1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

93 Commits

Author SHA1 Message Date
Monte Lai
af2c87d777
[FLASK] Add Snaps Keyring (#19710)
* flask - add restricted snap_manageAccounts

* snap keyring: use local snap keyring instead of package

* mvp snap-keyring

* fixed the easier lint errors

* fix missing permission text

* add removal function

* update snap keyring

* update dep

* update git link

* update messages and remove snap keyring from lib

* set snapprovider as soon as possible

* chore: update snap keyring dependency

* chore: pass SnapController to SnapKeyring constructor

* chore: update deps and comment line (wip)

* fix latest update for snaps and remove setController

* update yarn lock

* add routes

* add messages

* add message

* add snap account detail page

* add snap account card

* add snap account page

* update route

* add background

* use css grid

* update snap text styling

* fix lint

* remove unused import

* change manage link to go to snap

* add types for react-router-dom

* add link to settings

* add breadcrumb to header

* add popover

* add prop types

* add link to propTypes

* fix icon in header and tag

* update popover

* update yarn.lock

* add link to account list menu

* update from deprecated

* add add-snap-popup

* use popoverheader

* fix lint

* update to use modal instead of popup

* add install snap

* remove export of DeferredPromise

* change snap keyring to its own enum

* update imports and fences

* fix snapId and route

* fix header and button for snapCard

* hide app header on AddSnapAccountPage

* update icon

* match path to SnapAccountDetail

* set getting started button to close modal

* fix key prop warning

* add By Metamask message

* fix label

* add fence to snapkeyringtype

* update yarn.lock

* refactor removeAccount and static snap list

* update removeSnap

* feat: remove associated accounts when snap is removed

* add get snaps installed to snaps page

* fix updateAvailable

* add tests to ui components

* update test

* update scss

* udpate config snap popup style

* fixed https://www.notion.so/Show-pop-up-only-once-c6aa8494486a4ece8a5c5e35fea56ab5

* update accountListMenu click to open tab or push depending on environment

* update yark.lock

* remove unused uuid

* update lock

* update eth-snap-keyring

* udpate install from snap page

* update to install to use popup

* use release versino of eth-snap-keyring

* chore: bump snaps-utils version to `0.34.1-flask.1`

* update configure snap

* chore: update eth-snap-keyring

* chore: update policies

* fix: remove unused

* fix: fix snap-account-detail-page test

* fix: fix styles

* chore: remove swappable-obj-proxy

* fix: fix duplicate entry

* fix: disable export private key for snaps account

* feat: shuffle snap lists on every reload

* fix: configure not popping up

* refactor: snapsAddSnapAccountModalDismissal into action and selector

* fix: E2BIG when running prettier

* fix: lint default export or add-snap-account-modal

* fix: lint, remove vendor prefix

* fix: fix snapCreatedByMetamask to snapCreatedByMetaMask

* Add `manageAccounts` RPC method (#19724)

* Update dependencies

* Remove snap-keyring-permissions

* Update dependencies

* Update dependencies

* Update imports

* removed portfolio link from wallet view (#19716)

* removed portfolio link from wallet view

* removed unused code

* updated test

* updated spec file

* updated test

* Validate LavaMoat policies on each PR (#19703)

* Validate LavaMoat policies on each PR

The LavaMoat policies are now validated on every PR. This makes it
easier to validate policy changes, as they should always correspond
with the changes made in the PR (unlike today, when they could be due
to a change in platform or a previous PR).

Closes #19680

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>

* fix(action): add required permissions to remove labels (#19728)

* Fix dependencies

* signature approved metrics e2e test (#19628)

* Update dependencies

* Integrate Snow with LavaMoat scuttling protection (#17969)

* Update lavamoat policies

* Security Provider cleanup (#19694)

* security-prov: isFlaggedSecurityProviderResponse

* security-prov: create shared/modules/util

* security prov: rn isFlagged -> isSuspcious
- util fn returns true if response is not verified and flagged

* security prov: add util test
and support undefined param

* security prov: reorg util fn
- no logic changes

* Update LavaMoat policies (#19744)

Update LavaMoat policies to match what CI expects.

* Replacing deprecated constants & creating stories (#19686)

* Replacing deprecated constants & creating stories

* updating snapshot

* fix: fix imports

* chore: update policy.json

* fix: move SmartTransactionController out of snaps code fence

* fix: yarn.lock dedupe

* fix: lavamoat policy

* fix: update test

* fix: remove snapshot, the list of snaps are always randomized.

* fix: resole snaps-controller to use flask

---------

Co-authored-by: Nidhi Kumari <nidhi.kumari@consensys.net>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Gauthier Petetin <gauthierpetetin@hotmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: weizman <weizmangal@gmail.com>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: Dhruv <79097544+dhruvv173@users.noreply.github.com>
Co-authored-by: Monte Lai <monte.lai@consensys.net>

* Update LavaMoat policies

* chore: fix webapp policy.json

* feat: add snap label test

* feat: test to disable export private key for snap accounts

* feat: add snap account link test in account-list-menu

* fix: add fence for setSnapsAddSnapAccountModalDismissed

* fix: remove comments

* fix: move routes into snaps fence

* feat: use snap registry

* fix: account snap identification

* chore: add `keyring-snaps` feature flag

* fix: remove unneeded spread

* Disable warn logs in content-script (#19754)

* Use Yarn caching in GitHub Actions (#19662)

GitHub actions that install dependencies will now also cache those
dependencies using the standard strategy for Yarn (which is to hash the
lockfile).

This matches the module template (see https://github.com/MetaMask/metamask-module-template/pull/145
for details).

This should have no functional impact except that this action will run
faster when dependencies are unchanged.

* Fixing misspelling in 10.28.0 changelog notes (#19756)

* Add `tokenId` type validation in `wallet_watchAsset` middleware (#19738)

* Remove unused GitHub Action workflow (#19660)

This GitHub action workflow was disabled, but was still running setup
steps. It has now been removed entirely. We can re-introduce it again
later once the problem that led to it being disabled has been fixed.

The associated npm script and JavaScript module have been removed as
well.

* Fix #847 - Don't show account address on token pages (#19740)

Co-authored-by: Nidhi Kumari <nidhi.kumari@consensys.net>

* Deprecating FormField and fixing console error (#19739)

* Deprecating FormField and fixing console error

* Updating snapshots

* updated linea image for token and badge (#19717)

* updated linea image for token and badge

* replaced hardcoded string with constant

* UI updates for contacts Page (#19646)

* updated contacts flow update

* json file updates

* updated contacts edit and view list

* keep contacts tab selected

* lint fix

* replaced hardcoded strings with constant

* updated padding in box

* Replacing deprecated components and fixing prop errors (#19745)

* Use `snaps@0.35.2-flask.1` and `snaps@1.0.0-prerelease.1` (#19734)

* snaps@0.35.0-flask.1

* Update LavaMoat policies

* Update stable snaps packages to 1.0.0-prerelease.1

* Update LavaMoat policies

* Fix lint

* snaps@0.35.2

* Exclude snap_manageAccounts

* Code fencing

* Revert removing endowment:keyring exclusion

* Bump iframe URLs

* UX: Ensure multichain native token name is always shown (#19705)

* UX: Ensure multichain native token name is always shown

* Fix lint

* UX Multichain: fixed padding for edit screen (#19707)

* fixed padding for edit screen

* Use network picker for header trigger

* Fix swaps display

* updated snapshot

---------

Co-authored-by: David Walsh <davidwalsh83@gmail.com>

* Bump @metamask/providers to v11.1.0 (#19762)

* Bump @metamask/providers to v11.1.0

---------

Co-authored-by: Alex <adonesky@gmail.com>

* Fix fallback gas estimation (#19746)

* Fix fallback gas estimation

Our fallback gas estimation was failing due to a bug in the
`@metamask/controller-utils` package. This was causing gas estimation
to fail completely on certain networks (those not supported by our gas
estimation APIs and non EIP-1559 compatibile), and it was causing the
fallback gas estimation operation (in case our API was down) to fail
across all networks.

Fixes https://github.com/MetaMask/metamask-extension/issues/19735

* Add e2e tests

E2E tests have been added to capture gas estimation. Cases are added
for our API, for the fallback estimate, and for non-EIP-1559 estimates.

As part of this work, the legacy gas API had to be disabled. This was
being used in e2e tests but was dead code in production. It needed to
be disabled to ensure the code under test was reachable.

* Fix gas API referenced in e2e test

* Update unit test snapshots

* Update Label component font weight from bold to medium (#19731)

* Update Label component font weight from bold to medium

* update snapshot

* fix snapshots

* fix snapshots 2

* Removeing deprecated constants for enums

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>

* Part of #17670: Replace Typography with Text component in CancelSpeedupPopover (#18638)

* create story

* replace Typography with Text component

* review changes

* replace CSS with props styling
* use `Button` from `component-library`
* tooltip HTML refactor with `component-library` components
* remove whitespace in story

* strong tag support within Text component

* addresses #18651
* taken from #18752 as suggested in https://github.com/MetaMask/metamask-extension/pull/18638#discussion_r1176334805

* replace `strong` with new `Text as="strong"`

* remove unneccessary css from fa564e3f036f1439f9f220cca23595b508760614

* add text variant definition

* Updating text variant of button

* restrore proper spacing between elements

* Quick fix for test

* Adding key

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Garrett Bear <gwhisten@gmail.com>

* Issue 17670 replace typography with text (#19433)

* Replace Typograph with Text component in numeric-input-component.js

* Replace Typography with Text component in signature-request-message.js

* Replace Typography with Text component in signature-request.component.js

* Replacing deprecating constants and fixing some signature story warnings

* Updating snapshot

* Fixing import

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Garrett Bear <gwhisten@gmail.com>

* Part of #18714: Replacing deprecated constants in `confirm-subtitle` folder (#19699)

* repalcing deprecated constants

* resolve issue

* lint fixes

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>

* Part of #17670: Replace Typography with Text component in: callout.js (#18912)

* Part of #17670: Replace Typography with Text component in: callout.js

* Update ui/components/ui/callout/callout.js

Co-authored-by: Danica Shen <zhaodanica@gmail.com>

* Update callout.js

* Updating snapshot and deprecating component

* Updating snapshot and deprecating component

---------

Co-authored-by: Danica Shen <zhaodanica@gmail.com>
Co-authored-by: George Marshall <george.marshall@consensys.net>
Co-authored-by: Garrett Bear <gwhisten@gmail.com>

* [MMI] Added code fences in whats new popup (#19581)

* added code fences in whats new popup

* Improved code

* Added missing prop

* Update LavaMoat policies

* updated functions by using an options object for the rendering functions in order to bypass possible typsecript issues

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>

* Updated action list in token, NFTs and activity view (#19702)

* updated ui for nft import button

* updated no nft image found in the center

* updated footer for all screens in tabs

* removed no nft state from nft tab

* updated snapshot

* lint fix

* fixed e2e tests

* fixed prep build error

* removed no nfts yet test

* updated tabs

* fixed prod error

* updated no nft screen

* changed button size to md

* fix: change 'M' to '?'

* fix: update fence to keyring-snaps

* chore: rename folder

* fix: typo

* chore: remove logs

* feat: add metamask developer constant

* fix: sass keyring-snap path

* chore: update yarn.lock

* fix: remove alias

* feat: add KEYRING_SNAPS_REGISTRY_URL env

* fix: nested fence

* feat: add snap manageAccount e2e (#19777)

* feat: add snap manageAccount e2e

* feat: update link

* fix: lint

* fix: get values of restrictedMethodPermissionBuilders

* fix: add fence to perferences

* fix: stop shuffle

* fix: remove KEYRING_SNAPS_REGISTRY_URL from metamaskRc

* fix: use permissions to determine account snaps

* fix: remove shuffle

* fix: add comments to fences in excluded snap permission.

* chore: fix policy.json

* fix: fix snap-account-detail test

* fix: lint

* fix: snap accoutn detail page test

* Update LavaMoat policies

* Update ui/pages/keyring-snaps/snap-account-detail-page/snap-account-detail-page.test.tsx

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update ui/pages/keyring-snaps/snap-account-detail-page/snap-account-detail-page.test.tsx

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* fix: remove fence from isAbleToExportAccount

* chore: remove comment line

* fix: dismiss snap modal

* fix: try catch for scroll

* fix: icon for manageAccount

* fix: update `handleSnapRequest` to make `params` optional and add `id`

* fix: lint for uuid

* fix: remove arg in saveSnapKeyring

* fix: add fence for uuidV4

* chore: bump dep

* fix: permission_manageAccounts message and icon

* chore: update registry link

* chore: convert address to lowercase

* fix: change icon

* chore: bump eth-snap-keyring

* chore: update webapp policy.json

* Update ui/pages/keyring-snaps/new-snap-account-page/new-snap-account-page.test.tsx

Co-authored-by: Gustavo Antunes <17601467+gantunesr@users.noreply.github.com>

* fix: update fences

* fix: nested fence

* Update app/_locales/en/messages.json

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update app/_locales/en/messages.json

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update app/_locales/en/messages.json

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update app/_locales/en/messages.json

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update ui/components/multichain/account-details/account-details-display.js

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update ui/pages/keyring-snaps/snap-account-detail-page/header.tsx

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* Update ui/pages/keyring-snaps/snap-account-detail-page/snap-account-detail-page.tsx

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>

* fix: rename and added jsdoc

* fix: add fence to snap label

* fix: remove comment

* fix: change pixel to int and remove unused class

* fix: lint

* fix: create two tests for main and flask restricted methods

* fix: remove fence in test

* fix: lint header

* feat: allow `metamask.github.io` in manifest

* fix: remove comment

* fix: rename isAbleToExportAccount

* chore: use a more restrictive registry URL

* fix: change to && not ||

* fix: remove unused

* fix: move keyring snaps URL to Flask's base manifest

* fix: use fetch instead of fetchWithCache

* fix: lint

---------

Co-authored-by: kumavis <aaron@kumavis.me>
Co-authored-by: Howard Braham <howrad@gmail.com>
Co-authored-by: Daniel Rocha <68558152+danroc@users.noreply.github.com>
Co-authored-by: Gustavo Antunes <17601467+gantunesr@users.noreply.github.com>
Co-authored-by: Nidhi Kumari <nidhi.kumari@consensys.net>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Co-authored-by: Gauthier Petetin <gauthierpetetin@hotmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
Co-authored-by: weizman <weizmangal@gmail.com>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: Dhruv <79097544+dhruvv173@users.noreply.github.com>
Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Alex Donesky <adonesky@gmail.com>
Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: George Marshall <george.marshall@consensys.net>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: jiexi <jiexiluan@gmail.com>
Co-authored-by: jainex <jainexp017@gmail.com>
Co-authored-by: Matthias Kretschmann <m@kretschmann.io>
Co-authored-by: Garrett Bear <gwhisten@gmail.com>
Co-authored-by: Ujwal Kumar <ujwalkumar95@gmail.com>
Co-authored-by: rohit kerkar <129620973+rohiiittttt@users.noreply.github.com>
Co-authored-by: Harsh Shukla <125105825+PrgrmrHarshShukla@users.noreply.github.com>
Co-authored-by: Danica Shen <zhaodanica@gmail.com>
Co-authored-by: Albert Olivé <albertolivecorbella@gmail.com>
Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2023-06-29 09:24:08 -04:00
Frederik Bolding
3df690b852
Use snaps@0.35.2-flask.1 and snaps@1.0.0-prerelease.1 (#19734)
* snaps@0.35.0-flask.1

* Update LavaMoat policies

* Update stable snaps packages to 1.0.0-prerelease.1

* Update LavaMoat policies

* Fix lint

* snaps@0.35.2

* Exclude snap_manageAccounts

* Code fencing

* Revert removing endowment:keyring exclusion

* Bump iframe URLs
2023-06-26 19:41:59 +02:00
Erik Marks
9830b14786
Make eth_accounts return all permitted accounts (#18516)
* Make eth_accounts return all permitted accounts rather than just the most recently selected one

* fixup! Make eth_accounts return all permitted accounts rather than just the most recently selected one

* Trigger

---------

Co-authored-by: legobeat <109787230+legobeat@users.noreply.github.com>
Co-authored-by: Jiexi Luan <jiexiluan@gmail.com>
2023-06-08 13:01:43 -07:00
Frederik Bolding
f03f2d3f79
[FLASK] snaps@0.34.0-flask.1 (#19377)
* snaps@0.34.0-flask.1

* Update LavaMoat policies

* Replace instances of targetKey with targetName

* Replace use of PermissionKeys with PermissionNames

* Use Flask packages in tests for now

* Bump execution env

* Add another mock

* Fix lint
2023-06-05 13:51:19 +02:00
Frederik Bolding
4d015de43e
Fence snaps endowments and permissions for stable/flask (#18847)
* Fence snaps endowments and permissions for stable/flask

* Fix lint

* Fix tests

* Actually fix tests

* Fix another test
2023-05-02 14:51:16 +02:00
Olaf Tomalka
95c37e1ba3
feat: add yaml feature management (#18125)
* feat: add yaml feature management

Add yaml feature file per build type.
Also add method to parse yaml and set
enabled features env to true. The build
process will then replace any process.env[feature]
that exists on the config by its value

* chore: add example for desktop

* Added initial draft of build features

* [TMP] Sync between computers

* Is able to succesfully build stable extension with snaps feature

* Removing var context from builds.yml

* Add asssets to builds.yml

* Minor bug fixes and removing debug logs

* [WIP] Test changes

* Removed TODOs

* Fix regession bug

Also
* remove debug logs
* merge Variables.set and Variables.setMany with an overload

* Fix build, lint and a bunch of issues

* Update LavaMoat policies

* Re-add desktop build type

* Fix some tests

* Fix desktop build

* Define some env variables used by MV3

* Fix lint

* Fix remove-fenced-code tests

* Fix README typo

* Move new code

* Fix missing asset copy

* Move Jest env setup

* Fix path for test after rebase

* Fix code fences

* Fix fencing and LavaMoat policies

* Fix MMI code-fencing after rebase

* Fix MMI code fencing after merge

* Fix more MMI code fencing

---------

Co-authored-by: cryptotavares <joao.tavares@consensys.net>
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2023-04-25 16:32:51 +02:00
Frederik Bolding
47f4f4008b
[FLASK] Remove unused snaps code (#18565)
* Remove unused code after snap_confirm was removed

* Remove more unused code

* Fix lint
2023-04-17 12:55:08 +02:00
Mark Stacey
bd23a49013
Revert "Moved subscribe and filter into network controller (#16693)" (#18129)
* Revert "Moved subscribe and filter into network controller (#16693)"

This reverts commit 6f6984fa58. That
commit was an RPC middleware refactor intended to move the subscribe
and filter middleware into the network controller, to simplify the
process of sharing this middleware between clients.

This refactor resulted in `eth_subscribe` notifications being sent on
the wrong connections, causing the UI to break in some cases (the UI
`provider` connection does not support notifications). This happened
because the `setupProviderEngine` function runs per-connection,
whereas the engine setup inside the network controller is global. The
global network client cannot support notifications because it has no
way to route them; they'll need to stay in the per-connection provider
engine.

Closes #17467

* Add e2e test

An e2e test has been added that confirms subscriptions are only
broadcast to the site that registered them. This test fails on
`develop`.
2023-03-15 12:16:31 -02:30
Hassan Malik
7086494b72
[FLASK] BREAKING - snaps-monorepo@0.30.0 (#17718)
* updated snap permission to wallet_snap, updated tests and added migration

* updated snap packages

* yarn.lock fix

* fixed errors

* override policy

* update policy

* undo override

* updated localization message descriptions

* updated lavamoat policy

* more policy updates

* update permission controller version

* update policy

* update fixture builder

* updated code to include permission value to satisfy wallet_snap permission description call

* fix import issue

* update test-snaps version

* added missing actions, added snap permission dedupe function

* prettier fix

* fix fencing

* add more fencing

* prettier fix

* fix fencing (again)

* added new action and selector and updated view snap accordingly

* update test snaps website version

* unfence request variable

* add fencing

* add optional chaining to fix type error

* update migration #

* remove old migration

* prettier fix

* fix migration test

* fix fencing

* added missing fencing

* updated code to workaround fencing

* update test-snaps site version and remove snap confirm test

* update snap packages

* update policies

* fix merge marker issue

* update test

* more fixes

* fix permissions

* update test

* fixed test

* Bump test-snaps and iframe-execution-environment

* remove unused snap permission from fixture builder

* update policies

* undo comment removal, update selector implementation

* removed unnecessary function, updated migration, updated caveat action

* remove optional chaining

* fix type issue

* more type fixes

* fix migration test

* remove isFlask check, make migration logic more robust

* update coverage

* Update LavaMoat policies

* Update test/e2e/snaps/enums.js

* add extra bail condition

* Revert "add extra bail condition"

This reverts commit b45c53dcfc6e6e35a5e283d4955d6d6ea9ca5965.

* Revert "Revert "add extra bail condition""

This reverts commit cd2ded677935c9cdab0c02b6af55474c83727f60.

* fix test

* add SnapController entry to state object

* updated permission name and caveat type with hardcoded values

* add extra test for non-flask scenario

* update lavamoat policies

* fix locale messages

* change coverage target

* re-enable rpc snap test

* revert locale message change

* fix el message

* reverted changes

---------

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-03-08 13:29:23 -05:00
Guillaume Roux
ccde54937f
Pass excludedPermissions to SnapController (#17321)
Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2023-02-15 11:09:47 +01:00
Zachary Belford
6f6984fa58
Moved subscribe and filter into network controller (#16693)
Our middleware for handling subscription and filter-related methods (`eth-json-rpc-filters`) currently lives in our RPC pipeline ahead of the network stack. This commit moves this middleware to the network client middleware instead. There are two reasons for this change. First, this middleware wraps RPC methods that are supported by the network. Second, it is necessary for this middleware to live with the network client so that it will aid us in unifying the NetworkController in this repo and the NetworkController in the `controllers` repo.

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-12-20 10:28:09 -07:00
Frederik Bolding
dfb6210910
[FLASK] snaps-monorepo@0.25.0 (#16673)
* snaps-monorepo@0.25.0

* Regen LavaMoat policies

* Bump test-snaps

* [FLASK] Add Snaps JSON-RPC handler permission (#16670)

* Add Snaps JSON-RPC handler permission

* Add copy and icon

* Fix test

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2022-11-30 13:19:33 +01:00
Elliot Winkler
51cffa15dd
Migrate to new controller packages (#16547)
* Migrate to new controller packages

`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.

[1]: https://github.com/MetaMask/controllers/pull/831

* Support GitHub registry for draft PRs (#16549)

* Add additional allowed host to lockfile linter

* Update LavaMoat policies

* Add policy exception for nanoid

* Add additional nanoid overrides

* Update LavaMoat policies again

* Bump controller packages

* Update lavamoat

* Bump controller packages

* Update packages to v1.0.0

* Expand gitignore comment

* Unpin controller dependencies, using ^ range instead

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-24 16:29:07 -03:30
Frederik Bolding
de955f3faa
[FLASK] snaps-monorepo@0.24.1 (#16525)
* snaps-monorepo@0.24.0

* Fix imports and regen LavaMoat policies

* Bump iframe-execution-environment

* Fix tests

* Add permissions

* Bump patch

* Bump test-snaps

* [FLASK] Fix update e2e test to catch snaps with caveats (#16546)

* changed snap to update to bip32

* small changes to test

* Fix lint

* Fix E2E

* Update copy

* Update icon

Co-authored-by: Bowen Sanders <bowensanders@gmail.com>
2022-11-22 13:07:08 +01:00
Frederik Bolding
de3068d932
[FLASK] snaps-monorepo@0.23.0 (#16394)
* snaps-monorepo@0.23.0

* Regen LavaMoat policies

* Update iframe-execution-environment

* Fix tests

* Bump luxon

* Fix lint

* Update test-snaps

* Bump post-message-stream

* Fix E2E
2022-11-08 10:31:22 +01:00
Frederik Bolding
7ba0f78a84
[FLASK] snaps-skunkworks@0.22.0 (#16069)
* snaps-skunkworks@0.22.0

* Update LavaMoat policies

* Bump execution environment and fix a breaking change

* Fix caveat and permissions

* Fix test

* Exclude keyring endowment for now

* Fix test

* Fix snap_confirm missing title
2022-10-07 10:02:35 +02:00
Jyoti Puri
8c8539d1f5
Making addPermittedAccount and removePermittedAccount methods idempotent (#15709) 2022-09-07 01:17:48 +05:30
Frederik Bolding
7fc418a96d
[FLASK] snaps-skunkworks@0.20.0 (#15706)
* snaps-skunkworks@0.20.0

* Generate LavaMoat policy

* Fix some breaking changes

* Update iframe execution env

* Fix unit tests

* Implement snap_getBip44Entropy

* Regenerate LavaMoat policy

* Prefer ControllerMessenger over direct calls

* Fix not showing warning for BIP44 legacy permission and E2E test

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2022-08-26 13:48:53 +02:00
Maarten Zuidhoorn
a52c6a4908
[FLASK] snaps-skunkworks@0.19.0 (#15619)
* Bump snaps-skunkworks to 0.19.0

* Improve snap_getBip32Entropy UI

* Remove console.log

* Update LavaMoat policy

* Dedupe Yarn lock

* Update LavaMoat policy again

* Fix tests

* Update policies and e2e tests

* Update policy again

* Update iframe-execution-environment

* Dedupe yarn.lock

* Update snapshots

* Fix PR comments

* Add TODO

* Trigger CI
2022-08-18 17:07:34 +02:00
Brad Decker
c72199a1a6
update prettier (#15360) 2022-07-31 13:26:40 -05:00
Brad Decker
652d631cda
remove exclusions for mismatched object jsdoc type casing (#15351) 2022-07-27 08:28:05 -05:00
Frederik Bolding
66c049bb35
snaps-skunkworks@0.14.0 (#14700)
* snaps-skunkworks@0.13.0

* snaps-skunkworks@0.14.0

* Fix test

* Add long-running permission copy and icon

* Run linting

* Fix typo

* Bump E2E version
2022-05-18 13:49:26 +02:00
Erik Marks
cef95f8733
Stop storing request and response objects in the permission activity log (#14485)
We currently store the JSON-RPC request and response objects in the permission activity log. The utility of doing this was always rather dubious, but never problematic. Until now.

In Flask, as the restricted methods have expanded in number, user secrets may be included on JSON-RPC message objects. This PR removes these properties from the permission activity log, and adds a migration which does the same to existing log objects. We don't interact with the log objects anywhere in our codebase, but we don't want unexpected properties to cause errors in the future should any log objects be retained.

This PR also updates relevant tests and test data. It makes a minor functional change to how a request is designated as a success or failure, but this should not change any behavior in practice.
2022-04-21 08:44:15 -07:00
Erik Marks
118480280c
snaps-skunkworks@0.10.2 (#13901) 2022-03-14 12:37:19 -07:00
Erik Marks
35ac762e10
Add Snaps via Flask (#13462)
This PR adds `snaps` under Flask build flags to the extension. This branch is mostly equivalent to the current production version of Flask, excepting some bug fixes and tweaks.

Closes #11626
2022-02-14 16:02:51 -08:00
Dan J Miller
0a4432513d
captureKeyringTypesWithMissingIdentities() when 'Missing identity for address' in permissions/specifications (#13521)
* captureKeyringTypesWithMissingIdentities() when 'Missing identity for address' in permissions/specifications

* Fix unit tests
2022-02-07 15:30:37 -03:30
Erik Marks
a5873eb7ff
Fix manually connecting sites (#13320) 2022-01-14 14:31:32 -08:00
Mark Stacey
c17fa40114
Consolidate permission exports (#13012)
The permission-related modules are now all exported together in the
index of the `app/scripts/controllers/permissions` directory.
2021-12-08 07:07:35 -03:30
Erik Marks
31cf7c10a4
Permission System 2.0 (#12243)
# Permission System 2.0

## Background

This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.

With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.

Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.

The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.

## Changes in Detail

First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.

- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.

Reviewers should focus their attention on the following files:

- `app/scripts/`
  - `metamask-controller.js`
    - This is where most of the integration work for the new `PermissionController` occurs.
      Some functions that were internal to the original controller were moved here.
  - `controllers/permissions/`
    - `selectors.js`
      - These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
    - `specifications.js`
      - The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
        See the `PermissionController` readme for details.
  - `migrations/068.js`
    - The new state should be cross-referenced with the controllers that manage it.
      The accompanying tests should also be thoroughly reviewed.

Some files may appear new but have just moved and/or been renamed:

- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
  - This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
  - A truncated version of `test/mocks/permission-controller.js`.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-12-06 19:16:49 -08:00
Dan Finlay
2df159841a
Add eth_feeHistory to safe method list (#11999)
So that we can expose this method to dapps.
2021-09-02 10:26:32 -07:00
Erik Marks
8a8ce3a0c0
@metamask/controllers@15.0.0 (#11975)
Adds the latest version of `@metamask/controllers`, and updates our usage of the `ApprovalController`, which has been migrated to `BaseControllerV2`. Of [the new `controllers` release](https://github.com/MetaMask/controllers/releases/tag/v15.0.0), only the `ApprovalController` migration should be breaking.

This is the first time we use events on the `ControllerMessenger` to update the badge, so I turned the messenger into a property on the main `MetaMaskController` in order to subscribe to events on it in `background.js`. I confirmed that the badge does indeed update during local QA.

As it turns out, [MetaMask/controllers#571](https://github.com/MetaMask/controllers/pull/571) was breaking for a single unit test case, which is now handled during setup and teardown for the related test suite (`metamask-controller.test.js`).
2021-08-31 12:27:13 -07:00
Erik Marks
e142bf0c5e
Fix _getPermittedAccounts type safety (#10819) 2021-04-05 11:32:46 -07:00
Brad Decker
5a233e4634
colocate tests in flat structure (#10655) 2021-03-16 16:00:08 -05:00
Erik Marks
a29fc51838
Ensure permission log will only store JSON-able data (#10524) 2021-03-10 11:50:06 -08:00
Shane
e3084b87cc
fix: manually connect accountsChanged (#10477)
fixes #9933
2021-02-19 09:48:49 -08:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
Thomas Huang
1dad4abfdc
Fix site metadata JSON-RPC handler (#10243)
* Fix getting the site metadata from the request origin params.

Regressed from inpage-provider ts migration the request. The property domainMetadata is now set as a params key for the request.

https://github.com/MetaMask/inpage-provider/blob/v7.0.0/src/siteMetadata.js#L19-L25
vs
https://github.com/MetaMask/inpage-provider/blob/main/src/siteMetadata.ts#L19-L27

* Change hardcoded mocked response of the request to the prod response.
2021-01-22 10:27:07 -08:00
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
90289ec22a
Further improve organization of constants (#10200) 2021-01-20 08:13:14 -08:00
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
Erik Marks
eeee8852cd
Add eth_getProof to safe methods (#10070)
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186

It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
2020-12-14 15:21:15 -08:00
Erik Marks
8f40d03299
Add approval controller (#9401)
This PR introduces the new approval controller to the extension codebase. We use it for the permissions controller's pending approval functionality.

The approval controller sets us up for a new pattern of requesting and managing user confirmations in RPC methods. Along with the generic RPC method middleware, the approval controller will allow us to eliminate our message managers, and decouple various method handlers from our provider stack, making the implementations more portable between the extension and mobile.
2020-12-14 08:04:26 -08:00
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Mark Stacey
14d85b1332
Make JSDoc formatting more consistent (#9796)
A few inconsistencies in JSDoc formatting have been fixed throughout
the project. Many issues remain; these were just the few things that
were easy to fix with a regular expression.

The changes include:

* Using lower-case for primitive types, but capitalizing non-primitive
 types
* Separating the parameter identifier and the description with a dash
* Omitting a dash between the return type and the return description
* Ensuring the parameter type is first and the identifier is second (in
 a few places it was backwards)
* Using square brackets to denote when a parameter is optional, rather
 than putting "(optional)" in the parameter description
* Including a type and identifier with every parameter
* Fixing inconsistent spacing, except where it's used for alignment
* Remove incorrectly formatted `@deprecated` tags that reference non-
 existent properties
* Remove lone comment block without accompanying function

Additionally, one parameter was renamed for clarity.
2020-11-10 14:00:41 -03:30
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
7d0a7ab301
Update @metamask/eslint-config to v4.1.0 (#9663)
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.

Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.

Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
2020-10-21 14:01:03 -02:30
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
c11888f287
Fix no-empty-function issues (#9216)
See [`no-empty-function`](https://eslint.org/docs/rules/no-empty-function) for more information.

This change enables `no-empty-function` and fixes the issues raised by the rule.
2020-08-14 09:17:02 -02:30
Whymarrh Whitby
a8863a3446
Fix consistent-return issues (#9192)
See [`consistent-return`](https://eslint.org/docs/rules/consistent-return) for more information.

This change enables `consistent-return` and fixes the issues raised by the rule.
2020-08-12 16:36:57 -02:30