Conversation
… under certain conditions (#26726) (#26733) ## **Description** Fix issue where `wallet_addEthereumChain` does not attach a result to the response object when the currently selected rpcUrl matches the request. This would cause the request to get "stuck" in the `QueuedRequestController` queue, preventing the queue from progressing and causing confusing behavior. [](https://codespaces.new/MetaMask/metamask-extension/pull/26726?quickstart=1) ## **Related issues** Fixes: #26706 ## **Manual testing steps** 1. Go to https://chainlist.org/?chain=56&search=blast 2. Connect the wallet and add Blast Mainnet (For other chains it appears Chainlist cycles to the next rpcUrl you don't have which avoids this bug, so use Blast) 3. After successfully adding the network, attempt to add Blast again. Nothing should happen. 4. Then go to https://faucet.quicknode.com/blast/sepolia (or any dapp where your wallet isn't already connected) and attempt to connect 5. You should be able to connect as usual ## **Screenshots/Recordings** ### **Before** https://github.com/user-attachments/assets/b997027f-1c62-4279-87c6-0fe70989abb3 ### **After** https://github.com/user-attachments/assets/08307a88-8f6f-44cd-9b75-877aadb1805a ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> [](https://codespaces.new/MetaMask/metamask-extension/pull/26733?quickstart=1) ## **Related issues** Fixes: ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
## **Description** This PR cherry picks two improvements to the latest accounts controller migrations into the latest release. - #26742 - #26773 [](https://codespaces.new/MetaMask/metamask-extension/pull/26778?quickstart=1) ## **Related issues** Fixes: #26377 ## **Manual testing steps** ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: Monte Lai <monte.lai@consensys.net> Co-authored-by: Mark Stacey <markjstacey@gmail.com>
## **Description** Backports changes from MATIC - POL update, including state migration: #26671 [](https://codespaces.new/MetaMask/metamask-extension/pull/26780?quickstart=1) ## **Related issues** Fixes: MATIC ticker should now be POL. Should automatically update for users. ## **Manual testing steps** ## **Screenshots/Recordings** ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
…4.0.0` (#26143) (#26626) ## **Description** Cherry-pick of #26143 for ~v12.1.0-rc~ v12.1.1-rc. This is a very different PR from the original, as I had to remove diffs to a significant amount of code that has not yet been introduced to the release candidate. The diffs that were excluded here will need to be reapplied to a future release. I'm also keeping an eye out for new cherry-picks that may introduce changes requiring me to restore certain diffs. Aligning `@metamask/eth-block-tracker` to `^11.0.1` is deferred, as it's blocked by #26150, which is not included in this release candidate. The `@metamask/transaction-controller` major version bump from `^34.0.0` to `^35.1.1` is also removed for now. See below for new changelog. ## Changelog ### Added - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. ### Changed - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. ### Fixed - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. ### Security - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". ## **Manual testing steps** ## **Screenshots/Recordings** ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
## **Description** Update changelog for v12.1.1 [](https://codespaces.new/MetaMask/metamask-extension/pull/26824?quickstart=1) ## **Related issues** N/A ## **Manual testing steps** N/A ## **Screenshots/Recordings** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> [](https://codespaces.new/MetaMask/metamask-extension/pull/26827?quickstart=1) ## **Related issues** Fixes: ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
Version v12.1.1 RC
…4.0.0` (#26143) (#26626) Cherry-pick of #26143 for ~v12.1.0-rc~ v12.1.1-rc. This is a very different PR from the original, as I had to remove diffs to a significant amount of code that has not yet been introduced to the release candidate. The diffs that were excluded here will need to be reapplied to a future release. I'm also keeping an eye out for new cherry-picks that may introduce changes requiring me to restore certain diffs. Aligning `@metamask/eth-block-tracker` to `^11.0.1` is deferred, as it's blocked by #26150, which is not included in this release candidate. The `@metamask/transaction-controller` major version bump from `^34.0.0` to `^35.1.1` is also removed for now. See below for new changelog. - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
* origin/master: fix: Swaps UI should show POL not MATIC (#26827) chore: Update v12.1.1 changelog (#26824) cherry-pick(v12.1.1): Bump `@metamask/eth-json-rpc-middleware` to `^14.0.0` (#26143) (#26626) fix: Cherry pick `1b4417d` for 12.1.1 (#26780) chore(cherry-pick):759b92e to 12.1.1 (#26802) fix: cherry pick accounts controller migration improvements (#26778) cherrypick: fix: `wallet_addEthereumChain` does not attach a `result` under certain conditions (#26726) (#26733) Version v12.1.1
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
@metamaskbot update-policies |
|
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. Ignoring: Next stepsTake a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with |
|
Policies updated |
|
@SocketSecurity ignore npm/@storybook/addon-toolbars@7.6.20 New author OK (seems to be a storybook maintainer), and these releases are pretty old and were not flagged as malicious |
|
@metamaskbot update-policies |
|
Policies updated |
|
@metamaskbot update-policies |
|
No policy changes |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## Version-v12.2.0 #26842 +/- ##
===================================================
+ Coverage 70.16% 70.46% +0.30%
===================================================
Files 1402 1401 -1
Lines 49435 49590 +155
Branches 13585 13638 +53
===================================================
+ Hits 34685 34941 +256
+ Misses 14750 14649 -101 ☔ View full report in Codecov by Sentry. |
Builds ready [ee3ad72]
Page Load Metrics (237 ± 254 ms)
|
Builds ready [fa444cf]
Page Load Metrics (383 ± 353 ms)
|
danjm
left a comment
There was a problem hiding this comment.
Approved! I looked into each difference in file diffs between this PR and the v12.1.1 PR to master, and they all make sense.
On slack I asked: "My only uncertainty is the diff in app/scripts/lib/accounts/BalancesController.ts (https://github.com/MetaMask/metamask-extension/pull/26842/files#diff-0d3633900770a1833627e99171dba672e3dcbdd9e05a6437215fe455813bfd9c), even though it seems that this file was not changed in the v12.1.1 PR (https://github.com/MetaMask/metamask-extension/pull/26730/files)"
And the answer: "Those changes were made as part of cherry-picking this commit: https://github.com/MetaMask/metamask-extension/commit/27655eb8e3a125212484ee23a659e85f6c328290#diff-0d3633900770a1833627[…]9e05a6437215fe455813bfd9c
It required additional changes because this file was in v12.2.0, but it was not present in v12.1.1"
So LGTM
Description
Update v12.2.0 with changes from v12.1.1
Related issues
N/A
Manual testing steps
N/A
Screenshots/Recordings
N/A
Pre-merge author checklist
Pre-merge reviewer checklist