1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-23 02:10:12 +01:00
Commit Graph

714 Commits

Author SHA1 Message Date
PeterYinusa
59694cfac6 deduplicate dependencies 2023-01-17 20:56:14 +00:00
PeterYinusa
5914b8f6b6 update dependencies 2023-01-17 20:01:58 +00:00
PeterYinusa
39f9b1e953 fix audit failure for luxon by upgrading (#17106) 2023-01-09 19:26:21 +00:00
PeterYinusa
94b0d7fb91 Update policies 2023-01-09 07:39:02 -03:30
PeterYinusa
e71b664bef fix audit failure (#17079) 2023-01-05 11:41:59 +00:00
Dan J Miller
1fa213835f
Update qs via yarn.lock to 6.5.3 (#16823) 2022-12-06 18:49:12 +00:00
weizman
0487de6e30
Upgrade Snow to new version 1.3.0 in MetaMask (#16815) 2022-12-06 17:10:59 +02:00
dependabot[bot]
5eb5b4c652
Bump @metamask/design-tokens from 1.11.0 to 1.11.1 (#16764)
Bumps [@metamask/design-tokens](https://github.com/MetaMask/design-tokens) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/MetaMask/design-tokens/releases)
- [Changelog](https://github.com/MetaMask/design-tokens/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/design-tokens/compare/v1.11.0...v1.11.1)

---
updated-dependencies:
- dependency-name: "@metamask/design-tokens"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 13:24:14 -08:00
Jyoti Puri
31bd70de62
Updating keyring controller (#16762) 2022-12-02 20:10:24 +05:30
Frederik Bolding
dfb6210910
[FLASK] snaps-monorepo@0.25.0 (#16673)
* snaps-monorepo@0.25.0

* Regen LavaMoat policies

* Bump test-snaps

* [FLASK] Add Snaps JSON-RPC handler permission (#16670)

* Add Snaps JSON-RPC handler permission

* Add copy and icon

* Fix test

Co-authored-by: Maarten Zuidhoorn <maarten@zuidhoorn.com>
2022-11-30 13:19:33 +01:00
Maarten Zuidhoorn
c341abaea6
Use Webpack 5 for Storybook (#16678)
* Fix storybook

* Update policies

* Bump all Storybook dependencies to the latest version

* Add Storybook dependencies to depcheck ignore list

* Update policy-override.json

* Fix SectionShape circular dependency

* Change policy override for eslint-scope

* Fix some Webpack build issues

* Add missing dependency

Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
2022-11-29 19:23:36 +01:00
Jyoti Puri
ea882d4588
DAPP action replay improvements (#16250) 2022-11-29 22:33:13 +05:30
Elliot Winkler
51cffa15dd
Migrate to new controller packages (#16547)
* Migrate to new controller packages

`@metamask/controllers` is deprecated, and most of the controllers that
lived here are now located in their own package ([1]). This commit
replaces `@metamask/controllers` in `package.json` with references to
these packages and updates `import` lines to match.

[1]: https://github.com/MetaMask/controllers/pull/831

* Support GitHub registry for draft PRs (#16549)

* Add additional allowed host to lockfile linter

* Update LavaMoat policies

* Add policy exception for nanoid

* Add additional nanoid overrides

* Update LavaMoat policies again

* Bump controller packages

* Update lavamoat

* Bump controller packages

* Update packages to v1.0.0

* Expand gitignore comment

* Unpin controller dependencies, using ^ range instead

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-24 16:29:07 -03:30
David Walsh
266d7d93d5
Fix #15050 - MV3: Keep the user logged in when service worker restarts (#15558) 2022-11-23 18:49:24 -06:00
weizman
42b8971571
Integrating snow into metamask (#15580) 2022-11-24 02:36:19 +02:00
Frederik Bolding
de955f3faa
[FLASK] snaps-monorepo@0.24.1 (#16525)
* snaps-monorepo@0.24.0

* Fix imports and regen LavaMoat policies

* Bump iframe-execution-environment

* Fix tests

* Add permissions

* Bump patch

* Bump test-snaps

* [FLASK] Fix update e2e test to catch snaps with caveats (#16546)

* changed snap to update to bip32

* small changes to test

* Fix lint

* Fix E2E

* Update copy

* Update icon

Co-authored-by: Bowen Sanders <bowensanders@gmail.com>
2022-11-22 13:07:08 +01:00
dependabot[bot]
a523636923
Bump @metamask/design-tokens from 1.9.0 to 1.11.0 (#16515)
Bumps [@metamask/design-tokens](https://github.com/MetaMask/design-tokens) from 1.9.0 to 1.11.0.
- [Release notes](https://github.com/MetaMask/design-tokens/releases)
- [Changelog](https://github.com/MetaMask/design-tokens/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/design-tokens/compare/v1.9.0...v1.11.0)

---
updated-dependencies:
- dependency-name: "@metamask/design-tokens"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 10:05:24 -08:00
Mark Stacey
61b3d25ab3
Update SmartTransactionsController to v3 (#16511)
This update drops support for Node.js v12, and it includes a bug fix
for a deadlock encountered when using swaps on unsupported testnets.

Fixes #16479
2022-11-16 08:55:53 -03:30
Mark Stacey
4f66dc948f
Update @metamask/controllers to v33 (#16493)
The controllers package has been updated to v33. The only breaking
change in this release was to rename the term "collectible" to "NFT"
wherever it appeared in the API.

Changes in this PR have been kept minimal; additional renaming can be
done in separate PRs. This PR only updates the controller names,
controller state, controller methods, and any direct references to
these things. NFTs are still called "collectibles" in most places.
2022-11-15 15:19:42 -03:30
Brad Decker
c9527e745f
upgrade gulp-autoprefixer (#16439) 2022-11-15 08:40:56 -06:00
Peter Yinusa
d39c0f8096
Upgrade geckodriver to latest version, run ci tests with Firefox v106.0.4 (#16383)
* update geckodriver

* update ff binary in ci

* dedupe
2022-11-10 11:16:02 +00:00
Frederik Bolding
de3068d932
[FLASK] snaps-monorepo@0.23.0 (#16394)
* snaps-monorepo@0.23.0

* Regen LavaMoat policies

* Update iframe-execution-environment

* Fix tests

* Bump luxon

* Fix lint

* Update test-snaps

* Bump post-message-stream

* Fix E2E
2022-11-08 10:31:22 +01:00
dependabot[bot]
c098c628cc
Bump @metamask/providers from 10.0.0 to 10.2.0 (#16361)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-04 10:23:27 -05:00
seaona
c246eaa8e2
Updating chromedriver to last stable version (#16310)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-11-02 11:14:43 +01:00
Erik Marks
a8c1756816
Remove 3box feature and delete ThreeBoxController (#14571)
* Remove 3box feature and delete ThreeBoxController

Lint locale messages

lavamoat policy updates

* Restore 3Box user trait with value `false`

The 3Box user trait has been restored and hard-coded as `false`. This
ensures that users don't get stuck in our metrics as having this trait.

A deprecation comment has been left in various places for this trait.

* Remove unused state

* Remove additional 3box-related things

* Run `yarn-deduplicate`

* Restore migration that was lost while rebasing

* Remove obsolete override

* Remove additional unused resolutions/dependencies

* Update LavaMoat policies

* Remove obsolete security advisory ignore entries

* Remove 3Box fixture builder method

* Update unit tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2022-10-31 13:50:50 -02:30
Jyoti Puri
68642ee47a
Updating controller dependency (#16033)
* Updating controller dependency

* fix

* fix

* fix

* fix

* fixes

* Lavamoat auto

* Update URLs for phishing detection testcase

* update lavamoat files

* call phishingController.test synchronously again

* bump @metamask/controllers to v32.0.1

* lint

* update policy files

* bump controllers version again

* modify update phishing list strategy

* revert back to use isOutOfDate, but without blocking substream

* possible way to fix e2e tests?

* enable testing

* Remove promise return from setupController in background.js, as it is no longer used

* Ensure updatePhishingLists is called in MM contrller constructer, so that phishing lists are updated right away

Co-authored-by: seaona <mariona@gmx.es>
Co-authored-by: Alex <adonesky@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
2022-10-25 02:24:02 -02:30
Peter Yinusa
65e3047a74
Chromedriver v106 (#16213)
* update chromedriver

* update chrome binary in ci
2022-10-24 14:36:08 +01:00
Frederik Bolding
d640c9a924
[FLASK] snaps-monorepo@0.22.2 (#16161)
* snaps-monorepo@0.22.2

* Update LavaMoat policies

* Fix eth_accounts permission for Snaps

* Update iframe execution environment

* Dedupe yarn.lock and rerun LavaMoat policy gen

* Add policy override for nanoid
2022-10-11 18:56:34 +02:00
Jyoti Puri
6995174cbc
MV3 Segment Fix (#16020) 2022-10-11 20:34:32 +05:30
Jyoti Puri
b34d24937d
Update provider (#16131) 2022-10-11 14:18:55 +05:30
Mark Stacey
f6f8edfd15
Update eth-json-rpc-middleware to v9.0.1 (#16096)
This update includes fixes for our `block-ref` and `retry-on-empty`
middleware.

The `block-ref` middleware resolves the block reference `latest` to a
specific block number, the latest one we are aware of. This is meant to
protect against situations where the network gives inconsistent answers
for what the latest block number is due to some nodes being out-of-sync
with each other (this was a frequent problem years ago with Infura).

It was broken in that the `latest` resolution was failing, and we were
submitting an additional redundant request to Infura for each request.

The `retry-on-empty` middleware is meant to retry certain methods
when they return an empty response. This was also meant to deal with
network synchronization issues that were more common years ago. This
middleware works by making a "child" request over and over until either
a retry limit is reached, or a non-empty response is received.

It was broken in that the final response recieved was thrown away, so
it's as though the middleware was not used. Except that it did result
in additional redundant network requests.

As a result of this update we should see that the extension is more
resilient to certain network synchronization issues. But this is
difficult to test, and these issues may not happen in production
anymore today.

We should see a reduction in requests to Infura as well. This should
be easier to test.
2022-10-10 13:16:58 -02:30
Frederik Bolding
7ba0f78a84
[FLASK] snaps-skunkworks@0.22.0 (#16069)
* snaps-skunkworks@0.22.0

* Update LavaMoat policies

* Bump execution environment and fix a breaking change

* Fix caveat and permissions

* Fix test

* Exclude keyring endowment for now

* Fix test

* Fix snap_confirm missing title
2022-10-07 10:02:35 +02:00
George Marshall
db59186ced
Adding ast-types to resolutions (#16103) 2022-10-06 12:42:52 -07:00
Maarten Zuidhoorn
22f07aefe3
Update Jest config to avoid transpiling dependencies (#16068)
* Use stable version of Jest

* Update Jest config
2022-10-04 17:58:22 +02:00
Alex Donesky
3b63ecff07
Update eth-lattice-keyring to v0.12.3 (#15997) 2022-10-03 19:02:38 -05:00
Frederik Bolding
6a0dcf41b6
Fix @hapi/hoek audit failure (#16034) 2022-09-30 09:10:01 -05:00
Elliot Winkler
d7a812f42f
Add remaining tests for createInfuraClient (#15717)
Add tests for the `block-tracker-inspector` middleware — which makes
sure that the block tracker never has a reference to the latest block
which is less than a block number that shows up in an RPC method's
response — and the Infura middleware — which takes care of sending the
request to Infura, and will retry the request up to 5 times if Infura
sends back a certain type of error.

Note that the `retry-on-empty` middleware is not tested because it
currently has a [bug][1] which is making it ineffective.

[1]: https://github.com/MetaMask/eth-json-rpc-middleware/issues/139
2022-09-29 10:39:35 -06:00
Frederik Bolding
947f5299f8
Fix vm2 audit failure (#16025) 2022-09-28 20:22:04 +02:00
dependabot[bot]
b0baa89aba
Bump @metamask/contract-metadata from 1.35.0 to 1.36.0 (#15597)
Bumps [@metamask/contract-metadata](https://github.com/MetaMask/contract-metadata) from 1.35.0 to 1.36.0.
- [Release notes](https://github.com/MetaMask/contract-metadata/releases)
- [Changelog](https://github.com/MetaMask/contract-metadata/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MetaMask/contract-metadata/commits/v1.36.0)

---
updated-dependencies:
- dependency-name: "@metamask/contract-metadata"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-09-28 09:40:40 -05:00
Alex Donesky
34fe20126a
bump smart-transactions-controller verion (#15818) 2022-09-27 16:44:38 -05:00
PeterYinusa
1295fabfb5
[E2E]: Revoke nft approval (#15995) 2022-09-27 10:51:46 -05:00
Frederik Bolding
4eb8e50800
[FLASK] snaps-skunkworks@0.21.0 (#15889)
* snaps-skunkworks@0.21.0

* Update policy files

* Regen policies again

* Fix tests

* Simplify selector

* Fix flaky test

* Update iframe execution env

* Move snap install warnings to util

* Add basic copy for snap_getBip32PublicKey

* Update permission icon

* Update E2Es

* Fix lint

* Fix locale strings
2022-09-23 12:39:54 +02:00
Alex Donesky
d3bd5b0d6b
Bump keystone package versions to latest (#15878) 2022-09-22 10:04:24 -05:00
ryanml
c0065b4c5d
Bump @metamask/etherscan-link from 2.1.0 to 2.2.0 (#15881) 2022-09-19 12:31:45 -07:00
seaona
dd660f83ae
Add test insights on circle ci for test-unit job (#15839)
* Test results for jest

* Add jest-junit package for reporting

* Order alphabetically
2022-09-19 13:30:34 +02:00
Elliot Winkler
d91eabfd16
Add initial provider API tests for Infura client (#15556)
We are working on migrating the extension to a unified network
controller, but before we do so we want to extract some of the existing
pieces, specifically `createInfuraClient` and `createJsonRpcClient`,
which provide the majority of the behavior exhibited within the provider
API that the existing NetworkController exposes. This necessitates that
we understand and test that behavior as a whole.

With that in mind, this commit starts with the Infura-specific network
client and adds some initial functional tests for `createInfuraClient`,
specifically covering three pieces of middleware provided by
`eth-json-rpc-middleware`: `createNetworkAndChainIdMiddleware`,
`createBlockCacheMiddleware`, and `createBlockRefMiddleware`.

These tests exercise logic that originate from multiple different places
and combine in sometimes surprising ways, and as a result, understanding
the nature of the tests can be tricky. I've tried to explain the logic
(both of the implementation and the tests) via comments. Additionally,
debugging why a certain test is failing is not the most fun thing in the
world, so to aid with this, I've added some logging to the underlying
packages used when a request passes through the middleware stack.
Because some middleware change the request being made, or make new
requests altogether, this greatly helps to peel back the curtain, as
failures from Nock do not supply much meaningful information on their
own. This logging is disabled by default, but can be activated by
setting `DEBUG=metamask:*,eth-query DEBUG_COLORS=1` alongside the `jest`
command.

We use this logging by bumping `eth-block-tracker`, and
`eth-json-rpc-middleware`.
2022-09-16 10:48:33 -02:30
Mark Stacey
929a1a0d52
Update eth-json-rpc-infura (#15845)
* Update `eth-json-rpc-infura`

The package `eth-json-rpc-infura@5` has been updated to
`@metamask/eth-json-rpc-infura@7`. This update includes TypeScript
support, and it drops support for older node.js versions. The exports
have also been changed from default to named exports.

See here for a full list of changes: https://github.com/MetaMask/eth-json-rpc-infura/blob/main/CHANGELOG.md#700

* Fix LavaMoat policy issue

The `web3` package used by `@metamask/controllers` unintentionally
overwrites the `XMLHttpRequest` global, which breaks things. This was
fixed by revoking `web3`'s write access to that global using a policy
override.

Previously this policy override was applied to `web3`, but for some
unknown reason, this update caused that override to no longer apply.
2022-09-15 14:41:18 -02:30
dependabot[bot]
8391949977
Bump @metamask/auto-changelog from 2.6.0 to 2.6.1 (#15001)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brad Decker <bhdecker84@gmail.com>
2022-09-13 13:00:06 -05:00
seaona
d322c89bb2
Updating Chromedriver to the last version (#15798)
* Updating Chromedriver to the last version

* Update Chrome version to last stable v105
2022-09-13 16:31:19 +02:00
George Marshall
100fbbfaca
Upgrading storybook from 6.3 to 6.5 fixing shell-quote vulnerability (#15684)
* Updating storybook from 6.3 to 6.5

* Some lavamoat policy overrides for eslint
2022-09-06 15:58:22 -07:00