release: 7.58.1#22219
Closed
sethkfman wants to merge 14 commits into
Closed
Conversation
Contributor
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
No dependency changes detected. Learn more about Socket for GitHub. 👍 No dependency changes detected in pull request |
| with: | ||
| build_type: 'main' | ||
| metamask_environment: 'e2e' | ||
| keystore_target: 'qa' |
Contributor
There was a problem hiding this comment.
Bug
The build-android-e2e workflow is being called with metamask_environment: 'e2e', but the android/app/build.gradle file expects METAMASK_ENVIRONMENT to be 'e2e' for proper signing configuration. However, the workflow previously defaulted to 'qa' and the change now sets it to 'e2e' explicitly. While this looks correct, there's a mismatch: the gradle.properties.github file is being copied (line 135 in build-android-e2e.yml) which may override this environment variable, and the build is using build_type: 'main' with keystore_target: 'qa' but environment 'e2e'. The signing configuration in android/app/build.gradle checks for METAMASK_ENVIRONMENT == 'e2e' to use signingConfigs.flaskE2e (line 347-348), but this is under the "flask" dimension block, not the "prod" dimension used by build_type: 'main'. This inconsistency means the main build with environment 'e2e' won't match any signing config properly.
| description: 'Repository name (owner/repo) for commenting (optional)' | ||
| required: false | ||
| description: 'Repository name (owner/repo) for commenting' | ||
| required: true |
Contributor
There was a problem hiding this comment.
Bug: Mandatory inputs cause PR-only mismatch in non-PR events
The inputs github-token, pr-number, and repository were changed from required: false to required: true, but the AI analysis script (ai-e2e-analysis.mjs) only uses PR_NUMBER from environment variables and doesn't receive or use the github-token or repository inputs. Additionally, the script is designed to skip analysis for non-PR events (line 79-83 in action.yml), but if these are now required, the workflow will fail when called on non-PR events (like schedule or push) because these inputs won't have valid values. The check at line 79 if [[ "$EVENT_NAME" == "pull_request" ]] will cause these required inputs to be unused in non-PR scenarios, creating a contradiction.
This was referenced Nov 6, 2025
… issues (#22268) - refactor(card): sonarcloud maintainability issues (#22221) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> This PR addresses several maintainability issues reported by SonarCloud: 🔗 [View related issues on SonarCloud](https://sonarcloud.io/project/issues?id=metamask-mobile&pullRequest=22058&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true) Additionally, it reverts a temporary workaround previously added for Android to prevent a crash occurring when users navigated through the KYC WebView. The root cause of the WebView crash has been resolved in a separate PR, making the temporary fix unnecessary. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Reverted temporary workaround for KYC WebView crash (issue resolved in upstream fix). ## **Related issues** Fixes: ## **Manual testing steps** ```gherkin Feature: my feature name Scenario: user [verb for user action] Given [describe expected initial app state] When user [verb for user action] Then [describe expected outcome] ``` ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [x] I’ve followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile Coding Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Unifies KYC to in-app WebView, refactors asset selection and balance/allowance calculations, tightens onboarding routing, enhances SDK logging, and adds extensive tests. > > - **KYC/Onboarding**: > - Route: `OnboardingNavigator` now requires `user.countryOfNationality` before address; adds tests for new routing paths. > - Verify: `VerifyIdentity` always navigates to `CARD.ONBOARDING.WEBVIEW`; removes platform-specific browser logic; updates tests. > - **Asset Selection** (`AssetSelectionBottomSheet.tsx`): > - Extracts helpers for Linea chain filtering, network processing, token mapping/deduping, address resolution, and sorting. > - Filters by user location and optionally hides Solana; treats `Limited` as delegated for priority updates. > - Refactors list rendering via `renderBottomSheetContent`; preserves `allowanceState` when updating priority. > - **Balances/Allowances** (`useAssetBalances.tsx`): > - Adds helpers for balance source selection, Solana/EVM fiat calc, proportional fiat fallback, and asset building. > - Normalizes parsing/formatting and returns richer balance info; large test suite added covering edge cases. > - **Card Home** (`CardHome.tsx`): > - `enableCardAction` logs errors and shows toast; fetches token and opens selection when provisioned. > - Tests added for enable flow button states and interactions. > - **External Wallet/Priority Token**: > - `useGetCardExternalWalletDetails`: factors allowance-state calc; maps totals safely. > - `useGetPriorityCardToken`: minor robustness (nullish coalescing, warning flow); more tests. > - **SDK** (`CardSDK.ts`): > - Improves error logging/handling across wallet details and provisioning; minor code cleanup. > - **Types**: > - `UserResponse` adds `countryOfNationality`. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 1e1b50b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> [a2bee21](a2bee21) Co-authored-by: Bruno Nascimento <brunonascimentodev@gmail.com>
This was referenced Nov 6, 2025
This was referenced Nov 6, 2025
<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->
## **Description**
<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->
## **Changelog**
<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`
If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`
(This helps the Release Engineer do their job more quickly and
accurately)
-->
CHANGELOG entry:
## **Related issues**
Fixes:
## **Manual testing steps**
```gherkin
Feature: my feature name
Scenario: user [verb for user action]
Given [describe expected initial app state]
When user [verb for user action]
Then [describe expected outcome]
```
## **Screenshots/Recordings**
<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->
### **Before**
<!-- [screenshots/recordings] -->
### **After**
<!-- [screenshots/recordings] -->
## **Pre-merge author checklist**
- [ ] I’ve followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Update CHANGELOG with 7.58.1 fixes/refactor and add the 7.58.1 compare
link.
>
> - **Changelog (`CHANGELOG.md`)**:
> - **7.58.1** release notes added:
> - **Fixed**: Android in-app browser crash; KYC webview crash on
Android; onboarding UI issues; card delegation issues; remove selected
network reference from bridge `getBridgeERC20Allowance` handler.
> - **Changed**: Card refactor to address SonarCloud maintainability
issues.
> - Add compare link reference for `7.58.1`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
82dc3bf. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
vpintorico
previously approved these changes
Nov 7, 2025
joaoloureirop
previously approved these changes
Nov 7, 2025
The purpose of this task is to fix the `yarn audi:ci` issues that popped up for `react-native-community/cli` packages due to a recent vulnerability related to bash commands being executed from within that package <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Adds `npmAuditIgnoreAdvisories: [1109627]` to `.yarnrc.yml` to temporarily suppress `@react-native-community/cli` audit failures and unblock CI. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 65be265. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Luis Taniça <matallui@gmail.com>
7d23625
joaoloureirop
previously approved these changes
Nov 10, 2025
|
The merge-base changed after approval.
This was referenced Nov 13, 2025
Merged
cortisiko
previously approved these changes
Dec 4, 2025
The merge-base changed after approval.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Hot fix release for 7.58.1
Changelog
CHANGELOG entry: null
Related issues
Fixes:
Manual testing steps
Screenshots/Recordings
Before
After
Pre-merge author checklist
Pre-merge reviewer checklist
Note
Hotfix 7.58.1 updates Card balances/limits and consent flow, patches SDK/bridge/WebView, improves onboarding/KYC UX, adds cached data hooks, and bumps app/CI versions.
useAssetBalancewith newuseAssetBalances; update CardHome to show pull-to-refresh, fallback balance formatting, and newSpendingLimitProgressBarwith “close to limit” warning; hide spending-limit management on Solana.AssetSelectionBottomSheet: unified balance sourcing, sorting/filtering (incl. Solana), priority-token updates with toasts and metrics, and route-param wiring.SpendingLimitflow: safer navigation blocking, custom limit input, paramized routing, improved metrics and error handling.createOnboardingConsentandlinkUserToConsent; storeconsentSetIdin Redux; update Physical/Mailing Address flows to link post-registration.@metamask/bridge-controller(provider by chainId, newgetNetworkClientByChainId);useGetDelegationSettings+ caching; refactoruseGetCardExternalWalletDetailswith timeout and auto-fetch; add safesafeFormatChainIdToHex,mapCaipChainIdToChainNameutils.Written by Cursor Bugbot for commit 7d23625. This will update automatically on new commits. Configure here.