Security advisory: https://www.npmjs.com/advisories/1184
This advisory was already addressed in #7289 but subsequent releases
have made this simpler resolution possible.
This simplifies the logic of signing and improves security:
- Private keys are never moved to the base controller.
- Hardware wallets are abstracted in the same way as local keys.
This also paves the way for allowing even more modular accounts,
provided by plugins:
https://github.com/MetaMask/metamask-plugin-beta/pull/63Fixes#7075.
Security advisory: https://www.npmjs.com/advisories/1184
The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.
Security advisory: https://www.npmjs.com/advisories/1184
The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.
* master: (34 commits)
Update changelog for v7.2.3
Fix e2e tests and gas default (#7267)
Do not transate on seed phrases
test:integration - fix renamed test data file
lint fix
test:e2e - fix bail condition
test:e2e - fix responsie argument
test:e2e - refactor missed spec file
test:e2e - only overwrite window.fetch once per session
test:e2e - rework fetch-mocks
test:e2e - add extra delay before closing popups
test:e2e - factor out prepareExtensionForTesting
test - e2e - dedupe fetchMocking + compose script as fn
Ensure correct tx category when sending to contracts without tx data (#7252)
Version v7.2.3
Add v7.2.2 to changelog
Update minimum Firefox verison to 56.0 (#7213)
Version v7.2.2
Update changelog for v7.2.1, v7.2.0, and v7.1.1
Add `appName` message to each locale
...
* Ensure correct transaction category when sending to contracts but there is no txParams data
* Update gas when pasting address in send
* Gracefully fall back is send.util/estimateGas when blockGasLimit from background is falsy
* Remove network request frontend fallback for blockGasLimit
* Add some needed slow downs to e2e tests
* Ensure correct transaction category when sending to contracts but there is no txParams data
* Update gas when pasting address in send
* Gracefully fall back is send.util/estimateGas when blockGasLimit from background is falsy
* Remove network request frontend fallback for blockGasLimit
* Add some needed slow downs to e2e tests
The placeholder for the custom nonce needed to be converted into a
string. The placeholder is omitted if `nextNonce` isn't set, as may be
the case for the initial render.
The initial release of the 3Box sync will be marked as experimental.
This is to allow us time to test the 3Box sync and reduce the load on
3Box's infrastructure.
The 3Box initialization is triggered by login, but it no longer blocks
the login from finishing. The 3Box initialization is designed to run in
the background, so there's no reason to block on it.
* Allow default nextNonce to be the custom nonce in cases where highest locally pending is higher than nextNonce
* Reset custom nonce in cases of transaction submission failures
* Make the recommended nonce in the custom nonce field the true 'nextNonce'
* Revert automatic setting of custom nonce to nextNonce
* Make the nextNonce the default placeholder value
* Fix getNextNonce
* Remove unused nonceFieldPlaceholder message
* Fix nits in getPendingNonce and getNextNonce
* Properly handle errors in getNextNonce
* Improve placeholder and value defaults in custom nonce field
* Remove custom error message from getNextNonce
The 3Box SDK throws an HTTP 404 error when attempting to get the config
for an account that doesn't yet exist in 3Box. The regex we were using
to differentiate this error from others was broken. This ended up
preventing the user from logging in if they had 3Box enabled but hadn't
yet synced.
The regex has been corrected to catch this case, while allowing other
errors to propogate upward. Other 3Box errors will now be caught and
reported rather than interrupting login completely.
At some point in the future, we should expose these errors to the user
in some way, and allow them to retry in case 3Box was just temporarily
offline.
Dan Finlay
Mark Stacey
Dan J Miller
Dan Finlay
MetaMask Bot
Whymarrh Whitby
Thomas Huang
Mark O'Sullivan
Thomas
kumavis
ryanml