chore(deps): Bump @metamask/eth-json-rpc-middleware from ^12.1.1 to ^14.0.0
#26287
Closed
1 of 9 tasks
Assignees
Labels
release-12.1.0
Issue or pull request that will be included in release 12.1.0
release-12.2.0
Issue or pull request that will be included in release 12.2.0
release-12.4.0
Issue or pull request that will be included in release 12.4.0
team-confirmations
Push issues to confirmations team
team-wallet-framework
Comments
7 tasks
MajorLift
added a commit
that referenced
this issue
Aug 22, 2024
…etamask/transaction-controller` to `^35.1.1` (#26143) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - **BREAKING:** Bump `@metamask/transaction-controller` from `^34.0.0` to `^35.1.1`. - **BREAKING:** Redefine `SecurityAlertsAPIRequest` as a `JsonRpcRequest` type that accepts `unknown[]` as its `params` type. - Widen the `request` parameters of the functions `validateWithController` and `validateWithAPI` to include `SecurityAlertsAPIRequest`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1){kind=link}
MajorLift
pushed a commit
that referenced
this issue
Aug 22, 2024
) ## **Description** Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) ## **Related issues** - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 ## Changelog ### Added - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. ### Changed - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. ### Fixed - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. ### Security - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 22, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 22, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 22, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 22, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 23, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 23, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
pushed a commit
that referenced
this issue
Aug 23, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
MajorLift
added a commit
that referenced
this issue
Aug 30, 2024
) Updates `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - This version bump comes with a large number of regressions, most of them type errors. - This is because the package's dependencies are also updated by multiple major versions, and the changes include improved, stricter types (especially in `@metamask/utils`). [](https://codespaces.new/MetaMask/metamask-extension/pull/26143?quickstart=1) - Closes #26287 - Blocks: - MetaMask/MetaMask-planning#2991 - MetaMask/MetaMask-planning#2810 - #25733 - Add and export `PPOMMiddlewareRequest` type for `JsonRpcRequest` types that include the `securityAlertResponse` property. - `securityAlertResponse` is defined as both optional and nullable. - Add `PPOMRequest` type for `eth-sendTransaction` requests. - **BREAKING:** Bump `@metamask/eth-json-rpc-middleware` from `^12.1.1` to `^14.0.0`. - Bump `@trezor/connect-web` from `9.2.2` to `9.3.0`. - **BREAKING:** Narrow `Params` generic parameter of `createPPOMMiddleware` function from `JsonRpcParams` to `(string | { to: string })[]`. - Add `Params` generic parameter to `handleSnapRequest` function, which is constrained by `Record<string, unknown>` and defaults to `JsonRpcParams`. - `handleSnapRequest` can now be typed correctly with any `params` object. - **BREAKING:** Typed signature validation only replaces `0X` prefix with `0x`, and contract address normalization is removed for decimal and octal values. - Threat actors have been manipulating `eth_signTypedData_v4` fields to cause failures in blockaid's detectors. - Extension crashes with an error when performing Malicious permit with a non-0x prefixed integer address. - This fixes an issue where the key value row or petname component disappears if a signed address is prefixed by "0X" instead of "0x". - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
|
Missing release label release-12.2.0 on issue. Adding release label release-12.2.0 on issue, as issue is linked to PR #26143 which has this release label. |
|
Missing release label release-12.1.0 on issue. Adding release label release-12.1.0 on issue, as issue is linked to PR #26143 which has this release label. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is this about?
@metamask/{eth-block-tracker,eth-json-rpc-provider,json-rpc-engine,utils}).Scenario
No response
Design
No response
Technical Details
No response
Threat Modeling Framework
No response
Acceptance Criteria
No response
Stakeholder review needed before the work gets merged
References
No response
The text was updated successfully, but these errors were encountered: