* origin/master: (101 commits)
Updating changelog
Add token standard to custom token details (#14506)
Revert "Dark Mode: What's New Announcement (#14346)"
Ensure network name in confirm page container is defined (#14520)
Updating lavamoat policies
Fix the alerts toggles in settings (#14498)
Disable swaps whenever the environment is not development or testing, so that behaviour follows production for QA purposes (#14499)
[skip e2e] Updating changelog for v10.14.0 (#14487)
Version v10.14.0
Docs - segment metrics (#14435)
Add snaps view search (#14419)
Run main, flask and beta in sequence in generate-lavamoat-policies.sh (#14470)
Modify import SRP page (#14425)
Dark Mode: Implement Metrics (#14455)
HoldToRevealButton component (#13785)
e2e test import json file as import account strategy (#14449)
MetaMetrics: Identify 'number_of_tokens' user trait (#14427)
MetaMetrics: Identify 'nft_autodetection_enabled' & 'opensea_api_enabled' (#14367)
Swaps: Sort "token_from" dropdown tokens by their fiat value first and "token_to" by top tokens (#14436)
Update segment instantiation check. Only check if SEGMENT_WRITE_KEY exists (#14407)
...
A patch has been added to ensure lavapack no longer includes the path
for each module as part of each serialized module. This path was
originally added for debugging purposes, and is not used for anything
at runtime. The module path was an absolute path, not a relative one,
so it was an obstacle to having reproducible builds between
environments.
The phishing warning page URL environment variable has been renamed
from `PHISHING_PAGE_URL` to `PHISHING_WARNING_PAGE_URL`. We call this
page the "phishing warning page" everywhere else, and this name seemed
better suited (it's not a phishing page itself).
The variable has been listed and documented in `.metamaskrc.dist` as
well.
The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`.
The iframe case was updated with a new design, which required test
changes. The third test that was meant to ensure the phishing page
can't redirect to an extension page has been updated to navigate
directly to the phishing warning page and setting the URL manually via
query parameters, as that was the only way to test that redirect.
Two CI validation errors have been fixed:
* A duplcate entry has been removed from the lockfile
* `@metamask/phishing-warning` has been added to the depcheck config,
so that it knows that dependency is being used (in e2e tests)
* Create `.zip` files deterministically
Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.
The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.
* Update lavamoat build policy
An externally hosted phishing warning page is now used rather than the
built-in phishing warning page.The phishing page warning URL is set via
configuration file or environment variable. The default URL is either
the expected production URL or `http://localhost:9999/` for e2e testing
environments.
The new external phishing page includes a design change when it is
loaded within an iframe. In that case it now shows a condensed message,
and prompts the user to open the full warning page in a new tab to see
more details or bypass the warning. This is to prevent a clickjacking
attack from safelisting a site without user consent.
The new external phishing page also includes a simple caching service
worker to ensure it continues to work offline (or if our hosting goes
offline), as long as the user has successfully loaded the page at least
once. We also load the page temporarily during the extension startup
process to trigger the service worker installation.
The old phishing page and all related lines have been removed. The
property `web_accessible_resources` has also been removed from the
manifest. The only entry apart from the phishing page was `inpage.js`,
and we don't need that to be web accessible anymore because we inject
the script inline into each page rather than loading the file directly.
New e2e tests have been added to cover more phishing warning page
functionality, including the "safelist" action and the "iframe" case.
* MetaMetrics: identify number_of_tokens
* MetaMetrics: update number_of_tokens
do not filter by unique addresses.
Each token contract x chain id combo is a unique contract
* MetaMetrics: update MetaMetricsTraits @typedef
- add number_of_tokens
* MetaMetrics: clean up number_of_tokens
* MetaMetrics: alphabetize in test
* segment: instantiate w/out SEGMENT_HOST check
If SEGMENT_HOST is null, then the analytics-node library will usea defaulted host
* Segment: rm IN_TEST check for instantiation
* Fix speed-up/cancel: don't update existing transaction data
* Move retryTxMeta state management to useGasFeeInputs.js
* Handle initial retryTxMeta set if no transaction is passed to useGasFeeInputs
* Ensure previousGas is use on retry transaction if it is available in useGasFeeInputs
* Remove update transaction mock and correctly test gas fee increase scenarios now that updateTransaction used in cancel-speedup is defined on the front end
* Fix speed-up/cancel: don't update existing transaction data
* Move retryTxMeta state management to useGasFeeInputs.js
* Handle initial retryTxMeta set if no transaction is passed to useGasFeeInputs
* Ensure previousGas is use on retry transaction if it is available in useGasFeeInputs
* Remove update transaction mock and correctly test gas fee increase scenarios now that updateTransaction used in cancel-speedup is defined on the front end
