release: 13.36.0#43473
Draft
metamaskbot wants to merge 195 commits into
Draft
Conversation
## **Description** This PR adds fix for page routing after user completes onboarding of hardware wallet. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Fix routing after hardware wallet onboarding ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/MUL-1840 ## **Manual testing steps** 1. onboard 2. click accounts list 3. click add wallet 4. click on connect hardware wallet 5. pair any hardware wallet 6. make sure that after clicking unlock, user is routed to the home page ## **Screenshots/Recordings** ### **Before** Under some circumstances user would be routed to the hardware wallet onboarding page after successful hardware wallet onboarding, instead of being routed to the home page. I couldn't reproduce the issue in the same way as the reporter. Changes made will ensure that user is always routed to the home page (default route). For more information see [ticket](https://consensyssoftware.atlassian.net/browse/MUL-1840). ### **After** ***Onboarding flow*** https://github.com/user-attachments/assets/f4eef531-f062-4159-b49f-dc8c06171db8 ***Cancel flow*** https://github.com/user-attachments/assets/d9ecf537-1120-4c82-a244-36975cf3a444 ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > UI-only routing and local state on the hardware connect page; no auth, key material, or backend changes. > > **Overview** > Fixes **post-onboarding navigation** on the connect-hardware flow so users land on the **home page** (`DEFAULT_ROUTE`, `/`) after a successful unlock, instead of using `getMostRecentOverviewPage`, which could send them back to the hardware onboarding route. > > **Cancel** on the account list no longer navigates away: it **clears local state** (selection, accounts, device, in-flight fetch id) so the UI returns to **device selection** on the same route. > > Tests drop the history mock and assert navigation to `/` plus cancel returning to the hardware wallets picker. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit c2fdecc. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…om Assets Page (#42962) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** - Moves Tokens-tab helpers from `HomePage` to `AssetListPage` so page objects match the UI boundary (overview + tab bar vs. content below the horizontal tabs). - Adds `checkExpectedTokenBalanceIsDisplayed` and `refreshErc20TokenList` on `AssetListPage`, reusing existing token-list selectors (`tokenAmountValue`, `tokenOptionsButton`). - Removes duplicated ERC-20 refresh selectors and `refreshErc20TokenList` from `HomePage`. - Updates nine E2E specs to call `AssetListPage` for token-list balance checks and list refresh instead of `HomePage`. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: [MMQA-1843](https://consensyssoftware.atlassian.net/browse/MMQA-1843) ## **Manual testing steps** 1. Build the test extension: `yarn build:test` 2. Run a representative updated spec: `yarn test:e2e:single test/e2e/tests/account/snap-account-transfers.spec.ts --browser=chrome` 3. Run privacy specs that use `refreshErc20TokenList`: `yarn test:e2e:single test/e2e/tests/privacy/basic-functionality.spec.ts --browser=chrome` 4. Confirm token balance assertions still pass on the Tokens tab (hardware wallet ERC-20 specs are another good spot check). ## **Screenshots/Recordings** <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. [MMQA-1843]: https://consensyssoftware.atlassian.net/browse/MMQA-1843?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Test-only page-object refactor with no production code changes; behavior should be equivalent aside from clearer ownership of selectors. > > **Overview** > This PR **relocates Tokens-tab E2E helpers** from `HomePage` to `AssetListPage` so page objects match the UI split (overview/tabs vs. token list content). > > **`AssetListPage`** gains `checkExpectedTokenBalanceIsDisplayed` (expands low-value assets, then asserts `multichain-token-list-item-value`) and `refreshErc20TokenList` (asset list control bar → `refreshList`), using existing `tokenOptionsButton` / `refreshList` selectors. > > **`HomePage`** drops the ERC-20 refresh selectors and `refreshErc20TokenList`; specs that refreshed or asserted list-row balances now instantiate **`AssetListPage`** instead (snap transfers, Ledger/Trezor ERC-20, account-syncing, privacy onboarding, Solana/Tron send). > > Overview-level checks (e.g. `checkExpectedBalanceIsDisplayed`) stay on `HomePage` where the diff still uses it. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 4f0bc05. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> This PR enables `Telegram` login for the UAT builds. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** 1. Download the builds from this PR. Install to Chrome/Firefox 2. Select Telegram login option during the onboarding. 3. User should be able to create/rehydrate the wallet and successfully log in. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes authentication surface area for UAT while explicitly gating prod/RC off; misconfiguration could expose Telegram login where it should stay disabled. > > **Overview** > Turns on **Telegram login** for non-production builds by defaulting `TELEGRAM_LOGIN_ENABLED` to `'true'` in `builds.yml`, while the build script **forces it off** for production and release-candidate builds so store/release artifacts cannot ship with Telegram login even if the YAML says otherwise. > > `set-environment-variables.js` adds a shared `isProductionOrReleaseCandidateBuild` helper (also used for OAuth client ID resolution) and wires `TELEGRAM_LOGIN_ENABLED` through that gate. Tests cover prod/RC override vs preserving the flag on testing builds. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 9cd8e4b. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…-13.34.0 (#43056) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> This PR fixes the build issue where `TELEGRAM_CLIENT_ID` is loaded in the build script even when the `TELEGRAM_LOGIN` is disabled. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Build-time env gating only; no runtime auth or user-data path changes beyond omitting Telegram client ID when the feature is off. > > **Overview** > Fixes a build-time mismatch where **`TELEGRAM_CLIENT_ID`** could still be resolved when Telegram social login was off. > > **`set-environment-variables.js`** now derives **`TELEGRAM_LOGIN_ENABLED`** once (forced **`false`** on production / release-candidate builds, otherwise from config) and only calls **`getOAuthClientId`** for Telegram when seedless onboarding is on **and** that flag is **`true`**. The same value is written into the build env instead of duplicating the prod/rc override inline. > > **`builds.yml`** changes the default **`TELEGRAM_LOGIN_ENABLED`** from **`true`** to **`false`**, so Telegram OAuth IDs are not pulled unless explicitly enabled. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit bc82eef. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
#42852) ## **Description** This is the first batch of migrated methods from `MetamaskController` to `LegacyBackgroundApiService` that were used in `getApi()`. This preserves `getApi()` while we migrate everything. ## **Changelog** CHANGELOG entry: null ## **Related issues** Progresses: https://consensyssoftware.atlassian.net/browse/WPC-957 ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches vault seed phrase export, account import/removal, reset-account transaction wipes, and seedless private-key backup paths; behavior is intended to be preserved but regressions would affect core wallet flows. > > **Overview** > This PR moves the first batch of background APIs out of **`MetaMaskController`** into **`LegacyBackgroundApiService`**, while **`getApi()`** still exposes the same surface by binding those entries to **`controllerMessenger.call('LegacyBackgroundApiService:…')`** instead of controller methods. > > **`LegacyBackgroundApiService`** now implements account/keyring-adjacent behavior (e.g. **`getSeedPhrase`**, **`resetAccount`**, **`removeAccount`**, **`importAccountWithStrategy`**, password-forgotten flags, **`getCode`**, assets-unify gating, tab ID helpers) and delegates to other controllers via an expanded messenger allowlist. Init passes **`infuraProjectId`**, tab maps, **`sendUpdate`**, and **`seedlessOperationMutex`** into the service. > > **`getSnapKeyring`** is extracted to **`app/scripts/lib/snap-keyring/utils/getSnapKeyring`** (messenger-based) and replaces the removed **`MetaMaskController.getSnapKeyring`**. BIP-39 wordlist index conversion moves to **`convertEnglishWordlistIndicesToCodepoints`** in **`util`**. > > Tests shift from **`MetaMaskController`** direct calls to the service/util modules; UI store action tests stub **`background.getApi()`**. **`@metamask/seedless-onboarding-controller`** bumps to **^9.1.0**. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b818b06. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Frederik Bolding <frederik.bolding@gmail.com>
## **Description** `getValidUrl`, `isWebUrl`, `addUrlProtocolPrefix`, `isValidEmail`, and `isWebOrigin` are pure utilities defined in `app/scripts/lib/util.ts` but consumed by both UI and background. UI imports them with `// eslint-disable-next-line import-x/no-restricted-paths`. This PR moves them into `shared/lib/url-utils.ts`. `app/scripts/lib/util.ts` re-exports them so background callers stay unaffected. UI imports now point at shared and the eslint suppressions (plus stale TODO comments) are removed. No behavior change — pure refactor. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: N/A ## **Manual testing steps** None — pure refactor. CI lint + type-check covers correctness. 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Pure refactor with re-exports preserving background imports; no logic changes to validation or security-sensitive flows. > > **Overview** > Moves **pure URL/email helpers** (`getValidUrl`, `isWebUrl`, `addUrlProtocolPrefix`, `isValidEmail`, `isWebOrigin`) out of `app/scripts/lib/util.ts` into new **`shared/lib/url-utils.ts`**, so UI and background can share them without crossing the restricted `app/scripts` import boundary. > > `util.ts` **re-exports** those symbols for existing background callers. UI files that previously imported from `app/scripts/lib/util` (with `import-x/no-restricted-paths` suppressions) now import from **`shared/lib/url-utils`** instead—NFT views, network RPC/explorer modals, onboarding IPFS, privacy settings, native token symbol hook, and Shield claims email validation. > > **No runtime behavior change**; logic is relocated unchanged and the `url` dependency usage stays in the shared module. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 8ce3b97. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
## **Description** Passkey unlock and enrollment are unreliable on mobile browsers (e.g. Kiwi, Yandex) where WebAuthn support is inconsistent or the UX is poor. This PR disables the passkey feature on mobile devices and improves observability for passkey failures on desktop. **What changed:** 1. **Mobile gating** — `getIsPasskeyFeatureAvailable` now returns `false` when `getDeviceType()` is `DEVICE_TYPE.MOBILE`. That hides passkey UI everywhere the selector is used: unlock, onboarding setup, settings enrollment/turn-off, and change-password passkey verification. 2. **Sentry error capture** — Passkey failures that were previously logged with `log.error` are now reported to Sentry via `captureException` + `createSentryError`, with contextual metadata (error code, duration, verification method, step). User-cancelled ceremonies (`isPasskeyCeremonySilentError`) are still excluded. 3. **Tests** — Added a mobile case to `passkey.test.ts` and mocked Sentry in affected component tests. ## **Changelog** CHANGELOG entry: Disabled passkey unlock and setup on mobile browsers where the experience is unreliable. ## **Related issues** Fixes: ## **Manual testing steps** ### Desktop (passkey should still work) 1. Build with passkey enabled (`PASSKEY=1` or equivalent in `.metamaskrc`). 2. **Unlock:** Open the extension on desktop Chrome. Confirm the passkey unlock option appears when a passkey is registered. 3. **Onboarding:** Start a new wallet flow. Confirm the passkey setup step is offered when eligible. 4. **Settings:** Go to Settings → Security & Password. Confirm passkey enrollment and turn-off flows are available. 5. **Change password:** With passkey registered, change password and confirm passkey verification works. ### Mobile browser (passkey should be hidden) 6. Open MetaMask in a mobile browser (or emulate mobile UA, e.g. Kiwi/Yandex or Chrome DevTools device mode with a mobile user agent). 7. **Unlock:** Confirm the passkey unlock section is **not** shown; password unlock still works. 8. **Onboarding:** Confirm passkey setup is **not** offered during wallet creation. 9. **Settings:** Confirm passkey settings item / enrollment options are **not** visible. ### Error reporting (optional / dev verification) 10. On desktop, trigger a passkey failure (e.g. cancel after starting ceremony is silent; use an invalid state to force a real error). 11. Confirm non-cancel errors appear in Sentry with the expected context (error code, duration, flow name). ## **Screenshots/Recordings** ### **Before** <!-- Mobile unlock page showing passkey option (unreliable UX) --> ### **After** <!-- Mobile unlock page with passkey hidden; desktop unchanged --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes security UX gating (mobile passkey off) and error reporting on auth-related flows; behavior is mostly additive except hiding passkey on mobile, which is intentional. > > **Overview** > **Passkey is turned off on mobile extension browsers** by extending `getIsPasskeyFeatureAvailable` with `getDeviceType() !== DEVICE_TYPE.MOBILE`, so unlock, onboarding setup, settings enrollment/turn-off, and change-password passkey UI stay hidden where WebAuthn is unreliable (e.g. Kiwi, Yandex). > > **Failure observability on desktop** replaces `log.error` on real passkey errors with **Sentry** (`captureException` + `createSentryError`) across unlock, onboarding enrollment, settings register/turn-off, and change-password flows. User-cancelled ceremonies (`isPasskeyCeremonySilentError`) are still not reported; several handlers now reuse computed `durationMs` / `errorCode` for metrics and Sentry extras. > > **Tests** add a mobile case in `passkey.test.ts` (mocking `getDeviceType`) and mock `captureException` in affected component tests. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit c61fb88. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
## **Description** Adds E2E coverage for the new Perps Withdraw flow through Confirmations. This covers the new confirmation-based withdraw path with: - A happy-path test that opens Withdraw from Perps Home, enters an amount, receives a mocked Relay quote, submits the withdrawal, and verifies the success toast - An insufficient-balance test for the new confirmation UI - A Perps Withdraw confirmation page object - Deterministic Arbitrum USDC, Relay quote/authorize/status, and price mocks for the confirmation flow - `FixtureBuilderV2` support for `TokenRatesController` state ## **Changelog** CHANGELOG entry: null <!-- ## **Related issues** Fixes: --> ## **Manual testing steps** 1. Run `PERPS_ENABLED=true yarn build:test` 2. Run `E2E_ARGS='--grep=submits.a.valid.withdrawal.from.the.confirmation.flow' yarn test:e2e:single test/e2e/tests/perps/perps-withdraw.spec.ts --browser=chrome --debug=false` 3. Run `E2E_ARGS='--grep=blocks.withdrawal.amounts' yarn test:e2e:single test/e2e/tests/perps/perps-withdraw.spec.ts --browser=chrome --debug=false` <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Changes are limited to E2E fixtures, mocks, page objects, and test infrastructure; no production withdraw or confirmation logic is modified in this diff. > > **Overview** > Adds **end-to-end coverage** for Perps withdraw through the **Confirmations** path (enabled via `confirmations_pay_post_quote` / `perpsWithdraw`), alongside existing legacy withdraw tests. > > Introduces a **withdraw confirmation page object**, expands **Perps fixture config** with production-like remote flags (full state in `RemoteFeatureFlagController`, small manifest overrides), **Arbitrum USDC** token/rate seeding, and **Mockttp** handlers for Relay quote/authorize/status and price APIs. **`FixtureBuilderV2`** gains `withRemoteFeatureFlagController` and `withTokenRatesController`. > > Registers **`confirmations_pay_post_quote`** in the E2E feature-flag registry and updates **`privacy-snapshot.json`** with `api.relay.link` and `tx-sentinel-arbitrum-mainnet.api.cx.metamask.io` for the mocked endpoints. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 9f73a8b. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Signed-off-by: dan437 <80175477+dan437@users.noreply.github.com>
## Version Bump After Release This PR bumps the main branch version from 13.34.0 to 13.35.0 after cutting the release branch. ### Why this is needed: - **Nightly builds**: Each nightly build needs to be one minor version ahead of the current release candidate - **Version conflicts**: Prevents conflicts between nightlies and release candidates - **Platform alignment**: Maintains version alignment between MetaMask mobile and extension - **Update systems**: Ensures nightlies are accepted by app stores and browser update systems ### What changed: - Version bumped from `13.34.0` to `13.35.0` - Platform: `extension` - Files updated by `set-semvar-version.sh` script ### Next steps: This PR should be **manually reviewed and merged by the release manager** to maintain proper version flow. ### Related: - Release version: 13.34.0 - Release branch: release/13.34.0 - Platform: extension - Test mode: false --- *This PR was automatically created by the `create-platform-release-pr.sh` script.* Co-authored-by: metamaskbot <metamaskbot@users.noreply.github.com>
This PR is to set up the remote FF for network manager update in homepage ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** NA ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Flag-only change with production default false and no behavioral UI changes in this PR. > > **Overview** > Introduces the remote feature flag **`extensionUxNetworkManagement`** so homepage network-manager UX can be rolled out gradually. The flag is registered for E2E/production-accurate mocking (default **off**), exposed via **`getIsNetworkManagementEnabled`** using the same boolean/version-gated resolution as other extension UX flags, and covered by unit tests. **No UI wiring** appears in this diff—only flag plumbing for follow-up work. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ac11486. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…counts` (#43058) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** There's a race condition in the wallet, whenever we update dapp permissions with a newly created account, where an error is thrown if the non-evm accounts are no yet ready I've opened a bug ticket for the wallet side here: #43059 As per the spec, we can stabilize the test by ensuring the nonEVM accounts are loaded before updating the dapp permissions. <img width="587" height="66" alt="image" src="https://github.com/user-attachments/assets/09078ad7-54d4-4214-923e-9512c4742e7e" /> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: ## **Related issues** Fixes: ## **Manual testing steps** 1. Check ci ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: fix aggregated balance ## **Related issues** Fixes: #43019 ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> https://github.com/user-attachments/assets/d9a822de-9b10-4774-91de-708126092779 ### **After** <!-- [screenshots/recordings] --> https://github.com/user-attachments/assets/b097f8a9-db47-48ec-9937-4a9f8b0c577f ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes balance display rules for testnets, multi-network, and native vs fiat; user-visible wallet UI with moderate regression risk if edge cases are missed. > > **Overview** > Fixes incorrect **aggregated balance** display in `AccountGroupBalance` by changing when the UI shows fiat vs native token amounts. > > **Testnet detection** no longer uses `getMultichainIsTestnet`; it treats a selection as testnet only when **exactly one** enabled network is in `TEST_CHAINS`. **Fiat on testnets** respects `getShowFiatInTestnets` so users can still see dollar totals when that preference is on. > > **Native currency labels** for formatting come from `networkConfigurationsByChainId` on EVM (and multichain network ticker otherwise), removing `useMultichainSelector` / `getMultichainNativeCurrency` for this path. With **multiple networks enabled**, the component **always shows aggregated fiat**, even if `showNativeTokenAsMainBalance` is set. > > Tests were refactored and expanded for single testnet, fiat-on-testnet, mainnet-only, and multi-network cases. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 5da6db8. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
## **Description** Non-watch webpack builds hand control back to the parent process before `compiler.close()` finishes so the filesystem cache can be persisted in the background. This adds a temporary SIGINT/SIGTERM guard during that cache shutdown window so an extra shutdown signal does not terminate webpack mid-write. ## **Changelog** CHANGELOG entry: null <!-- ## **Related issues** Fixes: --> ## **Manual testing steps** Its a race condition that is very difficult to cause intentionally. No repro steps available. <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Dev-only webpack build orchestration; no runtime extension, auth, or user data paths. > > **Overview** > Non-watch webpack builds still call **`onComplete()`** before **`compiler.close()`** so the parent can exit while the child finishes persisting a **filesystem** cache. That window could let forwarded **SIGINT** / **SIGTERM** kill the child mid-write. > > The build now installs **`ignoreCacheShutdownSignal`** (noop handlers for those signals) only when **`options.cache.type === 'filesystem'`**, removes them in the **`compiler.close`** callback, and cleans up on sync errors in the same **`try`/`catch`**. Unit tests cover install, silent handling, and teardown. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ccb89ad. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
## **Description** Fixes webpack filesystem cache warnings when optional rc files are absent. `cache.buildDependencies.config` listed `.metamaskrc` and `.metamaskprodrc` unconditionally, so webpack tried to resolve missing files while storing the pack cache. This updates the webpack config to derive repo-root paths once and only include optional rc files in cache dependencies when they exist. Required cache inputs such as `builds.yml` and `.browserslistrc` remain unconditional. Validation: - `yarn lint:changed:fix` - `yarn test:unit:webpack` - `yarn webpack:tsc` ## **Changelog** CHANGELOG entry: null <!-- ## **Related issues** Fixes: --> <!-- ## **Manual testing steps** 1. --> <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Build-tooling cache dependency logic only; no runtime extension, auth, or data-path changes. > > **Overview** > Fixes webpack filesystem cache warnings when optional repo-root rc files are missing by only listing **`.metamaskrc`** and **`.metamaskprodrc`** in `cache.buildDependencies.config` when `existsSync` finds them. Required inputs (**`builds.yml`**, **`.browserslistrc`**, config file) stay unconditional; repo paths are centralized via a **`root`** helper. > > Unit tests mock optional rc presence and assert cache dependency lists include existing optional files and omit missing ones. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 735dcdc. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
#43057) ## **Description** `TransactionPayController` uses asset state changes to re-parse required tokens for in-flight transactions when token metadata hasn't resolved yet. The subscription logic in `subscribeAssetChanges` branched on the `assetsUnifyState` remote feature flag: when the flag was enabled it subscribed only to `AssetsController:stateChange`, otherwise it subscribed to `TokensController`, `TokenRatesController`, and `CurrencyRateController`. The root cause of the infinite loading in Pay confirmations was that the `RemoteFeatureFlagController` state isn't populated at the point `TransactionPayController` initialises during onboarding — the remote flags haven't been fetched yet — so `assetsUnifyState` defaults to `false`. This caused the controller to subscribe only to the legacy controllers, which meant required-token resolution never fired when the extension was running with the unified assets state, leaving the confirmation spinner indefinitely. This PR applies a yarn patch to `@metamask/transaction-pay-controller@22.5.0` that removes the conditional branch and always subscribes to all four controllers unconditionally. Both the CJS and ESM dist files are patched. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: #42989 ## **Manual testing steps** 1. Load the extension via a fresh onboarding. 2. Initiate a Pay transaction that requires a token not yet in local state. 3. Confirm the required token resolves and the confirmation no longer hangs on an infinite spinner. <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes Pay transaction asset subscription behavior at controller init; limited scope but affects confirmation UX and token resolution timing. > > **Overview** > Fixes **MetaMask Pay** confirmations that could spin forever when required token metadata was not ready yet. > > The extension adds a **Yarn patch** on `@metamask/transaction-pay-controller@22.6.0` so `subscribeAssetChanges` no longer branches on the `assetsUnifyState` remote feature flag. That flag often reads as disabled during early startup (e.g. onboarding before remote flags load), which left the controller listening only to legacy token/rate controllers while the app used unified assets—so required-token resolution never ran. > > The patch always registers listeners on **`AssetsController`**, **`TokensController`**, **`TokenRatesController`**, and **`CurrencyRateController`** (CJS and ESM dist). **`package.json`** resolutions and **`yarn.lock`** point installs at the patched package. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 2609a33. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Honor the "hide tokens with zero balance" setting even for mUSD ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: fix: honor hide zero balance setting for musd ## **Related issues** Fixes: ## **Manual testing steps** 1. Settings > Hide tokens without balance 2. Should hide mUSD tokens ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Small display-rule change in the token list with targeted tests; no auth, payments, or persistence changes. > > **Overview** > **Hide zero balance** now applies to **mUSD** the same as other tokens: the token list filter no longer skips `isMusdToken` when `shouldHideZeroBalanceTokens` is on and `balance === '0'`. > > Tests were updated to assert zero-balance mUSD is hidden on mainnet and Linea when the setting is enabled, and that zero-balance mUSD still appears (outside the low-value bucket) when the setting is off. **Low-value** grouping still treats mUSD specially via `isLowValueAsset`; only the zero-balance visibility rule changed. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 37b9903. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
## **Description** `normalizeSafeAddress` / `isEthAddress` / `normalizeAddress` live in `app/scripts/lib/multichain/address.ts` even though they're pure utilities consumed by both UI and background. ~17 UI files import them with `// eslint-disable-next-line import-x/no-restricted-paths`. This PR moves the file (and its test) to `shared/lib/multichain/` — git detects the rename at 94-100% similarity. Every importer (UI, app fixture, e2e test) is updated. The eslint suppressions and stale `// TODO: Remove restricted import` comments are removed at each UI site. No behavior change — pure refactor. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: N/A ## **Manual testing steps** None — pure refactor. CI lint + type-check covers correctness. 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Path-only refactor with no logic changes; risk is limited to missed import updates, which lint/type-check and tests should catch. > > **Overview** > Relocates the pure multichain address helpers (`normalizeSafeAddress`, `normalizeAddress`, `isEthAddress`) from `app/scripts/lib/multichain/address` to **`shared/lib/multichain/address`**, with the module’s `hexstring-utils` import adjusted for the new location. > > **Every consumer** (UI components, bridge/permissions/confirm flows, wallet fixture generator, and seedless onboarding e2e) now imports from `shared` instead of the background `app/scripts` tree. That removes roughly **17** `import-x/no-restricted-paths` suppressions and stale “TODO: Remove restricted import” comments. > > **No runtime behavior change**—only module placement and import paths. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit af040f4. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Integrate `@metamask/wallet` into the extension, replacing the initialization for `KeyringController` as the first step towards a migration. This lets us remove most of the initialization logic for `KeyringController` as that has been consolidated in `core`. Additionally some changes were required to `SnapKeyring`, `MetaMaskController` and the current initialization framework. The goal following this PR is a gradual migration of as much initialization code as possible to `core`. There should be no functional changes. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** https://consensyssoftware.atlassian.net/browse/WPC-999 <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches wallet/keyring bootstrap and Snap account persist/remove paths; scope is large but described as behavior-preserving, with test bridges relocated to `wallet-init/keyrings.ts`. > > **Overview** > This PR wires **`@metamask/wallet`** into the extension so **`KeyringController`** is created through the wallet library instead of the messenger-client-init path. **`initializeWallet`** in `wallet-init/initialization.ts` builds a `Wallet` with persisted state, encryptor, and **`getKeyringBuilders`** (hardware/QR/offscreen bridges, snap keyring, and test-only fake bridges via `IN_TEST`). > > **`MetamaskController`** now owns `this.wallet`, resolves **`keyringController`** via `wallet.getInstance('KeyringController')`, and passes **`wallet`** into **`initMessengerClients`**, which can fall back to **`wallet.getInstance(name)`** when a controller was not registered through init functions. **`KeyringControllerInit`**, **`SnapKeyringBuilderInit`**, and their messenger factories are removed from the init registry. > > **`snapKeyringBuilder`** only takes a messenger: persist, account updates, metrics, and account removal go through delegated messenger actions (`KeyringController:persistAllKeyrings`, `LegacyBackgroundApiService:removeAccount`, etc.) instead of injected helpers. > > **`background.js`** drops the **`overrides`** object (test keyring bridges, custom port streams, `registerConnectListeners`) from **`setupController`**; connections always use **`ExtensionPortStream`** directly. > > LavaMoat policies and **`package.json`** add **`@metamask/wallet`**. Intended behavior is unchanged; this is structural prep for moving more init into core. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b190447. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
release: sync stable to main for version 13.33.0
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Use `Box` from DSR (no codeowners, part 2). ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/DSYS-433 ## **Manual testing steps** 1. Check affected files 2. Open corresponding pages/component in extension to be sure that this PR doesn't introduce regressions ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <img width="471" height="732" alt="image" src="https://github.com/user-attachments/assets/1c22e130-596b-44d7-93f9-81d3e374869f" /> ### **After** <img width="471" height="732" alt="image" src="https://github.com/user-attachments/assets/15eba276-d1e3-4757-8187-99aa8f5af6f2" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Primarily a UI refactor switching layout primitives to `@metamask/design-system-react` `Box` and utility classes; main risk is minor visual/layout regressions on the touched pages. > > **Overview** > Migrates multiple UI surfaces to use `Box` from `@metamask/design-system-react`, replacing legacy `Box` usage and many `Display`/`Flex*` constants with `Box*` enums plus `flex`/Tailwind-style utility classes. > > This refactor touches permission status rendering, `TabBar` (wrapping actual `<button>` via `asChild`), Terms of Use popup layout (including ordered lists via `asChild`), the deprecated `FormField` label wrapper, the suggested-NFT confirmation page, and the permissions redirect screen. Jest snapshots for suggested NFT and smart transaction status pages are updated to match the new class output. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 46bfafd. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Use `Box` from DSR (swaps scope). ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/DSYS-433 ## **Manual testing steps** 1. Check modified files 2. Make sure there is no visual regression ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <img width="490" height="1067" alt="image" src="https://github.com/user-attachments/assets/ed0d2adf-c337-4940-b57f-0ee234600b51" /> ### **After** <img width="490" height="1061" alt="image" src="https://github.com/user-attachments/assets/55730384-95d2-4b82-99a2-457129c1fcb1" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Mostly a UI refactor swapping `Box` implementations and layout props for DSR enums/CSS classes; risk is limited to potential visual/layout regressions across Bridge transaction details and related modals/pages. > > **Overview** > Refactors Bridge (and `swaps/import-token`) UI components to use `Box` from `@metamask/design-system-react` instead of the component-library `Box`, replacing legacy layout constants (`Display`, `FlexDirection`, etc.) with DSR props (e.g., `BoxFlexDirection`, `BoxJustifyContent`) and utility `className`s. > > Updates several Bridge screens (prepare flow, awaiting signatures, tooltips, transaction details, and Storybook stories) plus associated Jest snapshots to match the new rendered markup/classes and minor wrapper structure changes (e.g., `HollowCircle` now uses `asChild`). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 9849f03. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## **Description** This PR patches `webpack-bundle-analyzer@5.3.0` for the static report generated by our webpack bundle analyzer workflow. Root cause: - `webpack-bundle-analyzer@5.3.0` generated viewer code wires chunk checkbox changes to `setSelectedSize` instead of `setSelectedChunks`, so changing chunk selection corrupts the active size state and the report UI falls back to `Stat`. - The static template includes an HTML comment marker before the embedded `viewer.js`. LavaMoat's SES source transform rewrites HTML comment tokens inside JavaScript source, which makes the marker render visibly as `< ! -- viewer.js -- >` in the analyzer report. This patch fixes the static embedded viewer output by replacing the bad minified handler during template rendering, and removes the static `viewer.js` HTML comment marker. This is standalone and is not part of the bundle-size stats PR stack. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** 1. Open the bundle analyzer link on #42799 (comment) 2. Confirm the top of the report does not show `< ! -- viewer.js -- >`. 3. Click `Gzipped`, `Parsed`, and `Stat`, and confirm the selected size mode changes correctly. 4. Toggle chunk checkboxes in the sidebar, and confirm the treemap responds to the selected chunks. <!-- ## **Screenshots/Recordings** ### **Before** [screenshots/recordings] ### **After** [screenshots/recordings] --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. Validation: - `yarn install` - `yarn lint:changed:fix` - `yarn lint:lockfile` - `git diff --check` - `yarn test:unit:webpack` - `yarn node` smoke check for `renderViewer({ mode: 'static' })` confirming the fixed chunk handler is present and the HTML comment marker is absent. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Fixes brittle unit tests ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: ## **Manual testing steps** yarn test:unit ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Changes are confined to test files and mocks; no runtime behavior is modified. > > **Overview** > This PR only adjusts **unit tests** to reduce flakiness and mock gaps; there is no production code change. > > **Ledger offscreen tests** add a partial mock of `@metamask/eth-sig-util` so `TypedDataUtils.eip712DomainHash` and `hashStruct` return fixed buffers, stabilizing EIP-712 hashed-signing fallback paths. > > **Deep link `parse` tests** export `VALID`, `INVALID`, and `MISSING` from the mocked `./verify` module so assertions can compare signature status without relying on the real module under the mock factory. > > **Change password tests** re-export `ToastContent` from the toast mock, introduce `fillNewPasswordForm` with `waitFor` for the enabled save button, and reuse that helper across step-2 scenarios instead of duplicating synchronous enable checks. > > **Network list menu tests** batch related `waitFor` expectations (with longer timeouts where needed) for network switch, search filtering, and permitted-chain flows so async UI updates are not asserted too early. > > **Trust signals tests** mock `useI18nContext` so malicious-address labels resolve predictably when mapping security alert results to display state. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit d173f26. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Extracts duplicated connect-approval helpers from E2E spec files into a shared flow. 1. **Reason:** `connect-evm.spec.ts` and `dapp-connection-control-bar-network-picker.spec.ts` each defined local helpers to approve the MetaMask connect dialog. Review feedback on #42653 requested this logic live in a reusable flow instead of inline in specs. 2. **Solution:** Adds `approveConnect` to `test/e2e/page-objects/flows/connect.flow.ts` and updates both specs to import it. The flow supports optional multi-account and extra-network setup; calling `approveConnect(driver)` with no options preserves the simpler behavior previously used by the network-picker spec. ## **Changelog** CHANGELOG entry: null ## **Related issues** Fixes: [MMQA-1811](https://consensyssoftware.atlassian.net/browse/MMQA-1811) ## **Manual testing steps** 1. Build a test build: yarn build:test 2. Run the connect-evm spec: yarn test:e2e:single test/e2e/tests/mm-connect/connect-evm.spec.ts --browser=chrome 3. Run the network picker spec: yarn test:e2e:single test/e2e/tests/mm-connect/dapp-connection-control-bar-network-picker.spec.ts --browser=chrome 4. Confirm all tests pass with no behavior changes. ## **Screenshots/Recordings** <!-- ### **Before** ### **After** --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I've included tests if applicable - [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. [MMQA-1811]: https://consensyssoftware.atlassian.net/browse/MMQA-1811?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > E2E test refactor only; no application runtime code paths are modified. > > **Overview** > Moves duplicated MetaMask **connect dialog approval** logic out of mm-connect E2E specs into a shared **`approveConnect`** flow at `test/e2e/page-objects/flows/connect.flow.ts`. > > **`connect-evm.spec.ts`** drops its inline helper and imports the flow (unchanged call sites for multi-account and extra-network options). **`dapp-connection-control-bar-network-picker.spec.ts`** removes **`approveConnectFromDialog`** and uses **`approveConnect(driver)`** with defaults for the same single-account, no-extra-networks path. > > No product or extension behavior changes—test structure and reuse only. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit da35b42. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
…3071) ## **Description** Removes the `MetaMaskMockServerCapability` from the LLM workflow system (`test/e2e/playwright/llm-workflow/`). Network mocking is now handled by Playwright route interception via the `mm mock-network` CLI command, which is session-scoped and supports both page and service-worker contexts. **What changed:** - Deleted `mock-server.ts` and `mock-server.test.ts` (277 lines removed) - Removed `mockServer` options from `CreateMetaMaskContextOptions` and the factory - Removed mock port allocation from the daemon (3 → 2 ports: anvil + fixture) - Removed mock server start/stop/rollback from `MetaMaskSessionManager` - Removed `proxyServer` wiring to the browser launcher - Removed `MockServerCapability` import from `@metamask/client-mcp-core` - Updated all affected tests to remove mock server references - Documented known limitation: pre-launch mocking is not yet supported ## **Changelog** CHANGELOG entry: null ## **Related issues** <!-- Fixes: --> ## **Manual testing steps** 1. Run `yarn test:unit test/e2e/playwright/llm-workflow/` — all tests pass 2. Run `mm launch` — session starts without mock server port allocation 3. Run `mm mock-network add '{"id":"test","method":"GET","url":"https://example.com/**","response":{"json":{"ok":true}}}'` — Playwright route mock is active 4. Run `mm cleanup` — clean shutdown without mock server teardown errors <!-- ## **Screenshots/Recordings** ### **Before** ### **After** --> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I've included tests if applicable - [x] I've documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I've applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes how E2E/LLM sessions wire networking at launch (no proxy/mock port), which could affect agents relying on startup-time interception, but scope is limited to test workflow tooling. > > **Overview** > Removes the **mockttp-based** `MetaMaskMockServerCapability` from the LLM workflow and aligns with **`@metamask/client-mcp-core` 0.5.0**, where network mocking is handled by **`mm mock-network`** (Playwright route interception) instead of a local HTTPS proxy. > > E2E context creation and **`MetaMaskSessionManager`** no longer register, start, or tear down a mock server, and **`mm launch`** no longer passes **`proxyServer`** into Chromium. The daemon now reserves only **Anvil + fixture** ports (mock port allocation is gone). Related factory options, exports, and unit tests are updated; the workflow README notes that **pre-launch** requests cannot be mocked until a session is active. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit eea8ab4. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** This PR adds a new reconnection screen that the user may click into if they are encountering issues with the hardware wallet connection. <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: add new hardware wallet reconnection page. ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/MUL-1667 ## **Manual testing steps** 1. Using a ledger/trezor device 2. Initiate a dapp transaction without the device being connected 3. Go to new recovery page 4. Reconnect the device ## **Screenshots/Recordings** <img width="367" height="376" alt="Screenshot 2026-05-14 at 17 55 13" src="https://github.com/user-attachments/assets/a0f9ca59-2cdc-41e9-b411-143923216d4f" /> <img width="361" height="341" alt="Screenshot 2026-05-14 at 17 55 40" src="https://github.com/user-attachments/assets/5df582c0-e2cc-419b-b4ce-68d4371a6477" /> <img width="873" height="611" alt="Screenshot 2026-05-14 at 17 55 29" src="https://github.com/user-attachments/assets/052561d6-70ca-403b-8aff-8e2a91855b4a" /> <img width="886" height="893" alt="Screenshot 2026-05-14 at 17 55 08" src="https://github.com/user-attachments/assets/ffdd1f65-03b8-4d42-89f6-30dc174a6b57" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. - [ ] <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches WebHID/USB permission and connect/readiness paths for hardware wallets; changes are recovery UX rather than signing or key material, but wrong connection behavior could block transactions. > > **Overview** > Adds a dedicated **hardware wallet reconnection** flow at `/hardware-wallet-repair`, reachable from the hardware wallet error modal via **“Reconnect from the beginning”** for disconnect/transport errors (`DeviceDisconnected`, `ConnectionClosed`, `ConnectionTransportMissing`). > > The new page walks users through USB/unlock steps (Ledger adds an Ethereum app step), requests browser device permission, then verifies readiness and shows success or error states. **`walletType`** on the query string overrides the selected account so repair can target the device that failed. When the route type differs from the selected account, readiness uses a short-lived adapter via `ensureRepairDeviceReady` instead of the shared context connect path. > > **`HardwareWalletErrorProvider`** passes `onRepairDevice` into the error modal to open the repair tab with `openExtensionInBrowser`. **Auto-connect** is skipped on the repair route to avoid fighting the manual reconnect flow. Copy, tests, and a **`HardwareWalletRecoveryRepairCtaClicked`** metric accompany the UI updates to the error modal (repair link + design-system styling). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit baeca64. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** - Updates to supported price-api chains - Improvement for `MulticallClient` in assets-controller <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/ASSETS-3304 ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [X] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [X] I've completed the PR template to the best of my ability - [X] I’ve included tests if applicable - [X] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [X] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Use `Box` from DSR (assets team). ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/DSYS-433 ## **Manual testing steps** 1. Open extension app 2. Check that modified files don't cause UI regressions ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <img width="371" height="1118" alt="image" src="https://github.com/user-attachments/assets/08010efc-af26-4659-8ae7-ca29334105bb" /> ### **After** <img width="379" height="1128" alt="image" src="https://github.com/user-attachments/assets/37ee0257-29f1-4d22-9f23-d17a2bb73635" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Presentation-only refactor across balances, token/NFT/DeFi lists, and filters; no auth, transactions, or data logic changes—risk is mainly visual regression if DSR Box styling diverges from the old component-library Box. > > **Overview** > This PR **migrates layout `Box` usage** in the assets-team surfaces from the extension **component-library** to **`Box` (and related enums) from `@metamask/design-system-react`**, including **`Skeleton`** where touched. > > **Layout API changes:** Old design-system props (`Display`, `FlexDirection`, `AlignItems`, `JustifyContent`, `BlockSize`, `BorderRadius`, etc.) are replaced with DSR types such as `BoxFlexDirection`, `BoxAlignItems`, `BoxJustifyContent`, and `BoxBackgroundColor`, often paired with **Tailwind-style `className` utilities** (`flex`, `w-full`, `py-2`, `rounded-lg`) instead of `mm-box--*` modifier classes. > > **Notable structural tweak:** `generic-asset-cell-layout` switches the clickable row from **`Box as="a"`** to **`Box asChild`** wrapping a native **`<a>`** with equivalent flex/padding classes. **`nfts-tab`** uses DSR **`paddingHorizontal`** instead of separate inline padding props. > > **Tests:** Jest snapshots are updated so expected DOM classes match the DSR/Tailwind output (e.g. token list rows, NFT default images, asset and DeFi detail pages). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ee062f5. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
<!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Use `Box` from DSR (no codeowners, part 3). ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: https://consensyssoftware.atlassian.net/browse/DSYS-433 ## **Manual testing steps** 1. Check modified files 2. Open app and make sure there is no regressions ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <img width="492" height="1064" alt="image" src="https://github.com/user-attachments/assets/70ede695-7685-49ef-92ca-2583e7882b47" /> ### **After** <img width="492" height="1043" alt="image" src="https://github.com/user-attachments/assets/9a09a3ac-dce3-4c1c-9cbb-bb3f32dd9505" /> ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Presentational layout migration with snapshot updates; no auth, transaction, or permission logic changes beyond import/API swaps for Box. > > **Overview** > This PR continues migrating layout containers from **component-library** `Box` to **`@metamask/design-system-react` `Box`**, replacing legacy `Display` / `FlexDirection` / `JustifyContent` / `AlignItems` / `BlockSize` props with **Tailwind-style `className`s** (e.g. `flex`, `flex-col`, `w-full`) and DSR enums (`BoxJustifyContent`, `BoxAlignItems`, `BoxBackgroundColor`, etc.). > > Touched areas include **permissions connect** (cells, headers, footers, permission list with `asChild` + `<span>`), **multichain** transaction/bridge UI, **wallet overview** (aggregated %, coin buttons), **asset/DeFi pages** and charts, **onboarding/security** modals (SRP, recovery, update), and assorted UI utilities. **Jest snapshots** were updated where rendered `mm-box--display-*` classes became utility classes. > > Behavior should be equivalent; risk is mainly **visual/regression** on flex/spacing, not business logic. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit e518cfc. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
## **Description** The `appState.warning` property has been deprecated for many years, and the last remaining use of this state was eliminated in #42728. This PR removes the state, and all references to it (it was still being set and unset in many places, despite its lack of use). ## **Changelog** CHANGELOG entry: null ## **Related issues** N/A ## **Manual testing steps** N/A ## **Screenshots/Recordings** N/A ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches many thunks across unlock, hardware, and network flows; failures no longer set a global warning, so UI must surface errors locally or users may see less feedback unless callers already handle rejects. > > **Overview** > Removes the deprecated global **`appState.warning`** pipeline end-to-end: the field and reducer cases in **`ui/ducks/app/app.ts`**, action constants (`DISPLAY_WARNING`, `HIDE_WARNING`, unlock-related types), and the **`displayWarning` / `hideWarning`** creators and thunks. > > **`ui/store/actions.ts`** no longer dispatches those warnings on background failures; many thunks now only hide loading indicators and **rethrow** (or leave TODOs where errors were previously swallowed). Unlock flows drop **`UNLOCK_IN_PROGRESS` / `UNLOCK_FAILED` / `UNLOCK_SUCCEEDED`** in favor of loading actions only. > > UI cleanup drops **`hideWarning`** from account private-key flows, import SRP, and the legacy **`Modal`** `onHide` hook. Mocks, fixtures, and **`actions.test.js`** / **`app.test.js`** are updated to match. **`displayErrorInSettings`** for settings-page errors is unchanged. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit e3557b5. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
Contributor
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
mm-token-exchange-service
Bot
added
the
team-bots
|
Caution MetaMask internal reviewing guidelines:
|
Contributor
Builds ready [f6fe718]
⚡ Performance Benchmarks (Total: 🟢 9 pass · 🟡 13 warn · 🔴 3 fail)
Bundle size diffs
AI Test Plan
Release Scenarios (9)High Risk Scenarios (4)1. State Migrations (212, 213) – upgrade path/data integrityRisk Level: HIGH Why This Matters: Migrations can corrupt or drop critical user data (accounts, assets, networks) and break pending transactions after upgrade. Test Steps:
2. Token/NFT Management – Assets Controller upgrade (8.3.x)Risk Level: HIGH Why This Matters: Upgrading the Assets controller and related selectors can change how token/NFT metadata is resolved, risking wrong symbols/logos, missing assets, or cross-chain confusion. Test Steps:
3. Transaction Sending – Gas estimation and editing (Transaction Pay Controller patch)Risk Level: HIGH Why This Matters: Controller changes around gas/payment can cause wrong fee types, failed sends, or inability to edit fees across EIP-1559 vs legacy networks. Test Steps:
4. Pending Transactions Survivability Across UpgradeRisk Level: HIGH Why This Matters: State model changes can break pending tx tracking, causing stuck states or lost replacement actions. Test Steps:
Medium Risk Scenarios (5)1. Activity List – Avatars and transaction type iconsRisk Level: MEDIUM Why This Matters: Avatar component refactor can regress core visual cues in the Activity feed, confusing users about what happened and with which asset. Test Steps:
2. Alert Modal – Destructive action confirmationsRisk Level: MEDIUM Why This Matters: Alert modal changes affect confirmation and cancellation flows; regressions can cause unintended destructive actions or traps. Test Steps:
3. Account List – Selection and identity displayRisk Level: MEDIUM Why This Matters: Account list item changes can break switching, labeling, and accessibility, directly impacting core wallet navigation. Test Steps:
4. MetaMetrics Consent – Onboarding and settings toggle (Platform analytics adapter)Risk Level: MEDIUM Why This Matters: New analytics platform adapter and event type changes risk consent state regressions or silent event emission when opted out. Test Steps:
5. Add/Watch Asset (watchAsset) – Token addition and displayRisk Level: MEDIUM Why This Matters: Selector and assets controller updates can break watchAsset flows, causing missing or cross-chain misassigned tokens. Test Steps:
Teams Sign-off StatusSigned off: None yet Awaiting sign-off (6): Generated by AI Test Plan Analyzer (gpt-5) at 2026-06-11T19:44:50.873Z AI generated test plan (JSON): test-plan-13.36.0.json |
…add reconciliation/self-healing metadata cp-13.35.0 (#43512) - fix(assets-controller): update patch to add reconciliation/self-healing metadata cp-13.35.0 (#43477) ## **Description** Patch for this core fix: MetaMask/core#9099 ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: fix(assets-controller): update patch to add reconciliation/self-healing metadata ## **Related issues** Fixes: #43352 ## **Manual testing steps** 1. Start application on 13.34.0. Add IMX chain and token. 2. Inspect state - `AssetsController.assetsInfo["eip155:13371/erc20:0x0000000000000000000000000000000000000000"]` - See that the token is marked as "erc20" 3. Start application with these changes 4. Inspect state - `AssetsController.assetsInfo["eip155:13371/erc20:0x0000000000000000000000000000000000000000"]` - See that the token is marked as "native" ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** ```json { "aggregators": [], "decimals": 18, "erc20Permit": false, "image": "https://static.cx.metamask.io/api/v2/tokenIcons/assets/eip155/13371/erc20/0x0000000000000000000000000000000000000000.png", "name": "Immutable X", "occurrences": 100, "symbol": "IMX", "type": "erc20" } ``` ### **After** ``` { "aggregators": [], "decimals": 18, "erc20Permit": false, "image": "https://static.cx.metamask.io/api/v2/tokenIcons/assets/eip155/13371/erc20/0x0000000000000000000000000000000000000000.png", "name": "Immutable X", "occurrences": 100, "symbol": "IMX", "type": "native" } ``` https://www.loom.com/share/45f25216181146a69fc4730786c8fec9 ## **Pre-merge author checklist** - [x] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [x] I've completed the PR template to the best of my ability - [x] I’ve included tests if applicable - [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [x] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes how persisted asset metadata types are updated across websocket/RPC flows; incorrect classification could affect portfolio display until the next reconcile, but the logic is narrowly corrective. > > **Overview** > Updates the **Yarn patch** for `@metamask/assets-controller@8.3.2` to backport MetaMask/core#9099: asset metadata **types** are reconciled when balance/info updates land, so mislabeled entries (e.g. IMX native at the zero address stored as `erc20`) are corrected to `native`, `spl`, or `erc20`. > > The patch adds a **`getAssetType`** helper on `AssetsController` and passes it into **BackendWebsocket**, **RPC**, and **price** data sources (replacing the websocket’s `isNativeAsset` hook). During `_updateState`, it walks asset IDs from incoming `assetsInfo` / `assetsBalance` and **self-heals** `metadata[assetId].type` when it disagrees with `getAssetType`, marking those IDs as changed metadata. > > `yarn.lock` is refreshed for the new patch hash/checksum only. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 13e0626. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> [f94cbf4](f94cbf4) --------- Co-authored-by: Prithpal Sooriya <prithpal.sooriya@gmail.com> Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
Contributor
Builds ready [b35e9e7]
⚡ Performance Benchmarks (Total: 🟢 15 pass · 🟡 7 warn · 🔴 3 fail)
Bundle size diffs
AI Test Plan
Release Scenarios (14)High Risk Scenarios (8)1. State Migrations (migrations 212/213) - Upgrade PathRisk Level: HIGH Why This Matters: Two new state migrations can corrupt or drop user data if misapplied; this verifies correctness across core assets, accounts, and preferences. Test Steps:
2. State Migrations (older profile edge) - Long-jump UpgradeRisk Level: HIGH Why This Matters: Users may upgrade across several versions; chained migrations must compose correctly or risk data loss/duplication. Test Steps:
3. Transaction Sending (EIP-1559) - Transaction Pay ControllerRisk Level: HIGH Why This Matters: Transaction Pay controller changes can affect fee estimation and transaction lifecycle, risking failed or overpriced transactions. Test Steps:
4. Dapp-initiated Transactions & Suggested GasRisk Level: HIGH Why This Matters: Ensures controller and UI correctly handle dapp-suggested fees, a common real-world pattern that can break with fee controller changes. Test Steps:
5. Token Detection & Portfolio (Assets Controller 8.3.2)Risk Level: HIGH Why This Matters: Assets Controller upgrade can regress auto-detection, duplication handling, and pricing—core to asset visibility and trust. Test Steps:
6. Add Custom Token (Decimals & Duplicate Handling)Risk Level: HIGH Why This Matters: Custom tokens are frequently added; incorrect decimals or duplicate handling can cause incorrect balances and user confusion. Test Steps:
7. Swaps Flow (Quotes, Fees, and Confirmation)Risk Level: HIGH Why This Matters: Fee and transaction handling impacts swaps; regressions may cause failed swaps, incorrect fees, or wrong balances. Test Steps:
8. Alert Modal (System-wide) - Network Switch & RemovalRisk Level: HIGH Why This Matters: Alert modal changes can break global confirmation flows, blocking critical actions like network switching. Test Steps:
Medium Risk Scenarios (6)1. NFT Detection & Display (Avatars/Media Fallbacks)Risk Level: MEDIUM Why This Matters: The Assets controller and activity avatar component changes affect NFT visuals; broken media handling degrades UX. Test Steps:
2. Permissions Connect Flow (Alert Modal)Risk Level: MEDIUM Why This Matters: Connection approvals rely on the alert modal; regressions can either over-grant or fail to grant permissions. Test Steps:
3. MetaMetrics Opt-in/Out (New Platform Adapter)Risk Level: MEDIUM Why This Matters: New analytics platform adapter can alter event dispatch and privacy guarantees; incorrect handling risks privacy regressions. Test Steps:
4. MetaMetrics Data Deletion RequestRisk Level: MEDIUM Why This Matters: Users must be able to delete telemetry data without breaking analytics preferences or causing errors. Test Steps:
5. Activity List Avatars (Transfers, Approvals, Swaps, NFT Events)Risk Level: MEDIUM Why This Matters: Avatar component refactor can misclassify or misrender activity icons, harming clarity of transaction history. Test Steps:
6. Account List Item (Selection & Quick Actions)Risk Level: MEDIUM Why This Matters: Small account list changes can break core actions like selection and copy, degrading everyday usability. Test Steps:
Teams Sign-off StatusSigned off: None yet Awaiting sign-off (8): Generated by AI Test Plan Analyzer (gpt-5) at 2026-06-13T05:54:33.582Z AI generated test plan (JSON): test-plan-13.36.0.json |
…breaking the app cp-13.35.0 cp-13.36.0 (#43515) - fix: prevent tokens without symbol from breaking the app cp-13.35.0 cp-13.36.0 (#43506) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> Fixes crash accessing Swap page when an asset with no symbol is present. ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: Fixed a bug causing Swap page to crash ## **Related issues** Fixes: #43508 ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> https://github.com/user-attachments/assets/3c11daf9-7882-43d1-9906-b61c5441555e ### **After** <!-- [screenshots/recordings] --> https://github.com/user-attachments/assets/e725a3b8-1fdc-4342-8da0-6e7519d8f098 ## **Pre-merge author checklist** - [X] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [X] I've completed the PR template to the best of my ability - [X] I’ve included tests if applicable - [X] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [X] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Small defensive change in a migration selector with a focused unit test; no auth or payment paths touched. > > **Overview** > Fixes a crash when **assets unify state** is enabled and `getRatesControllerRates` walks `assetsInfo` entries that omit `symbol` (e.g. some Solana SPL metadata). > > The selector now uses optional chaining on `metadata.symbol` before lowercasing, so missing symbols no longer throw during rate derivation. Other assets with valid metadata still map into the legacy `rates` shape as before. > > Adds a unit test that mixes a symbol-less SPL `assetsInfo` entry with a priced BTC native asset and asserts the selector does not throw and only returns the BTC rate. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit c12e2f9. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> [b4b830b](b4b830b) --------- Co-authored-by: Bernardo Garces Chapero <bernardo.chapero@consensys.net> Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com> Co-authored-by: sleepytanya <104780023+sleepytanya@users.noreply.github.com>
Contributor
Builds ready [ea759f7]
⚡ Performance Benchmarks (Total: 🟢 15 pass · 🟡 7 warn · 🔴 3 fail)
Bundle size diffs
AI Test Plan
Cherry-Pick Scenarios (1)High Risk Scenarios (1)1. Token Management – Import/display tokens without symbolsRisk Level: HIGH Why This Matters: Cherry-pick #43515 fixes crashes when a token lacks a symbol; regressions could break the assets view and core send/receive flows. Test Steps:
Release Scenarios (10)High Risk Scenarios (6)1. State Migrations (212/213) – Existing users with complex asset setsRisk Level: HIGH Why This Matters: New migrations can corrupt or drop asset/network state, causing missing assets, duplicates, or broken balances after upgrade. Test Steps:
2. Assets Controller upgrade – Token detection/import and per-network integrityRisk Level: HIGH Why This Matters: Assets Controller changes can break token management across networks, causing duplicates, incorrect labels, or missing balances. Test Steps:
3. Transaction Send Flow – Gas estimation and fee editing (Transaction Pay Controller patch)Risk Level: HIGH Why This Matters: Small controller changes around fees can break send confirmations, misprice gas, or cause failed/broadcast-stuck transactions. Test Steps:
4. Activity List Avatars – Swaps, approvals, contract interactionsRisk Level: HIGH Why This Matters: The avatar component change can produce broken/bad icons or crashes in the high-traffic activity view. Test Steps:
5. NFT Activity and Avatar FallbacksRisk Level: HIGH Why This Matters: UI fallback paths for NFTs are prone to null/404 cases; regressions here can break activity rendering or mislead users. Test Steps:
6. Network switching while transactions are pendingRisk Level: HIGH Why This Matters: Controller/UI synchronization during network changes can orphan pending activity or confuse users about the state of their transactions. Test Steps:
Medium Risk Scenarios (4)1. MetaMetrics – Onboarding opt-in/out and settings toggleRisk Level: MEDIUM Why This Matters: New platform adapter code can break opt-in/out flows or the persistence of telemetry preferences. Test Steps:
2. Alert Modal – Destructive and interstitial actionsRisk Level: MEDIUM Why This Matters: Alert modal changes can cause users to inadvertently perform or fail to perform critical actions, impacting safety and trust. Test Steps:
3. Account List Selection – Send screen and account switcherRisk Level: MEDIUM Why This Matters: Small list rendering changes can cause selection bugs or misrouting of funds from the wrong account. Test Steps:
4. Assets Migration UI gating (selectors/assets-migration)Risk Level: MEDIUM Why This Matters: Selector logic changes can cause incorrect or persistent migration prompts, confusing users post-upgrade. Test Steps:
Teams Sign-off StatusSigned off: None yet Awaiting sign-off (7): Generated by AI Test Plan Analyzer (gpt-5) at 2026-06-13T06:28:46.011Z AI generated test plan (JSON): test-plan-13.36.0.json |
…4.4 (#43511) - chore(43459): audit @grpc/grpc-js to 1.14.4 (#43479) <!-- Please submit this PR as a draft initially. Do not mark it as "Ready for review" until the template has been completely filled out, and PR status checks have passed at least once. --> ## **Description** Bumps the `@grpc/grpc-js` resolution to `^1.9.16` to address two high-severity advisories ([GHSA-5375-pq7m-f5r2](GHSA-5375-pq7m-f5r2), [GHSA-99f4-grh7-6pcq](GHSA-99f4-grh7-6pcq)) where a malformed request or compressed message could crash a gRPC server or client. <!-- Write a short description of the changes included in this pull request, also include relevant motivation and context. Have in mind the following questions: 1. What is the reason for the change? 2. What is the improvement/solution? --> ## **Changelog** <!-- If this PR is not End-User-Facing and should not show up in the CHANGELOG, you can choose to either: 1. Write `CHANGELOG entry: null` 2. Label with `no-changelog` If this PR is End-User-Facing, please write a short User-Facing description in the past tense like: `CHANGELOG entry: Added a new tab for users to see their NFTs` `CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker` (This helps the Release Engineer do their job more quickly and accurately) --> CHANGELOG entry: null ## **Related issues** Fixes: #43459 ## **Manual testing steps** 1. Go to this page... 2. 3. ## **Screenshots/Recordings** <!-- If applicable, add screenshots and/or recordings to visualize the before and after of your change. --> ### **Before** <!-- [screenshots/recordings] --> ### **After** <!-- [screenshots/recordings] --> ## **Pre-merge author checklist** - [ ] I've followed [MetaMask Contributor Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Extension Coding Standards](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/CODING_GUIDELINES.md). - [ ] I've completed the PR template to the best of my ability - [ ] I’ve included tests if applicable - [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format if applicable - [ ] I’ve applied the right labels on the PR (see [labeling guidelines](https://github.com/MetaMask/metamask-extension/blob/main/.github/guidelines/LABELING_GUIDELINES.md)). Not required for external contributors. ## **Pre-merge reviewer checklist** - [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed). - [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Dependency-only security patch with no app code changes; minor risk from a major-ish grpc-js version jump in transitive usage. > > **Overview** > Adds a Yarn **`resolutions`** entry for **`@grpc/grpc-js`** at **`^1.9.16`**, which pulls the lockfile from **1.9.15** to **1.14.4** to address high-severity advisories where malformed gRPC requests or compressed messages could crash a client or server. > > The lockfile also picks up related transitive updates: **`@grpc/proto-loader`** **0.7.x → 0.8.1**, new **`@js-sdsl/ordered-map`**, and **`@grpc/grpc-js`** no longer pins **`@types/node`** as a direct dependency. No application source changes. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b19ba99. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> [24c31c1](24c31c1) --------- Co-authored-by: Danica Shen <zhaodanica@gmail.com> Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com> Co-authored-by: sleepytanya <104780023+sleepytanya@users.noreply.github.com>
Contributor
Builds ready [3d08648]
⚡ Performance Benchmarks (Total: 🟢 14 pass · 🟡 8 warn · 🔴 3 fail)
Bundle size diffs
AI Test Plan
Cherry-Pick Scenarios (1)Medium Risk Scenarios (1)1. Token Management – handling tokens with missing symbolRisk Level: MEDIUM Why This Matters: Cherry-pick 43515 fixes a crash where tokens without a symbol could break the app; regression would cause app instability on portfolios holding such tokens. Test Steps:
Release Scenarios (10)High Risk Scenarios (5)1. State Migrations (212 & 213) – persisted wallet dataRisk Level: HIGH Why This Matters: Migrations change stored data formats; any error can cause data loss, missing tokens/NFTs, or inability to load the wallet. Test Steps:
2. State Migrations – locked state and edge dataRisk Level: HIGH Why This Matters: Users often update while locked; migration must safely resume post-unlock and handle edge records without bricking the UI. Test Steps:
3. Token Management – Assets Controller update (autodetection, metadata, pricing)Risk Level: HIGH Why This Matters: Assets controller powers token lists and metadata; regressions can cause wrong balances, duplicates, or UI crashes. Test Steps:
4. Transaction Flow – Transaction Pay Controller (gas estimation, EIP-1559 vs legacy)Risk Level: HIGH Why This Matters: Incorrect gas suggestions or replacement logic can cause failed or stuck transactions, directly impacting core wallet functionality. Test Steps:
5. Privacy & Analytics – New analytics platform adapter and method/action mappingRisk Level: HIGH Why This Matters: Analytics transport changes can violate privacy expectations or block critical user actions if events cause errors. Test Steps:
Medium Risk Scenarios (5)1. Global Alerts & Modals – alert system changes (blocking errors and warnings)Risk Level: MEDIUM Why This Matters: Global alerts block critical flows; regressions can trap users in modals or silently fail transactions. Test Steps:
2. Activity Feed – avatars/icons for tokens and NFTsRisk Level: MEDIUM Why This Matters: Recent UI changes to avatars can cause broken images or crashes in the most-visited screen (activity). Test Steps:
3. Account Switching – account list item rendering and selectionRisk Level: MEDIUM Why This Matters: Small UI changes to account list can break selection, labeling, or lead to user confusion when switching send-from accounts. Test Steps:
4. Portfolio/Token Totals – cross-network asset aggregation and selectorsRisk Level: MEDIUM Why This Matters: Selector logic changes can miscompute totals, leading to incorrect balances and user trust issues. Test Steps:
5. NFTs – detection and display (metadata fallbacks)Risk Level: MEDIUM Why This Matters: Assets controller and UI updates can break NFT rendering or transfers, a common support pain point. Test Steps:
Teams Sign-off StatusSigned off: None yet Awaiting sign-off (6): Generated by AI Test Plan Analyzer (gpt-5) at 2026-06-14T05:00:09.060Z AI generated test plan (JSON): test-plan-13.36.0.json |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🚀 v13.36.0 Testing & Release Quality Process
Hi Team,
As part of our new MetaMask Release Quality Process, here’s a quick overview of the key processes, testing strategies, and milestones to ensure a smooth and high-quality deployment.
📋 Key Processes
Testing Strategy
Conduct regression and exploratory testing for your functional areas, including automated and manual tests for critical workflows.
Focus on exploratory testing across the wallet, prioritize high-impact areas, and triage any Sentry errors found during testing.
Validate new functionalities and provide feedback to support release monitoring.
GitHub Signoff
Issue Resolution
Cherry-Picking Criteria
🗓️ Timeline and Milestones
✅ Signoff Checklist
Each team is responsible for signing off via GitHub. Use the checkbox below to track signoff completion:
Team sign-off checklist
This process is a major step forward in ensuring release stability and quality. Let’s stay aligned and make this release a success! 🚀
Feel free to reach out if you have questions or need clarification.
Many thanks in advance
Reference