Merge pull request #31111 from MetaMask/Version-v12.14.1

Version v12.14.1 RC

Author: Gudahtt

CHANGELOG.md

@@ -6,7 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [12.14.0]
+## [12.14.1]
+### Fixed
+- Remove `previousUserTraits` property from metametrics controller state ([#30621](https://github.com/MetaMask/metamask-extension/pull/30621))
+
+## [12.14.0] [DEPRECATED]
 ### Added
 - Add Unichain logo ([#30361](https://github.com/MetaMask/metamask-extension/pull/30361))
 - Add modal to include metric ID before redirecting to the support page ([#30415](https://github.com/MetaMask/metamask-extension/pull/30415))
@@ -55,6 +59,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - [Beta] Fix Solana snap validation ([#30596](https://github.com/MetaMask/metamask-extension/pull/30596))
 - [Beta] Fix swap source token balance on multichain networks ([#30622](https://github.com/MetaMask/metamask-extension/pull/30622))
 
+## [12.13.1]
+### Fixed
+- fix: Remove previousUserTraits from metametrics controller state ([#30621](https://github.com/MetaMask/metamask-extension/pull/30621))
+
 ## [12.13.0]
 ### Added
 - Enable bsc for smart transactions ([#29747](https://github.com/MetaMask/metamask-extension/pull/29747))
@@ -5819,8 +5827,10 @@ Update styles and spacing on the critical error page  ([#20350](https://github.c
 - Added the ability to restore accounts from seed words.
 
 
-[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v12.14.0...HEAD
-[12.14.0]: https://github.com/MetaMask/metamask-extension/compare/v12.13.0...v12.14.0
+[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v12.14.1...HEAD
+[12.14.1]: https://github.com/MetaMask/metamask-extension/compare/v12.14.0...v12.14.1
+[12.14.0]: https://github.com/MetaMask/metamask-extension/compare/v12.13.1...v12.14.0
+[12.13.1]: https://github.com/MetaMask/metamask-extension/compare/v12.13.0...v12.13.1
 [12.13.0]: https://github.com/MetaMask/metamask-extension/compare/v12.12.0...v12.13.0
 [12.12.0]: https://github.com/MetaMask/metamask-extension/compare/v12.11.0...v12.12.0
 [12.11.0]: https://github.com/MetaMask/metamask-extension/compare/v12.10.4...v12.11.0

app/scripts/background.js

@@ -47,8 +47,6 @@ import {
   FakeTrezorBridge,
 } from '../../test/stub/keyring-bridge';
 import { getCurrentChainId } from '../../shared/modules/selectors/networks';
-import { addNonceToCsp } from '../../shared/modules/add-nonce-to-csp';
-import { checkURLForProviderInjection } from '../../shared/modules/provider-injection';
 import { PersistenceManager } from './lib/stores/persistence-manager';
 import ExtensionStore from './lib/stores/extension-store';
 import ReadOnlyNetworkStore from './lib/stores/read-only-network-store';
@@ -356,40 +354,6 @@ function maybeDetectPhishing(theController) {
   );
 }
 
-/**
- * Overrides the Content-Security-Policy (CSP) header by adding a nonce to the `script-src` directive.
- * This is a workaround for [Bug #1446231](https://bugzilla.mozilla.org/show_bug.cgi?id=1446231),
- * which involves overriding the page CSP for inline script nodes injected by extension content scripts.
- */
-function overrideContentSecurityPolicyHeader() {
-  // The extension url is unique per install on Firefox, so we can safely add it as a nonce to the CSP header
-  const nonce = btoa(browser.runtime.getURL('/'));
-  browser.webRequest.onHeadersReceived.addListener(
-    ({ responseHeaders, url }) => {
-      // Check whether inpage.js is going to be injected into the page or not.
-      // There is no reason to modify the headers if we are not injecting inpage.js.
-      const isInjected = checkURLForProviderInjection(new URL(url));
-
-      // Check if the user has enabled the overrideContentSecurityPolicyHeader preference
-      const isEnabled =
-        controller.preferencesController.state
-          .overrideContentSecurityPolicyHeader;
-
-      if (isInjected && isEnabled) {
-        for (const header of responseHeaders) {
-          if (header.name.toLowerCase() === 'content-security-policy') {
-            header.value = addNonceToCsp(header.value, nonce);
-          }
-        }
-      }
-
-      return { responseHeaders };
-    },
-    { types: ['main_frame', 'sub_frame'], urls: ['http://*/*', 'https://*/*'] },
-    ['blocking', 'responseHeaders'],
-  );
-}
-
 // These are set after initialization
 let connectRemote;
 let connectExternalExtension;
@@ -536,11 +500,6 @@ async function initialize() {
 
     if (!isManifestV3) {
       await loadPhishingWarningPage();
-      // Workaround for Bug #1446231 to override page CSP for inline script nodes injected by extension content scripts
-      // https://bugzilla.mozilla.org/show_bug.cgi?id=1446231
-      if (isFirefox) {
-        overrideContentSecurityPolicyHeader();
-      }
     }
     await sendReadyMessageToTabs();
     log.info('MetaMask initialization complete.');

app/scripts/constants/sentry-state.ts

@@ -188,7 +188,6 @@ export const SENTRY_BACKGROUND_STATE = {
     fragments: false,
     metaMetricsId: true,
     participateInMetaMetrics: true,
-    previousUserTraits: false,
     segmentApiCalls: false,
     traits: false,
     dataCollectionForMarketing: false,

app/scripts/controllers/metametrics-controller.ts

@@ -211,10 +211,6 @@ const controllerMetadata = {
     persist: true,
     anonymous: false,
   },
-  previousUserTraits: {
-    persist: true,
-    anonymous: false,
-  },
   dataCollectionForMarketing: {
     persist: true,
     anonymous: false,
@@ -239,7 +235,6 @@ const controllerMetadata = {
  * @property fragments - Object keyed by UUID with stored fragments as values.
  * @property eventsBeforeMetricsOptIn - Array of queued events added before a user opts into metrics.
  * @property traits - Traits that are not derived from other state keys.
- * @property previousUserTraits - The user traits the last time they were computed.
  * @property dataCollectionForMarketing - Flag to determine if data collection for marketing is enabled.
  * @property marketingCampaignCookieId - The marketing campaign cookie id.
  * @property segmentApiCalls - Object keyed by messageId with segment event type and payload as values.
@@ -251,7 +246,6 @@ export type MetaMetricsControllerState = {
   fragments: Record<string, MetaMetricsEventFragment>;
   eventsBeforeMetricsOptIn: MetaMetricsEventPayload[];
   traits: MetaMetricsUserTraits;
-  previousUserTraits?: MetaMetricsUserTraits;
   dataCollectionForMarketing: boolean | null;
   marketingCampaignCookieId: string | null;
   segmentApiCalls: Record<
@@ -338,7 +332,6 @@ export const getDefaultMetaMetricsControllerState =
     latestNonAnonymousEventTimestamp: 0,
     eventsBeforeMetricsOptIn: [],
     traits: {},
-    previousUserTraits: {},
     fragments: {},
     segmentApiCalls: {},
   });
@@ -354,6 +347,8 @@ export default class MetaMetricsController extends BaseController<
 
   locale: string;
 
+  previousUserTraits?: MetaMetricsUserTraits;
+
   version: MetaMetricsControllerOptions['version'];
 
   #extension: MetaMetricsControllerOptions['extension'];
@@ -1180,7 +1175,7 @@ export default class MetaMetricsController extends BaseController<
         ? Object.keys(metamaskState.custodyAccountDetails)[0]
         : null;
     ///: END:ONLY_INCLUDE_IF
-    const { traits, previousUserTraits } = this.state;
+    const { traits } = this.state;
 
     const currentTraits = {
       [MetaMetricsUserTrait.AddressBookEntries]: sum(
@@ -1213,7 +1208,7 @@ export default class MetaMetricsController extends BaseController<
       ),
       [MetaMetricsUserTrait.NumberOfHDEntropies]:
         this.#getNumberOfHDEntropies(metamaskState) ??
-        previousUserTraits?.number_of_hd_entropies,
+        this.previousUserTraits?.number_of_hd_entropies,
       [MetaMetricsUserTrait.OpenSeaApiEnabled]: metamaskState.openSeaEnabled,
       [MetaMetricsUserTrait.ThreeBoxEnabled]: false, // deprecated, hard-coded as false
       [MetaMetricsUserTrait.Theme]: metamaskState.theme || 'default',
@@ -1244,24 +1239,23 @@ export default class MetaMetricsController extends BaseController<
       ),
     };
 
-    if (!previousUserTraits && metamaskState.participateInMetaMetrics) {
-      this.update((state) => {
-        state.previousUserTraits = currentTraits;
-      });
+    if (!this.previousUserTraits && metamaskState.participateInMetaMetrics) {
+      this.previousUserTraits = currentTraits;
       return currentTraits;
     }
 
-    if (previousUserTraits && !isEqual(previousUserTraits, currentTraits)) {
+    if (
+      this.previousUserTraits &&
+      !isEqual(this.previousUserTraits, currentTraits)
+    ) {
       const updates = pickBy(currentTraits, (v, k) => {
-        // @ts-expect-error It's okay that `k` may not be a key of `previousUserTraits`, because we assume `isEqual` can handle it
-        const previous = previousUserTraits[k];
+        // @ts-expect-error It's okay that `k` may not be a key of `this.previousUserTraits`, because we assume `isEqual` can handle it
+        const previous = this.previousUserTraits[k];
         return !isEqual(previous, v);
       });
 
       if (metamaskState.participateInMetaMetrics) {
-        this.update((state) => {
-          state.previousUserTraits = currentTraits;
-        });
+        this.previousUserTraits = currentTraits;
       }
 
       return updates;

app/scripts/migrations/143.1.test.ts

@@ -0,0 +1,55 @@
+import { migrate, version } from './143.1';
+
+const oldVersion = 143;
+
+describe(`migration #${version}`, () => {
+  it('updates the version metadata', async () => {
+    const oldStorage = {
+      meta: { version: oldVersion },
+      data: {},
+    };
+    const newStorage = await migrate(oldStorage);
+    expect(newStorage.meta).toStrictEqual({ version });
+  });
+
+  describe(`migration #${version}`, () => {
+    it('removes the previousUserTraits property from MetaMetricsController state and does not remove other properties', async () => {
+      const oldStorage = {
+        meta: { version: oldVersion },
+        data: {
+          MetaMetricsController: {
+            previousUserTraits: { test: 123 },
+            foo: 'bar',
+          },
+        },
+      };
+      const expectedData = {
+        MetaMetricsController: {
+          foo: 'bar',
+        },
+      };
+      const newStorage = await migrate(oldStorage);
+
+      expect(newStorage.data).toStrictEqual(expectedData);
+    });
+
+    it('has no effect if the previousUserTraits property does not exist', async () => {
+      const oldStorage = {
+        meta: { version: oldVersion },
+        data: {
+          MetaMetricsController: {
+            foo: 'bar',
+          },
+        },
+      };
+      const expectedData = {
+        MetaMetricsController: {
+          foo: 'bar',
+        },
+      };
+      const newStorage = await migrate(oldStorage);
+
+      expect(newStorage.data).toStrictEqual(expectedData);
+    });
+  });
+});

app/scripts/migrations/143.1.ts

@@ -0,0 +1,36 @@
+import { cloneDeep } from 'lodash';
+
+type VersionedData = {
+  meta: { version: number };
+  data: Record<string, unknown>;
+};
+
+export const version = 143.1;
+
+/**
+ * This migration deletes the `previousUserTraits` property from the MetaMetrics Controller state
+ *
+ * @param originalVersionedData - Versioned MetaMask extension state, exactly
+ * what we persist to dist.
+ * @param originalVersionedData.meta - State metadata.
+ * @param originalVersionedData.meta.version - The current state version.
+ * @param originalVersionedData.data - The persisted MetaMask state, keyed by
+ * controller.
+ * @returns Updated versioned MetaMask extension state.
+ */
+export async function migrate(
+  originalVersionedData: VersionedData,
+): Promise<VersionedData> {
+  const versionedData = cloneDeep(originalVersionedData);
+  versionedData.meta.version = version;
+  transformState(versionedData.data);
+  return versionedData;
+}
+
+function transformState(state: Record<string, unknown>) {
+  const metaMetricsControllerState = state?.MetaMetricsController as
+    | Record<string, unknown>
+    | undefined;
+
+  delete metaMetricsControllerState?.previousUserTraits;
+}

app/scripts/migrations/index.js

@@ -168,6 +168,7 @@ const migrations = [
   require('./141'),
   require('./142'),
   require('./143'),
+  require('./143.1'),
   require('./144'),
   require('./145'),
   require('./146'),

package.json

@@ -1,6 +1,6 @@
 {
   "name": "metamask-crx",
-  "version": "12.14.0",
+  "version": "12.14.1",
   "private": true,
   "repository": {
     "type": "git",

privacy-snapshot.json

@@ -83,5 +83,6 @@
   "unresponsive-rpc.url",
   "user-storage.api.cx.metamask.io",
   "verify.walletconnect.com",
-  "www.4byte.directory"
+  "www.4byte.directory",
+  "api.web3modal.org"
 ]

test/e2e/tests/bridge/bridge-test-utils.ts

@@ -10,6 +10,7 @@ import { SMART_CONTRACTS } from '../../seeder/smart-contracts';
 import { CHAIN_IDS } from '../../../../shared/constants/network';
 import { Driver } from '../../webdriver/driver';
 import type { FeatureFlagResponse } from '../../../../shared/types/bridge';
+import { emptyHtmlPage } from '../../mock-e2e';
 import {
   DEFAULT_FEATURE_FLAGS_RESPONSE,
   ETH_CONVERSION_RATE_USD,
@@ -63,7 +64,7 @@ export class BridgePage {
   };
 
   verifyPortfolioTab = async () => {
-    await this.driver.switchToWindowWithTitle('MetaMask Portfolio - Bridge');
+    await this.driver.switchToWindowWithTitle('E2E Test Page');
     await this.driver.waitForUrlContaining({
       url: 'portfolio.metamask.io/bridge',
     });
@@ -102,16 +103,15 @@ const mockServer =
             };
           }),
     );
-    const portfolioMock = async () =>
-      await mockServer_
-        .forGet('https://portfolio.metamask.io/bridge')
-        .always()
-        .thenCallback(() => {
-          return {
-            statusCode: 200,
-            json: {},
-          };
-        });
+    const portfolioMock = mockServer_
+      .forGet(`https://portfolio.metamask.io/bridge`)
+      .always()
+      .thenCallback(() => {
+        return {
+          statusCode: 200,
+          body: emptyHtmlPage(),
+        };
+      });
     return Promise.all([...featureFlagMocks, portfolioMock]);
   };