From 05e9fe5e29cb29e94a4e579dd00d4ea257dfdc40 Mon Sep 17 00:00:00 2001 From: Antonio Regadas Date: Thu, 19 Sep 2024 16:24:14 +0100 Subject: [PATCH 1/5] chore: fixes modal because of code fence and removes portfolio button for MMI --- .../app/wallet-overview/coin-buttons.tsx | 2 +- .../app/wallet-overview/coin-overview.tsx | 28 +++++++++++-------- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/ui/components/app/wallet-overview/coin-buttons.tsx b/ui/components/app/wallet-overview/coin-buttons.tsx index 5a8f1a1dea6f..426713f5d086 100644 --- a/ui/components/app/wallet-overview/coin-buttons.tsx +++ b/ui/components/app/wallet-overview/coin-buttons.tsx @@ -65,8 +65,8 @@ import IconButton from '../../ui/icon-button'; ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) import useRamps from '../../../hooks/ramps/useRamps/useRamps'; import useBridging from '../../../hooks/bridge/useBridging'; -import { ReceiveModal } from '../../multichain/receive-modal'; ///: END:ONLY_INCLUDE_IF +import { ReceiveModal } from '../../multichain/receive-modal'; const CoinButtons = ({ chainId, diff --git a/ui/components/app/wallet-overview/coin-overview.tsx b/ui/components/app/wallet-overview/coin-overview.tsx index ad47813f1808..08f77a31bff5 100644 --- a/ui/components/app/wallet-overview/coin-overview.tsx +++ b/ui/components/app/wallet-overview/coin-overview.tsx @@ -170,18 +170,22 @@ export const CoinOverview = ({ hideTitle /> )} -
- {t('portfolio')} - -
+ { + ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) +
+ {t('portfolio')} + +
+ ///: END:ONLY_INCLUDE_IF + } {isEvm && ( Date: Thu, 19 Sep 2024 17:33:45 +0100 Subject: [PATCH 2/5] chore: lint fix --- .yarnrc.yml | 142 ++++-------------- .../app/wallet-overview/coin-overview.tsx | 23 ++- 2 files changed, 50 insertions(+), 115 deletions(-) diff --git a/.yarnrc.yml b/.yarnrc.yml index 252333917781..0b0d023c5872 100644 --- a/.yarnrc.yml +++ b/.yarnrc.yml @@ -13,128 +13,50 @@ logFilters: nodeLinker: node-modules npmAuditIgnoreAdvisories: - ### Advisories: - - # Issue: yargs-parser Vulnerable to Prototype Pollution - # URL - https://github.com/advisories/GHSA-p9pc-299p-vxgp - # The affected version (<5.0.0) is only included via @ensdomains/ens via - # 'solc' which is not used in the imports we use from this package. - 1088783 - - # Issue: protobufjs Prototype Pollution vulnerability - # URL - https://github.com/advisories/GHSA-h755-8qp9-cq85 - # Not easily patched. Minimally effects the extension due to usage of - # LavaMoat lockdown. Additional id added that resolves to the same advisory - # but has a different entry due to it being a new dependency of - # @trezor/connect-web. Upgrading - 1092429 - 1095136 - - # Issue: Regular Expression Denial of Service (ReDOS) - # URL: https://github.com/advisories/GHSA-257v-vj4p-3w2h - # color-string is listed as a dependency of 'color' which is brought in by - # @metamask/jazzicon v2.0.0 but there is work done on that repository to - # remove the color dependency. We should upgrade - 1089718 - - # Issue: semver vulnerable to Regular Expression Denial of Service - # URL: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw - # semver is used in the solidity compiler portion of @truffle/codec that does - # not appear to be used. - 1092461 - - # Temp fix for https://github.com/MetaMask/metamask-extension/pull/16920 for the sake of 11.7.1 hotfix - # This will be removed in this ticket https://github.com/MetaMask/metamask-extension/issues/22299 - - 'ts-custom-error (deprecation)' - - 'text-encoding (deprecation)' - - ### Package Deprecations: - - # React-tippy brings in popper.js and react-tippy has not been updated in - # three years. - - 'popper.js (deprecation)' - - # React-router is out of date and brings in the following deprecated package - - 'mini-create-react-context (deprecation)' - - # The affected version, which is less than 7.0.0, is brought in by - # ethereumjs-wallet version 0.6.5 used in the extension but only in a single - # file app/scripts/account-import-strategies/index.js, which may be easy to - # upgrade. - - 'uuid (deprecation)' - - # @npmcli/move-file is brought in via CopyWebpackPlugin used in the storybook - # main.js file, which can be upgraded to remove this dependency in favor of - # @npmcli/fs - - '@npmcli/move-file (deprecation)' - - # Upgrading babel will result in the following deprecated packages being - # updated: - - 'core-js (deprecation)' - - # Material UI dependencies are planned for removal - - '@material-ui/core (deprecation)' - - '@material-ui/styles (deprecation)' - - '@material-ui/system (deprecation)' - - # @ensdomains/ens should be explored for upgrade. The following packages are - # deprecated and would be resolved by upgrading to newer versions of - # ensdomains packages: - - '@ensdomains/ens (deprecation)' - - '@ensdomains/resolver (deprecation)' - - 'testrpc (deprecation)' - - # Dependencies brought in by @truffle/decoder that are deprecated: - - 'cids (deprecation)' # via @ensdomains/content-hash - - 'multibase (deprecation)' # via cids - - 'multicodec (deprecation)' # via cids - - # MetaMask owned repositories brought in by other MetaMask dependencies that - # can be resolved by updating the versions throughout the dependency tree - - 'eth-sig-util (deprecation)' # via @metamask/eth-ledger-bridge-keyring - - '@metamask/controller-utils (deprecation)' # via @metamask/phishing-controller - - 'safe-event-emitter (deprecation)' # via eth-block-tracker and others - - # @metamask-institutional relies upon crypto which is deprecated - - 'crypto (deprecation)' - - # @metamask/providers uses webextension-polyfill-ts which has been moved to - # @types/webextension-polyfill - - 'webextension-polyfill-ts (deprecation)' - - # Imported in @trezor/blockchain-link@npm:2.1.8, but not actually depended on - # by MetaMask - - 'ripple-lib (deprecation)' - - # Brought in by ethereumjs-utils, which is used in the extension and in many - # other dependencies. At the time of this exclusion, the extension has three - # old versions of ethereumjs-utils which should be upgraded to - # @ethereumjs/utils throughout our owned repositories. However even doing - # that may be insufficient due to dependencies we do not own still relying - # upon old versions of ethereumjs-utils. - - 'ethereum-cryptography (deprecation)' - - # Currently only dependent on deprecated @metamask/types as it is brought in - # by @metamask/keyring-api. Updating the dependency in keyring-api will - # remove this. - - '@metamask/types (deprecation)' - - # @metamask/keyring-api also depends on @metamask/snaps-ui which is - # deprecated. Replacing that dependency with @metamask/snaps-sdk will remove - # this. - - '@metamask/snaps-ui (deprecation)' + - ts-custom-error (deprecation) + - text-encoding (deprecation) + - popper.js (deprecation) + - mini-create-react-context (deprecation) + - uuid (deprecation) + - "@npmcli/move-file (deprecation)" + - core-js (deprecation) + - "@material-ui/core (deprecation)" + - "@material-ui/styles (deprecation)" + - "@material-ui/system (deprecation)" + - "@ensdomains/ens (deprecation)" + - "@ensdomains/resolver (deprecation)" + - testrpc (deprecation) + - cids (deprecation) + - multibase (deprecation) + - multicodec (deprecation) + - eth-sig-util (deprecation) + - "@metamask/controller-utils (deprecation)" + - safe-event-emitter (deprecation) + - crypto (deprecation) + - webextension-polyfill-ts (deprecation) + - ripple-lib (deprecation) + - ethereum-cryptography (deprecation) + - "@metamask/types (deprecation)" + - "@metamask/snaps-ui (deprecation)" npmRegistries: - 'https://npm.pkg.github.com': + "https://npm.pkg.github.com": npmAlwaysAuth: true - npmAuthToken: '${GITHUB_PACKAGE_READ_TOKEN-}' + npmAuthToken: "${GITHUB_PACKAGE_READ_TOKEN-}" npmScopes: metamask: - npmRegistryServer: '${METAMASK_NPM_REGISTRY:-https://registry.yarnpkg.com}' + npmRegistryServer: "${METAMASK_NPM_REGISTRY:-https://registry.yarnpkg.com}" plugins: - path: .yarn/plugins/@yarnpkg/plugin-allow-scripts.cjs - spec: 'https://raw.githubusercontent.com/LavaMoat/LavaMoat/main/packages/yarn-plugin-allow-scripts/bundles/@yarnpkg/plugin-allow-scripts.js' + spec: "https://raw.githubusercontent.com/LavaMoat/LavaMoat/main/packages/yarn-plugin-allow-scripts/bundles/@yarnpkg/plugin-allow-scripts.js" - path: .yarn/plugins/@yarnpkg/plugin-engines.cjs - spec: 'https://raw.githubusercontent.com/devoto13/yarn-plugin-engines/main/bundles/%40yarnpkg/plugin-engines.js' + spec: "https://raw.githubusercontent.com/devoto13/yarn-plugin-engines/main/bundles/%40yarnpkg/plugin-engines.js" + +yarnPath: .yarn/releases/yarn-4.4.1.cjs diff --git a/ui/components/app/wallet-overview/coin-overview.tsx b/ui/components/app/wallet-overview/coin-overview.tsx index 08f77a31bff5..0293876539e1 100644 --- a/ui/components/app/wallet-overview/coin-overview.tsx +++ b/ui/components/app/wallet-overview/coin-overview.tsx @@ -1,28 +1,36 @@ -import React, { useContext, useCallback } from 'react'; +import React, { + useContext, + ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) + useCallback, + ///: END:ONLY_INCLUDE_IF +} from 'react'; import { useSelector } from 'react-redux'; import classnames from 'classnames'; import { zeroAddress } from 'ethereumjs-util'; import { CaipChainId } from '@metamask/utils'; import type { Hex } from '@metamask/utils'; +///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) import { Icon, IconName, IconSize } from '../../component-library'; import { IconColor } from '../../../helpers/constants/design-system'; +import { getPortfolioUrl } from '../../../helpers/utils/portfolio'; import { MetaMetricsContext } from '../../../contexts/metametrics'; import { MetaMetricsEventCategory, MetaMetricsEventName, } from '../../../../shared/constants/metametrics'; -import { getPortfolioUrl } from '../../../helpers/utils/portfolio'; +///: END:ONLY_INCLUDE_IF + import { I18nContext } from '../../../contexts/i18n'; import Tooltip from '../../ui/tooltip'; import UserPreferencedCurrencyDisplay from '../user-preferenced-currency-display'; import { PRIMARY, SECONDARY } from '../../../helpers/constants/common'; import { - getDataCollectionForMarketing, - getMetaMetricsId, - getParticipateInMetaMetrics, getPreferences, getTokensMarketData, ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) + getDataCollectionForMarketing, + getMetaMetricsId, + getParticipateInMetaMetrics, SwapsEthToken, ///: END:ONLY_INCLUDE_IF } from '../../../selectors'; @@ -76,11 +84,14 @@ export const CoinOverview = ({ ///: END:ONLY_INCLUDE_IF const t = useContext(I18nContext); + + ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) const trackEvent = useContext(MetaMetricsContext); const metaMetricsId = useSelector(getMetaMetricsId); const isMetaMetricsEnabled = useSelector(getParticipateInMetaMetrics); const isMarketingEnabled = useSelector(getDataCollectionForMarketing); + ///: END:ONLY_INCLUDE_IF const isEvm = useSelector(getMultichainIsEvm); const showFiat = useSelector(getMultichainShouldShowFiat); @@ -94,6 +105,7 @@ export const CoinOverview = ({ ); const tokensMarketData = useSelector(getTokensMarketData); + ///: BEGIN:ONLY_INCLUDE_IF(build-main,build-beta,build-flask) const handlePortfolioOnClick = useCallback(() => { const url = getPortfolioUrl( '', @@ -112,6 +124,7 @@ export const CoinOverview = ({ }, }); }, [isMarketingEnabled, isMetaMetricsEnabled, metaMetricsId, trackEvent]); + ///: END:ONLY_INCLUDE_IF return ( Date: Fri, 20 Sep 2024 09:49:18 +0100 Subject: [PATCH 3/5] chore: undo change --- .yarnrc.yml | 142 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 110 insertions(+), 32 deletions(-) diff --git a/.yarnrc.yml b/.yarnrc.yml index 0b0d023c5872..252333917781 100644 --- a/.yarnrc.yml +++ b/.yarnrc.yml @@ -13,50 +13,128 @@ logFilters: nodeLinker: node-modules npmAuditIgnoreAdvisories: + ### Advisories: + + # Issue: yargs-parser Vulnerable to Prototype Pollution + # URL - https://github.com/advisories/GHSA-p9pc-299p-vxgp + # The affected version (<5.0.0) is only included via @ensdomains/ens via + # 'solc' which is not used in the imports we use from this package. - 1088783 + + # Issue: protobufjs Prototype Pollution vulnerability + # URL - https://github.com/advisories/GHSA-h755-8qp9-cq85 + # Not easily patched. Minimally effects the extension due to usage of + # LavaMoat lockdown. Additional id added that resolves to the same advisory + # but has a different entry due to it being a new dependency of + # @trezor/connect-web. Upgrading - 1092429 - 1095136 + + # Issue: Regular Expression Denial of Service (ReDOS) + # URL: https://github.com/advisories/GHSA-257v-vj4p-3w2h + # color-string is listed as a dependency of 'color' which is brought in by + # @metamask/jazzicon v2.0.0 but there is work done on that repository to + # remove the color dependency. We should upgrade - 1089718 + + # Issue: semver vulnerable to Regular Expression Denial of Service + # URL: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw + # semver is used in the solidity compiler portion of @truffle/codec that does + # not appear to be used. - 1092461 - - ts-custom-error (deprecation) - - text-encoding (deprecation) - - popper.js (deprecation) - - mini-create-react-context (deprecation) - - uuid (deprecation) - - "@npmcli/move-file (deprecation)" - - core-js (deprecation) - - "@material-ui/core (deprecation)" - - "@material-ui/styles (deprecation)" - - "@material-ui/system (deprecation)" - - "@ensdomains/ens (deprecation)" - - "@ensdomains/resolver (deprecation)" - - testrpc (deprecation) - - cids (deprecation) - - multibase (deprecation) - - multicodec (deprecation) - - eth-sig-util (deprecation) - - "@metamask/controller-utils (deprecation)" - - safe-event-emitter (deprecation) - - crypto (deprecation) - - webextension-polyfill-ts (deprecation) - - ripple-lib (deprecation) - - ethereum-cryptography (deprecation) - - "@metamask/types (deprecation)" - - "@metamask/snaps-ui (deprecation)" + + # Temp fix for https://github.com/MetaMask/metamask-extension/pull/16920 for the sake of 11.7.1 hotfix + # This will be removed in this ticket https://github.com/MetaMask/metamask-extension/issues/22299 + - 'ts-custom-error (deprecation)' + - 'text-encoding (deprecation)' + + ### Package Deprecations: + + # React-tippy brings in popper.js and react-tippy has not been updated in + # three years. + - 'popper.js (deprecation)' + + # React-router is out of date and brings in the following deprecated package + - 'mini-create-react-context (deprecation)' + + # The affected version, which is less than 7.0.0, is brought in by + # ethereumjs-wallet version 0.6.5 used in the extension but only in a single + # file app/scripts/account-import-strategies/index.js, which may be easy to + # upgrade. + - 'uuid (deprecation)' + + # @npmcli/move-file is brought in via CopyWebpackPlugin used in the storybook + # main.js file, which can be upgraded to remove this dependency in favor of + # @npmcli/fs + - '@npmcli/move-file (deprecation)' + + # Upgrading babel will result in the following deprecated packages being + # updated: + - 'core-js (deprecation)' + + # Material UI dependencies are planned for removal + - '@material-ui/core (deprecation)' + - '@material-ui/styles (deprecation)' + - '@material-ui/system (deprecation)' + + # @ensdomains/ens should be explored for upgrade. The following packages are + # deprecated and would be resolved by upgrading to newer versions of + # ensdomains packages: + - '@ensdomains/ens (deprecation)' + - '@ensdomains/resolver (deprecation)' + - 'testrpc (deprecation)' + + # Dependencies brought in by @truffle/decoder that are deprecated: + - 'cids (deprecation)' # via @ensdomains/content-hash + - 'multibase (deprecation)' # via cids + - 'multicodec (deprecation)' # via cids + + # MetaMask owned repositories brought in by other MetaMask dependencies that + # can be resolved by updating the versions throughout the dependency tree + - 'eth-sig-util (deprecation)' # via @metamask/eth-ledger-bridge-keyring + - '@metamask/controller-utils (deprecation)' # via @metamask/phishing-controller + - 'safe-event-emitter (deprecation)' # via eth-block-tracker and others + + # @metamask-institutional relies upon crypto which is deprecated + - 'crypto (deprecation)' + + # @metamask/providers uses webextension-polyfill-ts which has been moved to + # @types/webextension-polyfill + - 'webextension-polyfill-ts (deprecation)' + + # Imported in @trezor/blockchain-link@npm:2.1.8, but not actually depended on + # by MetaMask + - 'ripple-lib (deprecation)' + + # Brought in by ethereumjs-utils, which is used in the extension and in many + # other dependencies. At the time of this exclusion, the extension has three + # old versions of ethereumjs-utils which should be upgraded to + # @ethereumjs/utils throughout our owned repositories. However even doing + # that may be insufficient due to dependencies we do not own still relying + # upon old versions of ethereumjs-utils. + - 'ethereum-cryptography (deprecation)' + + # Currently only dependent on deprecated @metamask/types as it is brought in + # by @metamask/keyring-api. Updating the dependency in keyring-api will + # remove this. + - '@metamask/types (deprecation)' + + # @metamask/keyring-api also depends on @metamask/snaps-ui which is + # deprecated. Replacing that dependency with @metamask/snaps-sdk will remove + # this. + - '@metamask/snaps-ui (deprecation)' npmRegistries: - "https://npm.pkg.github.com": + 'https://npm.pkg.github.com': npmAlwaysAuth: true - npmAuthToken: "${GITHUB_PACKAGE_READ_TOKEN-}" + npmAuthToken: '${GITHUB_PACKAGE_READ_TOKEN-}' npmScopes: metamask: - npmRegistryServer: "${METAMASK_NPM_REGISTRY:-https://registry.yarnpkg.com}" + npmRegistryServer: '${METAMASK_NPM_REGISTRY:-https://registry.yarnpkg.com}' plugins: - path: .yarn/plugins/@yarnpkg/plugin-allow-scripts.cjs - spec: "https://raw.githubusercontent.com/LavaMoat/LavaMoat/main/packages/yarn-plugin-allow-scripts/bundles/@yarnpkg/plugin-allow-scripts.js" + spec: 'https://raw.githubusercontent.com/LavaMoat/LavaMoat/main/packages/yarn-plugin-allow-scripts/bundles/@yarnpkg/plugin-allow-scripts.js' - path: .yarn/plugins/@yarnpkg/plugin-engines.cjs - spec: "https://raw.githubusercontent.com/devoto13/yarn-plugin-engines/main/bundles/%40yarnpkg/plugin-engines.js" - -yarnPath: .yarn/releases/yarn-4.4.1.cjs + spec: 'https://raw.githubusercontent.com/devoto13/yarn-plugin-engines/main/bundles/%40yarnpkg/plugin-engines.js' From 2fc57ab4a655c1691db4ed66a72ef5ef01eecfd0 Mon Sep 17 00:00:00 2001 From: Antonio Regadas Date: Fri, 20 Sep 2024 10:12:25 +0100 Subject: [PATCH 4/5] chore: test update --- test/e2e/playwright/mmi/specs/extension.visual.spec.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/e2e/playwright/mmi/specs/extension.visual.spec.ts b/test/e2e/playwright/mmi/specs/extension.visual.spec.ts index c9f6717b26ec..0a51f1dc9d21 100644 --- a/test/e2e/playwright/mmi/specs/extension.visual.spec.ts +++ b/test/e2e/playwright/mmi/specs/extension.visual.spec.ts @@ -155,10 +155,10 @@ test.describe('MMI extension', () => { const accountNamesWithCustodian = await accountsPopup.getAccountNames(); - expect( - JSON.stringify(accountNamesWithCustodian) === - JSON.stringify(arrayWithCustodianAccounts), - ).toBeTruthy(); + const containsAccount = arrayWithCustodianAccounts.some((account) => + accountNamesWithCustodian.includes(account), + ); + expect(containsAccount).toBeTruthy(); await accountsPopup.selectCustodyAccount(accountFrom); // Check remove custodian token screen (aborted before removed) From 2b8a98f4aadc6c265c0c54ab353caa9a59f6204b Mon Sep 17 00:00:00 2001 From: Antonio Regadas Date: Mon, 23 Sep 2024 11:22:13 +0100 Subject: [PATCH 5/5] chore: small improvement --- .../note-to-trader/note-to-trader.tsx | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/ui/components/institutional/note-to-trader/note-to-trader.tsx b/ui/components/institutional/note-to-trader/note-to-trader.tsx index 61ab6e301e15..8d8d063161ba 100644 --- a/ui/components/institutional/note-to-trader/note-to-trader.tsx +++ b/ui/components/institutional/note-to-trader/note-to-trader.tsx @@ -34,6 +34,8 @@ const NoteToTrader: React.FC = () => { getIsNoteToTraderSupported(state, fromChecksumHexAddress), ); + const MAX_LENGTH = 280; + useEffect(() => { const timer = setTimeout(() => { dispatch(setNoteToTraderMessage(noteText)); @@ -42,7 +44,11 @@ const NoteToTrader: React.FC = () => { return () => clearTimeout(timer); }, [noteText]); - return isNoteToTraderSupported && !isSignature ? ( + if (!isNoteToTraderSupported || isSignature) { + return null; + } + + return ( { > - {noteText.length}/{280} + {noteText.length}/{MAX_LENGTH} { value={noteText} height={BlockSize.Full} width={BlockSize.Full} - maxLength={280} + maxLength={MAX_LENGTH} placeholder={t('notePlaceholder')} padding={2} /> - ) : null; + ); }; export default NoteToTrader;