fix(analytics): normalise Segment proxy URL to fix invalid-URL error in 2.23.0 cp-7.78.0

[tommasini]

Summary

@segment/analytics-react-native 2.23.0 introduced a strict validateURL regex via PR #1157 that only allows [a-zA-Z0-9_.-] in query-param values. The MetaMask Segment proxy URL encodes the write key as standard base64 in a query param (?b=<base64>==), and the trailing = padding characters are rejected by this regex.

When the URL fails validation SegmentDestination.getEndpoint() silently falls back to https://api.segment.io/v1/b. Events reach Segment's default endpoint but the proxy write key is only valid through fn.segmentapis.com, so they are rejected — causing no events to appear in Mixpanel.

Change

Added normalizeProxyUrl in platform-adapter.ts that strips trailing = padding from query-param values before passing the URL to the Segment client config.

• Stripping base64 padding is safe: decoders infer it from data length and the proxy server accepts both forms.
• The = key–value separator is preserved (the regex uses a lookahead (?=&|$) to match only padding at the end of a param value).
• Contains a TODO to remove once upstream fixes the regex to accept all RFC 3986 query characters.

Test plan

• Run the app in dev mode and verify analytics events appear in Mixpanel
• Verify no "Invalid URL has been passed" errors in the console
• Run unit tests: yarn jest platform-adapter

Made with Cursor

---

Note

Medium Risk
Moderate risk because it changes how the Segment client is configured and could affect where analytics events are sent if the proxy URL is altered incorrectly, though the change is narrowly scoped and covered by unit tests.

Overview
Fixes Segment proxy URL validation failures by normalizing SEGMENT_PROXY_URL before passing it to createClient, stripping trailing base64 = padding from query-param values (while preserving key/value separators).

Adds focused unit coverage for normalizeProxyUrl across common URL shapes (single/double padding, multi-param URLs) and a wiring test to ensure createPlatformAdapter passes the normalized proxy value into Segment client configuration.

^{Reviewed by Cursor Bugbot for commit ee00a41. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 8cee395. Configure here.}

[Cal-L]

Lgtm

[tommasini]

The security vulnerability do not apply in this context, so ignoring sonar cloud advisory

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: None (no tests recommended)
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 95%

click to see 🤖 AI reasoning details

E2E Test Selection:
The changes are confined to the analytics controller's platform adapter:

1. platform-adapter.ts: Adds normalizeProxyUrl() — a small utility that strips trailing = base64 padding from Segment proxy URL query params. This is a targeted bug fix for @segment/analytics-react-native ≥2.23.0's strict URL validation regex. The only behavioral change is that getSegmentClient() now passes the normalized URL to the Segment client instead of the raw env var.

2. platform-adapter.test.ts: Adds thorough unit tests for the new function.

Why no E2E tags are needed:

• The change is purely in analytics/telemetry infrastructure — it does not affect any user-facing wallet functionality
• analytics-controller-init.ts shows that E2E tests use a completely separate platform-adapter-e2e adapter (via isE2E check), so this change has zero impact on E2E test execution
• No UI components, navigation, confirmations, accounts, networks, or any other user-facing flows are touched
• The fix is well-covered by the new unit tests
• No shared components (TabBar, modals, BrowserTab, etc.) are affected

Why no performance tests are needed:

• The change is a simple string transformation applied once during Segment client initialization
• No rendering, state management, data loading, or critical user flow performance is impacted

Performance Test Selection:
The change is a one-time string normalization during Segment client initialization. It has no impact on UI rendering, data loading, state management, or any performance-sensitive code paths.

View GitHub Actions results

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.14%. Comparing base (b4f31a4) to head (ee00a41).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #30463   +/-   ##
=======================================
  Coverage   82.13%   82.14%           
=======================================
  Files        5488     5488           
  Lines      147722   147743   +21     
  Branches    33962    33969    +7     
=======================================
+ Hits       121328   121358   +30     
+ Misses      18093    18077   -16     
- Partials     8301     8308    +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud