fix overflowing contract names and origins

Moves heading and subtitle into divs with h3/h2 children so that the
div can be display flex and still have ellipses overflow. Only the
heading was display flex but I wanted the two to have similar structure.
this allows subheading to be display flex in the future.

Also uses stripHttpSchemes to remove that from origin in the subheading

* rtl ellipses on domain

* Update ui/app/components/app/transaction-list-item/index.scss

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-17 11:38:15 -05:00
Mark Stacey
dafc5046ff
Hide 'Expand view' button in fullscreen (#8826)
The 'Expand view' button in the 'Account Options' menu was still being
shown on the fullscreen UI. This button is not useful in fullscreen, as
all it does is open the fullscreen UI. It is now hidden on the
fullscreen UI.
2020-06-17 00:40:56 -03:00
Thomas Huang
792366a20f
Use error.value.message with error.message as fallback (#8825)
* Use  over the whole stringified error object which doesn't show the actual error message that is set as the

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
* Feedback commit
2020-06-16 16:21:56 -07:00
Mark Stacey
3b2bbe0705
Fix dropped tx detection (#8824)
The code for checking whether a transaction was dropped or not was
refactored in #8398, but in the process an off-by-one error was
introduced.

The old version of `_checkIfTxWasDropped` would query for an updated
transaction count from the network, and would consider the pending
transaction to be dropped if the count was above the nonce. However,
the version introduced in #8398 considers the transaction to be dropped
if the count is above *or equal to* the nonce.

The pending transaction nonce is expected to be equal to the
transaction count, because the nonce starts at zero. The transaction
count is equal to the expected next nonce.

The variable name has been updated to make this more clear
(`networkNextNonce` is how the `nonce-tracker` refers to this value).

`parseInt` is now called with an explicit radix of `16` as well, to
ensure both nonce strings are always parsed as hex. In all cases I am
aware of, these nonce strings were prefixed by `0x`, meaning that
`parseInt` would default to a radix of `16`, so this likely doesn't
constitute a functional change.

Fixes #8688
2020-06-16 18:05:48 -03:00
Erik Marks
b0187d3247
Fix permissions domain metadata retrieval (#8821)
* delete targetDomainMetadata selector

* fix permissions connect target domain metadata handling
2020-06-16 13:48:35 -07:00
Erik Marks
28cf728067 delete targetDomainMetadata selector 2020-06-16 11:34:08 -07:00
Brad Decker
4f3e9d70fa
remove top/bottom margin on info icon (#8822) 2020-06-16 13:05:03 -05:00
Brad Decker
61d9fcde35
add send token button on fullscreen asset list (#8812) 2020-06-16 13:04:51 -05:00
Erik Marks
d79bf8db2e fix getTargetDomainMetadata selector 2020-06-16 10:15:53 -07:00
Brad Decker
53e88b06b6
select current address in permissions connect (#8811)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-16 11:16:57 -05:00
Erik Marks
0813cc5c88
Fix encrypt/decrypt beforeunload bugs (#8816) 2020-06-16 07:40:00 -07:00
Mark Stacey
ec10323495
Fix site icon fallback letter (#8815)
The letter chosen for the fallback site icon was being set
inconsistently throughout the extension. The connect flow was using the
first letter of the `origin` for the letter (which was always `H`,
because `HTTP`), but the connect sites list and the account menu were
using the `name` from the domain metadata.

The `name` is now used for the fallback icon everywhere. A selector
that supplied a default domain metadata object has also been augmented
to use the `hostname` rather than the `origin` as a fallback name, to
match the behavior of the inpage provider.
2020-06-16 09:57:21 -03:00
Brad Decker
a6ee23cf9a
add hover style to list-item (#8813) 2020-06-15 17:36:32 -05:00
Mark Stacey
ad5e16cfa7
Fix site icon size (#8814)
A new `SiteIcon` component has been created for showing icons
representing web3 sites. The icon has a border and background, and it
has a fallback in case no icon is given. This new component accepts a
`size` prop that controls the size of the icon.

The old `IconWithFallback` component had a hard-coded size in the
SCSS styles for the icon, which was being overridden in a few places.
It was difficult to customize, and overly complicated.

The old `IconWithFallback` component is still used, but it's now
simpler. It only handles rendering the underlying `img` for the icon,
or the fallback letter if no image is given.

A separate `IconBorder` component has been created for the border and
white background used. It's solely used by `SiteIcon` for now, but I
intend to use it elsewhere as well, where this same pattern of a white
background is embedded.
2020-06-15 19:24:23 -03:00
Erik Marks
a332c3edc1
Remove all user- and translator-facing instances of 'dapp' (#8810)
* remove all user- and translator-facing instances of 'dapp'

Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 12:55:21 -07:00
Erik Marks
c391291f43
Merge branch 'develop' into remove-the-word-dapp 2020-06-15 12:11:10 -07:00
Erik Marks
4dfe4e7463
Consolidate connected account alerts (#8802)
* update connected accounts appearance

* consolidate account alerts

* UnconnectedAccountAlert: use ConnectedAccountsList

* move switch account action out of menu in all views

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-15 12:08:53 -07:00
Erik Marks
a48ec51c36 lowercase web3 2020-06-15 11:54:51 -07:00
Whymarrh Whitby
3f8fa161ca
Use markdown-to-jsx@6.11.4 (#8809)
This change updates the `markdown-to-jsx` dependency to the latest version,
resolving XSS security advisories.

See https://www.npmjs.com/advisories/1219 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-actions                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-actions > @storybook/components >           │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-backgrounds                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-backgrounds > @storybook/components >       │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-knobs                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-knobs > @storybook/components >             │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > @storybook/components >    │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ @storybook/components > markdown-to-jsx                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > markdown-to-jsx            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-15 16:13:45 -02:30
Erik Marks
7f47eb53ed
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:57 -07:00
Erik Marks
22679622f5
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:51 -07:00
Erik Marks
b1fd1e5bde also remove 'dapp' from descriptions 2020-06-15 11:35:15 -07:00
Erik Marks
fc7930f6bc remove all user-facing instances of 'dapp' 2020-06-15 11:30:56 -07:00
Brad Decker
955625278b
update button styling on home/asset page (#8800) 2020-06-15 12:02:38 -05:00
Mark Stacey
6ca18c3573
Fix handling of permissions of removed accounts (#8803)
Imported accounts can be removed, but the permissions controller is not
informed when this happens. Permissions are now removed as part of the
account removal process.

Additionally, the `getPermittedIdentitiesForCurrentTab` selector now
filters out any non-existent accounts, in case a render occurs in the
middle of an account removal.

This was resulting in a render crash upon opening the popup on a site
that was connected to the removed account.
2020-06-15 10:27:27 -03:00
Thomas Huang
d9a4c60d99
Clear permssions during createNewVaultAndRestore (#8804)
One possible solution to #8787.
2020-06-13 18:42:39 -07:00
Mark Stacey
bb087e3749
Hide token transfers on ETH asset page (#8799)
Token transfers will now be hidden on the ETH asset page. Arguably
token transfers are still relevant to show on the ETH asset page
because the gas for token transfers is paid in ETH, but they weren't
being displayed in a way that highlighted this (only the token amount
was shown inline - not the gas price).

We will likely restore token transfers to the ETH asset page at a later
date, after designs have been updated to highlight their relevance to
this page.
2020-06-12 23:06:33 -03:00
Mark Stacey
31bb86c596
Fix account name editing (#8801)
Editing the name of an account was accidentally made impossible when
FontAwesome was updated in #8256, because the icon we used to use for
the edit button (`fa fa-pencil`) was no longer free. The icon has been
switched to `fas fa-pencil-alt`, which is free.
2020-06-12 23:06:19 -03:00
Mark Stacey
f17aa87a65
Fix connect flow account list height (#8798)
The list of accounts shown on the first page of the connect flow takes
up the entire height of the window, even if there aren't enough
accounts to fill the space. This looks strange because of the border
around the account list, especially in the case where there are three
accounts in the list.

The list now cedes space to the footer if it can't fill the space
itself. The extra space is taken by whitespace between the footer and
the list.
2020-06-12 18:22:45 -03:00
Mark Stacey
53769a7b3a
Update color of menu item icons (#8797)
Menu item icons are now grey instead of black, as requested in design
QA feedback.
2020-06-12 17:09:47 -03:00
Mark Stacey
8a7e376930
Update "Connected accounts" empty description (#8796)
The copy has been updated to use the term "Web3 site" instead of
"decentralized site".
2020-06-12 12:52:53 -07:00
Mark Stacey
1fb15a52bb
Stop reporting failed transactions to Sentry (#8795)
These error reports are not useful.
2020-06-12 16:41:57 -03:00
Mark Stacey
37da64aa7e
Omit state snapshot from Sentry errors (#8794)
The state snapshot we were attaching to Sentry errors was too large.
As a temporary solution, it has been removed completely. We can re-add
it later after reducing its size.
2020-06-12 16:13:14 -03:00
Mark Stacey
cf08131b49
Show fiat balance on token page (#8791)
The token page overview now shows the balance in fiat.
2020-06-12 15:47:39 -03:00
Mark Stacey
a100c55e64
Hide token fiat amounts on testnets (#8792)
The token amount is no longer shown in fiat on testnets, unless the
user has enabled the "Show fiat on testnets" setting.
2020-06-12 15:47:23 -03:00
Brad Decker
2f50e9fd72
Restore timing function (#8774)
* restore and enhance the time est feature

background: we had a feature for showing a time estimate on pending txs
that was accidently removed during the redesign implementation. This PR
restores that feature and also enhances it:
1. Displays the time estimate on all views instead of just fullscreen
2. Uses Intl.RelativeTimeFormat to format the time
3. Adds a way to toggle the feature flag.
4. Uses a hook to calculate the time remaining instead of a component

* Update app/_locales/en/messages.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* do not display on test nets

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-12 13:46:01 -05:00
Erik Marks
5aabe2ac75
Warn users to only add custom networks that they trust (#8789)
* add warning when adding custom network

* give the settings subheader breathing space
2020-06-12 11:21:29 -07:00
Mark Stacey
3c98be4214
Show fiat amounts inline on token transfers (#8786)
Fiat amounts are now shown inline on token transfers in the transaction
list, where possible (i.e. where the conversion rates are known).

The logic for this hook is pretty tangled because it's used for so many
fundamentally different types of items (eth transactions, token
transactions, signature requests). In the future we should split these
into different components.

The documentation for the `useTokenFiatAmount` hook was updated to make
`tokenAmount` optional, but in practice it already worked as expected
without the amount being passed in.
2020-06-12 14:37:06 -03:00
Mark Stacey
016acd3e94
Refactor asset page component (#8788)
The asset page component has been split into three parts: the main
asset page wrapper, and a component for the content (either token or
native currency). This makes it easier to add functionality that is
specific to either token asset pages or native currency asset pages.
2020-06-12 14:04:40 -03:00
Erik Marks
1323233cfa
Make permission approval redirect flow consistent (#8755)
* make redirect flow consistent

* remove cancel redirect

* extract redirect component into own file
2020-06-12 09:38:20 -07:00