chore: updated DSRN to v22

[brianacnguyen]

Description

This PR bumps @metamask/design-system-react-native from 0.21.0 to 0.22.0 (with @metamask/design-system-shared 0.14.0 → 0.15.0 via the lockfile).

0.22.0 changes the design-system TextField and TextFieldSearch contract: native TextInput props must be passed under inputProps, imperative access to the real input uses inputRef instead of ref, root ref targets the outer container, placeholderTextColor is not supported on the public TextField API, and spellings like isReadonly are normalized to isReadOnly in the design system (not used in these edits).

This branch updates every in-repo consumer that imports TextField / TextFieldSearch from @metamask/design-system-react-native so types and runtime behavior match the new API (Login, OAuth rehydration, choose/reset password, manual backup, rewards onboarding referral field, reveal SRP password entry, trending explore search, and card authentication). CardAuthentication now imports TextField from the design system and uses the same inputProps split so yarn lint:tsc stays green after the upgrade.

Unit tests were adjusted where they assumed the old structure (CardAuthentication helpers; OnboardingMainStep mock forwards inputProps.testID to the inner input).

---

Changelog

CHANGELOG entry: null

---

Related issues

Fixes:

---

Manual testing steps

Feature: Design system 0.22 TextField usage

  Scenario: User unlocks with password on Login
    Given the app shows the Login screen with password field
    When the user enters a password and submits unlock
    Then unlock proceeds as before and the password field still accepts input and device auth affordances behave as before

  Scenario: User sets password during onboarding
    Given the app shows Choose Password (or Reset Password) with new and confirm fields
    When the user fills both fields and moves focus between fields (e.g. Next on keyboard)
    Then focus and submit behavior match expectations and no layout regressions appear on the fields

  Scenario: User completes card email/password or OTP step
    Given the app shows Card authentication (email/password or OTP)
    When the user types in email, password, or OTP fields and toggles password visibility
    Then values update correctly and login/OTP actions still work

  Scenario: User enters a rewards referral code (if that flow is enabled)
    Given Rewards onboarding shows the referral code field
    When the user types up to six characters
    Then validation and UI feedback behave as before

  Scenario: User searches on Explore (interactive search bar)
    Given Trending Explore shows the interactive search bar
    When the user types a query and uses clear/cancel
    Then search text and clear behavior work as before

---

Screenshots/Recordings

Before

After

---

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Performance checks (if applicable)

• I've tested on Android
• I've tested with a power user scenario
• I've instrumented key operations with Sentry traces for production performance metrics

---

Pre-merge reviewer checklist

(Reviewer completes.)

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Medium Risk
Updates a shared UI dependency and refactors multiple password/authentication inputs (login, reset/choose password, card auth, OAuth rehydration), so regressions in text entry, focus/submit behavior, and testIDs are possible despite mostly mechanical changes.

Overview
Bumps @metamask/design-system-react-native to 0.22.0 (and @metamask/design-system-shared via lockfile), and migrates in-app consumers to the new TextField/TextFieldSearch API.

All affected screens now pass native TextInput props via inputProps and use inputRef for imperative focus/clear, with updates to testIDs and E2E selectors (notably Explore/Trending search) to target the inner text input.

Adjusts unit tests/mocks to align with the new component contract (e.g., inputProps.testID forwarding and simpler value assertions).

^{Reviewed by Cursor Bugbot for commit 6815add. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​metamask/​design-system-react-native@​0.21.0 ⏵ 0.22.0				+1

View full report

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring alerts on:

• npm/@metamask/design-system-react-native@0.22.0

View full report

[brianacnguyen]

@SocketSecurity ignore npm/@metamask/design-system-react-native@0.22.0

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 4d13db1. Configure here.}

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeWalletPlatform, SmokeAccounts, SmokeSeedlessOnboarding, SmokeMoney, SmokeIdentity
• Selected Performance tags: None (no tests recommended)
• Risk Level: high
• AI Confidence: 85%

click to see 🤖 AI reasoning details

E2E Test Selection:
This PR upgrades @metamask/design-system-react-native from v0.21.0 to v0.22.0, which introduces a breaking API change to the TextField component: native TextInput props (like testID, secureTextEntry, autoCapitalize, onSubmitEditing, etc.) must now be passed via an inputProps object instead of directly on the component.

All affected components have been migrated to the new API:

1. Login/index.tsx - Password field testID moved to inputProps. This is critical because the login screen is the entry point for almost all E2E tests. If testID is not properly forwarded, many tests will fail to find the password input.

2. ChoosePassword/index.tsx - Both new password and confirm password fields migrated. Affects wallet creation onboarding flows.

3. ResetPassword/index.tsx - Password reset fields migrated. Affects reset password flows.

4. ManualBackupStep1/index.tsx - SRP backup password entry migrated. Affects SRP backup flows tested in SmokeAccounts and SmokeWalletPlatform.

5. OAuthRehydration/index.tsx - OAuth/seedless login password field migrated. Directly affects SmokeSeedlessOnboarding.

6. RevealPrivateCredential/components/PasswordEntry.tsx - SRP/private key reveal password entry migrated. Affects SmokeAccounts (SRP export flows).

7. CardAuthentication.tsx - OTP, email, and password fields migrated. Affects SmokeMoney card authentication flows.

8. OnboardingMainStep.tsx - Rewards referral code input migrated (minor impact).

9. ExploreSearchBar.tsx + TrendingView test files - Search input testID updated to new structure (explore-view-search-text-input). Directly affects SmokeWalletPlatform trending search tests.

The test infrastructure (selectors, page objects, spec file) for Trending search has been updated to match the new testID. However, the other components' testIDs remain the same values — they're just now passed via inputProps. The risk is whether the new TextField component properly forwards inputProps.testID to the underlying native TextInput element for Detox to find.

Tags selected:

• SmokeWalletPlatform: Trending search test updated + Login screen used in most wallet platform tests
• SmokeAccounts: ManualBackupStep1 (SRP backup) and RevealPrivateCredential (SRP/key export) password fields changed
• SmokeSeedlessOnboarding: OAuthRehydration password field changed + ChoosePassword onboarding flow changed
• SmokeMoney: CardAuthentication fields (OTP, email, password) all migrated to new API
• SmokeIdentity: Account sync flows go through login/onboarding screens affected by these changes; also related to SmokeAccounts per tag descriptions

Performance Test Selection:
The changes are API refactoring of the TextField component (moving props to inputProps) and a design system version bump. While the Login screen is affected, the actual rendering logic and performance characteristics are unchanged - only how props are passed to the underlying TextInput. No new data loading, state management changes, list rendering changes, or initialization changes that would impact performance metrics. The Trending search bar change is also purely a testID/prop forwarding change with no performance implications.

View GitHub Actions results

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.82%. Comparing base (51b6bbd) to head (6815add).
⚠️ Report is 32 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #29596      +/-   ##
==========================================
- Coverage   82.15%   81.82%   -0.33%     
==========================================
  Files        5178     5226      +48     
  Lines      137450   138583    +1133     
  Branches    31079    31456     +377     
==========================================
+ Hits       112924   113401     +477     
- Misses      16875    17452     +577     
- Partials     7651     7730      +79     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud