Version 11.7.1 #22305
Merged
Version 11.7.1 #22305
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
@metamaskbot update-policies |
|
Policy update failed. You can review the logs or retry the policy update here |
DDDDDanica
force-pushed
the
Version-v11.7.1
branch
from
a469292 to
307e7c0
Compare
danjm
force-pushed
the
Version-v11.7.1
branch
from
2e2867b to
86d35ec
Compare
|
Updated dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. Ignoring: Next stepsTake a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with |
danjm
force-pushed
the
Version-v11.7.1
branch
from
86d35ec to
29fb5dc
Compare
|
@SocketSecurity ignore-all |
DDDDDanica
force-pushed
the
Version-v11.7.1
branch
from
29fb5dc to
92545de
Compare
danjm
force-pushed
the
Version-v11.7.1
branch
from
92545de to
1d83e1f
Compare
There was a bump for library @zxing.js #19225 to audit the package, however, there're breaking changes from API in this library. We will have a temporary fix by reverting the upgrade and ignore the audit changes, but we will have a follow up PR to have proper fix and add e2e test to backup. We also include the copy update as [requested](#22160 (comment)). <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Fixes: #22160 1. Go to send 2. Click scanner icon beside address 3. provide a QR code to scan <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> <!-- [screenshots/recordings] --> https://github.com/MetaMask/metamask-extension/assets/12678455/b792c931-4213-4e85-b376-c6cf7f5ef01a - [ ] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've clearly explained what problem this PR is solving and how it is solved. - [ ] I've linked related issues - [ ] I've included manual testing steps - [ ] I've included screenshots/recordings if applicable - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I’ve properly set the pull request status: - [ ] In case it's not yet "ready for review", I've set it to "draft". - [ ] In case it's "ready for review", I've changed it from "draft" to "non-draft". - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <[email protected]>
## **Description** When a user adds a chain from a dapp, they will see warnings that the currency symbol is incorrect, even though it is correct. Part of the problem was that the `pendingConfirmation` variable inside of `fetchSafeChainsList` was undefined when it should not be. I guess it closed over the original value or something like that? I didn't verify. This PR corrects it by explictly passing the updated `pendingConfirmations` variable to `fetchSafeChainList` The other problem was that `useAlertState` was calling `getTemplateAlerts` twice, without resetting the alert state. On the first call, alerts were being set in state because the request to chainId.network had not yet resolved. This PR fixes it by ensuring that that `useAlertState` does not call `getTemplateAlerts` before the fetch to chainId.network has resolved (when this confrimation type is an add ethereum chain approval) ## **Related issues** An example of the problem can be seen by going to https://chainlist.org/?search=cro and adding Cronos Mainnet to metamask, only to see warnings that the currency symbol is incorrect even though it is correct.  ## **Manual testing steps** 1. Go to https://chainlist.org/?search=cro 2. Add Cronos mainnet to metamask 3. The confirmation window should open with an add ethereum chain confirmation. There should be no warnings 4. Reject the confirmation 5. Open the dev console and paste the below code, and press enter. The confirmation window should open with an add ethereum chain confirmation. There should be warnings about the currency symbol 6. Reject the confirmation 7. Modify the below code so that `"symbol": "cra",` becomes `"symbol": "cro",`, paste it in the dev console and press enter. There should be no warnings in the new confirmation window ``` await window.ethereum.request({ "method": "wallet_addEthereumChain", "params": [ { "blockExplorerUrls": [ "https://blockscout.com/poa/xdai/" ], "nativeCurrency": { "name": "CRO", "symbol": "cra", "decimals": 18 }, "rpcUrls": [ "https://evm.cronos.org", null ], "chainId": "0x19", "chainName": "Cronos Mainnet" } ] }); ``` ### **Before** https://github.com/MetaMask/metamask-extension/assets/7499938/d6f738be-8e4a-4618-8703-c2d94df9c8a7 ### **After** https://github.com/MetaMask/metamask-extension/assets/7499938/c3ab5cf6-ac73-4ad3-b7b3-fd49910c0311 <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've clearly explained what problem this PR is solving and how it is solved. - [ ] I've linked related issues - [ ] I've included manual testing steps - [ ] I've included screenshots/recordings if applicable - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I’ve properly set the pull request status: - [ ] In case it's not yet "ready for review", I've set it to "draft". - [ ] In case it's "ready for review", I've changed it from "draft" to "non-draft". ## **Pre-merge reviewer checklist** - [x] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [x] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: Pedro Figueiredo <[email protected]>
We want a ChainID: Ticker Map for future validation on some of our more commonly used networks. This PR adds that mapping constant, changes Optimism's "OP" ticker to "ETH" and fixes a resulting unit test failure. <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Fixes: [#1708 ](MetaMask/MetaMask-planning#1708) <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> <!-- [screenshots/recordings] --> <!-- [screenshots/recordings] --> - [X] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [X] I've clearly explained what problem this PR is solving and how it is solved. - [X] I've linked related issues - [X] I've included manual testing steps - [X] I've included screenshots/recordings if applicable - [X] I’ve included tests if applicable - [X] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [X] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [X] I’ve properly set the pull request status: - [X] In case it's not yet "ready for review", I've set it to "draft". - [x] In case it's "ready for review", I've changed it from "draft" to "non-draft". - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: Dan J Miller <[email protected]>
…based backup (#22307)' into v11.7.0 During the backup flow, we should prompt a user for a password. This provides extra friction during a security sensitive step. 1. Build, install and onboard 2. Make sure to back up your seed phrase during onboarding. Onboarding should work as normal 3. Once you get to the home screen, replace `home.html` in the url browsers url bar with `home.html#onboarding/secure-your-wallet/?isFromReminder=true` and press enter 4. Click "Secure my wallet" 5. You should then be prompted to enter your password. 6. After entering your password, you should be able to proceed as normal If you repeat those steps but click cancel when being prompted to enter your password, you should be taken to the home screen. If you repeat those steps, but on step 2 don't back up your seed phrase, the remaining steps should work as described above. https://github.com/MetaMask/metamask-extension/assets/7499938/ac8b5dfb-ca7b-4622-95b8-07db5405abfe - [ ] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've clearly explained what problem this PR is solving and how it is solved. - [ ] I've linked related issues - [ ] I've included manual testing steps - [ ] I've included screenshots/recordings if applicable - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I’ve properly set the pull request status: - [ ] In case it's not yet "ready for review", I've set it to "draft". - [ ] In case it's "ready for review", I've changed it from "draft" to "non-draft". - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: Pedro Figueiredo <[email protected]>
danjm
force-pushed
the
Version-v11.7.1
branch
from
1d83e1f to
bb181f4
Compare
…#22326) (#22328) ## **Description** Cryptocompare reported a spike in API requests. This is the result of incorrectly starting CurrencyRateController polling on MetaMask extension background startup. This PR fixes the issue by removing the logic that was starting CurrencyRateController polling in the constructor. ## **Related issues** Fixes: #21549 ## **Manual testing steps** 1. Open network debug on background.html 2. Restart extension 3. No cryptocompare requests should be seen 4. Open wallet UI 5. One cryptocompare request should be seen 6. Wait 3mins 7. Another cryptocompare request should be seen 8. Close UI 9. Wait 3mins 10. No additional cryptocompare requests should be seen ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** Note the requests made before the UI is open, but that they are stopped after UI is opened then closed for the first time. https://github.com/MetaMask/metamask-extension/assets/918701/c66eabd0-363b-467a-87e3-5628daa95395 ### **After** https://github.com/MetaMask/metamask-extension/assets/918701/3676fa9d-4b6f-4c4d-941d-eac7b0ab7194 ## **Pre-merge author checklist** - [ ] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've clearly explained what problem this PR is solving and how it is solved. - [x] I've linked related issues - [x] I've included manual testing steps - [x] I've included screenshots/recordings if applicable - [x] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [x] I’ve properly set the pull request status: - [ ] In case it's not yet "ready for review", I've set it to "draft". - [x] In case it's "ready for review", I've changed it from "draft" to "non-draft". ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Related issues** Fixes: ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I’ve followed [MetaMask Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've clearly explained what problem this PR is solving and how it is solved. - [ ] I've linked related issues - [ ] I've included manual testing steps - [ ] I've included screenshots/recordings if applicable - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I’ve properly set the pull request status: - [ ] In case it's not yet "ready for review", I've set it to "draft". - [ ] In case it's "ready for review", I've changed it from "draft" to "non-draft". ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
danjm
force-pushed
the
Version-v11.7.1
branch
from
1140d29 to
e9507de
Compare
Builds ready [e9507de]
Page Load Metrics (623 ± 301 ms)
|
danjm
approved these changes
Dec 18, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Related issues
Fixes:
Manual testing steps
Screenshots/Recordings
Before
After
Pre-merge author checklist
Pre-merge reviewer checklist