feat: OmniSearch integration in WebBrowser

[MarioAslau]

PR Title

feat: integrate omni-search into in-app browser URL bar

---

Description

This PR integrates the omni-search feature (originally developed for the Explore page) into the in-app browser's URL search bar.

Motivation

• Users should have a unified search experience across the app
• The browser URL bar should leverage the same powerful search capabilities as the Explore page
• Sites should be prioritized in browser context while still providing access to tokens, perps, and predictions

Changes

1. Integrated useExploreSearch hook into UrlAutocomplete component with configurable section ordering
2. Added section order customization - Browser prioritizes Sites first, followed by filtered Recents/Favorites, then Tokens, Perps, and Predictions
3. Re-introduced Fuse.js filtering for Recents and Favorites when user types a query
4. Added proper context providers - Wrapped search content with PerpsConnectionProvider and PerpsStreamProvider
5. Reused existing components - TrendingTokenLogo and PerpsTokenLogo for consistent icon rendering
6. Fixed token navigation - Tokens now navigate to the main Asset route with proper slide-from-right animation
7. Preserved search results - Added flag-based mechanism to keep autocomplete visible when returning from token/perps/predictions detail screens

Technical Details

• Modified useExploreSearch to accept sectionsOrder option for flexible display ordering
• Added exhaustive type checking with error logging for unknown section IDs
• Updated TokenSearchResult type to include assetId for proper logo rendering
• Handled native token addresses (slip44: prefix) using NATIVE_SWAPS_TOKEN_ADDRESS

Changelog

CHANGELOG entry: Added omni-search integration to the in-app browser URL bar, allowing users to search for sites, tokens, perpetuals, and predictions directly from the browser

Related issues

Fixes:

Manual testing steps

Feature: Omni-search in browser URL bar

  Scenario: User sees empty state with Recents and Favorites
    Given the user is on the in-app browser tab
    
    When user taps the URL bar
    Then user sees "Recents" section with recent browsing history
    And user sees "Favorites" section with bookmarked sites

  Scenario: User searches and sees omni-search results
    Given the user has tapped the URL bar
    
    When user types "eth" in the search bar
    Then user sees "Sites" section first (if matching sites exist)
    And user sees filtered "Recents" matching the query
    And user sees filtered "Favorites" matching the query
    And user sees "Trending tokens" section with matching tokens
    And user sees "Perps" section with matching perpetuals
    And user sees "Predictions" section with matching predictions

  Scenario: User taps on a token result
    Given the user has searched and sees token results
    
    When user taps on a token result (e.g., "Ethereum")
    Then the token detail screen slides in from the right
    And when user navigates back, the search results are still visible

  Scenario: User taps on a perps result
    Given the user has searched and sees perps results
    
    When user taps on a perps result (e.g., "ETH-USD")
    Then the perps detail screen opens
    And when user navigates back, the search results are still visible

  Scenario: User taps on a site result
    Given the user has searched and sees site results
    
    When user taps on a site result
    Then the browser navigates to that site
    And the autocomplete closes

Screenshots/Recordings

Before

After

OmniSearchFunctionality.mov

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Files Changed

Core Implementation

• app/components/UI/UrlAutocomplete/index.tsx - Main autocomplete component with omni-search integration
• app/components/UI/UrlAutocomplete/Result.tsx - Updated result rendering with TrendingTokenLogo and PerpsTokenLogo
• app/components/UI/UrlAutocomplete/types.ts - Added assetId to TokenSearchResult, added PerpsSearchResult and PredictionsSearchResult
• app/components/UI/UrlAutocomplete/UrlAutocomplete.constants.ts - Added BROWSER_SEARCH_SECTIONS_ORDER and TOKEN_LOGO_API_BASE_URL

Hook Modifications

• app/components/Views/TrendingView/hooks/useExploreSearch.ts - Added sectionsOrder option for flexible section ordering

Navigation

• app/components/Views/BrowserTab/BrowserTab.tsx - Updated onSelect handler for proper token navigation and search result preservation

Localization

• locales/languages/en.json - Updated autocomplete section names for consistency ("Trending tokens", "Perps")

Test Fixes

• app/components/Views/DiscoveryTab/index.test.tsx - Added assetId to mock TokenSearchResult
• app/components/Views/DiscoveryTab/DiscoveryTab.tsx - Fixed type checking for url property
• app/components/Views/TrendingView/components/ExploreSearchResults/ExploreSearchResults.test.tsx - Added sectionsOrder to mock return values

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[NicolasMassart]

Solid work, needs some refinement before merge.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​metamask/​snaps-utils@​11.7.1 ⏵ 11.7.0	+1		+1
	npm/​@​metamask/​snaps-rpc-methods@​14.2.0 ⏵ 14.1.1	-1		-24	-3	-50
	npm/​@​metamask/​snaps-execution-environments@​10.4.1 ⏵ 10.3.0	+6
	npm/​@​metamask/​keyring-controller@​25.1.0 ⏵ 25.0.0	+1			+3
	npm/​@​metamask/​bridge-status-controller@​64.4.5 ⏵ 64.4.4
	npm/​@​metamask/​snaps-sdk@​10.3.0
	npm/​@​metamask/​bridge-controller@​64.8.2 ⏵ 64.8.1				+1
	npm/​@​metamask/​smart-transactions-controller@​22.3.0 ⏵ 22.1.0				-4
	npm/​@​metamask/​assets-controllers@​97.0.0 ⏵ 95.3.0	-2
	npm/​@​metamask/​network-enablement-controller@​4.1.0 ⏵ 3.1.0	+1			+2
	npm/​@​metamask/​snaps-controllers@​17.2.1 ⏵ 17.2.0	+7		+25	+5	+50

View full report

[socket-security]

Caution

MetaMask internal reviewing guidelines:

• Do not ignore-all
• Each alert has instructions on how to review if you don't know what it means. If lost, ask your Security Liaison or the supply-chain group
• Copy-paste ignore lines for specific packages or a group of one kind with a note on what research you did to deem it safe.
  @SocketSecurity ignore npm/PACKAGE@VERSION

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		Network access: npm @metamask/snaps-sdk in module globalThis["fetch"] Module: globalThis["fetch"] Location: Package overview From: package.json → npm/@metamask/snaps-sdk@10.3.0 ℹ Read more on: This package | This alert | What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@metamask/snaps-sdk@10.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeConfirmationsRedesigned, SmokeTrade, SmokeCard, SmokeAccounts, SmokeNetworkAbstractions, SmokeWalletPlatform, FlaskBuildTests
• Risk Level: high
• AI Confidence: 72%

click to see 🤖 AI reasoning details

This is a large PR with 100 changed files spanning multiple critical areas:

1. Approval/Confirmation Components (Critical): Changes to SignatureApproval.tsx and TransactionApproval.tsx which are imported by RootRPCMethodsUI.js - the central component handling all RPC method approvals including signatures, transactions, and dApp interactions. This requires SmokeConfirmationsRedesigned and FlaskBuildTests (for snap-related approvals).

2. CI/Workflow Infrastructure (Critical): Multiple workflow files changed including ci.yml, smart-e2e-selection/action.yml, and related scripts. These affect the E2E test infrastructure itself.

3. Bridge Components: Extensive changes to app/components/UI/Bridge/ including BridgeView, token selectors, and multiple hooks (useTokenSelection, useInsufficientBalance, usePopularTokens, etc.). This requires SmokeTrade.

4. Earn Components: Changes to app/components/UI/Earn/ including EarnInputView, EarnWithdrawInputView, MerklRewards, and EarnTransactionMonitor. These affect staking/lending features.

5. Card Components: Changes to app/components/UI/Card/ including CardAuthentication, onboarding components, and useOpenSwaps hook. This requires SmokeCard.

6. Asset Overview: Changes to AssetOverview, Balance, and Price components which display token information.

7. Navigation: Changes to App.tsx and MainNavigator.js which affect app-wide navigation.

8. Network Connection Banner: New actions for network connection status which affects network management.

9. Android Debug Configuration: Changes to AndroidManifest.xml.

The changes to approval components (SignatureApproval, TransactionApproval) and RootRPCMethodsUI are particularly critical as they handle all transaction and signature confirmations. The Bridge and Earn changes are extensive and affect trading functionality. The CI workflow changes affect test infrastructure.

View GitHub Actions results

[sonarqubecloud]

Quality Gate failed

Failed conditions
52.9% Coverage on New Code (required ≥ 80%)
13.5% Duplication on New Code (required ≤ 10%)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

[MarioAslau]

Remade PR on a new branch due to main merge polluting this branch. New PR: #25358