* Version v7.7.7
* Update `@metamask/eth-ledger-bridge-keyring` (#8162)
* Update `@metamask/eth-ledger-bridge-keyring`
The Ledger keyring has been updated to ensure that any stale BIP44
accounts created prior to v7.7.6 of the extension are discarded when
the extension starts. Any attempts to sign with these accounts would
have failed; they needed to be re-added regardless.
* Update changelog
* Fix Ledger account index check for account zero (#8163)
Update Ledger keyring to fix bug when trying to sign with account 0
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
The `tabId` of the message sender is now added to the middleware
request object. This step is omitted if the `tabId` is not provided.
This is done early in the middleware stack, so the `tabId` should be
available for any subsequent middleware to use.
The Onboarding Middleware has also been modified to get the `tabId`
from the request object, rather than expecting it as a parameter upon
creation.
This refactor will enable further uses of the `tabId`.
Implement `eth_decrypt` and `eth_getEncryptionPublicKey`. This allows decryption backed by the user's private key. The message decryption uses a confirmation flow similar to the messaging signing flow, where the message to be decrypted is also able to be decrypted inline for the user to read directly before confirming.
* Revert "Revert "Update Wyre ETH purchase url" (#7631)"
This reverts commit bc67d1eeca.
* Restrict widget to just debit card payments
Apple Pay apparently only works on Safari.
* Revert "Revert "Update Wyre ETH purchase url" (#7631)"
This reverts commit bc67d1eeca.
* Restrict widget to just debit card payments
Apple Pay apparently only works on Safari.
Any error sent to Sentry will now be marked with the environment they
were sent from. The environment is set at build time, and is set
dependant upon the build flags and CI-related environment variables.
Setting the environment will let us filter error reports in Sentry to
focus specifically upon reports sent from production, release
candidates, PR testing, or whatever else.
The custom spend limit was previously not validated. It did have a
minimum of zero set, but this didn't have any affect (that minimum is
used for form constraint validation, and this field wasn't in a form).
The field was never checked to ensure the contents didn't exceed the
maximum.
The field is now checked for values that exceed the maximum, and
invalid values in general (including negative values).
The parameters to the `showEditApprovalPermissionModal` were also
alphabetized to make them easier to read. In the course of doing this,
I noticed that the origin was missing from one of the calls. This was
responsible for the modal saying "Spend limit requested by undefined"
when clicking "Edit" under the transaction details. This has been
fixed.
The custom spend limit was previously not validated. It did have a
minimum of zero set, but this didn't have any affect (that minimum is
used for form constraint validation, and this field wasn't in a form).
The field was never checked to ensure the contents didn't exceed the
maximum.
The field is now checked for values that exceed the maximum, and
invalid values in general (including negative values).
The parameters to the `showEditApprovalPermissionModal` were also
alphabetized to make them easier to read. In the course of doing this,
I noticed that the origin was missing from one of the calls. This was
responsible for the modal saying "Spend limit requested by undefined"
when clicking "Edit" under the transaction details. This has been
fixed.
These two functions differ slightly in options, but none of those
options are being used by us, so in these cases they're functionally
equivalent. They're even both descendants of the original `debounce`
function from `underscore`.
This was done to reduce the number of direct dependencies we have. It
should not affect bundle size, as we still depend upon the `debounce`
package transitively.
This was done to reduce the number of direct dependencies we have. It
should be functionally equivalent. The bundle size should not change,
as we use `clone` as a transitive dependency in a number of places.
Previously, all errors encountered during testing or production were
sent to the primary `metamask` Sentry project, whereas development
errors were sent to `test-metamask` instead. This change ensures that
errors encountered during tests are sent to `test-metamask` as well.
Update accounts permission history on accountsChanged
Create PermissionsLogController
Fix permissions activity log pruning
Add selectors, background hooks for better UX
Make selected account the first account returned
Use enums for store keys in log controller
Add last selected address history to PreferencesController
Any error caught during a React component render or lifecycle method
will now be caught by the top-level error boundary, which shows the
user this new error page. The error page will display a simple error
message, and will show the details of the error in a collapsible
section.
The caught error is also reported to Sentry.
In development the error will be re-thrown to make it easier to see on
the console, but it is not re-thrown in production.
* Remove unnecessary `getEnvironmentType` parameter
The default value of the first parameter is `window.location.href`, so
there is no need to pass it in explicitly.
* Remove junk parameter from `getEnvironmentType` invocation
`getEnvironmentType` doesn't need to be passed any parameter, as the
default value is `window.location.href` which is generally what is
wanted. In this case, the variable `location.href` was always
`undefined` anyway. This particular `location` variable is from React
Router, and does not have an `href` property.
* Fix comment for `getEnvironmentType`
One of the possible return values was referred to by the wrong name.
The filename is seeded by a simple use of Math.random() pulling from an alphanumeric character bank, as opposed to a more cryptographically random solution. This provides a simple layer of difficulty for bad actors to seek out the recovery phrase file.
As of #7663, an in-memory store was used in place of local storage
during e2e tests, to facilitate the use of state fixtures. However,
this made it difficult to export state during a test run. The
instructions for exporting state to create fixtures assumed that local
storage was being used.
A new global function has been added to the background context to allow
exporting state. This method is available during testing and
development, and it works with either local storage or the in-memory
store. The fixture instructions have been updated to reference this new
function.
* Specify type before parameter name
Various JSDoc `@param` entries were specified as `name {type}` rather
than `{type} name`.
A couple of `@return` entries have been given types as well.
* Use JSDoc optional syntax rather than Closure syntax
* Use @returns rather than @return
* Use consistent built-in type capitalization
Primitive types are lower-case, and Object is upper-case.
* Separate param/return description with a dash
Typically the fullscreen UI will open upon installation, though this
behaviour was suppressed in development. This was dealt with in the e2e
tests by waiting for it to open, then closing it.
Instead this behaviour is now suppressed for test builds as well.
* Remove unused onboarding stream
* Pass `sender` through to `setupProviderEngine`
The Port `sender` has been passed down a few more layers. This allows
us to get more information from the sender deeper in the stack, but
also simplifies things a bit as well. For example, now the "fake"
URL object with the `metamask` hostname is no longer needed.
* Create onboarding middleware
This middleware intercepts `wallet_registerOnboarding` RPC messages. It
will register the sender as an oboarding initiator if possible, and
otherwise ignores the message.
* Add network store for testing
An alternative persistent state store has been created for use with e2e
tests. Instead of reading state from disk, it tries to load state from
a local fixture server running on port `12345` and serving state from
the path `/state.json`, and returns a blank state otherwise.
* Add e2e test fixture server
A fixture server has been added for serving background state, which the
background will read upon startup as part of restoring persisted state.
The `signature-request` e2e test has been updated to use a fixture to
bypass the registration step. The fixture used (`imported-account`) was
generated by pausing midway through that test run
The connect route now takes a route parameter: the permissions request
id. This id is set whenever the permissions connect screen is opened,
ensuring that that tab is for that specific request alone.
This makes handling of multiple permissions requests a bit more
intuitive. Previously whenever opening multiple permissions requests,
the first one would be shown on each successive tab, whereas you
would expect each tab to show the request that prompted the tab to
open. Users may now address permissions request in whichever order
they'd like to, rather than being forced to deal with them
chronologically.
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Handle transaction ordering in cases where tx ids are off by more than 1 in tx-state-manager
* Add comment to addUnapprovedTransaction explaining calling _determineTransactionCategory after generateTxMeta
* Sort txes by timestamp of creation instead of id
Attempts to approve or reject a permissions request that is no longer
pending will now emit a warning instead of throwing an exception.
I _think_ this can happen by clicking 'Submit' on the Permission
Connect screen twice, though I've been unable to reproduce that. I know
that it can be done if using multiple windows though. While it is
possible we have a UI bug somewhere (e.g. maybe we're not preventing
'Submit' from being clicked twice), I don't think it's possible to
eliminate the chance of this happening altogether, so we'd best prepare
for it.
* origin/develop:
Fix SimpleDropdown event bubbling (#7627)
Remove unneeded store connections (#7625)
Replace wild random number key with index (#7629)
Use ES6 exports for selectors (#7626)
Fix a typo made comparing previous prop (#7628)
Connect distinct accounts per site (#7004)
eslint: Enable more react/jsx-* rules (#7592)
Enable react/no-unused-state rule for ESLint (#7609)
Enable no-var rule for ESLint (#7590)
Process URL fragment for ens-ipfs redirects (#7604)
add locale fix script (#7580)
Prevent redux state mutation (#7598)
* add PermissionsController
remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata
add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales
Add external extension id to metadata (#7396)
update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages
* Login Per Site UI (#7368)
* LoginPerSite original UI changes to keep
* First commit
* Get necessary connected tab info for redirect and icon display for permissioned sites
* Fix up designs and add missing features
* Some lint fixes
* More lint fixes
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Code cleanup for LoginPerSite-ui
* Update e2e tests to use new connection flow
* Fix display of connect screen and app header after login when connect request present
* Update metamask-responsive-ui.spec for new item in accounts dropdown
* Fix approve container by replacing approvedOrigins with domainMetaData
* Adds test/e2e/permissions.spec.js
* Correctly handle cancellation of a permissions request
* Redirect to home after disconnecting all sites / cancelling all permissions
* Fix display of site icons in menu
* Fix height of permissions page container
* Remove unused locale messages
* Set default values for openExternalTabs and tabIdOrigins in account-menu.container
* More code cleanup for LoginPerSite-ui
* Use extensions api to close tab in permissions-connect
* Remove unnecessary change in domIsReady() in contentscript
* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.
* Adds getOriginOfCurrentTab selector
* Adds IconWithFallback component and substitutes for appropriate cases
* Add and utilize font mixins
* Remove unused method in disconnect-all.container.js
* Simplify buttonSizeLarge code in page-container-footer.component.js
* Add and utilize getAccountsWithLabels selector
* Remove console.log in ui/app/store/actions.js
* Change last connected time format to yyyy-M-d
* Fix css associated with IconWithFallback change
* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes
* Code cleanup for LoginPerSite-ui
* Use reusable function for modifying openNonMetamaskTabsIDs in background.js
* Enables automatic switching to connected account when connected domain is open
* Prevent exploit of tabIdOriginMap in background.js
* Remove unneeded code from contentscript.js
* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs
* Design and styling fixes for LoginPerSite-ui
* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts
* Front end changes to support display of lastConnected time in connected and permissions screens
* Fix lint errors
* Refactor structure of permissionsHistory
* Fix default values and object modifications for domain and permissionsHistory related data
* Fix connecting to new accounts from modal
* Replace retweet.svg with connect-white.svg
* Fix signature-request.spec
* Update metamask-inpage-provider version
* Fix permissions e2e tests
* Remove unneeded delay from test/e2e/signature-request.spec.js
* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec
* Use requestAccountTabIds strategy for determining tab id that opened a given window
* Improve default values for permissions requests
* Add some message descriptions to app/_locales/en/messages.json
* Code clean up in permission controller
* Stopped deep cloning object in mapObjectValues
* Bump metamask-inpage-provider version
* Add missing description in app/_locales/en/messages.json
* Return promises from queryTabs and switchToTab of extension.js
* Remove unused getAllPermissions function
* Use default props in icon-with-fallback.component.js
* Stop passing to permissions controller
* Delete no longer used clear-approved-origins modal code
* Remove duplicate imports in ui/app/components/app/index.scss
* Use URL instead of regex in getOriginFromUrl()
* Add runtime error checking to platform, promise based extension.tab methods
* Support permission requests from external extensions
* Improve font size and colour of the domain origin on the permission confirmation screen
* Add support for toggling permissions
* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions
* Remove unused code from LoginPerSite-ui branch
* Ensure modal closes on Enter press for new-account-modal.component.js
* Lint fix
* fixup! Login Per Site UI (#7368)
* Some code cleanup for LoginPerSite
* Adds UX for connecting to dapps via the connected sites screen (#7593)
* Adds UX for connecting to dapps via the connected sites screen
* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask
* Delete unused permissions controller methods
* Fixes two small bugs in the LoginPerSite ui (#7595)
* Restore `providerRequest` message translations (#7600)
This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.
* Login per site no sitemetadata fix (#7610)
* Support connected sites for which we have no site metadata.
* Change property containing subtitle info often populated by origin to a more accurate of purpose name
* Lint fix
* Improve disconnection modal messages (#7612)
* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages
* Update disconnectAccountModalDescription app/_locales/en/messages.json
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
* Improve disconnectAccount modal message clarity
* Adds cancel button to the account selection screen of the permissions request flow (#7613)
* Fix eth_accounts permission language & selectability (#7614)
* fix eth_accounts language & selectability
* fix MetaMask capitalization in all messages
* Close sidebar when opening connected sites (#7611)
The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.
It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.
I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.
* Reject permissions request upon tab close (#7618)
Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617
* Handle tab update failure (#7619)
`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.
* Login per site tab popup fixes (#7617)
* Handle redirect in response to state update in permissions-connect
* Ensure origin is available to permissions-connect subcomponents during redirect
* Hide app bar whenever on redirect route
* Improvements to handling of redirects in permissions-connect
* Ensure permission request id change handling only happens when page is not null
* Lint fix
* Decouple confirm transaction screen from the selected address (#7622)
* Avoid race condtion that could prevent contextual account switching (#7623)
There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.
The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.
* Only redirect back to dapp if current tab is active (#7621)
The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.
* Fix JSX style lint errors
* Remove unused state
* add PermissionsController
remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata
add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales
Add external extension id to metadata (#7396)
update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages
* Login Per Site UI (#7368)
* LoginPerSite original UI changes to keep
* First commit
* Get necessary connected tab info for redirect and icon display for permissioned sites
* Fix up designs and add missing features
* Some lint fixes
* More lint fixes
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Code cleanup for LoginPerSite-ui
* Update e2e tests to use new connection flow
* Fix display of connect screen and app header after login when connect request present
* Update metamask-responsive-ui.spec for new item in accounts dropdown
* Fix approve container by replacing approvedOrigins with domainMetaData
* Adds test/e2e/permissions.spec.js
* Correctly handle cancellation of a permissions request
* Redirect to home after disconnecting all sites / cancelling all permissions
* Fix display of site icons in menu
* Fix height of permissions page container
* Remove unused locale messages
* Set default values for openExternalTabs and tabIdOrigins in account-menu.container
* More code cleanup for LoginPerSite-ui
* Use extensions api to close tab in permissions-connect
* Remove unnecessary change in domIsReady() in contentscript
* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.
* Adds getOriginOfCurrentTab selector
* Adds IconWithFallback component and substitutes for appropriate cases
* Add and utilize font mixins
* Remove unused method in disconnect-all.container.js
* Simplify buttonSizeLarge code in page-container-footer.component.js
* Add and utilize getAccountsWithLabels selector
* Remove console.log in ui/app/store/actions.js
* Change last connected time format to yyyy-M-d
* Fix css associated with IconWithFallback change
* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes
* Code cleanup for LoginPerSite-ui
* Use reusable function for modifying openNonMetamaskTabsIDs in background.js
* Enables automatic switching to connected account when connected domain is open
* Prevent exploit of tabIdOriginMap in background.js
* Remove unneeded code from contentscript.js
* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs
* Design and styling fixes for LoginPerSite-ui
* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts
* Front end changes to support display of lastConnected time in connected and permissions screens
* Fix lint errors
* Refactor structure of permissionsHistory
* Fix default values and object modifications for domain and permissionsHistory related data
* Fix connecting to new accounts from modal
* Replace retweet.svg with connect-white.svg
* Fix signature-request.spec
* Update metamask-inpage-provider version
* Fix permissions e2e tests
* Remove unneeded delay from test/e2e/signature-request.spec.js
* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec
* Use requestAccountTabIds strategy for determining tab id that opened a given window
* Improve default values for permissions requests
* Add some message descriptions to app/_locales/en/messages.json
* Code clean up in permission controller
* Stopped deep cloning object in mapObjectValues
* Bump metamask-inpage-provider version
* Add missing description in app/_locales/en/messages.json
* Return promises from queryTabs and switchToTab of extension.js
* Remove unused getAllPermissions function
* Use default props in icon-with-fallback.component.js
* Stop passing to permissions controller
* Delete no longer used clear-approved-origins modal code
* Remove duplicate imports in ui/app/components/app/index.scss
* Use URL instead of regex in getOriginFromUrl()
* Add runtime error checking to platform, promise based extension.tab methods
* Support permission requests from external extensions
* Improve font size and colour of the domain origin on the permission confirmation screen
* Add support for toggling permissions
* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions
* Remove unused code from LoginPerSite-ui branch
* Ensure modal closes on Enter press for new-account-modal.component.js
* Lint fix
* fixup! Login Per Site UI (#7368)
* Some code cleanup for LoginPerSite
* Adds UX for connecting to dapps via the connected sites screen (#7593)
* Adds UX for connecting to dapps via the connected sites screen
* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask
* Delete unused permissions controller methods
* Fixes two small bugs in the LoginPerSite ui (#7595)
* Restore `providerRequest` message translations (#7600)
This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.
* Login per site no sitemetadata fix (#7610)
* Support connected sites for which we have no site metadata.
* Change property containing subtitle info often populated by origin to a more accurate of purpose name
* Lint fix
* Improve disconnection modal messages (#7612)
* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages
* Update disconnectAccountModalDescription app/_locales/en/messages.json
Co-Authored-By: Mark Stacey <markjstacey@gmail.com>
* Improve disconnectAccount modal message clarity
* Adds cancel button to the account selection screen of the permissions request flow (#7613)
* Fix eth_accounts permission language & selectability (#7614)
* fix eth_accounts language & selectability
* fix MetaMask capitalization in all messages
* Close sidebar when opening connected sites (#7611)
The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.
It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.
I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.
* Reject permissions request upon tab close (#7618)
Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617
* Handle tab update failure (#7619)
`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.
* Login per site tab popup fixes (#7617)
* Handle redirect in response to state update in permissions-connect
* Ensure origin is available to permissions-connect subcomponents during redirect
* Hide app bar whenever on redirect route
* Improvements to handling of redirects in permissions-connect
* Ensure permission request id change handling only happens when page is not null
* Lint fix
* Decouple confirm transaction screen from the selected address (#7622)
* Avoid race condtion that could prevent contextual account switching (#7623)
There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.
The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.
* Only redirect back to dapp if current tab is active (#7621)
The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.
* Fix JSX style lint errors
* Remove unused state
* Ensures the tx controller + tx-state-manager orders transactions in the order they are received
* Handle transaction ordering in cases where tx ids are off by more than 1 in tx-state-manager
* Add comment to addUnapprovedTransaction explaining calling _determineTransactionCategory after generateTxMeta
* Sort txes by timestamp of creation instead of id
* Add support for one-click onboarding
MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.
At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.
If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.
Closes#6161
* Add onboarding button to contract test dapp
The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.
* Add new static server for test dapp
The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.
Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.
* Add `@metamask/onboarding` and `@metamask/forwarder`
Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
* Add additional url verification
* Add commas
* Address PR feedback
* Use URL over URI
* Update key in other languages
* Add stateKey check
* Split validateUrl into two separate methods
* Remove unused variable
* Add isValidWhenAppended method
Maker has upgraded its Dai token to "Multi-Collateral Dai" (MCD) and requires
all users interacting with Dai migrate their tokens to the new version. Dai
now exclusively refers to Multi-Collateral Dai and what was previouly called
Dai is now Sai (Single Collateral Dai).
In this description, Sai refers to what was (prior to the 2019-11-18) known as Dai.
Dai is the _new_ token.
This changeset:
1. Only affects users who had non-zero Sai at the old contract address
2. Displays a persistent notification for users with Sai
3. Updates the token symbol for users already tracking the Sai token
4. Bumps our direct and indirect eth-contract-metadata dependencies
The notification copy:
> A message from Maker: The new Multi-Collateral Dai token has been released. Your old tokens are now called Sai. Please upgrade your Sai tokens to the new Dai.
The copy is from the Maker team.
Of the 7 different icon sizes we have, only four were referenced in
the manifest. All 7 are now listed, which leaves the browser more to
choose from when deciding which to use.
The 'reverseResolveAddress' method is intended to return undefined if
unable to reverse resolve the given address. Instead it was throwing an
error, which surfaced in the UI console. This error is now caught.
* Redesign approve screen
* Add translations to approve screen components
* Show account in header of approve screen
* Use state prop bool for unlimited vs custom check in edit-approval-permission
* Set option to custom on input change in edit-approval-permission
* Allow setting of approval amount to unlimited in edit-approval-permission
* Fix height of confirm-approval popup
* Ensure decimals prop passted to confirm-approve.component is correct type
* Ensure first param passed to calcTokenValue in confirm-approve.util is the correct type
* Fix e2e test of permission editing
* Remove unused code from edit-approval-permission.container
* Omit MetaMask `extensionId` from site metadata
The site metadata was updated in #7218 to include the extension id of
the extension connecting to MetaMask. This was done to allow external
extensions to connect with MetaMask, so that we could show the id on
the provider approval screen.
Unbeknownst to me at the time, the extension id was being set for all
connections to MetaMask from dapps. The id was set to MetaMask's id,
because the connections are made through MetaMask's contentscript.
This has been updated to only set the id when accepting a connection
from a different extension.
* Fix `siteMetadata` property names
In #7218 a few things were added to the site metadata, so the provider
approval controller was middleware was updated to accept the site
metadata as an object rather than accepting each property as a separate
parameter. Unfortunately we failed to notice that the site name and
icon were named differently in the site metadata than they were in the
provider approval controller, so the names of those properties were
unintentionally changed in the controller state.
The provider approval controller has been updated to restore the
original property names of `siteTitle` and `siteIcon`. An unused prop
that was added to the provider approval page in #7218 has also been
removed.
* Omit MetaMask `extensionId` from site metadata
The site metadata was updated in #7218 to include the extension id of
the extension connecting to MetaMask. This was done to allow external
extensions to connect with MetaMask, so that we could show the id on
the provider approval screen.
Unbeknownst to me at the time, the extension id was being set for all
connections to MetaMask from dapps. The id was set to MetaMask's id,
because the connections are made through MetaMask's contentscript.
This has been updated to only set the id when accepting a connection
from a different extension.
* Fix `siteMetadata` property names
In #7218 a few things were added to the site metadata, so the provider
approval controller was middleware was updated to accept the site
metadata as an object rather than accepting each property as a separate
parameter. Unfortunately we failed to notice that the site name and
icon were named differently in the site metadata than they were in the
provider approval controller, so the names of those properties were
unintentionally changed in the controller state.
The provider approval controller has been updated to restore the
original property names of `siteTitle` and `siteIcon`. An unused prop
that was added to the provider approval page in #7218 has also been
removed.
* Adds Wyre widget to the deposit modal.
* Move wyre widget code to vendor directory
* Get Wyre widget working without metamask connect/sign steps
* Code cleanup for wyre changes
* Change wyre widget to using prod environment
* Remove code allowing signing of wyre messages without confirmations
* Update wyre vendor code for wyre 2.0
* Remove unnecessary changes to provider approval constructor, triggerUI and openPopup
* Fix Wyre translation message
* Delete no longer used signature-request-modal
* Fix documentation of matches function in utils/util.js
* Code cleanup on wyre branch
* Remove front end code changes not needed to support wyre v2
* Refactoring signature-request out to a new component. Wip
* Styling polish and a better message display.
* Update signature request header to no longer use account dropdown mini
* Clean up code and styles
* Code cleanup for signature request redesign branch
* Fix signature request design for full screen
* Replace makenode with object.entries in signature-request-message.component.js
* Remove unused accounts prop from signature-request.component.js
* Use beforeunload instead of window.onbeforeunload in signature-request
* ENS Reverse Resolution support
* Save punycode for ENS domains with Unicode characters
* Update SenderToRecipient recipientEns tooltip
* Use cached results when reverse-resolving ENS names
* Display ENS names in tx activity log
* Add estimated time to pending transactions
* add sytles for pending transactions component
* add media queries styling for pending transactions component
* fix lint errors, remove extra spaces
* refactor code to call `fetchBasicGasAndTimeEstimates` method once
* refactor code to call `getgetRenderableTimeEstimate` method once
* fix, correct export to use `transaction-time-remaining-component`
* fix indentation issues after running `yarn lint`
* newBigSigDig in gas-price-chart.utils supports strings
* Code cleanup
* Ensure fetchBasicGasAndTimeEstimates is only called from tx-list if there are pending-txs
* Move gas time estimate utilities into utility file
* Move getTxParams to transaction selector file
* Add feature flag for display of remaining transaction time in tx history list
* Fix circular dependency by removing unused import of transactionSelector in selectors.js
* Use correct feature flag property name transactionTime
* Ensure that tx list component correctly responds to turning tx time feature on
* Prevent precision errors in newBigSigDig
* Code clean up for pending transaction times
* Update transaction-time-remaining feature to count down seconds, countdown seconds and show '< 30'
* Code clean up for transaction-time-remaining feature
* tests - create tests for pending middlewares
* transactions - add r,s,v values to the txMeta to match the JSON rpc response
* network - add new middleware for eth_getTransactionByHash that the checks pending tx's for a response value
* transactions/pending - use getTransactionReceipt for checking if tx is in a block
* meta - file rename
If the extension ID is set, an alternate title and subtitle are used
for the Connect Request screen. The title is always `External
Extension`, and the subtitle is `Extension ID: [id]` instead of the
origin (which would just be `[extension-scheme]://[id]` anyway).
The hostname for the site is used as a fallback in case it has no
title.
The artificial hostname set for internal connections has been renamed
from 'MetaMask' to 'metamask' because URL objects automatically
normalize hostnames to be all lower-case, and it was more convenient to
use a URL object so that the parameter would be the same type as used
for an untrusted connection.
* Begin mocking out retry ui
* Remove "Failed"
* I guess this works?
* Update corresponding test
* wip
* Ok, this appears to be working now
* cleanup
* Move this back to 3
* I don't think I need this
* Rename showRetry to showSpeedUp
* Address PR feedback
* Remove notes
* Rename shouldShowRetry -> shouldShowSpeedUp
* oops
This simplifies the logic of signing and improves security:
- Private keys are never moved to the base controller.
- Hardware wallets are abstracted in the same way as local keys.
This also paves the way for allowing even more modular accounts,
provided by plugins:
https://github.com/MetaMask/metamask-plugin-beta/pull/63Fixes#7075.
* master: (34 commits)
Update changelog for v7.2.3
Fix e2e tests and gas default (#7267)
Do not transate on seed phrases
test:integration - fix renamed test data file
lint fix
test:e2e - fix bail condition
test:e2e - fix responsie argument
test:e2e - refactor missed spec file
test:e2e - only overwrite window.fetch once per session
test:e2e - rework fetch-mocks
test:e2e - add extra delay before closing popups
test:e2e - factor out prepareExtensionForTesting
test - e2e - dedupe fetchMocking + compose script as fn
Ensure correct tx category when sending to contracts without tx data (#7252)
Version v7.2.3
Add v7.2.2 to changelog
Update minimum Firefox verison to 56.0 (#7213)
Version v7.2.2
Update changelog for v7.2.1, v7.2.0, and v7.1.1
Add `appName` message to each locale
...
* Ensure correct transaction category when sending to contracts but there is no txParams data
* Update gas when pasting address in send
* Gracefully fall back is send.util/estimateGas when blockGasLimit from background is falsy
* Remove network request frontend fallback for blockGasLimit
* Add some needed slow downs to e2e tests
* Ensure correct transaction category when sending to contracts but there is no txParams data
* Update gas when pasting address in send
* Gracefully fall back is send.util/estimateGas when blockGasLimit from background is falsy
* Remove network request frontend fallback for blockGasLimit
* Add some needed slow downs to e2e tests
The initial release of the 3Box sync will be marked as experimental.
This is to allow us time to test the 3Box sync and reduce the load on
3Box's infrastructure.
The 3Box initialization is triggered by login, but it no longer blocks
the login from finishing. The 3Box initialization is designed to run in
the background, so there's no reason to block on it.
* Allow default nextNonce to be the custom nonce in cases where highest locally pending is higher than nextNonce
* Reset custom nonce in cases of transaction submission failures
* Make the recommended nonce in the custom nonce field the true 'nextNonce'
* Revert automatic setting of custom nonce to nextNonce
* Make the nextNonce the default placeholder value
* Fix getNextNonce
* Remove unused nonceFieldPlaceholder message
* Fix nits in getPendingNonce and getNextNonce
* Properly handle errors in getNextNonce
* Improve placeholder and value defaults in custom nonce field
* Remove custom error message from getNextNonce
The 3Box SDK throws an HTTP 404 error when attempting to get the config
for an account that doesn't yet exist in 3Box. The regex we were using
to differentiate this error from others was broken. This ended up
preventing the user from logging in if they had 3Box enabled but hadn't
yet synced.
The regex has been corrected to catch this case, while allowing other
errors to propogate upward. Other 3Box errors will now be caught and
reported rather than interrupting login completely.
At some point in the future, we should expose these errors to the user
in some way, and allow them to retry in case 3Box was just temporarily
offline.
* Add UseNonce toggle
* Get the toggle actually working and dispatching
* Display nonce field on confirmation page
* Remove console.log
* Add placeholder
* Set customNonceValue
* Add nonce key/value to txParams
* remove customNonceValue from component state
* Use translation file and existing CSS class
* Use existing TextField component
* Remove console.log
* Fix lint nits
* Okay this sorta works?
* Move nonce toggle to advanced tab
* Set min to 0
* Wrap value in Number()
* Add customNonceMap
* Update custom nonce translation
* Update styles
* Reset CustomNonce
* Fix lint
* Get tests passing
* Add customNonceValue to defaults
* Fix test
* Fix comments
* Update tests
* Use camel case
* Ensure custom nonce can only be whole number
* Correct font size for custom nonce input
* UX improvements for custom nonce feature
* Fix advanced-tab-component tests for custom nonce changes
* Update title of nonce toggle in settings
* Remove unused locale message
* Cast custom nonce to string in confirm-transaction-base.component
* Handle string conversion and invalid values for custom nonces in handler
* Don't call getNonceLock in tx controller if there is a custom nonce
* Set nonce details for cases where nonce is customized
* Fix incorrectly use value for deciding whether to getnoncelock in approveTransaction
* Default nonceLock to empty object in approveTransaction
* Reapply use on nonceLock in cases where customNonceValue in approveTransaction.
* Show warning message if custom nonce is higher than MetaMask's next nonce
* Fix e2e test failure caused by custom nonce and 3box toggle conflict
* Update nonce warning message to include the suggested nonce
* Handle nextNonce comparison and update logic in lifecycle
* Default nonce field to suggested nonce
* Clear custom nonce on reject or confirm
* Fix bug where nonces are not shown in tx list on self sent transactions
* Ensure custom nonce is reset after tx is created in background
* Convert customNonceValue to number in approve tranasction controller
* Lint fix
* Call getNextNonce after updating custom nonce
* Delete unused code
* Run threebox imports through migrations
* Remove 3box feature flag
* Remove unnecessary use of 'type' in threebox._updatePlugin
* Fix threebox controller getLastUpdated
* Turn off threebox by default
* Rename restoredFromThreeBox to showRestorePrompt
* Remove accientally added method from threebox controller
* Restore from threebox on import from unlock screen
* Throw on non 404 errors from Box.getconfig in new3Box
* Adds ab test controller with a fullScreenVsPopup test
* Add migration for fullScreenVsPopup state
* Move abtest state under an 'abtests' object.
* MetaMask shows fullScreen group of a/b test unapproved txs in a full browser tab
* Ensure cancel metrics event in confirm-transaction-base.component.js is sent in all cases
* Switch to existing tab for unapproved tx if it exists when opening in full screen
* Send metrics event for entering a/b test from confirm screen
* Fix lint, unit and integration tests related to a/b test code
* Remove unnecessary tabs.query call in triggerUiInNewTab
The previous minimum version of 56.2 resulted in the build failing
validation when it was uploaded to the Firefox web store, because that
version doesn't exist. It was set to that version because a Firefox
fork uses it.
Instead the minimum version has been reduced so that we pass
validation. Unfortunately this will mean that a single incompatible
version of Firefox Mobile will allow the extension to be installed
(in theory), but there was no other way to avoid cutting off support
to WaterFox (the Firefox fork). The warning about this from the addons
linter can be ignored for now.
The previous minimum version of 56.2 resulted in the build failing
validation when it was uploaded to the Firefox web store, because that
version doesn't exist. It was set to that version because a Firefox
fork uses it.
Instead the minimum version has been reduced so that we pass
validation. Unfortunately this will mean that a single incompatible
version of Firefox Mobile will allow the extension to be installed
(in theory), but there was no other way to avoid cutting off support
to WaterFox (the Firefox fork). The warning about this from the addons
linter can be ignored for now.
* Switch to using string literals for locale keys
Various message keys were being specified with a string template
instead of a string literal. They have been switched to use string
literals so that the script for detecting unused messages can find
them.
* Remove unused locale messages
A number of unused locale messages have been removed - probably
leftover from old UI elements that have since been removed.
The `verify_locale_strings` script has been augmented to search the UI
for string literals, and match those against the locale message keys in
the `en` locale. Any messages without a corresponding string literal
are assumed to be unused.
The script has also been updated with an optional `--fix` parameter,
which will automatically delete any unused messages from locales.
148 unused messages were found in this case, out of a total of about
650 messages. Another 70 messages are _potentially_ unused and require
further investigation, but weren't as easy to rule out because they
were found in string literals.
* Remove additional unused locale messages
The following messages were more difficult to rule out because they
were present as string literals in the UI. They do appear to be
unused as locale keys though.
The disk store has not been written to since MetaMask v4.3.0, as it was
removed in #3083. It was kept around so that anything written to disk
prior to v4.3.0 could still be restored.
It has been a year and a half since that release, so I think it's time
to remove the disk store altogether. The consequences of losing locally
stored data are small anyway - it's an inconvenience at worst.
* Adds threebox controller
* Adds threebox approval modal
* Fix unit tests and lint after addition of threebox
* Correct threebox behaviour after rejecting request for backup; fixes e2e tests.
* Update threebox controller for automatic syncing
* Ensure frontend locale updates when preferences are changed via direct update within controller
* Add toggle in settings for 3box syncing
* Update threebox controller for latest 3box version
* Delete unnecessary frontend changes for threebox integration
* Backing up address book contacts with threebox
* Update unit tests for 3box-integration additions
* Only enable threebox by default for new wallets
* Mock globals for correct unit tests
* 3box '1.10.2' -> '^1.10.2'
* Correct capilalization on 3Box
* Use log.debug instead of console.log in threebox controller
* Update yarn.lock
* Remove edge build
* Split 3box module into background deps js file
* extra bundle opts for bg-libs
* sync yarn.lock
* new3Box logic
* Show confirm threebox restore after import
* Remove bg-libs.js from manifest file for dev builds
* Switch 3Box controller to using the spaces api (instead of the profile api)
* Finalize switching to spaces api and only restoring from 3box after import
* Update metamask-controller-test.js for threebox controller changes
* Make threebox modal style consistent with others and update success button wording
* Use mock 3box when in test
* Correct 3box modal header
* Remove unnecessary property of threebox controller provider
* Remove unnecessary method calls after restoration from 3box in the threebox-restore-confirm modal.
* Replace setThreeBoxSyncingPermission calls in routes/index.js with turnThreeBoxSyncingOn
* Replace erroneous use of with
* Replace erroneous use of threeboxSyncing with threeBoxSyncingAllowed in advancted-tab directory
* Lint fixes for 3box changes
* Log errors encountered when updating 3Box
* Remove unnecessary parameter from state update
* Add timeout to initial 3Box sync
The initial 3Box sync will now timeout after 1 minute. If the timeout
is triggered, 3Box is disabled and cannot be re-enabled unless the
initial sync does finally finish. If it never finishes, 3Box cannot
be enabled unless the extension is reinstalled.
The Advanced Settings page was updated to show this option as disabled
in that circumstance, with a new discription explaining why it's
disabled. The UI here could certainly be improved.
Additionally, "on" and "off" labels were added to the toggle to match
the other toggles on the Advanced Settings page.
* Use non-minified 3Box module
We had previously used the minified 3Box module to avoid a build error
encountered when `envify` was processing the `libp2p` module (which is
used by 3Box). The build would fail because `esprima` (used by `envify`)
is incompatible with the object spread/rest operator (which is used in
`libp2p`).
That issue has been solved by adding a global Babelify transformation
specifically for transpiling out the object rest/spread operator from
dependencies. It has been targetted to only affect `libp2p` to avoid
extending the build time too much. This workaround can be used until
a new version of `esprima` is released that includes this bug fix.
* Use app key addresses for threebox
* Replace use of modal for confirming 3box restoration with a home notification
* Adds e2e tests for restoring from threebox
* Update eth-keyring-controller to 5.1.0
* Correct parameters passed to getAppKeyAddress in threebox.js
* Add prefix to origin passed to getAppKeyAddress in threebox.js
* Remove unused locale message.
* Prevent CORS errors in firefox e2e tests
* Ensure extraneous scripts are excluded from the local test dev build
* Move threeBoxLastUpdate state from home.component to redux
* Threebox PR code cleanup
* Always use first address when initializing threebox
* Replace setRestoredFromThreeBox api with setRestoredFromThreeBoxToFalse and setRestoredFromThreeBoxToTrue
* Update development/metamaskbot-build-announce.js to include ui-libs and bg-libs in hard coded bundle list
* Update test/e2e/threebox.spec.js to use new helpers added with pull #7144
* Make setFeatureFlag available on the ui window during testing
* Hide threebox feature behind a feature flag that can only be activated via dev console
* Remove unnecessary migration of threebox feature flag
* Prevent this.init() call in threebox constructor if feature flag is not turned on
* Prevent threebox notification from showing if feature flag is falsy
* http://localhost/8889 -> http://localhost/* in gulp manifest:testing tasks
* Replace `undefined` selectedAddress with `null`
The `runtime.Port.postMessage` API will drop keys with a value of
`undefined` on Chrome, but not on Firefox. This was a problem for the
`publicConfig` stream, which passed the key `selectedAddress` with the
value of `undefined` to communicate to dapps that the user had logged
out.
Instead a `null` is now passed for `selectedAddress` upon logout, which
is correctly sent by the `runtime.Port.postMessage` API on both Chrome
and Firefox.
closes#7101closes#7109
* Update `metamask-inpage-provider` to v3.0.0
The v3.0.0 update includes a change to the `accountsChanged` event. The
event will now emit an empty array instead of an array with `undefined`
or `null`.
The previous behavior was to emit `[undefined]`. The previous commit
would have changed that to `[null]` anyway, so we figured if we're
going to make a public-facing change to the event anyway we should
change it to be correct. `[undefined]` was never intended, and it
technically violates EIP-1193, which states that the `accountsChanged`
event should emit an array of strings.
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.
I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
The minimum compatible version of Firefox has been lowered from `60.0`
to `56.2`. It was originally set to `60.0` because that is Firefox ESR,
which currently the minimum Firefox version with security updates.
However Waterfox is based upon Firefox `56.0`, and has backported
security fixes from the ESR release.
This change in minimum version requires no additional transpiling, and
doesn't affect any browser APIs we use.
It does introduce one additional warning in the `addon-linter` about
Firefox for Android `56` lacking support for browser action popups.
However there is no version `56.2` of Firefox for Android, so the
minimum version remains `57` in practice (which does support browser
action popups).
* Replace `undefined` selectedAddress with `null`
The `runtime.Port.postMessage` API will drop keys with a value of
`undefined` on Chrome, but not on Firefox. This was a problem for the
`publicConfig` stream, which passed the key `selectedAddress` with the
value of `undefined` to communicate to dapps that the user had logged
out.
Instead a `null` is now passed for `selectedAddress` upon logout, which
is correctly sent by the `runtime.Port.postMessage` API on both Chrome
and Firefox.
closes#7101closes#7109
* Update `metamask-inpage-provider` to v3.0.0
The v3.0.0 update includes a change to the `accountsChanged` event. The
event will now emit an empty array instead of an array with `undefined`
or `null`.
The previous behavior was to emit `[undefined]`. The previous commit
would have changed that to `[null]` anyway, so we figured if we're
going to make a public-facing change to the event anyway we should
change it to be correct. `[undefined]` was never intended, and it
technically violates EIP-1193, which states that the `accountsChanged`
event should emit an array of strings.
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.
I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
The `_fetchAll` function is expected to return values, so catching
errors and logging them only results in an additional error at the
place where `_fetchAll` is called. It's better instead to let the
error get thrown as normal.
In this particular case `_fetchAll` is only called in once place. The
error is still correctly caught and logged (in the `_update` function)
The minimum compatible version of Firefox has been lowered from `60.0`
to `56.2`. It was originally set to `60.0` because that is Firefox ESR,
which currently the minimum Firefox version with security updates.
However Waterfox is based upon Firefox `56.0`, and has backported
security fixes from the ESR release.
This change in minimum version requires no additional transpiling, and
doesn't affect any browser APIs we use.
It does introduce one additional warning in the `addon-linter` about
Firefox for Android `56` lacking support for browser action popups.
However there is no version `56.2` of Firefox for Android, so the
minimum version remains `57` in practice (which does support browser
action popups).
* Make chainId available in the metamask-inpage-provider
* Update metamask-inpage-provider to 2.1.0
* Add e2e tests for ethereum.on events
* Move chainId constants to lib/enums.js
* Don't use new chainId enums in createInfuraClient
* Fix app/scripts/lib/select-chain-id.js
These were accidentally introduced recently as two separate updates to
the `ru` locale were merged. They added these keys in different places,
so they didn't conflict.
* Add extra locales to index.json
* Fix verify locale script bugs
- All locales didn't work because it was putting an object inside of an object.
- Individual checks didn't work because of how the destructuring was done.
- Extra items were being printed as missing items.
* Sync up string changes w/ Brave wallet
* Add 33 new locales from Brave wallet
* Merge tml into ta code
* Create RTL stylesheets using `gulp-rtl`
* Handle RTL stylesheet special cases
Certain blocks of Sass were set to bypass "rtlcss" using ignore
comments. Certain icons had to be flipped 180 degrees.
* Switch stylesheets when locale changes
A second stylesheet has been added to each HTML page for use with
right-to-left locales. It is disabled by default. It is enabled on
startup if a RTL locale is set, and when switching to a RTL locale.
Similarly the LTR stylesheet is disabled when a RTL locale is used.
Unfortunately there is an unpleasant flash of unstyled content when
switching between a LTR and a RTL locale. There is also a slightly
longer page load time when using a RTL locale (<1s difference). We
couldn't think of an easy way to avoid these problems.
* Set `dir="auto"` as default on `TextFields`
We are soon removing the automatic refresh on network change behavior.
A warning has been added to ensure sites know about this upcoming
change.
Any site that calls `.enable` is advised to use a
`networkChanged` event handler to reload manually if they rely upon
that behavior. They are also advised to set the flag
`autoRefreshOnNetworkChange` to `false` to opt-out of the reload
behavior early.
This warning might be irritating for certain sites, as they might be
indifferent to whether or not the site reloads, and not eager to set a
flag to opt-in early just to silence the warning. However there was no
other obvious way to warning the right people about this change, as
any warning prior to an actual reload would only be seen by the few
people that set their browser console to preserve logs.
Relates to #3599
* Fix styling of `.transaction-list`
* Filter `incomingTxListSelector` by network as well
* Start and stop block tracker polling in incoming tx controller
* Add fetch with abort in bg for `IncomingTxController`
* Nix notification for Share Address
* Add Connections settings tab in place of privacy mode toggle
* Split ProviderApprovalController into two stores
* Remove privacyMode feature flag altogether
* Add migration to remove privacyMode feature flag
* Ensure address book send flow correctly matches address book addresses to ens addresses
* Use nodify on background.setAddressBook to receive correct result in actions.js
* Better error handling for actions.js addToAddressBook
* Eliminate unnecessary data normalization and move more data manipluation to ens-input and send-content containers
* Add background environment type
The `getEnvironmentType` method now checks for the background
environment as well, instead of returning 'notification' for that case.
Instead of adding another regex for the background path, the regexes
for each environment have been replaced with the URL constructor[0].
This is the standard method of parsing URLs, and is available in all
supported browsers.
[0]: https://developer.mozilla.org/en-US/docs/Web/API/URL
* Add note regarding a missing manifest permission
The `url` parameter to `tabs.query(...)` requires the `tabs` permission,
and will be ignored otherwise. We are missing this permission, so that
call does not work.
* Close window after opening full screen
The browser behaviour when opening a new tab differs between Chrome and
Firefox. In the case of a popup, Chrome will close the popup whereas
Firefox will leave it open. In the case of the notification window,
Chrome will move the new tab to the foreground, whereas Firefox will
leave the notification window in the foreground when opening a new tab.
We always want to close the current UI (popup or notification) when
switching to a full-screen view. The only exception to this is when the
switch is triggered from the background, which has no UI.
Closes#6513, #6685
* Replace use of backup-notification with use of home notification
* Pin notifications relative to window
* Remove unneeded isRequired condition on some home.component properties
* Refactor rendering of home notifications
* UX for multiple notifications
* Adds dismissal to provider request notification.
* Fix test failures
The e2e tests have been updated to reference `home-notification`
classnames instead of the removed `background-notification`. The
active tab proptypes and default values were updated as well.
The notice asking whether you wanted to connect to a site was showing
up in places it shouldn't, like on the Firefox/Chrome settings pages
and on our fullscreen extension. It has now been restricted to only
be displayed for active tabs with specific protocols:
* http
* https
* dat
* dweb
* ipfs
* ipns
* ssb
This prevents the notice from being shown on settings pages, browser
extensions, and files such as PDFs.
The minimum version supported is now Firefox 60. This is the current
Extended Support Release. Various features we use were not supported by
Firefox 53, such as `browser_action.default_popup`, `tabs.query`, and
`permissions:unlimitedStorage`.
The `seedWords` state was removed from the PreferencesController
recently in #6920. That state hadn't been used in some time, and there
was a long period during which `seedWords` was periodically scrubbed
from the state, so it's highly unlikely that it still exists in state
for most users. It's hard to guarantee that it _doesn't_ though,
especially if a user hasn't opened MetaMask in a few months.
* Implements ability to defer seed phrase backup to later
* Adds incremental-security.spec.js, including test dapp that sends signed tx with stand alone localhost provider
* Update metamask-responsive-ui for incremental account security changes
* Update backup-notification style and fix responsiveness of seed phrase screen
* Remove uneeded files from send-eth-with-private-key-test/
* Apply linguist flags in .gitattributes for send-eth-with-private-key-test/ethereumjs-tx.js
* Improve docs in controllers/onboarding.js
* Clean up metamask-extension/test/e2e/send-eth-with-private-key-test/index.html
* Remove unnecessary newlines in a couple first-time-flow/ files
* Fix import of backup-notification in home.component
* Fix git attrs file
* Style Send Header
* Move Send to-row to send view and restyle
* Add "Recents" group to select recipient view
* Rename SendToRow to AddRecipient
* Basic UI and Layout
* New ENSInput component
* wip - fuzzy search for input
* small refactor
* Add Dialog
* contact list initial
* initial error on invalid address
* clean up edit
* Click to open modal
* Create AddToAddressBookModal component
* Modal styling and layout
* modal i18n
* Add to Addressbook
* ens wip
* ens wip
* ENS Resolution
* Reset input
* Send to explicit address
* Happy Path Complete
* Add back error checking
* Reset send-to when emptying input
* Add back warning object
* Fix linter
* Fix unit test #1 - fix import paths
* Remove dead tests
* One more to go
* Fix all unit tests
* add unit test for reducers and actions
* test rendering AddRecipient
* Add tests for dialog boxes in AddRecipient
* Add test for validating
* Fix linter
* Fix e2e tests
* Token send e2e fix
* Style View Contact
* Style edit-contact
* Fix e2e
* Fix from-import-beta-ui e2e spec
* Make section header say "add recipient” by default
* Auto-focus add recipient input
* Update placeholder text
* Update input title font size
* Auto advance to next step if user paste a valid address
* Ellipsify address when recipient is selected
* Fix app header background color on desktop
* Give each form row a margin of 16px
* Use .container/.component naming pattern for ens-input
* Auto-focus on input when add to addressbook modal is opened; Save on Enter
* Fix and add unit test
* Fix selectors name in e2e tests
* Correct e2e test token amount for address-book-send changes
* Adds e2e test for editing a transaction
* Delete test/integration/lib/send-new-ui.js
* Add tests for amount max button and high value error on send screen to test/e2e/metamask-ui.spec.js
* lint and revert to address as object keys
* add chainId based on current network to address book entry
* fix test
* only display contacts for the current network
* Improve ENS message when not found on current network
* Add error to indicate when network does not support ENS
* bump gaba
* address book, resolve comments
* Move contact-list to its own component
* De-duplicate getaddressbook selector and refactor name selection logic in contact-list-tab/
* Use contact-list component in contact-list-tab.component (i.e. in settings)
* Improve/fix settings headers for popup and browser views
* Lint fixes related to address book updates
* Add 'My accounts' page to settings address book
* Update add new contact button in settings to match floating circular design
* Improve styles of view contact page
* Improve styles and labels of the add-contact.component
* Further lint fixes related to address book updates
* Update unit tests as per address book updates
* Ensure that contact list groups are sorted alphabetically
* Refactor settings component to use a container for connection to redux; allow display of addressbook name in settings header
* Decouple ens-input.component from send context
* Add ens resolution to add contact screen in settings
* Switching networks when an ens address is shown on send form removes the ens address.
* Resolve send screen search for ensAddress to matching address book entry if it exists
* Show resolved ens icon and address if exists (settings: add-contact.component)
* Make the displayed and copied address in view-contact.component the checksummed address
* Default alias state prop in AddToAddressBookModal to empty string
* Use keyCode to detect enter key in AddToAddressBookModal
* Ensure add-contact component properly updates after QR code detection
* Fix display of all recents after clicking 'Load More' in contact list
* Fix send screen contact searching after network switching
* Code cleanup related to address book changes
* Update unit tests for address book changes
* Update ENS name not found on network message
* Add ens registration error message
* Cancel on edit mode takes user back to view screen
* Adds support for memo to settings contact list view and edit screens
* Modify designs of edit and view contact in popup environment
* Update settings content list UX to show split columns in fullscreen and proper internal navigation
* Correct background address book API usages in UI
`seedWords` used to be stored on the metamask state temporarily at
certain points. This hasn't been the case since #5994, but references
to this state remained. All of the logic remained for correctly updating
these `seedWords`, handling them during navigation, and scrubbing them
from the state.
However the state was never updated in practice. The `seedWords` are
still returned by `verifySeedPhrase`, and they're still stored in
component state in a few places. But they aren't ever set in the Redux
metadata state or the Preferences controller.
All references to this state have been removed, along with any logic
for interacting with this state. A few unused actions were removed as
well.
The CSS is now served as an external file instead of being injected.
This was done to improve performance. Ideally we would come to a middle
ground between this and the former behaviour by injecting only the CSS
that was required for the initial page load, then lazily loading the
rest. However that change would be more complex. The hope was that
making all CSS external would at least be a slight improvement.
Performance metrics were collected before and after this change to
determine whether this change actually helped. The metrics collected
were the timing events provided by Chrome DevTools:
* DOM Content Loaded (DCL) [1]
* Load (L) [2]
* First Paint (FP) [3]
* First Contentful Paint (FCP) [3]
* First Meaningful Paint (FMP) [3]
Here are the results (units in milliseconds):
Injected CSS:
| Run | DCL | L | FP | FCP | FMP |
| :--- | ---: | ---: | ---: | ---: | ---: |
| 1 | 1569.45 | 1570.97 | 1700.36 | 1700.36 | 1700.36 |
| 2 | 1517.37 | 1518.84 | 1630.98 | 1630.98 | 1630.98 |
| 3 | 1603.71 | 1605.31 | 1712.56 | 1712.56 | 1712.56 |
| 4 | 1522.15 | 1523.72 | 1629.3 | 1629.3 | 1629.3 |
| **Min** | 1517.37 | 1518.84 | 1629.3 | 1629.3 | 1629.3 |
| **Max** | 1603.71 | 1605.31 | 1712.56 | 1712.56 | 1712.56 |
| **Mean** | 1553.17 | 1554.71 | 1668.3 | 1668.3 | 1668.3 |
| **Std. dev.** | 33.41 | 33.43 | 38.16 | 38.16 | 38.16 |
External CSS:
| Run | DCL | L | FP | FCP | FMP |
| :--- | ---: | ---: | ---: | ---: | ---: |
| 1 | 1595.4 | 1598.91 | 284.97 | 1712.86 | 1712.86 |
| 2 | 1537.55 | 1538.99 | 199.38 | 1633.5 | 1633.5 |
| 3 | 1571.28 | 1572.74 | 268.65 | 1677.03 | 1677.03 |
| 4 | 1510.98 | 1512.33 | 206.72 | 1607.03 | 1607.03 |
| **Min** | 1510.98 | 1512.33 | 199.38 | 1607.03 | 1607.03 |
| **Max** | 1595.4 | 1598.91 | 284.97 | 1712.86 | 1712.86 |
| **Mean** | 1553.8025 | 1555.7425 | 239.93 | 1657.605 | 1657.605 |
| **Std. dev.** | 29.5375 | 30.0825 | 36.88 | 37.34 | 37.34 |
Unfortunately, using an external CSS file made no discernible improvement
to the overall page load time. DCM and L were practically identical, and
FCP and FMP were marginally better (well within error margins).
However, the first paint time was _dramatically_ improved. This change
seems worthwhile for the first paint time improvement alone. It also
allows us to delete some code and remove a dependency.
The old `css.js` module included two third-party CSS files as well, so
those have been imported into the main Sass file. This was easier than
bundling them in the gulpfile.
The resulting CSS bundle needs to be served from the root because we're
using a few `@include` rules that make this assumption. We could move
this under `/css/` if desired, but we'd need to update each of these
`@include` rules.
Relates to #6646
[1]: https://developer.mozilla.org/en-US/docs/Web/Events/DOMContentLoaded
[2]: https://developer.mozilla.org/en-US/docs/Web/Events/load
[3]: https://developers.google.com/web/fundamentals/performance/user-centric-performance-metrics
Set the minimum browser version supported in the extension manifest.
Currently we only ship the extension on Chrome and Firefox, so the
minimum version has been set for those two browsers.
Relates to #6805
* Abstract domain provider from its stream transport
Creating new provider-consuming extensions, like [a new
platform](https://github.com/MetaMask/metamask-extension/blob/develop/docs/porting_to_new_environment.md)
can be frustrating for new contributors because our provider
construction has been tangled with our streaming interface.
Here I've broken up our streaming domain connection from the provider
construction, so developers can more easily construct local and
domain-restricted providers without dealing with streams.
* Abstract public API from stream interface
* clean up noop
* Document non-streaming interface
* getSiteMetadata must be async
* Clean up filters on stream end
* Document cleaning up filters
* Allow named filterMiddleware to be cleaned up
* Linted
* Require site metadata
* Destroy any destroyable middleware during cleanup
* Lint
The Drizzle tests have not been used for some time. They were used to
ensure compatibility with newer versions of `web3` v1. If we want to
re-add tests to ensure compatibility with newer `web3` versions, we
should find some way of doing that more reliably than was done here -
these tests were somewhat flaky and unreliable.
We've been using the `eslint-plugin-json` plugin for some time, but we
haven't been visiting `.json` files in the lint script. The lint script
has now been updated to incude `.json` files, which means any invalid
JSON will result in a lint error.
Unfortunately this JSON plugin doesn't seem to apply the other eslint
rules (such as `key-spacing`) to the JSON files. I wasn't able to find a
way to get that to work. Instead I manually auto-formatted each of the
locale `message.json` files, which fixed many whitespace
inconsistencies.
The `states.json` file was deleted completely, as it appears to be
unused. It wasn't a valid JSON file anyway, it was JavaScript. It looks
like a `states.js` file is automatically generated, but an old copy was
accidentally saved as `states.json` and included in the repo.
Many duplicate key errors were found and fixed in the
`development/states/` JSON files.
`package-lock.json` was added to `.eslintignore` because it was very
slow to lint, and linting it doesn't provide much value.
* Add loading spinner to pending tx status label.
* Add border around account icon in top right
* Change style of settings toggle buttons; wrap with local components
* Eliminate large space after settings labels when no description
* Remove network form from advanced tab of settings
* Keep new account container height to contents when in full screen
While working on #6805, I noticed that many variables were being used
before they were declared. Technically this worked fine in practice
because we were using the `transform-es2015-block-scoping` Babel plugin,
which transforms `let` and `const` to `var`, which is hoisted. However,
after removing that Babel transformation, many things broke.
All instances of variables or classes being used before declared have
been fixed.
The `no-use-before-define` eslint rule has been added to catch these
cases going forward. The rule is disabled for function declarations for
the moment, because those are always hoisted. We could disable that too
if we want to, but it's purely stylistic and would require a lot more
changes.
* Introduce delay for eth_estimateGas calls with in test
* Add test that fails when gas estimates of contract method calls without gas are too high.
* Get transaction gas data from unApprovedTxs instead of confirmTransaction
* Fix selection of gas data in gas-modal-page-container.container
* Lint changes related to Version-6.7.2-gasLimitFix
* Fix e2e tests on Version-6.7.2-gasLimitFix
* Fix unit and integration tests for changes from Version-6.7.2-gasLimitFix
* more e2e fixes
* Add assertions for transaction values on confirm screen
* Fix display of transaction amount on confirm screen.
* Introduce delay for eth_estimateGas calls with in test
* Add test that fails when gas estimates of contract method calls without gas are too high.
* Get transaction gas data from unApprovedTxs instead of confirmTransaction
* Fix selection of gas data in gas-modal-page-container.container
* Lint changes related to Version-6.7.2-gasLimitFix
* Fix e2e tests on Version-6.7.2-gasLimitFix
* Fix unit and integration tests for changes from Version-6.7.2-gasLimitFix
* more e2e fixes
* Add assertions for transaction values on confirm screen
* Fix display of transaction amount on confirm screen.
This silences a warning message that was printed to the console whenever
this module was loaded during tests.
The API changes between these two versions were reviewed carefully for
differences. The only difference made was to `PBKDF2_HMAC_SHA256.bytes`,
which was replaced by `Pbkdf2HmacSha256`.
The length argument no longer has a default value, so it has been set
to match what the default value was in the previous version we used,
which is 32 (the SHA256 hash size).
* transactions/pending - check nonce against the network and mark as dropped if not included in a block
* transactions/pending - unifiy "dropped" txs
* transactions/pending - test - fix for new expected behavior
* fix comment
* transactions/pending - clean up dropped event
* fix spelling
Co-Authored-By: frankiebee <frankie.diamond@gmail.com>
* nit fix
* test/tx-pending - clarify test description
* Set a default value for code in _determineTransactionCategory
* Adds e2e tests that fail when token txs without gas param are not properly handled.
* Adds unit tests for _determineTransactionCategory
* Base error throwing and simple gas setting in estimateTxGas on transactionCategory
* Add networks tab to settings, with header.
* Adds network list to settings network tab.
* Adds form to settings networks tab and connects it to network list.
* Network tab: form adding and editing working
* Settings network form properly handles input errors
* Add translations for settings network form
* Clean up styles of settings network tab.
* Add popup-view styles and behaviour to settings network tab.
* Fix save button on settings network form
* Adds 'Add Network' button and addMode to settings networks tab
* Lint fix for settings networks tab addition
* Fix navigation in settings networks tab.
* Editing an rpcurl in networks tab does not create new network, just changes rpc of old
* Fix layout of settings tabs other than network
* Networks dropdown 'Custom Rpc' item links to networks tab in settings.
* Update settings sidebar networks subheader.
* Make networks tab buttons width consistent with input widths in extension view.
* Fix settings screen subheader height in popup view
* Fix height of add networks button in popup view
* Add optional label to chainId and symbol form labels in networks setting tab
* Style fixes for networks tab headers
* Add ability to customize block explorer used by custom rpc
* Stylistic improvements+fixes to custom rpc form.
* Hide cancel button.
* Highlight and show network form of provider by default.
* Standardize network subheader name to 'Networks'
* Update e2e tests for new settings network form
* Update unit tests for new rpcPrefs prop
* Extract blockexplorer url construction into method.
* Fix broken styles on non-network tabs in popup mode
* Fix block explorer url links for cases when provider in state has not been updated.
* Fix vertical spacing of network form
* Don't allow click of save button on network form if nothing has changed
* Ensure add network button is shown in popup view
* Lint fix for networks tab
* Fix block explorer url preference setting.
* Fix e2e tests for custom blockexplorer in account details modal changes.
* Update integration test states to include frequentRpcList property
* Fix some capitalizations in en/messages.json
* Remove some console.logs added during custom rpc form work
* Fix external account link text and url for modal and dropdown.
* Documentation, url validation, proptype required additions and lint fixes on network tab and form.
* eslint: Check for unused function arguments
* eslint: Ignore unused '_' in argument list
Also allow any number of '_' e.g., '__' or '___' which is to be used sparingly
* Remove and rename unused arguments
* Adds a transactionCategory to txMeta for use in UI
* Update transaction controller and tx-gas-util documentation on new code param in multiple functions.
* Add i18n strings
* Finish Auto timeout
* Fix linter
* Fix copies
* Add unit test to Advanced Tab component
* Add back actions and container
* Add basic test to ensure container completeness
* No zero, fix linters
* restrict negative in input
* Ensure home screen does not render if there are unapproved txs (#6501)
* Ensure that the confirm screen renders before the home screen if there are unapproved txs.
* Only render confirm screen before home screen on mount.
* inpage - revert _metamask api to isEnabled isApproved isUnlocked
* Send metrics event from backend for on chain transaction failures
* Passes state object to backEndMetaMetricsEvent, and adds getMetaMetricState selector
* Opens the original webpage from where installation of MetaMask was requested
* Asking for dynamic permissions
* code for forwarder/without extra permissions
* Lint fix for onboardingComplete message sending code.
* Move send to pages/
* Fix unit tests
* Finish UI
* Integrate asset dropdown to send actions
* Remove console.log
* Hide asset change during edit
* Enable switch from send token to seand eth
* Enable switching from token to eth when editing
* Fix linter
* Fixing test
* Fix unit tests
* Fix linter
* Fix react warning; remove console.log
* fix flat test
* Add metrics
* Address code review comments
* Consistent spacing between send screen form rows.
* Reduce height of gas buttons on send screen.
* Make send screen gas button height dependent on size of contents.
