1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-23 18:41:38 +01:00
Commit Graph

10731 Commits

Author SHA1 Message Date
Erik Marks
a48ec51c36 lowercase web3 2020-06-15 11:54:51 -07:00
Whymarrh Whitby
3f8fa161ca
Use markdown-to-jsx@6.11.4 (#8809)
This change updates the `markdown-to-jsx` dependency to the latest version,
resolving XSS security advisories.

See https://www.npmjs.com/advisories/1219 for more information.

The `yarn audit` output:

```
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-actions                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-actions > @storybook/components >           │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-backgrounds                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-backgrounds > @storybook/components >       │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-knobs                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/addon-knobs > @storybook/components >             │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > @storybook/components >    │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ @storybook/components > markdown-to-jsx                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/core                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/core > @storybook/ui > markdown-to-jsx            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=6.11.4                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ @storybook/react > @storybook/core > @storybook/ui >         │
│               │ markdown-to-jsx                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1219                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
```
2020-06-15 16:13:45 -02:30
Erik Marks
7f47eb53ed
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:57 -07:00
Erik Marks
22679622f5
Update app/_locales/en/messages.json
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-06-15 11:38:51 -07:00
Erik Marks
b1fd1e5bde also remove 'dapp' from descriptions 2020-06-15 11:35:15 -07:00
Erik Marks
fc7930f6bc remove all user-facing instances of 'dapp' 2020-06-15 11:30:56 -07:00
Brad Decker
955625278b
update button styling on home/asset page (#8800) 2020-06-15 12:02:38 -05:00
Mark Stacey
6ca18c3573
Fix handling of permissions of removed accounts (#8803)
Imported accounts can be removed, but the permissions controller is not
informed when this happens. Permissions are now removed as part of the
account removal process.

Additionally, the `getPermittedIdentitiesForCurrentTab` selector now
filters out any non-existent accounts, in case a render occurs in the
middle of an account removal.

This was resulting in a render crash upon opening the popup on a site
that was connected to the removed account.
2020-06-15 10:27:27 -03:00
Thomas Huang
d9a4c60d99
Clear permssions during createNewVaultAndRestore (#8804)
One possible solution to #8787.
2020-06-13 18:42:39 -07:00
Mark Stacey
bb087e3749
Hide token transfers on ETH asset page (#8799)
Token transfers will now be hidden on the ETH asset page. Arguably
token transfers are still relevant to show on the ETH asset page
because the gas for token transfers is paid in ETH, but they weren't
being displayed in a way that highlighted this (only the token amount
was shown inline - not the gas price).

We will likely restore token transfers to the ETH asset page at a later
date, after designs have been updated to highlight their relevance to
this page.
2020-06-12 23:06:33 -03:00
Mark Stacey
31bb86c596
Fix account name editing (#8801)
Editing the name of an account was accidentally made impossible when
FontAwesome was updated in #8256, because the icon we used to use for
the edit button (`fa fa-pencil`) was no longer free. The icon has been
switched to `fas fa-pencil-alt`, which is free.
2020-06-12 23:06:19 -03:00
Mark Stacey
f17aa87a65
Fix connect flow account list height (#8798)
The list of accounts shown on the first page of the connect flow takes
up the entire height of the window, even if there aren't enough
accounts to fill the space. This looks strange because of the border
around the account list, especially in the case where there are three
accounts in the list.

The list now cedes space to the footer if it can't fill the space
itself. The extra space is taken by whitespace between the footer and
the list.
2020-06-12 18:22:45 -03:00
Mark Stacey
53769a7b3a
Update color of menu item icons (#8797)
Menu item icons are now grey instead of black, as requested in design
QA feedback.
2020-06-12 17:09:47 -03:00
Mark Stacey
8a7e376930
Update "Connected accounts" empty description (#8796)
The copy has been updated to use the term "Web3 site" instead of
"decentralized site".
2020-06-12 12:52:53 -07:00
Mark Stacey
1fb15a52bb
Stop reporting failed transactions to Sentry (#8795)
These error reports are not useful.
2020-06-12 16:41:57 -03:00
Mark Stacey
37da64aa7e
Omit state snapshot from Sentry errors (#8794)
The state snapshot we were attaching to Sentry errors was too large.
As a temporary solution, it has been removed completely. We can re-add
it later after reducing its size.
2020-06-12 16:13:14 -03:00
Mark Stacey
cf08131b49
Show fiat balance on token page (#8791)
The token page overview now shows the balance in fiat.
2020-06-12 15:47:39 -03:00
Mark Stacey
a100c55e64
Hide token fiat amounts on testnets (#8792)
The token amount is no longer shown in fiat on testnets, unless the
user has enabled the "Show fiat on testnets" setting.
2020-06-12 15:47:23 -03:00
Brad Decker
2f50e9fd72
Restore timing function (#8774)
* restore and enhance the time est feature

background: we had a feature for showing a time estimate on pending txs
that was accidently removed during the redesign implementation. This PR
restores that feature and also enhances it:
1. Displays the time estimate on all views instead of just fullscreen
2. Uses Intl.RelativeTimeFormat to format the time
3. Adds a way to toggle the feature flag.
4. Uses a hook to calculate the time remaining instead of a component

* Update app/_locales/en/messages.json

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* do not display on test nets

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-12 13:46:01 -05:00
Erik Marks
5aabe2ac75
Warn users to only add custom networks that they trust (#8789)
* add warning when adding custom network

* give the settings subheader breathing space
2020-06-12 11:21:29 -07:00
Mark Stacey
3c98be4214
Show fiat amounts inline on token transfers (#8786)
Fiat amounts are now shown inline on token transfers in the transaction
list, where possible (i.e. where the conversion rates are known).

The logic for this hook is pretty tangled because it's used for so many
fundamentally different types of items (eth transactions, token
transactions, signature requests). In the future we should split these
into different components.

The documentation for the `useTokenFiatAmount` hook was updated to make
`tokenAmount` optional, but in practice it already worked as expected
without the amount being passed in.
2020-06-12 14:37:06 -03:00
Mark Stacey
016acd3e94
Refactor asset page component (#8788)
The asset page component has been split into three parts: the main
asset page wrapper, and a component for the content (either token or
native currency). This makes it easier to add functionality that is
specific to either token asset pages or native currency asset pages.
2020-06-12 14:04:40 -03:00
Erik Marks
1323233cfa
Make permission approval redirect flow consistent (#8755)
* make redirect flow consistent

* remove cancel redirect

* extract redirect component into own file
2020-06-12 09:38:20 -07:00
Brad Decker
73ba992125
use UI button for add token functionality (#8781) 2020-06-12 11:22:00 -05:00
Erik Marks
d1e645f671 fixup! fix redirect alignment and css class names 2020-06-12 09:09:42 -07:00
Erik Marks
0cec119fc8 fix redirect alignment and css class names 2020-06-12 09:09:24 -07:00
Erik Marks
d8e7fb4c42 address review feedback 2020-06-11 14:11:50 -07:00
Erik Marks
14a5e77edd fix classes 2020-06-11 13:56:29 -07:00
Mark Stacey
4ac4790cfa
Rename 'History' tab to 'Activity' (#8785)
'Activity' is a better name for this tab because it contains more than
just transactions. Signature requests are also included, and more non-
transaction activity may be included in the future.
2020-06-11 17:14:07 -03:00
Erik Marks
8bf1410f06 fix calling redirect immediately on cancel 2020-06-11 12:55:35 -07:00
Mark Stacey
058c63cf80
Use localized tab names on Home screen (#8784)
The tab names on the Home screen are now localized messages, rather
than being hard-coded as English.
2020-06-11 15:19:13 -03:00
ricky
71e7966b6a
Update Seed Phrase Functionality on Account Import (#8730)
Update seed phrase functionality to be able to conceal seed phrase (as a password field) so it remains hidden on screen.
2020-06-11 10:24:13 -04:00
Victor Baranov
d0a28087dc
Remove 2nd parameter from the call of estimateTxGas (#8783) 2020-06-11 10:16:50 -02:30
Erik Marks
a5f4115969 fixup! only run beforeunload in notification UI 2020-06-10 22:14:17 -07:00
Erik Marks
222ccd9d44 only run beforeunload in notification UI 2020-06-10 22:13:55 -07:00
Erik Marks
c090bc7f40 remove home page flicker on notification close 2020-06-10 22:09:04 -07:00
Erik Marks
51956b2a14 handle multiple pending permissions requests 2020-06-10 21:50:49 -07:00
Erik Marks
8b649ddeb9 verify-locales:fix 2020-06-10 17:51:22 -07:00
Erik Marks
854e06b3ae fixup! only close notification in redirectFlow 2020-06-10 17:49:26 -07:00
Erik Marks
12d2315f18 only close notification in redirectFlow 2020-06-10 17:35:16 -07:00
Erik Marks
3eb33ef492 remove cancel redirect 2020-06-10 17:27:47 -07:00
Erik Marks
e86fc77d16 fixup! delete buttonsDisabled boolean 2020-06-10 16:44:10 -07:00
Erik Marks
0de56203fc delete buttonsDisabled boolean 2020-06-10 16:44:10 -07:00
Erik Marks
567b5634ca cleanup; update metadata as needed 2020-06-10 16:44:10 -07:00
Erik Marks
00a792e191 fix locale messages 2020-06-10 16:44:10 -07:00
Erik Marks
a94dc15349 removed unused styles 2020-06-10 16:44:09 -07:00
Erik Marks
ea398abc5d make redirect flow consistent 2020-06-10 16:44:09 -07:00
Brad Decker
a4e5fc934d
restore status tooltip (#8745)
initially set out to add the failed tooltip back to the transaction list, but
in the process rediscovered the transaction-status component which illuminated
a fair number of statuses that were not properly handled by the refactor of the
list. These statuses were discussed with UX and engineering team members to come
up with a definitive list of statuses that should be reflected in the UI

Changes:
1. normalized the color of status labels to use Red-500 and Orange-500 where applicable
2. added a new color of icon for pending transactions -- grey
3. added support for dropped and rejected labels
4. failed, dropped, rejected and cancelled all have red icons now.
5. cancelled transactions will reflect a change in the user's balance
6. tooltip displayed for failed transactions
7. Icon logic isolated to a new component.
2020-06-10 15:38:34 -05:00
Mark Stacey
1f8a7a72c9
Fix TokenRatesController (#8780)
The `TokenRatesController` was accidentally broken in #8744, when the
logic for starting and stopping polling was moved from the `isActive`
property to start/stop functions.

A reference to the now-obsolete `isActive` property was accidentally
left behind, resulting in no exchange rate updates.
2020-06-10 16:53:37 -03:00
Mark Stacey
0b86283c10
Create useTokenFiatAmount hook (#8778)
This hook is responsible for converting a token balance to fiat. It has
been extracted from the `TokenCell` component, and will be used
elsewhere in a future PR.
2020-06-10 16:04:29 -03:00