Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update eth-snap-keyring to 0.2.x to use the keyring-api 0.2.x #20865

Merged
merged 19 commits into from
Sep 22, 2023

Conversation

danroc
Copy link
Contributor

@danroc danroc commented Sep 13, 2023

Explanation

This PR updates the version of the eth-snap-keyring to use the new version of the keyring-api that we plan to expose to snap developers.

This PR has no other impacts, and only affects Flask.

BREAKING CHANGE: The keyring-api 0.2.x is incompatible with the previous 0.1.x release. Snaps developed with version 0.1.x of the API need to migrate to 0.2.x.

Manual Testing Steps

  1. Install the SSK from the SSK dapp.
  2. Create an account using the SSK dapp.
    1. Note that the account name defined in the SSK dapp will be ignored.
  3. Use the test dapp to sign transactions using the sync and async flows.
    1. There is a toggle in the SSK dapp to switch between the flows.

Pre-merge author checklist

  • I've clearly explained:
    • What problem this PR is solving
    • How this problem was solved
    • How reviewers can test my changes
  • Sufficient automated test coverage has been added

Pre-merge reviewer checklist

  • Manual testing (e.g. pull and build branch, run in browser, test code being changed)
  • PR is linked to the appropriate GitHub issue
  • IF this PR fixes a bug in the release milestone, add this PR to the release milestone

If further QA is required (e.g. new feature, complex testing steps, large refactor), add the Extension QA Board label.

In this case, a QA Engineer approval will be be required.

Note: This PR only affects Flask.

BREAKING CHANGE: The 'keyring-api' 0.2.x is incompatible with the
previous 0.1.x release.
@danroc danroc added DO-NOT-MERGE Pull requests that should not be merged needs-qa Label will automate into QA workspace team-accounts labels Sep 13, 2023
@github-actions
Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@danroc danroc added needs-dev-review PR needs reviews from other engineers (in order to receive required approvals) and removed needs-qa Label will automate into QA workspace labels Sep 13, 2023
@danroc
Copy link
Contributor Author

danroc commented Sep 13, 2023

@metamaskbot update-policies

@socket-security
Copy link

socket-security bot commented Sep 13, 2023

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue Package Version Note Source
Network access @storybook/manager 7.0.12

Next steps

What is network access?

This module accesses the network.

Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore @storybook/manager@7.0.12

@metamaskbot
Copy link
Collaborator

Policies updated

@HowardBraham
Copy link
Contributor

It's not working for me, when I try to Create Account I get this error:

{"code":-32603,"message":"Method not supported: createAccount","data":{"originalError":{}}}

@danroc
Copy link
Contributor Author

danroc commented Sep 14, 2023

Indeed @HowardBraham, I'll publish the new SSK that works with this branch (0.2.1).

@danroc danroc changed the title Update 'eth-snap-keyring' to 0.2.x to use the 'keyring-api' 0.2.x Update eth-snap-keyring to 0.2.x to use the keyring-api 0.2.x Sep 14, 2023
@danroc danroc marked this pull request as ready for review September 14, 2023 14:50
@danroc danroc requested review from a team as code owners September 14, 2023 14:50
gantunesr
gantunesr previously approved these changes Sep 14, 2023
@codecov
Copy link

codecov bot commented Sep 14, 2023

Codecov Report

Patch and project coverage have no change.

Comparison is base (0bc3aa9) 68.38% compared to head (7496857) 68.38%.

Additional details and impacted files
@@           Coverage Diff            @@
##           develop   #20865   +/-   ##
========================================
  Coverage    68.38%   68.38%           
========================================
  Files         1006     1006           
  Lines        40244    40244           
  Branches     10759    10760    +1     
========================================
+ Hits         27517    27518    +1     
+ Misses       12727    12726    -1     
Files Changed Coverage Δ
app/scripts/metamask-controller.js 53.86% <0.00%> (+0.05%) ⬆️

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@gantunesr gantunesr added needs-qa Label will automate into QA workspace and removed needs-dev-review PR needs reviews from other engineers (in order to receive required approvals) labels Sep 21, 2023
@plasmacorral
Copy link
Contributor

Manually tested on Mac Ventura 13.5.2 primarily with Chrome 117, but also Firefox 117.

  • Confirmed happy path snap install and account creation, both sending and signing transactions in both sync and async mode with a Snap created account from SSK v0.2.3.
  • Confirmed with multiple versions of SSK using multiple sets of accounts created by multiple snap installations that a user can send/sign from either set of accounts with the test dapp.
  • Accounts created in SSK 0.2.2 remain usable for sign/send after update to v0.2.3

@plasmacorral plasmacorral added QA Passed and removed DO-NOT-MERGE Pull requests that should not be merged needs-qa Label will automate into QA workspace labels Sep 21, 2023
@danroc
Copy link
Contributor Author

danroc commented Sep 21, 2023

@metamaskbot update-policies

@metamaskbot
Copy link
Collaborator

No policy changes

@danroc
Copy link
Contributor Author

danroc commented Sep 21, 2023

@metamaskbot update-policies

@metamaskbot
Copy link
Collaborator

Policies updated

@metamaskbot
Copy link
Collaborator

Builds ready [49823b7]
Page Load Metrics (1769 ± 59 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint129183156178
domContentLoaded15712014176912359
load15712014176912359
domInteractive15712014176912359
Bundle size diffs [🚀 Bundle size reduced!]
  • background: -43.51 KiB (-1.21%)
  • ui: 0 Bytes (0.00%)
  • common: -1.38 KiB (-0.03%)

@jiexi
Copy link
Contributor

jiexi commented Sep 21, 2023

Wondering if my PR here relates to this one at all

@danroc
Copy link
Contributor Author

danroc commented Sep 21, 2023

Yes @jiexi, we will soon release a new version of the eth-snap-keyring (including your PR), and update the extension again.

@metamaskbot
Copy link
Collaborator

Builds ready [7496857]
Page Load Metrics (1735 ± 112 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint1212401583115
domContentLoaded136021141734233112
load136021141735233112
domInteractive136021141734233112
Bundle size diffs [🚀 Bundle size reduced!]
  • background: -43.51 KiB (-1.21%)
  • ui: 0 Bytes (0.00%)
  • common: -1.38 KiB (-0.03%)

@danroc danroc merged commit 1e034e0 into develop Sep 22, 2023
9 checks passed
@danroc danroc deleted the feature/update-snaps-keyring branch September 22, 2023 07:45
@github-actions github-actions bot locked and limited conversation to collaborators Sep 22, 2023
@metamaskbot metamaskbot added the release-11.3.0 Issue or pull request that will be included in release 11.3.0 label Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
flask QA Passed release-11.3.0 Issue or pull request that will be included in release 11.3.0 team-accounts
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants