1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-22 18:00:18 +01:00
Commit Graph

101 Commits

Author SHA1 Message Date
Brad Decker
c9527e745f
upgrade gulp-autoprefixer (#16439) 2022-11-15 08:40:56 -06:00
Erik Marks
a8c1756816
Remove 3box feature and delete ThreeBoxController (#14571)
* Remove 3box feature and delete ThreeBoxController

Lint locale messages

lavamoat policy updates

* Restore 3Box user trait with value `false`

The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.

A deprecation comment has been left in various places for this trait.

* Remove unused state

* Remove additional 3box-related things

* Run `yarn-deduplicate`

* Restore migration that was lost while rebasing

* Remove obsolete override

* Remove additional unused resolutions/dependencies

* Update LavaMoat policies

* Remove obsolete security advisory ignore entries

* Remove 3Box fixture builder method

* Update unit tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-10-31 13:50:50 -02:30
Jyoti Puri
6995174cbc
MV3 Segment Fix (#16020) 2022-10-11 20:34:32 +05:30
Mark Stacey
f6f8edfd15
Update eth-json-rpc-middleware to v9.0.1 (#16096)
This update includes fixes for our `block-ref` and `retry-on-empty`
middleware.

The `block-ref` middleware resolves the block reference `latest` to a
specific block number, the latest one we are aware of. This is meant to
protect against situations where the network gives inconsistent answers
for what the latest block number is due to some nodes being out-of-sync
with each other (this was a frequent problem years ago with Infura).

It was broken in that the `latest` resolution was failing, and we were
submitting an additional redundant request to Infura for each request.

The `retry-on-empty` middleware is meant to retry certain methods
when they return an empty response. This was also meant to deal with
network synchronization issues that were more common years ago. This
middleware works by making a "child" request over and over until either
a retry limit is reached, or a non-empty response is received.

It was broken in that the final response recieved was thrown away, so
it's as though the middleware was not used. Except that it did result
in additional redundant network requests.

As a result of this update we should see that the extension is more
resilient to certain network synchronization issues. But this is
difficult to test, and these issues may not happen in production
anymore today.

We should see a reduction in requests to Infura as well. This should
be easier to test.
2022-10-10 13:16:58 -02:30
Alex Donesky
3b63ecff07
Update eth-lattice-keyring to v0.12.3 (#15997) 2022-10-03 19:02:38 -05:00
Elliot Winkler
d7a812f42f
Add remaining tests for createInfuraClient (#15717)
Add tests for the `block-tracker-inspector` middleware — which makes
sure that the block tracker never has a reference to the latest block
which is less than a block number that shows up in an RPC method's
response — and the Infura middleware — which takes care of sending the
request to Infura, and will retry the request up to 5 times if Infura
sends back a certain type of error.

Note that the `retry-on-empty` middleware is not tested because it
currently has a [bug][1] which is making it ineffective.

[1]: https://github.com/MetaMask/eth-json-rpc-middleware/issues/139
2022-09-29 10:39:35 -06:00
Alex Donesky
d3bd5b0d6b
Bump keystone package versions to latest (#15878) 2022-09-22 10:04:24 -05:00
Mark Stacey
929a1a0d52
Update eth-json-rpc-infura (#15845)
* Update `eth-json-rpc-infura`

The package `eth-json-rpc-infura@5` has been updated to
`@metamask/eth-json-rpc-infura@7`. This update includes TypeScript
support, and it drops support for older node.js versions. The exports
have also been changed from default to named exports.

See here for a full list of changes: https://github.com/MetaMask/eth-json-rpc-infura/blob/main/CHANGELOG.md#700

* Fix LavaMoat policy issue

The `web3` package used by `@metamask/controllers` unintentionally
overwrites the `XMLHttpRequest` global, which breaks things. This was
fixed by revoking `web3`'s write access to that global using a policy
override.

Previously this policy override was applied to `web3`, but for some
unknown reason, this update caused that override to no longer apply.
2022-09-15 14:41:18 -02:30
amerkadicE
7aa2a8a983
Replace web3js package with ethersjs package (#15386)
Co-authored-by: Alex Donesky <adonesky@gmail.com>
2022-09-12 15:46:48 -05:00
George Marshall
100fbbfaca
Upgrading storybook from 6.3 to 6.5 fixing shell-quote vulnerability (#15684)
* Updating storybook from 6.3 to 6.5

* Some lavamoat policy overrides for eslint
2022-09-06 15:58:22 -07:00
Alex Miller
21e3b4785d
[GridPlus] Version bump (#15711)
* [GridPlus] Bumps packages
Significant updates:
* Reverts build system changes to reduce bundle size (`gridplus-sdk` #461)
* Adds support for nested ABI definitions if firmware allows it (`gridplus-sdk` #462, #450)
Full changes:
* `eth-lattice-keyring`: https://github.com/GridPlus/eth-lattice-keyring/compare/v0.11.0...v0.12.0
* `gridplus-sdk`: https://github.com/GridPlus/gridplus-sdk/compare/v2.2.2...v2.2.7

* [GridPlus] Lavamoat changes
2022-08-25 18:11:17 -02:30
Brad Decker
0d862d4032
upgrade jest (#15642) 2022-08-23 15:13:02 -05:00
Mark Stacey
1f36ba4b75
Fix Sentry deduplication of events that were never sent (#15677)
The Sentry `Dedupe` integration has been filtering out our events, even
when they were never sent due to our `beforeSend` handler. It was
wrongly identifying them as duplicates because it has no knowledge of
`beforeSend` or whether they were actually sent or not.

To resolve this, the filtering we were doing in `beforeSend` has been
moved to a Sentry integration. This integration is installed ahead of
the `Dedupe` integration, so `Dedupe` should never find out about any
events that we filter out, and thus will never consider them as sent
when they were not.
2022-08-23 16:14:14 -02:30
Mark Stacey
22552a0152
Fix LavaMoat policy generation script (#15668)
Recently in #15468 the name of the scripts task used by the LavaMoat
policy generation script was renamed from `scripts:prod` to
`scripts:dist`, but we neglected to change this name in the LavaMoat
policy generation script itself.

The script task has now been updated so that the script works again,
and the LavaMoat policy generation script has been re-run.
2022-08-22 21:22:47 -02:30
Maarten Zuidhoorn
a52c6a4908
[FLASK] snaps-skunkworks@0.19.0 (#15619)
* Bump snaps-skunkworks to 0.19.0

* Improve snap_getBip32Entropy UI

* Remove console.log

* Update LavaMoat policy

* Dedupe Yarn lock

* Update LavaMoat policy again

* Fix tests

* Update policies and e2e tests

* Update policy again

* Update iframe-execution-environment

* Dedupe yarn.lock

* Update snapshots

* Fix PR comments

* Add TODO

* Trigger CI
2022-08-18 17:07:34 +02:00
Elliot Winkler
a7d98b695f
Add TypeScript migration dashboard (#13820)
As we convert parts of the codebase to TypeScript, we will want a way to
track progress. This commit adds a dashboard which displays all of the
files that we wish to convert to TypeScript and which files we've
already converted.

The list of all possible files to convert is predetermined by walking
the dependency graph of each entrypoint the build system uses to compile
the extension (the files that the entrypoint imports, the files that the
imports import, etc). The list should not need to be regenerated, but
you can do it by running:

    yarn ts-migration:enumerate

The dashboard is implemented as a separate React app. The CircleCI
configuration has been updated so that when a new commit is pushed, the
React app is built and stored in the CircleCI artifacts. When a PR is
merged, the built files will be pushed to a separate repo whose sole
purpose is to serve the dashboard via GitHub Pages (this is the same
way that the Storybook works). All of the app code and script to build
the app are self-contained under
`development/ts-migration-dashboard`. To build this app yourself, you
can run:

    yarn ts-migration:dashboard:build

or if you want to build automatically as you change files, run:

    yarn ts-migration:dashboard:watch

Then open the following file in your browser (there is no server
component):

    development/ts-migration-dashboard/build/index.html

Finally, although you shouldn't have to do this, to manually deploy the
dashboard once built, you can run:

    git remote add ts-migration-dashboard git@github.com:MetaMask/metamask-extension-ts-migration-dashboard.git
    yarn ts-migration:dashboard:deploy
2022-08-09 14:16:08 -06:00
Mark Stacey
44f8e9e10e
Replace rc with ini (#15464)
We use the `rc` package to read the `.metamaskrc` configuration file,
which is in "ini" format. This package has been replaced by the `ini`
package.

The `rc` package was not actively maintained, and it has had recent
security vulnerabilities. But most importantly, the config object
returned by `rc` includes a bunch of extra information that made build
script validation [1] difficult to implement. Specifically, it made it
challenging to ensure no extra environment variables were present.

The `ini` package on the other hand is simple, well maintained, and
is simpler to use. This package doesn't add any extra properties to the
object it returns, making validation easy.

[1]: https://github.com/MetaMask/metamask-extension/issues/15003
2022-08-05 15:11:18 -02:30
Brad Decker
7b42c54728
Update Babel and dependencies (#15392) 2022-08-05 10:04:44 -05:00
Sam Gbafa
5802805597
Add Sign-In with Ethereum (#14438)
Co-authored-by: Gregório Granado Magalhães <greg.magalhaes@gmail.com>
Co-authored-by: George Marshall <georgewrmarshall@gmail.com>
Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
Co-authored-by: Ariella Vu <20778143+digiwand@users.noreply.github.com>
Co-authored-by: brad-decker <bhdecker84@gmail.com>
2022-08-03 09:56:11 -05:00
Brad Decker
31fa55123a
fix storybook (#15387) 2022-07-29 14:15:48 -05:00
Brad Decker
1db0ee87ec
Update Eslint and deps (#15293) 2022-07-26 13:10:51 -05:00
seaona
10c480b118 Run lavamoat auto 2022-06-30 19:16:46 +02:00
Mark Stacey
b68aee1bef
Migrate the build script to yargs (#14836)
The build script now uses `yargs` rather than `minimist`. The CLI is
now better documented, and we have additional validation for each
option.

A patch for `yargs` was required because it would blow up on the line
`Error.captureStackTrace`. For some reason when running under LavaMoat,
that property did not exist.

Closes #12766
2022-06-21 17:37:05 -02:30
Daniel
7d1259476b
Update smart-transactions-controller to v2.1.0 (#14955) 2022-06-16 17:51:55 +02:00
Mark Stacey
e6d5af5f9a Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (131 commits)
  Update `protobufjs` and remove obsolete advisory exclusion (#14841)
  Include snap version in pill (#14803)
  Update PULL_REQUEST_TEMPLATE.md (#14790)
  fix: keystone transaction qrcode has no white spacing (#14798)
  Snap notifications integration (#14605)
  Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
  snaps-skunkworks@0.15.0 (#14772)
  Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
  Ensure transaction type is correctly updated on edit (#14721)
  Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
  Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
  Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
  Migrate the "estimateGas" API call to "getFees" for STX (#14767)
  Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
  Adding flag for MV3 (#14762)
  Add types to send state (#14740)
  Remove site origin on snap install (#14752)
  Update design tokens library from 1.5 to 1.6 WIP (#14732)
  Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
  remove draft transaction (#14701)
  ...
2022-06-03 11:53:40 -02:30
Mark Stacey
3693de7947 Reproducible .zip files (#14623)
* Create `.zip` files deterministically

Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.

The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.

* Update lavamoat build policy
2022-05-16 14:48:09 -02:30
Frederik Bolding
c2cd6f8097
Bump addons-linter (#14717)
* Bump addons-linter

* Deduplicate yarn.lock

* Rerun yarn install and LavaMoat policy gen
2022-05-16 18:04:25 +02:00
Alex Donesky
23565cac2c
Bump @metamask/controllers version, remove patches (#14618) 2022-05-12 18:01:24 -05:00
kumavis
55e88a0e8e
lavamoat - bump for stats support (#14641)
* lavamoat - bump for stats support

* lavamoat - update policy

* deps - dedupe lockfile
2022-05-09 11:04:41 -10:00
kumavis
07da8ce589
LavaMoat - UI upgrade - secure package naming (#14565)
* lavamoat - update lavamoat-browserify to v15

* lavamoat/ui - unify override across build types

* lavamoat/ui - update policy overrides

* lavamoat - update to lavapack@3 to match lavamoat-browserify@15

* lavamoat - add missing policy

* lavamoat - add missing nanoid policy

* lavamoat - regenerate policy

* deps - update lock

* lavamoat - update policy

* lavamoat - update policy
2022-05-05 12:47:51 -10:00
Mark Stacey
91fd8342dc
Reproducible .zip files (#14623)
* Create `.zip` files deterministically

Our build system now creates `.zip` archives deterministically.
Previously the `.zip` file would differ between builds even when the
files being archived were identical. This was because the order the
files were passed in was non-deterministic, and the `mtime` for each
file was different between builds.

The files are now sorted before being zipped, and the `mtime` for each
file has been set to the unix epoch.

* Update lavamoat build policy
2022-05-05 11:58:24 -02:30
Shane
7da6c66ea2
Added getAccounts suppressUnauthorized param (#14126)
* Added getAccounts suppressUnauthorized param

* Changed getAccounts supresss unauth param name

* Changed getAccounts param to object

* Fixed default empty obj for getAccounts getPermittedAccounts param

* Bump eth-json-rpc-middleware version to 8.0.2

* Fixed lavamoat policy

* Fixed lavamoat policies

* Fixed dedupe issues

* Fixed lavamoat allowscripts

* yarn deduplicate

* Fixed lavamoat policies

Co-authored-by: Elliot Winkler <elliot.winkler@gmail.com>
2022-04-29 06:05:14 -07:00
kumavis
223124a561
lavamoat@6 - update to secure package naming (#14488) 2022-04-26 07:36:57 -10:00
Dan Miller
1f1462120b Merge remote-tracking branch 'origin/develop' into master-sync 2022-03-29 11:26:55 -02:30
Elliot Winkler
53006d4cf0
Add TypeScript to the build system (#13489)
This commit modifies the build system so that TypeScript files can be
transpiled into ES5 just like JavaScript files.

Note that this commit does NOT change the build system to run TypeScript
files through the TypeScript compiler. In other words, no files will be
type-checked at the build stage, as we expect type-checking to be
handled elsewhere (live, via your editor integration with `tsserver`,
and before a PR is merged, via `yarn lint`). Rather, we merely instruct
Babel to strip TypeScript-specific syntax from any files that have it,
as if those files had been written using JavaScript syntax alone.

Why take this approach? Because it prevents the build process from being
negatively impacted with respect to performance (as TypeScript takes a
significant amount of time to run).

It's worth noting the downside of this approach: because we aren't
running files through TypeScript, but relying on Babel's [TypeScript
transform][1] to identify TypeScript syntax, this transform has to keep
up with any syntax changes that TypeScript adds in the future. In fact
there are a few syntactical forms that Babel already does not recognize.
These forms are rare or are deprecated by TypeScript, so I don't
consider them to be a blocker, but it's worth noting just in case it
comes up later. Also, any settings we place in `tsconfig.json` will be
completely ignored by Babel. Again, this isn't a blocker because there
are some analogs for the most important settings reflected in the
options we can pass to the transform. These and other caveats are
detailed in the [documentation for the transform][2].

[1]: https://babeljs.io/docs/en/babel-plugin-transform-typescript
[2]: https://babeljs.io/docs/en/babel-plugin-transform-typescript#caveats
2022-03-28 16:33:40 -06:00
Erik Marks
57d14053cb Run lavamoat:build:auto 2022-03-25 16:43:49 -07:00
Elliot Winkler
4447727eb6
Add TypeScript to the linting process (#13495)
This commit allows developers to write TypeScript files and lint them
(either via a language server in their editor of choice or through the
`yarn lint` command).

The new TypeScript configuration as well as the updated ESLint
configuration not only includes support for parsing TypeScript files,
but also provides some compatibility between JavaScript and TypeScript.
That is, it makes it possible for a TypeScript file that imports a
JavaScript file or a JavaScript file that imports a TypeScript file to
be linted.

Note that this commit does not integrate TypeScript into the build
system yet, so we cannot start converting files to TypeScript and
pushing them to the repo until that final step is complete.
2022-03-21 12:54:47 -06:00
VSaric
bea907e437
Create password page (#13792) 2022-03-07 09:35:03 -06:00
Elliot Winkler
1e494f3004
Refactor ESLint config (#13482)
We would like to insert TypeScript into the ESLint configuration, and
because of the way that the current config is organized, that is not
easy to do.

Most files are assumed to be files that are suited for running in a
browser context. This isn't correct, as we should expect most files to
work in a Node context instead. This is because all browser-based files
will be run through a transpiler that is able to make use of
Node-specific variables anyway.

There are a couple of important ways we can categories files which our
ESLint config should be capable of handling well:

* Is the file a script or a module? In other words, does the file run
  procedurally or is the file intended to be brought into an existing
  file?
* If the file is a module, does it use the CommonJS syntax (`require()`)
  or does it use the ES syntax (`import`/`export`)?

When we introduce TypeScript, this set of questions will become:

* Is the file a script or a module?
* If the file is a module, is it a JavaScript module or a TypeScript
  module?
* If the file is a JavaScript module, does it use the CommonJS syntax
  (`require()`) or does it use the ES syntax (`import`/`export`)?

To represent these divisions, this commit removes global rules — so now
all of the rules are kept in `overrides` for explicitness — and sets up
rules for CommonJS- and ES-module-compatible files that intentionally do
not overlap with each other. This way TypeScript (which has its own set
of rules independent from JavaScript and therefore shouldn't overlap
with the other rules either) can be easily added later.

Finally, this commit splits up the ESLint config into separate files and
adds documentation to each section. This way sets of rules which are
connected to a particular plugin (`jsdoc`, `@babel`, etc.) can be easily
understood instead of being obscured.
2022-02-28 10:42:09 -07:00
Dan J Miller
96b82349a0
Add EIP-712 support for Trezor (#13693)
* Add EIP-712 support for Trezor

Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>

* Update eth-trezor-keyring version

Co-authored-by: Alois Klink <alois.klink@gmail.com>
Co-authored-by: alisinabh <alisina.bm@gmail.com>
Co-authored-by: matejcik <ja@matejcik.cz>
Co-authored-by: Brandon Noad <Brandon.Noad@gmail.com>
2022-02-22 16:22:58 -03:30
Daniel
2585f45bde
Add support for Smart Transactions (#12676) 2022-02-18 17:48:38 +01:00
dragana8
5095071083
Make default icons the same on mobile and extension #13264 (#13408) 2022-02-16 11:03:17 -06:00
Alex Donesky
4826c8c95e
Feat/collectibles send flow (#13048)
* Add collectibles send flow
2022-01-10 10:23:53 -06:00
Mark Stacey
3732c5f71e
Add JSDoc ESLint rules (#12112)
ESLint rules have been added to enforce our JSDoc conventions. These
rules were introduced by updating `@metamask/eslint-config` to v9.

Some of the rules have been disabled because the effort to fix all lint
errors was too high. It might be easiest to enable these rules one
directory at a time, or one rule at a time.

Most of the changes in this PR were a result of running
`yarn lint:fix`. There were a handful of manual changes that seemed
obvious and simple to make. Anything beyond that and the rule was left
disabled.
2022-01-07 12:27:33 -03:30
Mark Stacey
ba54a3d83b
Update ESLint config to v8 (#12886)
The ESLint config has been updated to v8. The breaking changes are:

* The Prettier rule `quoteProps` has been changed from `consistent` to
`as-needed`, meaning that if one key requires quoting, only that key is
quoted rather than all keys.
* The ESLint rule `no-shadow` has been made more strict. It now
prevents globals from being shadowed as well.

Most of these changes were applied with `yarn lint:fix`. Only the
shadowing changes required manual fixing (shadowing variable names were
either replaced with destructuring or renamed).

The dependency `globalThis` was added to the list of dynamic
dependencies in the build system, where it should have been already.
This was causing `depcheck` to fail because the new lint rules required
removing the one place where `globalThis` had been erroneously imported
previously.

A rule requiring a newline between multiline blocks and expressions has
been disabled temporarily to make this PR smaller and to avoid
introducing conflicts with other PRs.
2021-12-09 15:36:24 -03:30
Dan J Miller
e45560859c
Support EIP-1559 on Trezor Model One (#13023)
* Support EIP-1559 on Trezor Model One

* Update unit tests

* Fix unit test

* Run yarn lavamoat:auto
2021-12-08 23:16:54 -03:30
Erik Marks
31cf7c10a4
Permission System 2.0 (#12243)
# Permission System 2.0

## Background

This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.

With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.

Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.

The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.

## Changes in Detail

First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.

- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.

Reviewers should focus their attention on the following files:

- `app/scripts/`
  - `metamask-controller.js`
    - This is where most of the integration work for the new `PermissionController` occurs.
      Some functions that were internal to the original controller were moved here.
  - `controllers/permissions/`
    - `selectors.js`
      - These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
    - `specifications.js`
      - The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
        See the `PermissionController` readme for details.
  - `migrations/068.js`
    - The new state should be cross-referenced with the controllers that manage it.
      The accompanying tests should also be thoroughly reviewed.

Some files may appear new but have just moved and/or been renamed:

- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
  - This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
  - A truncated version of `test/mocks/permission-controller.js`.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-12-06 19:16:49 -08:00
kumavis
3fb5fcdb23
Lavamoat Devx - update lavamoat-browserify for policy reload on change (#12940)
* deps - update lavamoat-browserify for policy reload

* lavamoat/build-system - add missing policy for lavamoat-browserify
2021-12-02 14:04:02 -10:00
Olaf Tomalka
70386726f6
Implement Flask onboarding UI (#12745)
* Added Flask Experimental Area warning to OnboardingV2

* Added first time flow Flask Experimental Area warning

* Made both onboarding flows use one Experimental Area component

* Fix comments in React divs

* Fix unreachable code

* Fix build lint problems

* Changes after code review

* Added guards around route constants imports

* Code Review changes

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Code review changes

* Fix lint

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* Update ui/components/app/flask/experimental-area/index.scss

Co-authored-by: George Marshall <george.marshall@consensys.net>

* fix lint

Co-authored-by: George Marshall <george.marshall@consensys.net>
2021-12-01 17:53:30 +01:00
kumavis
d9d1a831a6
ci - enforce yarn lock deduplications (#12737)
* ci - test for yarn lock deduplications

* deps - update yarn.lock and patches

* lavamoat - update policy

* test - ui/helpers/utils/optimism/buildUnserializedTransaction - test against json obj

* lint fix

* patch-package - patch @babel/runtime for lavamoat support

* patch-package - fix additional @babel/runtime lockdown incompats

* patch-package - cleanup sass patch
2021-11-23 09:17:27 -10:00
Erik Marks
d4c71b8683
Add per-build type LavaMoat policies (#12702)
This PR adds one LavaMoat background script policy or each build type. It also renames the build system policy directory from `node` to `build-system` to make its purpose more clear. Each build type has the original `policy-override.json` for `main` builds. The `.prettierignore` file has been updated to match the locations of the new auto-generated policy files.

We need to maintain separate policies for each build type because each type will produce different bundles with different internal and external modules.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-11-15 14:23:46 -08:00