chore: upgrade transaction controller to 35.0.0

[matthewwalsh0]

Description

Upgrade the TransactionController from version 13.0.0 to 35.0.0.

Upgrade the ApprovalController from version 3.5.2 to 7.0.1.

Since both controllers are now at the latest version, the patches contain only the changes that are unique to mobile and not yet added to the main core branch.

See TransactionController patch here.

See ApprovalController patch here.

The following changes are included, organised by TransactionController version:

33.0.0

• Added the AccountsController:getSelectedAccount action to the TransactionController messenger.
• Removed the getSelectedAddress option in the TransactionController constructor.

29.0.0

• Removed the gasFeeControllerEstimateType option from call to mergeGasFeeEstimates.

27.0.0

• Disable resubmit via pendingTransactions.isResubmitEnabled callback.

25.0.0

• Replaced all hub event listeners with subscriptions via the controller messenger.
• Added ExtendedControllerMessenger with helper methods:
  • subscribeOnceIf
  • tryUnsubscribe
• Replaced references to TransactionState with TransactionControllerState.
• Removed use of config object in TransactionController constructor.
• Removed direct update of TransactionMeta from events as they are now read only.
  • Replaced with cloneDeep and updateTransaction.
• Prevent duplicate calls to onUnapprovedTransaction in RootRPCMethodsUI.js due to unstable dependencies.
  • Add useSwapsTransactions hook.
  • Use useCallback in useMetrics.
• Remove imports from dist to access CHAIN_IDS and ETHERSCAN_SUPPORTED_NETWORKS.

23.0.0

• Added getNetworkClientRegistry callback to TransactionController constructor.
• Added NetworkController:stateChange event to controller messenger.

17.0.0

• Disabled direct swaps integration with disableSwaps option in TransactionController constructor.
• Removed usage of legacy type clashing with gas fee & type validation:
  • SET_INDIVIDUAL_TOKEN_TRANSACTION
  • ETHER_TRANSACTION'
• Cleared overlapping gas properties in transaction parameters to satisfy new gas fee validations.

14.0.0

• Added getPermittedAccounts option to TransactionController constructor.
• Updated getPermittedAccounts implementation to always allow internal origins:
  • process.env.MM_FOX_CODE
  • TransactionTypes.MMM

Related issues

Fixes: [Pending]

Manual testing steps

Full regression of all transaction flows, including:

• Standard Transactions
• Swaps
• Smart Transactions
• Gas Fee Update
• Speed Up / Cancel
• Layer 1 Fees

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@metamask/[email protected]	None	+8	2.12 MB	metamaskbot
npm/@metamask/[email protected]	None	+7	1.18 MB	metamaskbot
npm/@metamask/[email protected]	Transitive: environment	+28	4.54 MB	metamaskbot
npm/@metamask/[email protected]	None	+6	1.04 MB	metamaskbot
npm/@metamask/[email protected]	network Transitive: environment, filesystem	+64	14.2 MB	metamaskbot
npm/[email protected]	None	0	639 kB	pimterry

🚮 Removed packages: npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected]

View full report↗︎

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/@keystonehq/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/@metamask/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

[matthewwalsh0]

@SocketSecurity ignore-all

[github-actions]

Bitrise

✅✅✅ pr_smoke_e2e_pipeline passed on Bitrise! ✅✅✅

Commit hash: 387304a
Build link: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/179e64d4-6e93-40b7-a34d-0e2360da32d0

Note

• You can kick off another pr_smoke_e2e_pipeline on Bitrise by removing and re-applying the Run Smoke E2E label on the pull request

[matthewwalsh0]

Regression Tests

[tommasini]

This PR is amazing!! Thanks @matthewwalsh0
Left just one comment about the anys in the Engine file!

I have also a question, since we are on the latest version of transaction controller and approval controller, when do you think it will be possible to remove the patches completely?

[tommasini]

Instead of any, should we type it as Transaction instead? Also I see TransactionController as any as well, wondering if we could type as TransactionController (if that makes sense)

[matthewwalsh0]

Done, just did a bind to the method directly and cast to the correct type.

[matthewwalsh0]

This PR is amazing!! Thanks @matthewwalsh0 Left just one comment about the anys in the Engine file!

I have also a question, since we are on the latest version of transaction controller and approval controller, when do you think it will be possible to remove the patches completely?

Thanks Tomas! I'd love to remove both patches as soon as possible once this branch is merged, since I didn't want to delay this work or introduce any more risk and change that would need to be tested.

[pedronfigueiredo]

LGTM!

[sonarcloud]

Quality Gate failed

Failed conditions
35.0% Coverage on New Code (required ≥ 40%)

See analysis details on SonarCloud

[sleepytanya]

@matthewwalsh0
Error when confirming test dapp transactions - Invalid transaction envelope type: specified type "0x0" but including maxFeePerGas and maxPriorityFeePerGas requires type: "0x2"

iphone.mov