eth-json-rpc-provider migration - Integration into packages/
#1738
Conversation
|
New dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. Ignoring: Next stepsTake a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with |
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
8175a45
to
4984cb6
Compare
MajorLift
added
enhancement
|
@SocketSecurity ignore-all All packages versions are current with main branch. |
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
3 times, most recently
from
046290c
to
fcd3b95
Compare
MajorLift
changed the title
eth-json-rpc-provider into core monorepo (2/2)eth-json-rpc-provider migration - C: Integration into packages/
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
b6c95cc
to
43fae9b
Compare
MajorLift
changed the base branch from
main
to
231003-staging-eth-json-rpc-provider
MajorLift
changed the base branch from
231003-staging-eth-json-rpc-provider
to
main
MajorLift
changed the base branch from
main
to
231003-staging-eth-json-rpc-provider
MajorLift
changed the base branch from
231003-staging-eth-json-rpc-provider
to
main
MajorLift
changed the base branch from
main
to
231003-staging-eth-json-rpc-provider
MajorLift
changed the base branch from
231003-staging-eth-json-rpc-provider
to
main
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
a014d40
to
ebcfc39
Compare
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
615fb8e
to
4412ff7
Compare
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
03c8d0d
to
69a276d
Compare
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
69a276d
to
e42c619
Compare
| @@ -4,6 +4,7 @@ describe('Package exports', () => { | |||
| it('has expected exports', () => { | |||
| expect(Object.keys(allExports)).toMatchInlineSnapshot(` | |||
| Array [ | |||
| "SafeEventEmitterProvider", | |||
There was a problem hiding this comment.
What's the reason for this?
There was a problem hiding this comment.
This one follows from the export statement change for SafeEventEmitterProvider https://github.com/MetaMask/core/pull/1738/files#r1357548245. The test is checking what non-types are being exported from index.ts.
| @@ -1,3 +1,3 @@ | |||
| export * from './provider-from-engine'; | |||
| export * from './provider-from-middleware'; | |||
| export type { SafeEventEmitterProvider } from './safe-event-emitter-provider'; | |||
There was a problem hiding this comment.
This changes what is being exported (the whole class instead of just the type). What's the reason for this change?
There was a problem hiding this comment.
See: first line of network-controller/tests/fake-provider.
There was a problem hiding this comment.
Okay, no problem. I guess this wouldn't be a breaking change, so it's okay.
| @@ -33,7 +33,7 @@ | |||
| "@metamask/controller-utils": "^5.0.2", | |||
| "@metamask/eth-json-rpc-infura": "^9.0.0", | |||
| "@metamask/eth-json-rpc-middleware": "^12.0.0", | |||
| "@metamask/eth-json-rpc-provider": "^2.1.0", | |||
| "@metamask/eth-json-rpc-provider": "^2.2.0", | |||
There was a problem hiding this comment.
Hmm. Given that we are affecting other packages in this PR, should we bump everything to ^2.2.0 first? I think it'd be better to keep this PR just focused to eth-json-rpc-provider if we can.
There was a problem hiding this comment.
This is necessary because of the reference path shadowing thing we discussed. Once eth-json-rpc-provider is moved into packages/, downstream packages can no longer use previous versions by pointing to node_modules/, because all imports from @metamask/eth-json-rpc-provider will always point to the path in packages/, and therefore to the latest version. This seems to happen even if the migrated package isn't added to the reference paths in the downstream pkgs' typescript config files.
There was a problem hiding this comment.
That makes sense, but isn't this happening because network-controller is currently using version 2.1.0? If we bumped that first then the latest version of the package being used and current version of the package as it exists after being migrated would be the same.
There was a problem hiding this comment.
We could bump eth-json-rpc-provider to 2.2.0 everywhere first in a separate PR, but that PR wouldn't include the changes being made to network-controller/ here (the last two commits).
Because fixing the ../dist/.. import statements requires fixing that export statement in eth-json-rpc-provider, we'd still end up with changes being made to both packages simultaneously before the migration can be merged.
There was a problem hiding this comment.
I guess we could change the SafeEventEmitterProvider export statement in the original repo and release 2.2.1 first, but that would mean redoing the migration process from the start because of the new git history.
| @@ -1,4 +1,4 @@ | |||
| import { SafeEventEmitterProvider } from '@metamask/eth-json-rpc-provider/dist/safe-event-emitter-provider'; | |||
| import { SafeEventEmitterProvider } from '@metamask/eth-json-rpc-provider'; | |||
There was a problem hiding this comment.
See line 85:
export class FakeProvider extends SafeEventEmitterProvider {Importing SafeEventEmitterProvider as a type breaks that line, because it's being used as a class.
This is why the previous import statement pointed directly to node_modules/.../dist/... instead of using the SafeEventEmitterProvider type exported by the package.
That import statement can no longer be used (it won't point to node_modules with eth-json-rpc-provider in packages/) which is why the export from eth-json-rpc-provider needs to be fixed from type to class.
There was a problem hiding this comment.
Ah, I see. Thank you for explaining, somehow that was not connecting.
@mcmire Are there still any changes to the PR you'd like to see, or maybe a different approach we could try for the |
…downstream packages
MajorLift
force-pushed
the
230927-integrate-eth-json-rpc-provider
branch
from
0b71faa
to
a32e68a
Compare
mcmire
dismissed
their stale review
Removing this as I've determined that the network controller changes are non-breaking.
MajorLift
changed the title
eth-json-rpc-provider migration - C: Integration into packages/eth-json-rpc-provider migration - Integration into packages/
…changes from recent releases (#1807) ## Explanation - Updating root README to include @metamask/eth-json-rpc-provider. - Updating dependency graph to reflect changes made between releases v78.0.0 through v81.0.0. ## References - See #1738 ## Changelog ### `core` - **CHANGED**: Updated README dependency graph. ## Checklist - [ ] I've updated the test suite for new or updated code as appropriate - [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [ ] I've highlighted breaking changes using the "BREAKING" category above as appropriate
Explanation
This PR implements the following incremental steps in the process for migrating
eth-json-rpc-providerinto the core monorepo:Phase B: Staging from
merged-packages/5. Port tags
Push ported tags to core repo
Verify that the tag diff links in CHANGELOG are working
Phase C: Integration into
packages/1. The big leap
merged-packages/topackages/.yarn installin the root directory.yarn workspace @metamask/<package-name> test.2. Update downstream repos
3. Linter fixes
yarn constraints --fix(run twice).yarn workspace @metamask/<package-name> changelog:validateand apply the diffs.4. Resolve downstream errors
@metamask/{eth-json-rpc-provider,rpc-errors}#1653@ts-expect-error TODO:annotations.5. Finalize merge
packages/<package-name>directory into core main branch.See #1551 (comment) for an outline of the entire process.
Next Steps
Blocked by
@metamask/utilsbump: deps: @metamask/utils@^6.2.0->^8.1.0 #1639@metamask/{eth-json-rpc-provider,rpc-errors}#1653References
@metamask/eth-json-rpc-providerto core monorepo #1685eth-json-rpc-providerinto core monorepo #1551Changelog
@metamask/eth-json-rpc-providerSafeEventEmitterProvideras a value (class), not just a type.@metamask/network-controller@metamask/eth-json-rpc-providerto ^2.2.0Checklist