chore: Test InternalProvider preview builds

[rekmarks]

Description

Changelog

CHANGELOG entry:

Related issues

Fixes:

Manual testing steps

1. Go to this page...

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Extension Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[socket-security]

Caution

MetaMask internal reviewing guidelines:

• Do not ignore-all
• Each alert has instructions on how to review if you don't know what it means. If lost, ask your Security Liaison or the supply-chain group
• Copy-paste ignore lines for specific packages or a group of one kind with a note on what research you did to deem it safe.
  @SocketSecurity ignore npm/PACKAGE@VERSION

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		@metamask/eth-json-rpc-infura@10.3.0 has Unstable ownership. Author: metamaskbot From: ? → npm/@metamask/selected-network-controller@24.0.0 → npm/@metamask/eth-json-rpc-infura@10.3.0 ℹ Read more on: This package | This alert | What is unstable ownership? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Try to reduce the number of authors you depend on to reduce the risk to malicious actors gaining access to your supply chain. Packages should remove inactive collaborators with publishing rights from packages on npm. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@metamask/eth-json-rpc-infura@10.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		@metamask/eth-json-rpc-infura@10.3.0 has a New author. New Author: metamaskbot Previous Author: gudahtt From: ? → npm/@metamask/selected-network-controller@24.0.0 → npm/@metamask/eth-json-rpc-infura@10.3.0 ℹ Read more on: This package | This alert | What is new author? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@metamask/eth-json-rpc-infura@10.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[rekmarks]

@metamaskbot update-policies

[metamaskbot]

Policies updated.
👀 Please review the diff for suspicious new powers.

🧠 Learn how: https://lavamoat.github.io/guides/policy-diff/#what-to-look-for-when-reviewing-a-policy-diff

[metamaskbot]

✨ Files requiring CODEOWNER review ✨

🧩 @MetaMask/extension-devs (5 files, +40 -75)

• 📁 lavamoat/
  • 📁 browserify/
    • 📁 beta/
      • 📄 policy.json +8 -15
    • 📁 experimental/
      • 📄 policy.json +8 -15
    • 📁 flask/
      • 📄 policy.json +8 -15
    • 📁 main/
      • 📄 policy.json +8 -15
  • 📁 webpack/
    • 📄 policy.json +8 -15

---

📜 @MetaMask/policy-reviewers (5 files, +40 -75)

• 📁 lavamoat/
  • 📁 browserify/
    • 📁 beta/
      • 📄 policy.json +8 -15
    • 📁 experimental/
      • 📄 policy.json +8 -15
    • 📁 flask/
      • 📄 policy.json +8 -15
    • 📁 main/
      • 📄 policy.json +8 -15
  • 📁 webpack/
    • 📄 policy.json +8 -15

Tip

Follow the policy review process outlined in the LavaMoat Policy Review Process doc before expecting an approval from Policy Reviewers.

---

🔗 @MetaMask/supply-chain (5 files, +40 -75)

• 📁 lavamoat/
  • 📁 browserify/
    • 📁 beta/
      • 📄 policy.json +8 -15
    • 📁 experimental/
      • 📄 policy.json +8 -15
    • 📁 flask/
      • 📄 policy.json +8 -15
    • 📁 main/
      • 📄 policy.json +8 -15
  • 📁 webpack/
    • 📄 policy.json +8 -15

[metamaskbot]

❌ test-e2e-chrome-api-specs failed. View the html report here.

[metamaskbot]

📊 Page Load Benchmark Results

Current Commit: 2d166a5 | Date: 10/7/2025

📄 Localhost MetaMask Test Dapp

Samples: 100

Summary

• pageLoadTime-> current mean value: 1.06s (±75ms) 🟡 | historical mean value: 1.05s ⬆️ (historical data)
• domContentLoaded-> current mean value: 744ms (±72ms) 🟢 | historical mean value: 738ms ⬆️ (historical data)
• firstContentfulPaint-> current mean value: 80ms (±10ms) 🟢 | historical mean value: 79ms ⬆️ (historical data)

📈 Detailed Results

Metric	Mean	Std Dev	Min	Max	P95	P99
pageLoadTime	1.06s	75ms	1.03s	1.37s	1.32s	1.37s
domContentLoaded	744ms	72ms	708ms	1.02s	999ms	1.02s
firstPaint	80ms	10ms	60ms	160ms	88ms	160ms
firstContentfulPaint	80ms	10ms	60ms	160ms	88ms	160ms
largestContentfulPaint	0ms	0ms	0ms	0ms	0ms	0ms

---

Results generated automatically by MetaMask CI

[metamaskbot]

Builds ready [2d166a5]

• builds: chrome, firefox
• builds (beta): chrome, firefox
• builds (flask): chrome, firefox
• builds (test): chrome, firefox
• builds (test-flask): chrome, firefox
• build viz: Build System
• bundle size: Bundle Size Stats
• user-actions-benchmark: User Actions Stats
• storybook: Storybook
• typescript migration: Dashboard
• all artifacts
• bundle viz:

  • background: 0, 1, 2, 3, 4, 5, 6, 7, 8
  • common: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
  • ui: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14
  • content-script: 0
  • offscreen: 0

UI Startup Metrics (1240 ± 69 ms)

Platform	BuildType	Page	Metric	Mean (ms)	Min (ms)	Max (ms)	Std Dev (ms)	P 75 (ms)	P 95 (ms)
Chrome	Browserify	Home	uiStartup	1240	1106	1444	69	1288	1350
			load	1070	954	1234	62	1107	1188
			domContentLoaded	1064	950	1226	63	1102	1183
			domInteractive	19	13	139	14	16	39
			firstPaint	718	79	1199	436	1091	1144
			backgroundConnect	253	240	290	8	255	268
			firstReactRender	26	16	208	21	25	38
			getState	11	5	79	9	11	25
			initialActions	5	1	39	6	5	19
			loadScripts	818	710	981	63	861	937
			setupStore	8	6	31	4	9	13
	Webpack	Home	uiStartup	1904	1589	2395	174	2035	2204
			load	1565	1343	1866	113	1639	1778
			domContentLoaded	1551	1333	1858	114	1628	1768
			domInteractive	18	12	107	17	14	61
			firstPaint	281	56	1756	431	192	1568
			backgroundConnect	35	13	142	19	38	67
			firstReactRender	56	19	271	41	64	142
			getState	13	5	173	17	14	23
			initialActions	5	0	133	14	3	27
			loadScripts	1547	1331	1856	114	1624	1766
			setupStore	14	4	153	16	15	30
Firefox	Browserify	Home	uiStartup	1365	1189	1668	105	1432	1569
			load	1178	1039	1392	83	1235	1326
			domContentLoaded	1178	1039	1391	83	1235	1326
			domInteractive	99	31	254	48	107	228
			firstPaint	NaN	NaN	NaN	NaN	NaN	NaN
			backgroundConnect	27	18	62	8	32	44
			firstReactRender	28	24	41	3	28	37
			getState	7	3	98	11	5	17
			initialActions	2	0	25	3	2	10
			loadScripts	1157	1023	1375	82	1211	1300
			setupStore	9	4	78	13	6	47
	Webpack	Home	uiStartup	1524	1343	1955	124	1557	1814
			load	1326	1195	1656	91	1369	1528
			domContentLoaded	1326	1194	1656	91	1369	1528
			domInteractive	97	30	371	58	97	296
			firstPaint	NaN	NaN	NaN	NaN	NaN	NaN
			backgroundConnect	30	18	96	12	34	50
			firstReactRender	34	24	82	13	36	75
			getState	6	3	93	9	6	13
			initialActions	5	0	150	20	2	13
			loadScripts	1303	1179	1632	88	1347	1505
			setupStore	10	4	69	14	6	51

Bundle size diffs [🚀 Bundle size reduced!]

• background: -27.05 KiB (-0.6%)
• ui: -1 Bytes (0%)
• common: -2.01 KiB (-0.02%)