1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-27 04:46:10 +01:00
Commit Graph

309 Commits

Author SHA1 Message Date
Ari Lotter
c3fafe311e
Spawn yarn processes in a cmd subshell on Windows (#9628)
On Windows, spawn fails if the exact filename
of a binary isn't passed. e.g. `spawn('yarn')` fails
because the binary is named `yarn.cmd`.
Instead, we depend on `cross-spawn` which handles differences
in `spawn` across platforms.
2020-10-20 01:37:23 -02:30
Mark Stacey
aae176537f
Update Sentry to the latest version. (#9597)
All three of our Sentry packages have been updated to the latest
versions. There appear to have been no breaking changes - just bug
fixes and new features.
2020-10-14 13:30:28 -02:30
Whymarrh Whitby
3353c33981
Use eth-contract-metadata@1.16.0 (#9540) 2020-10-09 13:07:23 -02:30
Whymarrh Whitby
8f3b81f67a
Use node-forge@0.10.0 (#9473)
This change updates `node-forge` to the latest published version, 0.10.0. This
update resolves a security advisory [1] brought in via our `3box` dependency.

  [1]:https://www.npmjs.com/advisories/1561
2020-10-01 16:37:07 -02:30
Erik Marks
48e2880731
rpc-cap@3.2.0 (#9461) 2020-09-24 08:33:48 -07:00
Erik Marks
60d4b6aa41
@metamask/controllers@3.1.0 (#9460) 2020-09-23 13:24:24 -07:00
Mark Stacey
97b49b7614
Add prettier-plugin-sort-json (#9450)
JSON files are now sorted by key with `prettier`, using the plugin
`prettier-plugin-sort-json`. This does not affect `package.json`
because `prettier` uses a special parser for that file, as it has
a more restrictive format than JSON.
2020-09-23 12:21:42 -02:30
Erik Marks
3f2a7fd6ac
eth-json-rpc-filters@4.2.1 (#9452) 2020-09-22 21:55:59 -07:00
Erik Marks
242a5b3f23
eth-json-rpc-infura@5.1.0 (#9451) 2020-09-22 20:46:02 -07:00
Erik Marks
2eb8a9aca9
eth-json-rpc-middleware@6.0.0 (#9448) 2020-09-22 19:03:12 -07:00
Whymarrh Whitby
b83bca7223
Use eth-phishing-detect@1.1.14 (#9423) 2020-09-16 16:24:56 -02:30
Whymarrh Whitby
3b70cf64ec
Use @metamask/controllers@3.0.1 (#9416) 2020-09-16 14:34:28 -02:30
Whymarrh Whitby
34b3953815
Use eth-json-rpc-middleware@5.0.3 (#9405) 2020-09-14 19:17:29 -02:30
dependabot[bot]
b1665dedc6
Bump node-fetch from 2.6.0 to 2.6.1 (#9399)
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 15:45:42 -02:30
Brad Decker
8b24f624dd
add segment implementation of metametrics (#9382)
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-09-14 12:04:05 -05:00
Mark Stacey
9391eac670
Update @metamask/eth-token-tracker from v3.0.0 to v3.0.1 (#9398)
`v3.0.1` of `@metamask/eth-token-tracker` fixes how token balances are
displayed when they are between 1 and 0.1. See here for more details:
https://github.com/MetaMask/eth-token-tracker/pull/47
2020-09-11 19:03:24 -03:00
Mark Stacey
ce66ddcf0d
Use prettier for JSON linting (#9396)
Instead of using `eslint-plugin-json` for linting JSON files,
`prettier` is now used. `prettier` is capable of detecting and
correcting more problems than `eslint-plugin-json` can, such as
indentation.

All JSON files have been run through `prettier`. The changes are all
superficial.
2020-09-11 10:57:39 -03:00
Whymarrh Whitby
e2dedaacdb
Use Infura v3 API (#9368)
* Use eth-json-rpc-infura@5.0.0
* Use Infura v3 API
* Add example .metamaskrc file
2020-09-10 13:46:00 -02:30
Whymarrh Whitby
89eade97c5
Use bl@3.0.1, dedupe bl@1.x (#9375) 2020-09-08 18:23:44 -02:30
Whymarrh Whitby
253cd12bbb
Use yargs@7.1.1 (#9364)
This change updates the `yargs` dependency introduced by `gulp-cli` to the latest
`^7` version, addressing [`GHSA-p9pc-299p-vxgp`][1].

  [1]:https://github.com/advisories/GHSA-p9pc-299p-vxgp

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gulp                                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gulp > gulp-cli > yargs > yargs-parser                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-09-07 11:16:45 -02:30
Whymarrh Whitby
9c77f6add2
Use bl@1.2.3 (#9349) 2020-09-03 13:29:20 -02:30
Whymarrh Whitby
1e99a7b0c3
Migrate to scoped @metamask/jazzicon (#9341) 2020-09-02 12:37:56 -02:30
Whymarrh Whitby
a6e93a6344
Use ganache-core/websocket@1.0.32 (#9340)
This change updates `websocket` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ ganache-core                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ ganache-core > websocket > gulp > gulp-cli > yargs >         │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-09-02 12:36:12 -02:30
Whymarrh Whitby
72313f011d
Use derequire@2.1.1 (#9332)
This change updates `derequire` to address a low-severity security advisory
with `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ browserify-derequire                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ browserify-derequire > derequire > yargs > yargs-parser      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-08-31 21:54:06 -02:30
Whymarrh Whitby
ba9af7d7bf
Use react-inspector@4.0.1 (#9331)
This change addresses a low-severity security advisory for `yargs-parser`.

See https://www.npmjs.com/advisories/1500 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-actions                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-actions > react-inspector >                 │
│               │ storybook-chromatic > @chromaui/localtunnel > yargs >        │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1500                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-08-31 13:11:25 -02:30
Whymarrh Whitby
1024f49275
Use @metamask/eslint-config@3.2.0 (#9330) 2020-08-31 13:11:15 -02:30
Erik Marks
3aaa41ef44
Replace abi-decoder with ethers (#9290)
* replace abi-decoder with ethers

* handle transaction parsing errors

* update token param getter function names

* add docstrings
2020-08-21 19:29:19 -07:00
Erik Marks
02d318d493
Add @metamask/logo (#9281)
* Remove metamask-logo
2020-08-20 10:48:43 -07:00
Dan J Miller
42f4c2e407
MetaMask mascot support for provided directions targets and toggling followMouse (#9166)
* MetaMask mascot support for provided directions targets and toggling followMouse

* Fixes for mascot.component.js

* Update metamask-logo version to 2.4.0

* Lint fix

* Fix mouse follow updating

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Improve mascot story name

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Update package.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* Lint fix

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-20 05:29:03 -02:30
Thomas Huang
5f11273550
Add react-testing-library/react (#9249)
* Add react-testing-library

Adds react-testing-library as a dependency, creates a wrapper function with Provider store/I18n context support, and implements it in unconnected-account-alert.

* Refactor renderWithProvider store to extra param, instead of component prop store
2020-08-19 21:13:59 -07:00
Whymarrh Whitby
2b7a692658
Use @metamask/eslint-config@3.1.0 (#9275)
This change updates the shared ESLint config to the latest published version,
v3.1.0.

From the config [`CHANGELOG.md`][1]: v3.0.1 has disabled `prefer-object-spread`
by default, so it has been enabled for this project.

  [1]:https://github.com/MetaMask/eslint-config/blob/master/CHANGELOG.md
2020-08-19 17:34:58 -02:30
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
5c74420850
Use @metamask/controllers@2.0.5 (#9266) 2020-08-18 21:37:02 -02:30
Whymarrh Whitby
c188121c3d
Dedupe glob-parent versions (#9220) 2020-08-14 09:16:24 -02:30
Whymarrh Whitby
e8b31a77b9
Use copy-webpack-plugin@6.0.3 (#9197)
This updates the `copy-webpack-plugin` to the latest published version, 6.0.3,
resolving [a high-severity security advisory][1] with its `serialize-javascript`
dependency.

  [1]: https://www.npmjs.com/advisories/1548

See https://www.npmjs.com/advisories/1548 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Remote Code Execution                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ serialize-javascript                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=3.1.0                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ copy-webpack-plugin                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ copy-webpack-plugin > serialize-javascript                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1548                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```

The relevant [`v6.0.0`][2] breaking changes:

- minimum supported Node.js version is 10.13
    -  We use 10.18.1 locally and on CI
- the plugin now accepts an object, you should change `new CopyPlugin(patterns, options)` to `new CopyPlugin({ patterns, options })`
    -  Updated `.storybook/webpack.config.js`

  [2]:https://github.com/webpack-contrib/copy-webpack-plugin/releases/tag/v6.0.0
2020-08-12 22:02:40 -02:30
Whymarrh Whitby
d4f65e16b4 Use terser-webpack-plugin@2.3.8 2020-08-12 14:59:00 -02:30
Whymarrh Whitby
ca544a65ae Use terser-webpack-plugin@1.4.5 2020-08-12 14:59:00 -02:30
Whymarrh Whitby
d0366ad8f2
Use luxon@1.24.1 (#9154) 2020-08-07 12:33:03 -02:30
Thomas Huang
9e1aed88c2
Update 'react-devtools' to ^4.8.0 (#9140)
* bump-react-devtools

* Completed yarn lock after version bump of react-devtools
2020-08-06 12:30:28 -07:00
Mark Stacey
c7db4c5a4d
Update brfs from v1.6.1 to v2.0.2 (#9115)
We were not affected by the breaking changes introduced with v2.0.0.
This was updated primarily to get a bugfix relating to source maps, and
to update some older transitive dependencies.
2020-07-30 17:44:13 -03:00
Mark Stacey
b19e048f58
Update browserify from v16.2.3 to v16.5.1 (#9113)
The changes between these two versions don't seen to affect us a great
deal. The browserify dependency updates do result in changes to our
production bundle, but the changes have no obvious functional impact.
2020-07-30 16:02:27 -03:00
Mark Stacey
081153a0df
Update sesify-viz from v3.0.9 to v3.0.10 (#9111)
The changes between v3.0.9 and v3.0.10 are minimial - just some minor
improvements to error handling.
2020-07-30 14:55:46 -03:00
Mark Stacey
ee291d48e9
Update gulp-rename from v1.4.0 to v2.0.0 (#9112)
The changes between these versions don't affect us. The breaking change
was related to passing in a function to `gulp-rename`, which we don't
do.
2020-07-30 14:55:26 -03:00
Mark Stacey
3f53db1846
Update source-map-explorer from v2.0.1 to v2.4.2 (#9110)
The output remains identical between these two versions, and none of
the changelog entries appear relevant to us (aside from maybe some of
the bug fixes).
2020-07-30 14:43:02 -03:00
Whymarrh Whitby
d990de4a0c
Update dependencies (#9105)
This change updates the following two dependencies to address high severity advisories in the production dependencies:

* Use elliptic@6.5.3
* Use dot-prop@5.2.0

The public advisories:

- `elliptic`: [npm](https://www.npmjs.com/advisories/1547)
- `dot-prop`: [npm](https://www.npmjs.com/advisories/1213), [GHSA-ff7x-qrg7-qggm](https://github.com/advisories/GHSA-ff7x-qrg7-qggm)

I don't believe there to be any functional changes here:

- I don't think we hit any (important?) codepaths of the whole `ipld-zcash/zcash-bitcore-lib/elliptic` subtree of 3Box
- `dot-prop` doesn't have a changelog but;
    - Looking through [`v3.0.0...v4.0.0`](https://github.com/sindresorhus/dot-prop/compare/v3.0.0...v4.0.0) it would seem that the breaking change was requiring Node.js 4 ([`88b6eb6`](88b6eb66cf))
    - The only breaking change listed for [v5.0.0](https://github.com/sindresorhus/dot-prop/releases/tag/v5.0.0) was requiring Node.js 8.
2020-07-29 19:39:47 -02:30
Mark Stacey
a69245d9ba
Improve source maps (#9101)
Our source maps were being corrupted during minification, because the
`gulp-terser-js` plugin we were using didn't account for the existence
of sourcemaps in the input. A configuration option to allow the input
of sourcemaps was added in v5.2.0. The plugin has been updated, and we
now use this option.

Previously the generated sourcemaps had an invalid entry in the
"sources" array, with the filename of the bundle itself. This was not a
real source. After this change, this invalid source is no longer
present.
2020-07-29 17:31:01 -03:00
Erik Marks
a3cad5d52e
rpc-cap@3.1.0 (#9103) 2020-07-29 12:56:24 -07:00
Erik Marks
99899b5df9
json-rpc-engine@5.2.0 (#9091) 2020-07-28 10:01:24 -07:00
ryanml
b4663eb78b
Fixes MetaMask/metamask-extension#8626 - verifies password on requesting seed phrase (#9063) 2020-07-24 19:47:40 -03:00
Brad Decker
21292a8ed1
update eth-token-tracker (#9056) 2020-07-22 15:31:22 -05:00