1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

71 Commits

Author SHA1 Message Date
Frederik Bolding
4eb8e50800
[FLASK] snaps-skunkworks@0.21.0 (#15889)
* snaps-skunkworks@0.21.0

* Update policy files

* Regen policies again

* Fix tests

* Simplify selector

* Fix flaky test

* Update iframe execution env

* Move snap install warnings to util

* Add basic copy for snap_getBip32PublicKey

* Update permission icon

* Update E2Es

* Fix lint

* Fix locale strings
2022-09-23 12:39:54 +02:00
Alex Donesky
d3bd5b0d6b
Bump keystone package versions to latest (#15878) 2022-09-22 10:04:24 -05:00
Elliot Winkler
d91eabfd16
Add initial provider API tests for Infura client (#15556)
We are working on migrating the extension to a unified network
controller, but before we do so we want to extract some of the existing
pieces, specifically `createInfuraClient` and `createJsonRpcClient`,
which provide the majority of the behavior exhibited within the provider
API that the existing NetworkController exposes. This necessitates that
we understand and test that behavior as a whole.

With that in mind, this commit starts with the Infura-specific network
client and adds some initial functional tests for `createInfuraClient`,
specifically covering three pieces of middleware provided by
`eth-json-rpc-middleware`: `createNetworkAndChainIdMiddleware`,
`createBlockCacheMiddleware`, and `createBlockRefMiddleware`.

These tests exercise logic that originate from multiple different places
and combine in sometimes surprising ways, and as a result, understanding
the nature of the tests can be tricky. I've tried to explain the logic
(both of the implementation and the tests) via comments. Additionally,
debugging why a certain test is failing is not the most fun thing in the
world, so to aid with this, I've added some logging to the underlying
packages used when a request passes through the middleware stack.
Because some middleware change the request being made, or make new
requests altogether, this greatly helps to peel back the curtain, as
failures from Nock do not supply much meaningful information on their
own. This logging is disabled by default, but can be activated by
setting `DEBUG=metamask:*,eth-query DEBUG_COLORS=1` alongside the `jest`
command.

We use this logging by bumping `eth-block-tracker`, and
`eth-json-rpc-middleware`.
2022-09-16 10:48:33 -02:30
Mark Stacey
929a1a0d52
Update eth-json-rpc-infura (#15845)
* Update `eth-json-rpc-infura`

The package `eth-json-rpc-infura@5` has been updated to
`@metamask/eth-json-rpc-infura@7`. This update includes TypeScript
support, and it drops support for older node.js versions. The exports
have also been changed from default to named exports.

See here for a full list of changes: https://github.com/MetaMask/eth-json-rpc-infura/blob/main/CHANGELOG.md#700

* Fix LavaMoat policy issue

The `web3` package used by `@metamask/controllers` unintentionally
overwrites the `XMLHttpRequest` global, which breaks things. This was
fixed by revoking `web3`'s write access to that global using a policy
override.

Previously this policy override was applied to `web3`, but for some
unknown reason, this update caused that override to no longer apply.
2022-09-15 14:41:18 -02:30
amerkadicE
7aa2a8a983
Replace web3js package with ethersjs package (#15386)
Co-authored-by: Alex Donesky <adonesky@gmail.com>
2022-09-12 15:46:48 -05:00
George Marshall
100fbbfaca
Upgrading storybook from 6.3 to 6.5 fixing shell-quote vulnerability (#15684)
* Updating storybook from 6.3 to 6.5

* Some lavamoat policy overrides for eslint
2022-09-06 15:58:22 -07:00
Alex Miller
21e3b4785d
[GridPlus] Version bump (#15711)
* [GridPlus] Bumps packages
Significant updates:
* Reverts build system changes to reduce bundle size (`gridplus-sdk` #461)
* Adds support for nested ABI definitions if firmware allows it (`gridplus-sdk` #462, #450)
Full changes:
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/compare/v0.11.0...v0.12.0
* `gridplus-sdk`: https://github.com/GridPlus/gridplus-sdk/compare/v2.2.2...v2.2.7

* [GridPlus] Lavamoat changes
2022-08-25 18:11:17 -02:30
Brad Decker
0d862d4032
upgrade jest (#15642) 2022-08-23 15:13:02 -05:00
Mark Stacey
1f36ba4b75
Fix Sentry deduplication of events that were never sent (#15677)
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
2022-08-23 16:14:14 -02:30
Maarten Zuidhoorn
a52c6a4908
[FLASK] snaps-skunkworks@0.19.0 (#15619)
* Bump snaps-skunkworks to 0.19.0

* Improve snap_getBip32Entropy UI

* Remove console.log

* Update LavaMoat policy

* Dedupe Yarn lock

* Update LavaMoat policy again

* Fix tests

* Update policies and e2e tests

* Update policy again

* Update iframe-execution-environment

* Dedupe yarn.lock

* Update snapshots

* Fix PR comments

* Add TODO

* Trigger CI
2022-08-18 17:07:34 +02:00
Niranjana Binoy
6e5c2f03bf
Token detection V2 Flag Removal and Re-introducing the use of legacy token list when token detection is OFF (#15138)
* addding the legacy tokenlist, tuning token detection OFF by default, adding new message while importing tokens

updating the controller version and calling detectNewToken on network change

fixing rebase error

Run yarn lavamoat:auto for updating policies

updating lavamoat

Deleted node modules and run again lavamoat auto

fixing rebase issues

updating lavamoat policies

updating lavamoat after rebasing

policies

updating custom token warning and blocking detectedtoken link when tpken detection is off for supported networks

to update the token in fetchTosync

updating the contract map object

Revert build-system lavamoat policy changes

Move token list selection logic from components to getTokenList selector

updating the tokenList

Update lavamoat

Fix error

updating lavamoat

lint fix

fix unit test fail

fix unit test fail

lint fix

fixing rebase locale error

rebase fix

Revert build-system policy changes

temp

addressing review comments

* rebase fix
2022-08-09 22:56:25 -02:30
Elliot Winkler
a7d98b695f
Add TypeScript migration dashboard (#13820)
As we convert parts of the codebase to TypeScript, we will want a way to
track progress. This commit adds a dashboard which displays all of the
files that we wish to convert to TypeScript and which files we've
already converted.

The list of all possible files to convert is predetermined by walking
the dependency graph of each entrypoint the build system uses to compile
the extension (the files that the entrypoint imports, the files that the
imports import, etc). The list should not need to be regenerated, but
you can do it by running:

    yarn ts-migration:enumerate

The dashboard is implemented as a separate React app. The CircleCI
configuration has been updated so that when a new commit is pushed, the
React app is built and stored in the CircleCI artifacts. When a PR is
merged, the built files will be pushed to a separate repo whose sole
purpose is to serve the dashboard via GitHub Pages (this is the same
way that the Storybook works). All of the app code and script to build
the app are self-contained under
`development/ts-migration-dashboard`. To build this app yourself, you
can run:

    yarn ts-migration:dashboard:build

or if you want to build automatically as you change files, run:

    yarn ts-migration:dashboard:watch

Then open the following file in your browser (there is no server
component):

    development/ts-migration-dashboard/build/index.html

Finally, although you shouldn't have to do this, to manually deploy the
dashboard once built, you can run:

    git remote add ts-migration-dashboard git@github.com:MetaMask/metamask-extension-ts-migration-dashboard.git
    yarn ts-migration:dashboard:deploy
2022-08-09 14:16:08 -06:00
Brad Decker
7b42c54728
Update Babel and dependencies (#15392) 2022-08-05 10:04:44 -05:00
Sam Gbafa
5802805597
Add Sign-In with Ethereum (#14438)
Co-authored-by: Gregório Granado Magalhães <greg.magalhaes@gmail.com>
Co-authored-by: George Marshall <georgewrmarshall@gmail.com>
Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-03 09:56:11 -05:00
Alex Miller
77c3b4622b
Updates eth-lattice-keyring to v0.10.0 (#15261)
This is mainly associated with an update in GridPlus SDK and enables
better strategies for fetching calldata decoder data.
`eth-lattice-keyring` changes:
GridPlus/eth-lattice-keyring@v0.7.3...v0.10.0
`gridplus-sdk` changes (which includes a codebase rewrite):
GridPlus/gridplus-sdk@v1.2.3...v2.2.2
2022-07-27 12:04:04 -05:00
Brad Decker
1db0ee87ec
Update Eslint and deps (#15293) 2022-07-26 13:10:51 -05:00
Frederik Bolding
1ec190bd8c
[FLASK] snaps-skunkworks@0.18.1 (#15230)
* snaps-skunkworks@0.17.0

* Handle breaking changes

* Fix import

* Fix blocklist implementation

* snaps-skunkworks@0.18.0

* Fix lint

* Update LavaMoat policy

* Update iframe-execution-environment

* snaps-skunkworks@0.18.1

* Bump iframe-execution-environment

* Update LavaMoat policy
2022-07-19 17:41:06 +02:00
Alex Donesky
09164dcabb
Bump controllers v30.0.2 (#14906)
* bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 09:43:30 -05:00
Frederik Bolding
82645ba516
[FLASK] snaps-skunkworks@0.16.0 (#14952)
* snaps-skunkworks@0.16.0

* Bump iframe-execution-environment

* Add getAppKey

* Regen LavaMoat policy

* Bump test-snaps
2022-06-20 10:13:12 +02:00
Daniel
7d1259476b
Update smart-transactions-controller to v2.1.0 (#14955) 2022-06-16 17:51:55 +02:00
Alex Donesky
78682ea9d2
fix lavamoat policy files for drag and drop package (#14901) 2022-06-08 15:07:43 -10:00
Frederik Bolding
7ce4868401
snaps-skunkworks@0.15.0 (#14772)
* snaps-skunkworks@0.15.0

* Update patch

* Update tofu and LavaMoat policy
2022-06-01 11:26:12 +02:00
Daniel
6dbb2c4ded
Migrate the "estimateGas" API call to "getFees" for STX (#14767) 2022-05-26 19:56:28 +02:00
Frederik Bolding
66c049bb35
snaps-skunkworks@0.14.0 (#14700)
* snaps-skunkworks@0.13.0

* snaps-skunkworks@0.14.0

* Fix test

* Add long-running permission copy and icon

* Run linting

* Fix typo

* Bump E2E version
2022-05-18 13:49:26 +02:00
Frederik Bolding
c2cd6f8097
Bump addons-linter (#14717)
* Bump addons-linter

* Deduplicate yarn.lock

* Rerun yarn install and LavaMoat policy gen
2022-05-16 18:04:25 +02:00
Alex Donesky
23565cac2c
Bump @metamask/controllers version, remove patches (#14618) 2022-05-12 18:01:24 -05:00
Dan J Miller
8948018e5a
Ensure ledger keyring message event listener are removed on metamask lock (#14691)
* Ensure ledger keyring message event listener are removed on metamask lock

* Clean up
2022-05-12 13:36:14 -02:30
Frederik Bolding
2dac88cbf4
snaps-skunkworks@0.12.0 (#14670)
* snaps-skunkworks@0.12.0

* Bump iframe execution environment

* Remove policy override

* Rerun LavaMoat

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2022-05-10 23:08:42 -07:00
kumavis
07da8ce589
LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-05-05 12:47:51 -10:00
Alex Miller
32a82be2b6
[GridPlus] Updates Lattice-related modules to unlock functionality (#14467)
GridPlus has updated the EVM signing pathway in Lattice firmware,
which has not yet been released. Additionally, requesters can now
include ABI definitions with signing requests, which are used by
Lattice firmware to decode calldata in place.
All updates are backward compatable.
Updates:
* https://github.com/GridPlus/gridplus-sdk/compare/v1.1.6...v1.2.4
* https://github.com/GridPlus/eth-lattice-keyring/compare/v0.6.1...v0.7.3
2022-05-05 09:55:17 -05:00
Shane
7da6c66ea2
Added getAccounts suppressUnauthorized param (#14126)
* Added getAccounts suppressUnauthorized param

* Changed getAccounts supresss unauth param name

* Changed getAccounts param to object

* Fixed default empty obj for getAccounts getPermittedAccounts param

* Bump eth-json-rpc-middleware version to 8.0.2

* Fixed lavamoat policy

* Fixed lavamoat policies

* Fixed dedupe issues

* Fixed lavamoat allowscripts

* yarn deduplicate

* Fixed lavamoat policies

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-04-29 06:05:14 -07:00
kumavis
66bd172980
Lavamoat - protect all UI contexts (#14537)
* lavamoat - apply lavamoat protections to popup and notification

* build - enable lavamoat for home

* lavamoat - add missing ui overrides for react family

* deps/patches - patch zxcvbn for ses compat
2022-04-28 08:45:46 -10:00
Frederik Bolding
1624af2364
snaps-skunkworks@0.11.1 (#14531)
* snaps-skunkworks@0.11.0

* Update LavaMoat policies

* Fix breaking changes

* Use SnapController:clearSnapState

* Fix fetch properly

* Bump iframe execution environment

* snaps-skunkworks@0.11.1

* Run allow-scripts auto
2022-04-28 18:17:28 +02:00
Erik Marks
cef95f8733
Stop storing request and response objects in the permission activity log (#14485)
We currently store the JSON-RPC request and response objects in the permission activity log. The utility of doing this was always rather dubious, but never problematic. Until now.

In Flask, as the restricted methods have expanded in number, user secrets may be included on JSON-RPC message objects. This PR removes these properties from the permission activity log, and adds a migration which does the same to existing log objects. We don't interact with the log objects anywhere in our codebase, but we don't want unexpected properties to cause errors in the future should any log objects be retained.

This PR also updates relevant tests and test data. It makes a minor functional change to how a request is designated as a success or failure, but this should not change any behavior in practice.
2022-04-21 08:44:15 -07:00
Mark Stacey
646bad8a58 Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (210 commits)
  Dark Mode: Remove unwanted background for price quote (#14278)
  Dark Mode: Fix colors in toggle button (#14280)
  Ensure proper color for swaps edit link (#14273)
  Dark Mode: Ensure actionable message button colors are the same color as previously (#14271)
  Add token standard to Token Added event. (#14253)
  Token Aggregators component for Tokens Detected page (#14157)
  Ensure Metafox follows cursor on Fetching quotes screen (#14261)
  TransactionsControllerTest: catch uncaught errors (#14196)
  GasModalPageContainer story: convert knobs and actions to controls / args (#13516)
  Show STX switch for wrapping / unwrapping (#14225)
  Change over ImportToken stories to use controls instead of knobs, update props in stories (#14246)
  Change over FeeCard stories to use controls instead of knobs, update props in stories (#13766)
  Update What's new screen with Token Detection information (#14124)
  Improvements for multi-layer fee UX (#13547)
  metaMetricsEvent -> trackEvent (#14249)
  E2e dapp interactions (#14149)
  failing contract interaction e2e (#14227)
  Removed metrics event (#14042)
  Add TypeScript to the build system (#13489)
  Build user traits object when metamask state changes (#14192)
  ...
2022-03-30 22:54:28 -02:30
Mark Stacey
98f187c301 Update SRP representation
An array of integers is now used to represent the SRP in three cases:

* In the import wallet flow, the UI uses it to pass the user-provided
  SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
  SRP from the background.
* When persisting the wallet to state, the background uses it to
  serialize the SRP.

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-03-30 21:01:26 -02:30
Alex Miller
cc4de49e3e [GridPlus] Updates SDK and Lattice keyring to fix several UX issues (#14158)
There were several issues related to a retry mechanism. The latest keyring
offers a significant speed and UX enhancement relative to the previous release.
For full details, see:
GridPlus/eth-lattice-keyring@v0.5.0...v0.6.1
2022-03-28 12:38:54 -02:30
Alex Miller
d14c588404
[GridPlus] Updates SDK and Lattice keyring to fix several UX issues (#14158)
There were several issues related to a retry mechanism. The latest keyring
offers a significant speed and UX enhancement relative to the previous release.
For full details, see:
GridPlus/eth-lattice-keyring@v0.5.0...v0.6.1
2022-03-28 12:38:28 -02:30
Dan Miller
d5c693d9db Merge remote-tracking branch 'origin/master' into Version-v10.12.0-alt 2022-03-25 14:56:57 -02:30
Erik Marks
3363cdcce1 Fix lavamoat policy 2022-03-22 21:27:48 -07:00
Erik Marks
680d30f095 snaps-skunkworks@0.10.2 (#13901) 2022-03-22 19:55:51 -07:00
Alex Donesky
8df8f81df7
Deprecate extensionizer for webextension-polyfill (#13960)
* deprecate extensionizer for webextension-polyfill

* fix tests

* remove extensionizer

* fix browser windows api calls

* fix broken on firefox

* fix getAcceptLanguages call

* update more browser apis that are now promisified

* remove unnecessary console error ignoring in e2e tests
2022-03-18 14:07:05 -05:00
Erik Marks
a3355d9ca5 @metamask/controllers@26.0.0 (#13867)
* @metamask/controllers@26.0.0
2022-03-16 13:12:37 -02:30
Erik Marks
118480280c
snaps-skunkworks@0.10.2 (#13901) 2022-03-14 12:37:19 -07:00
Erik Marks
259e30abc2
@metamask/controllers@26.0.0 (#13867)
* @metamask/controllers@26.0.0
2022-03-09 15:37:40 -08:00
Mark Stacey
c3feabf4de Update SRP representation
An array of integers is now used to represent the SRP in three cases:

* In the import wallet flow, the UI uses it to pass the user-provided
  SRP to the background (which converts the array to a buffer).
* In the create wallet flow, the UI uses it to retrieve the generated
  SRP from the background.
* When persisting the wallet to state, the background uses it to
  serialize the SRP.

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-03-08 17:15:11 -03:30
Alex Miller
7ec8bd49c7 [GridPlus] Updates Lattice dependencies (#13834) 2022-03-08 15:54:29 -03:30
Alex Miller
6206dbdfe4
[GridPlus] Updates Lattice dependencies (#13834) 2022-03-07 09:28:30 -06:00
ryanml
7af8570a4e Running yarn lavamoat:auto 2022-02-25 21:23:53 -07:00
Dan J Miller
05138da8a7 Add EIP-712 support for Trezor (#13693)
* Add EIP-712 support for Trezor

Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>

* Update eth-trezor-keyring version

Co-authored-by: Alois Klink <alois.klink@gmail.com>
Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>
2022-02-22 19:47:33 -07:00