1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

1664 Commits

Author SHA1 Message Date
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
Erik Marks
5a80f04dca
Consolidate notification UI openers (#9885)
* Consolidate notification UI openers

* Update tests
2020-11-16 08:32:53 -08:00
Mark Stacey
14d85b1332
Make JSDoc formatting more consistent (#9796)
A few inconsistencies in JSDoc formatting have been fixed throughout
the project. Many issues remain; these were just the few things that
were easy to fix with a regular expression.

The changes include:

* Using lower-case for primitive types, but capitalizing non-primitive
 types
* Separating the parameter identifier and the description with a dash
* Omitting a dash between the return type and the return description
* Ensuring the parameter type is first and the identifier is second (in
 a few places it was backwards)
* Using square brackets to denote when a parameter is optional, rather
 than putting "(optional)" in the parameter description
* Including a type and identifier with every parameter
* Fixing inconsistent spacing, except where it's used for alignment
* Remove incorrectly formatted `@deprecated` tags that reference non-
 existent properties
* Remove lone comment block without accompanying function

Additionally, one parameter was renamed for clarity.
2020-11-10 14:00:41 -03:30
Dan J Miller
c044b6f2b4
Alternative savings fix (#9675)
* Alternative savings fix

* Further required changes to savings fix

* Further fix to savings calculations that properly accounts for metamask fees

* metaMaskFeeInEth property on quotes to decimal string

* Fix swaps controller unit tests

* Improve documentation in swaps controller

* Prevent getMedianEthValueQuote from mutation passed quotes array with .sort() call

* Another fix and refactor to savings calculations in _findTopQuoteAndCalculateSavings

Cleaner structuring of conditionals for setting tokenValueOfQuoteForSorting, ethValueOfQuote and metaMaskFeeInEth in swaps controller

Stop subtracting medianMetaMaskFee from savings, but include it in savings data

Another fix and refactor to savings calculations in _findTopQuoteAndCalculateSavings

* Add and update unit tests for _findTopQuoteAndCalculateSavings

* Improve calculation of overallValueOfQuoteForSorting for case where ETH is the source token

* Clean up getMedianEthValueQuote code, test and comments

* Clean up _findTopQuoteAndCalculateSavings, create test input and expected results helper functions

* Update getMedianEthValueQuote to account for multiple quotes with overall values equal to the median

* Add jsdoc comment for meansOfQuotesFeesAndValue

* Fix jsdoc comment for getMedianEthValueQuote
2020-11-09 13:39:38 -03:30
Brad Decker
a49a4a066c
expand transaction constants coverage (#9790)
* expand transaction constants coverage

* touchups

* dont import inside of e2e

* Update app/scripts/controllers/transactions/tx-state-manager.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update test/unit/app/controllers/transactions/tx-controller-test.js

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-07 01:38:12 -06:00
Patryk Łucka
ee205b893f
Create custom addHexPrefix function (#9306)
* create custom addHexPrefix function

* switch to custom addHexPrefix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Erik Marks <rekmarks@protonmail.com>
2020-11-06 13:18:00 -08:00
David Walsh
cfbcc12398
Make all UI tabs accessible via keyboard (#9518) 2020-11-05 12:05:41 -06:00
Erik Marks
dce699de9e Use signTypedDataV4 instead of signTypedData in e2e tests 2020-11-03 21:51:59 -08:00
Brad Decker
026a06b39d
add shared transaction constants (#9459)
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2020-11-03 16:57:51 -06:00
Mark Stacey
1ab922972e
Reduce wait during incoming transaction unit tests (#9770)
Some of the unit tests for the incoming transaction controller included
a 1 second wait. The wait was to ensure that a state update did not
occur, as it happens asynchronously.

The tests work equally well using a `setTimeout` with a zero second
wait, because the asynchronous block update is guaranteed to have been
queued up by the time this timeout function is called. The timeout has
been reduced to `0` to speed up the tests.

Additionally, `undefined` has been added to the list of network names
used to construct the fake API responses. This is to ensure that the
API returns a valid response, so that the test fails when it should.
2020-11-03 17:46:28 -03:30
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
55bff07bbf
Use chainId for incoming transactions controller (#9583)
The incoming transactions controller now uses the `chainId` for the
current network instead of the `networkId`. This ensures that custom
RPC endpoints for the built-in supported networks do correctly receive
incoming transactions.

As part of this change, the incoming transactions controller will also
cease keeping track of the "last block fetched" for networks that are
not supported. This piece of state never really represented the last
block fetched, as _no_ blocks were fetched for any such networks. It
been removed.
2020-10-30 22:28:12 -02:30
Mark Stacey
59aab93560
Add unit tests for incoming transaction block events (#9755)
Unit tests have been added to the incoming transactions controller to
ensure that block updates are correctly resulting in state updates when
incoming transactions are enabled. All other events that trigger state
updates are tested as well.

The tests were written to be minimally dependent upon implementation
details of the controller itself. `nock` was used to mock the API
response from Etherscan. Each event is triggered asynchronously by
`sinon`, as in production they are likely only triggered
asynchronously.

This was extracted from #9583

This PR includes a new `wait-until-called` module meant to help with
writing asynchronous tests. It allows you to wait until a stub has been
called.
2020-10-30 11:47:36 -02:30
Mark Stacey
d99d8591f0
Replace shared mocks in incoming transaction controller tests (#9754)
The shared mocks used previously in the incoming transaction controller
tests have been replaced with functions that can generate a new mock
for each test.

We should avoid ever sharing mocks between tests. It's quite easy for
a mock to get accidentally mutated or not correctly "reset" for the
next test, leading to test inter-dependencies and misleading results.

In particular, it is unsafe to share a `sinon` fake (e.g. a spy or
stub) because they can't be fully reset between tests. Or at least it's
difficult to reset them property, and it can't be done while also
following their recommendations for preventing memory leaks.

The spy API and all related state can be reset with `resetHistory`,
which can be called between each test. However `sinon` also recommends
calling `restore` after each test, and this will cause `sinon` to drop
its internal reference to the fake object, meaning any subsequent call
to `resetHistory` would fail. This is intentional, as it's required to
prevent memory from building up during the test run, but it also means
that sharing `sinon` fakes is particularly difficult to do safely.

Instead we should never share mocks in the first place, which has other
benefits anyway.

This was discovered while writing tests for #9583. I mistakenly
believed that `sinon.restore()` would reset the spy state, and this was
responsible for many hours of debugging test failures.
2020-10-29 12:46:04 -02:30
Mark Stacey
1294955d81
Fix swaps when initial network not Mainnet (#9745)
This is a continuation of #9726, which did not fix the problem
described.

If the initial network when the extension is started is something other
than Mainnet, the swaps controller will never successfully retrieve
swap quotes. This is because `ethers` will continue to communicate
with whichever network the provider was initially on.

We tried fixing this by hard-coding the `chainId` to Mainnet's
`chainId` when constructing the Ethers provider, but this did not work.
I suspect this failed because the `provider` we pass to `ethers` is not
compliant with EIP 1193, as `ethers` doubtless expects it to be.

Instead the entire `ethers` provider is now reconstructed each time the
network changes. This mirrors the approach we take in some other
controllers.
2020-10-28 16:17:32 -02:30
Mark Stacey
3bbc1d1fa4
Fix fetching of swap quotes when initial network was testnet (#9726)
If the initial network when the extension is started is something other
than Mainnet, the swaps controller will never successfully retrieve
swap quotes. This is because the `ethers` provider used by the swaps
controller doesn't allow network changes by default - it assumes that
the network remains the same as when the provider was initialized.

This was fixed by hard-coding Mainnet as the initial chain ID for this
`ethers` provider used by the swaps controller.

Some adjustments needed to be made to the `provider` stub to allow
setting `1` as the network ID and chain ID in unit tests.
2020-10-27 13:22:21 -02:30
Erik Marks
d843bed4e3
Robustify waiting logic in e2e test (#9704)
* Robustify waiting for popup to open

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-10-23 16:24:20 -07:00
Mark Stacey
1ad87d36c3
Improve stability of contract deposit e2e test (#9685)
The e2e test for the contract deposit action was unnecessarily reliant
upon timing. After initiating a deposit, it would grab the first
transaction in the transaction list and assume it was the deposit that
it had just initiated. If it looked prior to the unapproved transaction
being added to the list, it would grab the wrong transaction.

It now looks specifically for _unconfirmed_ transactions, meaning it
will block until the deposit transaction is rendered.

This was discovered in testing a test-dapp PR:
https://github.com/MetaMask/test-dapp/pull/76
2020-10-22 19:07:12 -02:30
Whymarrh Whitby
362e717eef
Fix node/no-deprecated-api issues (#9670)
Refs #9663

See [`node/no-deprecated-api`][1] for more information.

This change enables `node/no-deprecated-api` and fixes the issues raised by the rule.

  [1]:https://github.com/mysticatea/eslint-plugin-node/blob/v11.1.0/docs/rules/no-deprecated-api.md

The change to the way that `punycode` is imported is to address the fact that
third-party module is hidden by the built-in. This is a silly hack but it works.
2020-10-22 11:33:45 -02:30
Whymarrh Whitby
b369a68eb3
Fix node/no-callback-literal issues (#9668)
Refs #9663

See [`node/no-callback-literal`][1] for more information.

This change enables `node/no-callback-literal` and fixes the issues raised by the rule.

  [1]:https://github.com/mysticatea/eslint-plugin-node/blob/v11.1.0/docs/rules/no-callback-literal.md
2020-10-21 15:54:51 -02:30
Mark Stacey
7d0a7ab301
Update @metamask/eslint-config to v4.1.0 (#9663)
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.

Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.

Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
2020-10-21 14:01:03 -02:30
Erik Marks
7de7e7d8c2
Add swaps savings calculation (#9611)
* Calculate savings per swap relative to median values

* Update test mock quotes, add getMedian tests

* Identify assets by sourceToken and destinationToken
2020-10-19 14:52:47 -07:00
Erik Marks
6e8c9aede8
Migrate 'localhost' tokens (#9570)
* Delete localhost state from incoming tx controller

* Migrate localhost tokens

Co-authored-by: Dan Finlay <542863+danfinlay@users.noreply.github.com>
2020-10-13 07:07:00 -07:00
Erik Marks
4ce04b5cb9
Delete localhost state from incoming tx controller (#9569) 2020-10-13 06:18:24 -07:00
Erik Marks
f9e0c64abe
Fix migration 048 chainId conversion (#9567) 2020-10-12 19:24:45 -07:00
Erik Marks
e071b4482e
Use chainId values for the address book (#9565)
* Delete CachedBalancesController.cachedBalances

* Migrate provider to Rinkeby instead of deleting it

* Convert hex transaction metamaskNetworkId values to decimal

* Don't migrate provider state in e2e tests

* Don't kick custom RPC users to Rinkeby unnecessarily

* Use provider.chainId for address book chainId values

* Add address book migration

* Fix failing unit test

* fixup! Merge branch 'develop' into address-book-use-chainId

* Select address book entries for display by chainId

* Merge all address book entry keys

* fixup! Merge all address book entry keys
2020-10-12 16:35:55 -07:00
Erik Marks
bdd6416ba0
Update migration 048 (#9560)
* Delete CachedBalancesController.cachedBalances

* Migrate provider to Rinkeby instead of deleting it

* Convert hex transaction metamaskNetworkId values to decimal

* Don't migrate provider state in e2e tests

* Don't kick custom RPC users to Rinkeby unnecessarily
2020-10-12 14:09:08 -07:00
Erik Marks
45ba657ca1
Fix signTypedData_v4 chainId param validation (#9552) 2020-10-12 12:10:19 -07:00
Erik Marks
5b8c07817a
Remove localhost provider type (#9551)
* Delete localhost provider type

* Use ganache-cli default chain ID for tests

* Delete unused test firstTimeState variable

* Migrate default ganache-cli network to frequentRpcListDetail

* Add default test provider state

* Add test functionality to createJsonRpcClient

* Lint locales

* Update test middleware creation

* fixup! Update test middleware creation
2020-10-12 12:05:40 -07:00
Dan J Miller
33b755fa66
Update #2 to the MetaSwap contract address (#9557) 2020-10-12 14:50:37 -02:30
Dan J Miller
6409caa081
Use initial transaction for settings swap transaction title params (#9543)
* Use initial transaction for settings swap transaction title params, and remove addition of swap properties to cancel transcations

* Update unit test data

* Use token symbol properties from initial transaction for filitering in transaction list
2020-10-10 17:20:20 -02:30
Erik Marks
d35db87447
Simplify _findTopQuoteAggId call in fetchAndSetQuotes (#9542) 2020-10-09 11:00:20 -07:00
Dan J Miller
98f049f8cb
Only shows the swaps intro popup on mainnet (#9534)
* Only shows the swaps intro popup on mainnet

* Remove code that closes swaps popup from e2e tests

* correct casing on isMainnet prop in home component
2020-10-09 13:07:11 -02:30
Dan J Miller
549140f6f5
Remove max mode for eth feature from swaps (#9531)
* Remove max mode for eth feature from swaps

* Fix unit tests after removing maxMode from swaps
2020-10-09 12:26:23 -02:30
Erik Marks
30d6ad83f7
Refactor background Segment usage (#9509)
* Create wrapper function for segment events
* Extract transaction controller metrics calls into own function

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-10-08 09:41:23 -07:00
Dan J Miller
392f9eafc2
Stop passing a gas param to the estimateGas call initiated in the swaps controller (#9501)
* Stop passing a gas param to the estimateGas call initiated in the swaps controller timedoutGasReturn

* Stop passing gas params to timedoutGasReturn

* Lint fix

* Stop passing no longer used param to setInitialGasEstimate
2020-10-07 16:30:17 -02:30
Mark Stacey
17f7ca2cfe
Update address book state upon custom RPC chainId edit (#9493)
When the `chainId` for a custom RPC endpoint is edited, we now migrate
the corresponding address book entries to ensure they are not orphaned.

The address book entries are grouped by the `metamask.network` state,
which unfortunately was sometimes the `chainId`, and sometimes the
`networkId`. It was always the `networkId` for built-in Infura
networks, but for custom RPC endpoints it would be set to the user-set
`chainId` field, with a fallback to the `networkId` of the network.

A recent change will force users to enter valid `chainId`s on all
custom networks, which will be normalized to be hex-prefixed. As a
result, address book contacts will now be keyed by a different string.
The contact entries are now migrated when this edit takes place.

There are some edge cases where two separate entries share the same set
of contacts. For example, if two entries have the same `chainId`, or if
they had the same `networkId` and had no `chainId` set. When the
`chainId` is edited in such cases, the contacts are duplicated on both
networks. This is the best we can do, as we don't have any way to know
which network the contacts _should_ be on.

The `typed-message-manager` unit tests have also been updated as part
of this commit because the addition of `sinon.restore()` to the
preferences controller tests ended up clearing a test object in-between
individual tests in that file. The test object is now re-constructed
before each individual test.
2020-10-07 15:02:17 -02:30
Erik Marks
bf1bb6ca7e
Check specified chain ID against endpoint return value (#9491)
Adds additional validation to chainId values in the network form, by comparing the specified value against the value returned by the endpoint.
2020-10-07 11:58:22 -02:30
Erik Marks
6a6600c730
Use networkVersion for network state; chainId for signing transactions (#9487) 2020-10-06 17:48:24 -02:30
Dan J Miller
30d13422b5
Add MetaMask Swaps (#9482) 2020-10-06 15:58:38 -02:30
Erik Marks
088d4c34f1
Merge pull request from GHSA-c2xw-px2x-pr65
* Remove network config store
* Remove inline networks variable in network controller
* Re-key network controller 'rpcTarget' to 'rpcUrl'
* Require chainId in lookupNetwork, implement eth_chainId
* Require chain ID in network form
* Add alert, migrations, and tests
* Add chainId validation to addToFrequentRpcList
* Update public config state selector to match new network controller
state
* Use network enums in networks-tab.constants
* Ensure chainId in provider config is current
* Update tests
2020-10-06 15:27:02 -02:30
Patryk Łucka
f6d0deb80b
Fix 3Box sync and e2e tests (#9422)
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-09-29 14:17:55 -02:30
Mark Stacey
97b49b7614
Add prettier-plugin-sort-json (#9450)
JSON files are now sorted by key with `prettier`, using the plugin
`prettier-plugin-sort-json`. This does not affect `package.json`
because `prettier` uses a special parser for that file, as it has
a more restrictive format than JSON.
2020-09-23 12:21:42 -02:30
Pedro Pablo Aste Kompen
e205124db4
Update Wyre purchase URL (#9414) 2020-09-15 17:56:51 -02:30
Brad Decker
c97493cc13
rename Ethereum Main Network -> Etherum Mainnet (#9411) 2020-09-15 14:34:16 -05:00
Mark Stacey
ce66ddcf0d
Use prettier for JSON linting (#9396)
Instead of using `eslint-plugin-json` for linting JSON files,
`prettier` is now used. `prettier` is capable of detecting and
correcting more problems than `eslint-plugin-json` can, such as
indentation.

All JSON files have been run through `prettier`. The changes are all
superficial.
2020-09-11 10:57:39 -03:00
Whymarrh Whitby
e2dedaacdb
Use Infura v3 API (#9368)
* Use eth-json-rpc-infura@5.0.0
* Use Infura v3 API
* Add example .metamaskrc file
2020-09-10 13:46:00 -02:30
Erik Marks
f02ba2d561
Ensure the extension can be unlocked without network access (#9295)
move checkForLatestBlock to separate catch block
add test case
remove duplicate checkForLatestBlock call
2020-09-08 22:29:24 -07:00
Patryk Łucka
3d4f1f45bd
Add messages to Ledger connection process (#9344) 2020-09-02 13:58:14 -02:30
ricky
f281df3b36
Feature/hide seedphrase when restoring vault (#9329)
* hide seedphrase (by default) with option to show it
2020-09-02 11:45:09 -04:00