@metamask/snaps-controllers 0.27.1 → 0.28.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/services/AbstractExecutionService.js +1 -1
- package/dist/services/AbstractExecutionService.js.map +1 -1
- package/dist/services/browser.d.ts +1 -0
- package/dist/services/browser.js +1 -0
- package/dist/services/browser.js.map +1 -1
- package/dist/services/iframe/IframeExecutionService.d.ts +0 -10
- package/dist/services/iframe/IframeExecutionService.js +2 -53
- package/dist/services/iframe/IframeExecutionService.js.map +1 -1
- package/dist/services/iframe/test/fixJSDOMPostMessageEventSource.js +0 -40
- package/dist/services/iframe/test/fixJSDOMPostMessageEventSource.js.map +1 -1
- package/dist/services/index.d.ts +1 -0
- package/dist/services/index.js +1 -0
- package/dist/services/index.js.map +1 -1
- package/dist/services/offscreen/OffscreenExecutionService.d.ts +49 -0
- package/dist/services/offscreen/OffscreenExecutionService.js +100 -0
- package/dist/services/offscreen/OffscreenExecutionService.js.map +1 -0
- package/dist/services/offscreen/OffscreenPostMessageStream.d.ts +35 -0
- package/dist/services/offscreen/OffscreenPostMessageStream.js +66 -0
- package/dist/services/offscreen/OffscreenPostMessageStream.js.map +1 -0
- package/dist/services/offscreen/index.d.ts +2 -0
- package/dist/services/offscreen/index.js +19 -0
- package/dist/services/offscreen/index.js.map +1 -0
- package/dist/snaps/SnapController.d.ts +15 -32
- package/dist/snaps/SnapController.js +49 -49
- package/dist/snaps/SnapController.js.map +1 -1
- package/dist/snaps/endowments/index.d.ts +1 -1
- package/dist/snaps/endowments/network-access.d.ts +1 -1
- package/dist/snaps/endowments/network-access.js +1 -1
- package/dist/snaps/endowments/network-access.js.map +1 -1
- package/dist/snaps/index.d.ts +1 -0
- package/dist/snaps/index.js +1 -0
- package/dist/snaps/index.js.map +1 -1
- package/dist/snaps/location/location.d.ts +4 -0
- package/dist/snaps/location/location.js +3 -1
- package/dist/snaps/location/location.js.map +1 -1
- package/dist/snaps/location/npm.d.ts +2 -1
- package/dist/snaps/location/npm.js +25 -12
- package/dist/snaps/location/npm.js.map +1 -1
- package/dist/snaps/registry/index.d.ts +2 -0
- package/dist/snaps/registry/index.js +19 -0
- package/dist/snaps/registry/index.js.map +1 -0
- package/dist/snaps/registry/json.d.ts +12 -0
- package/dist/snaps/registry/json.js +83 -0
- package/dist/snaps/registry/json.js.map +1 -0
- package/dist/snaps/registry/registry.d.ts +20 -0
- package/dist/snaps/registry/registry.js +11 -0
- package/dist/snaps/registry/registry.js.map +1 -0
- package/package.json +7 -6
- package/dist/services/iframe/test/server.d.ts +0 -11
- package/dist/services/iframe/test/server.js +0 -71
- package/dist/services/iframe/test/server.js.map +0 -1
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./OffscreenExecutionService"), exports);
|
|
18
|
+
__exportStar(require("./OffscreenPostMessageStream"), exports);
|
|
19
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/services/offscreen/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,8DAA4C;AAC5C,+DAA6C","sourcesContent":["export * from './OffscreenExecutionService';\nexport * from './OffscreenPostMessageStream';\n"]}
|
|
@@ -1,13 +1,15 @@
|
|
|
1
1
|
import { AddApprovalRequest } from '@metamask/approval-controller';
|
|
2
2
|
import { BaseControllerV2 as BaseController, RestrictedControllerMessenger } from '@metamask/base-controller';
|
|
3
3
|
import { GetEndowments, GetPermissions, GrantPermissions, HasPermission, HasPermissions, RevokeAllPermissions, RevokePermissionForAllSubjects, RevokePermissions } from '@metamask/permission-controller';
|
|
4
|
-
import {
|
|
4
|
+
import { BlockReason } from '@metamask/snaps-registry';
|
|
5
|
+
import { InstallSnapsResult, PersistedSnap, RequestedSnapPermissions, Snap, SnapId, SnapRpcHook, SnapRpcHookArgs, SnapStatusEvents, StatusContext, StatusEvents, StatusStates, TruncatedSnap, ValidatedSnapId } from '@metamask/snaps-utils';
|
|
5
6
|
import { GetSubjectMetadata } from '@metamask/subject-metadata-controller';
|
|
6
7
|
import { Json } from '@metamask/utils';
|
|
7
8
|
import { StateMachine } from '@xstate/fsm';
|
|
8
9
|
import type { Patch } from 'immer';
|
|
9
10
|
import { ExecuteSnapAction, ExecutionServiceEvents, HandleRpcRequestAction, SnapErrorJson, TerminateAllSnapsAction, TerminateSnapAction } from '../services';
|
|
10
11
|
import { detectSnapLocation, SnapLocation } from './location';
|
|
12
|
+
import { SnapsRegistry } from './registry';
|
|
11
13
|
import { Timer } from './Timer';
|
|
12
14
|
export declare const controllerName = "SnapController";
|
|
13
15
|
export declare const SNAP_APPROVAL_INSTALL = "wallet_installSnap";
|
|
@@ -185,7 +187,7 @@ export declare type SnapAdded = {
|
|
|
185
187
|
*/
|
|
186
188
|
export declare type SnapBlocked = {
|
|
187
189
|
type: `${typeof controllerName}:snapBlocked`;
|
|
188
|
-
payload: [snapId: string, blockedSnapInfo
|
|
190
|
+
payload: [snapId: string, blockedSnapInfo?: BlockReason];
|
|
189
191
|
};
|
|
190
192
|
/**
|
|
191
193
|
* Emitted when a snap has been started after being added and authorized during
|
|
@@ -244,24 +246,9 @@ declare type FeatureFlags = {
|
|
|
244
246
|
* @see {SnapController.processRequestedSnap}
|
|
245
247
|
*/
|
|
246
248
|
dappsCanUpdateSnaps?: true;
|
|
249
|
+
requireAllowlist?: true;
|
|
250
|
+
allowLocalSnaps?: true;
|
|
247
251
|
};
|
|
248
|
-
declare type SemVerVersion = string;
|
|
249
|
-
declare type SnapInfo = {
|
|
250
|
-
version: SemVerVersion;
|
|
251
|
-
shasum: string;
|
|
252
|
-
};
|
|
253
|
-
export declare type CheckSnapBlockListArg = Record<SnapId, SnapInfo>;
|
|
254
|
-
export declare type CheckSnapBlockListResult = Record<SnapId, {
|
|
255
|
-
blocked: true;
|
|
256
|
-
reason?: string;
|
|
257
|
-
infoUrl?: string;
|
|
258
|
-
} | {
|
|
259
|
-
blocked: false;
|
|
260
|
-
}>;
|
|
261
|
-
/**
|
|
262
|
-
* Checks whether a version of a snap is blocked.
|
|
263
|
-
*/
|
|
264
|
-
export declare type CheckSnapBlockList = (snapsToCheck: CheckSnapBlockListArg) => Promise<CheckSnapBlockListResult>;
|
|
265
252
|
declare type SnapControllerArgs = {
|
|
266
253
|
/**
|
|
267
254
|
* A teardown function that allows the host to clean up its instrumentation
|
|
@@ -273,6 +260,10 @@ declare type SnapControllerArgs = {
|
|
|
273
260
|
* APIs that will be added to the snap execution environment at runtime.
|
|
274
261
|
*/
|
|
275
262
|
environmentEndowmentPermissions: string[];
|
|
263
|
+
/**
|
|
264
|
+
* Excluded permissions with its associated error message used to forbid certain permssions.
|
|
265
|
+
*/
|
|
266
|
+
excludedPermissions: Record<string, string>;
|
|
276
267
|
/**
|
|
277
268
|
* The function that will be used by the controller fo make network requests.
|
|
278
269
|
* Should be compatible with {@link fetch}.
|
|
@@ -288,9 +279,9 @@ declare type SnapControllerArgs = {
|
|
|
288
279
|
*/
|
|
289
280
|
idleTimeCheckInterval?: number;
|
|
290
281
|
/**
|
|
291
|
-
* A
|
|
282
|
+
* A registry implementation used for checking for verified and blocked snaps.
|
|
292
283
|
*/
|
|
293
|
-
|
|
284
|
+
registry: SnapsRegistry;
|
|
294
285
|
/**
|
|
295
286
|
* The maximum amount of time that a snap may be idle.
|
|
296
287
|
*/
|
|
@@ -323,21 +314,13 @@ export declare class SnapController extends BaseController<string, SnapControlle
|
|
|
323
314
|
#private;
|
|
324
315
|
private readonly maxRequestTime;
|
|
325
316
|
private readonly snapsRuntimeData;
|
|
326
|
-
constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions, idleTimeCheckInterval,
|
|
317
|
+
constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions, excludedPermissions, idleTimeCheckInterval, registry, maxIdleTime, maxRequestTime, fetchFunction, featureFlags, detectSnapLocation: detectSnapLocationFunction, }: SnapControllerArgs);
|
|
327
318
|
/**
|
|
328
319
|
* Checks all installed snaps against the block list and
|
|
329
320
|
* blocks/unblocks snaps as appropriate. See {@link SnapController.blockSnap}
|
|
330
321
|
* for more information.
|
|
331
322
|
*/
|
|
332
323
|
updateBlockedSnaps(): Promise<void>;
|
|
333
|
-
/**
|
|
334
|
-
* Checks the block list to determine whether a version of a snap is blocked.
|
|
335
|
-
*
|
|
336
|
-
* @param snapId - The snap id to check.
|
|
337
|
-
* @param snapInfo - Snap information containing version and shasum.
|
|
338
|
-
* @returns Whether the version of the snap is blocked or not.
|
|
339
|
-
*/
|
|
340
|
-
isBlocked(snapId: ValidatedSnapId, snapInfo: SnapInfo): Promise<boolean>;
|
|
341
324
|
_onUnhandledSnapError(snapId: SnapId, error: SnapErrorJson): void;
|
|
342
325
|
_onOutboundRequest(snapId: SnapId): void;
|
|
343
326
|
_onOutboundResponse(snapId: SnapId): void;
|
|
@@ -548,11 +531,11 @@ export declare class SnapController extends BaseController<string, SnapControlle
|
|
|
548
531
|
*
|
|
549
532
|
* @param origin - The origin requesting the snap update.
|
|
550
533
|
* @param snapId - The id of the Snap to be updated.
|
|
551
|
-
* @param newVersionRange - A semver version range in which the maximum version will be chosen.
|
|
552
534
|
* @param location - Optional location that was already used during installation flow.
|
|
535
|
+
* @param newVersionRange - A semver version range in which the maximum version will be chosen.
|
|
553
536
|
* @returns The snap metadata if updated, `null` otherwise.
|
|
554
537
|
*/
|
|
555
|
-
updateSnap(origin: string, snapId: ValidatedSnapId,
|
|
538
|
+
updateSnap(origin: string, snapId: ValidatedSnapId, location: SnapLocation, newVersionRange?: string): Promise<TruncatedSnap | null>;
|
|
556
539
|
/**
|
|
557
540
|
* Initiates a request for the given snap's initial permissions.
|
|
558
541
|
* Must be called in order. See processRequestedSnap.
|
|
@@ -21,7 +21,7 @@ var __rest = (this && this.__rest) || function (s, e) {
|
|
|
21
21
|
}
|
|
22
22
|
return t;
|
|
23
23
|
};
|
|
24
|
-
var _SnapController_instances, _SnapController_closeAllConnections, _SnapController_environmentEndowmentPermissions, _SnapController_featureFlags, _SnapController_fetchFunction, _SnapController_idleTimeCheckInterval,
|
|
24
|
+
var _SnapController_instances, _SnapController_closeAllConnections, _SnapController_environmentEndowmentPermissions, _SnapController_excludedPermissions, _SnapController_featureFlags, _SnapController_fetchFunction, _SnapController_idleTimeCheckInterval, _SnapController_registry, _SnapController_maxIdleTime, _SnapController_detectSnapLocation, _SnapController_rollbackSnapshots, _SnapController_timeoutForLastRequestStatus, _SnapController_statusMachine, _SnapController_initializeStateMachine, _SnapController_registerMessageHandlers, _SnapController_pollForLastRequestStatus, _SnapController_blockSnap, _SnapController_unblockSnap, _SnapController_assertIsInstallAllowed, _SnapController_stopSnapsLastRequestPastMax, _SnapController_transition, _SnapController_terminateSnap, _SnapController_add, _SnapController_startSnap, _SnapController_getEndowments, _SnapController_set, _SnapController_fetchSnap, _SnapController_processSnapPermissions, _SnapController_getRpcRequestHandler, _SnapController_executeWithTimeout, _SnapController_recordSnapRpcRequestStart, _SnapController_recordSnapRpcRequestFinish, _SnapController_getRollbackSnapshot, _SnapController_createRollbackSnapshot, _SnapController_rollbackSnap, _SnapController_rollbackSnaps, _SnapController_getRuntime, _SnapController_getRuntimeExpect, _SnapController_setupRuntime, _SnapController_calculatePermissionsChange, _SnapController_isValidUpdate;
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
26
|
exports.SnapController = exports.SNAP_APPROVAL_UPDATE = exports.SNAP_APPROVAL_INSTALL = exports.controllerName = void 0;
|
|
27
27
|
const base_controller_1 = require("@metamask/base-controller");
|
|
@@ -37,6 +37,7 @@ const utils_2 = require("../utils");
|
|
|
37
37
|
const endowments_1 = require("./endowments");
|
|
38
38
|
const rpc_1 = require("./endowments/rpc");
|
|
39
39
|
const location_1 = require("./location");
|
|
40
|
+
const registry_1 = require("./registry");
|
|
40
41
|
const RequestQueue_1 = require("./RequestQueue");
|
|
41
42
|
const Timer_1 = require("./Timer");
|
|
42
43
|
exports.controllerName = 'SnapController';
|
|
@@ -80,7 +81,7 @@ const name = 'SnapController';
|
|
|
80
81
|
* - Start: Initializes the snap in its SES realm with the authorized permissions.
|
|
81
82
|
*/
|
|
82
83
|
class SnapController extends base_controller_1.BaseControllerV2 {
|
|
83
|
-
constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions = [], idleTimeCheckInterval = (0, utils_1.inMilliseconds)(5, utils_1.Duration.Second),
|
|
84
|
+
constructor({ closeAllConnections, messenger, state, environmentEndowmentPermissions = [], excludedPermissions = {}, idleTimeCheckInterval = (0, utils_1.inMilliseconds)(5, utils_1.Duration.Second), registry = new registry_1.JsonSnapsRegistry(), maxIdleTime = (0, utils_1.inMilliseconds)(30, utils_1.Duration.Second), maxRequestTime = (0, utils_1.inMilliseconds)(60, utils_1.Duration.Second), fetchFunction = globalThis.fetch.bind(globalThis), featureFlags = {}, detectSnapLocation: detectSnapLocationFunction = location_1.detectSnapLocation, }) {
|
|
84
85
|
var _a, _b;
|
|
85
86
|
super({
|
|
86
87
|
messenger,
|
|
@@ -125,10 +126,11 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
125
126
|
_SnapController_instances.add(this);
|
|
126
127
|
_SnapController_closeAllConnections.set(this, void 0);
|
|
127
128
|
_SnapController_environmentEndowmentPermissions.set(this, void 0);
|
|
129
|
+
_SnapController_excludedPermissions.set(this, void 0);
|
|
128
130
|
_SnapController_featureFlags.set(this, void 0);
|
|
129
131
|
_SnapController_fetchFunction.set(this, void 0);
|
|
130
132
|
_SnapController_idleTimeCheckInterval.set(this, void 0);
|
|
131
|
-
|
|
133
|
+
_SnapController_registry.set(this, void 0);
|
|
132
134
|
_SnapController_maxIdleTime.set(this, void 0);
|
|
133
135
|
_SnapController_detectSnapLocation.set(this, void 0);
|
|
134
136
|
_SnapController_rollbackSnapshots.set(this, void 0);
|
|
@@ -136,10 +138,11 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
136
138
|
_SnapController_statusMachine.set(this, void 0);
|
|
137
139
|
__classPrivateFieldSet(this, _SnapController_closeAllConnections, closeAllConnections, "f");
|
|
138
140
|
__classPrivateFieldSet(this, _SnapController_environmentEndowmentPermissions, environmentEndowmentPermissions, "f");
|
|
141
|
+
__classPrivateFieldSet(this, _SnapController_excludedPermissions, excludedPermissions, "f");
|
|
139
142
|
__classPrivateFieldSet(this, _SnapController_featureFlags, featureFlags, "f");
|
|
140
143
|
__classPrivateFieldSet(this, _SnapController_fetchFunction, fetchFunction, "f");
|
|
141
144
|
__classPrivateFieldSet(this, _SnapController_idleTimeCheckInterval, idleTimeCheckInterval, "f");
|
|
142
|
-
__classPrivateFieldSet(this,
|
|
145
|
+
__classPrivateFieldSet(this, _SnapController_registry, registry, "f");
|
|
143
146
|
__classPrivateFieldSet(this, _SnapController_maxIdleTime, maxIdleTime, "f");
|
|
144
147
|
this.maxRequestTime = maxRequestTime;
|
|
145
148
|
__classPrivateFieldSet(this, _SnapController_detectSnapLocation, detectSnapLocationFunction, "f");
|
|
@@ -170,34 +173,20 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
170
173
|
* for more information.
|
|
171
174
|
*/
|
|
172
175
|
async updateBlockedSnaps() {
|
|
173
|
-
const blockedSnaps = await __classPrivateFieldGet(this,
|
|
176
|
+
const blockedSnaps = await __classPrivateFieldGet(this, _SnapController_registry, "f").get(Object.values(this.state.snaps).reduce((blockListArg, snap) => {
|
|
174
177
|
blockListArg[snap.id] = {
|
|
175
178
|
version: snap.version,
|
|
176
|
-
|
|
179
|
+
checksum: snap.manifest.source.shasum,
|
|
177
180
|
};
|
|
178
181
|
return blockListArg;
|
|
179
182
|
}, {}));
|
|
180
|
-
await Promise.all(Object.entries(blockedSnaps).map(async (
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_blockSnap).call(this, snapId, blockData);
|
|
183
|
+
await Promise.all(Object.entries(blockedSnaps).map(async ([snapId, { status, reason }]) => {
|
|
184
|
+
if (status === registry_1.SnapsRegistryStatus.Blocked) {
|
|
185
|
+
return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_blockSnap).call(this, snapId, reason);
|
|
184
186
|
}
|
|
185
187
|
return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_unblockSnap).call(this, snapId);
|
|
186
188
|
}));
|
|
187
189
|
}
|
|
188
|
-
/**
|
|
189
|
-
* Checks the block list to determine whether a version of a snap is blocked.
|
|
190
|
-
*
|
|
191
|
-
* @param snapId - The snap id to check.
|
|
192
|
-
* @param snapInfo - Snap information containing version and shasum.
|
|
193
|
-
* @returns Whether the version of the snap is blocked or not.
|
|
194
|
-
*/
|
|
195
|
-
async isBlocked(snapId, snapInfo) {
|
|
196
|
-
const result = await __classPrivateFieldGet(this, _SnapController_checkSnapBlockList, "f").call(this, {
|
|
197
|
-
[snapId]: snapInfo,
|
|
198
|
-
});
|
|
199
|
-
return result[snapId].blocked;
|
|
200
|
-
}
|
|
201
190
|
_onUnhandledSnapError(snapId, error) {
|
|
202
191
|
this.stopSnap(snapId, snaps_utils_1.SnapStatusEvents.Crash)
|
|
203
192
|
.then(() => this.addSnapError(error))
|
|
@@ -611,15 +600,16 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
611
600
|
const location = __classPrivateFieldGet(this, _SnapController_detectSnapLocation, "f").call(this, snapId, {
|
|
612
601
|
versionRange,
|
|
613
602
|
fetch: __classPrivateFieldGet(this, _SnapController_fetchFunction, "f"),
|
|
603
|
+
allowLocal: __classPrivateFieldGet(this, _SnapController_featureFlags, "f").allowLocalSnaps,
|
|
614
604
|
});
|
|
615
605
|
const existingSnap = this.getTruncated(snapId);
|
|
616
606
|
// For devX we always re-install local snaps.
|
|
617
607
|
if (existingSnap && !location.shouldAlwaysReload) {
|
|
618
|
-
if ((0,
|
|
608
|
+
if ((0, utils_1.satisfiesVersionRange)(existingSnap.version, versionRange)) {
|
|
619
609
|
return existingSnap;
|
|
620
610
|
}
|
|
621
611
|
if (__classPrivateFieldGet(this, _SnapController_featureFlags, "f").dappsCanUpdateSnaps === true) {
|
|
622
|
-
const updateResult = await this.updateSnap(origin, snapId,
|
|
612
|
+
const updateResult = await this.updateSnap(origin, snapId, location, versionRange);
|
|
623
613
|
if (updateResult === null) {
|
|
624
614
|
throw eth_rpc_errors_1.ethErrors.rpc.invalidParams(`Snap "${snapId}@${existingSnap.version}" is already installed. Couldn't update to a version inside requested "${versionRange}" range.`);
|
|
625
615
|
}
|
|
@@ -665,25 +655,25 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
665
655
|
*
|
|
666
656
|
* @param origin - The origin requesting the snap update.
|
|
667
657
|
* @param snapId - The id of the Snap to be updated.
|
|
668
|
-
* @param newVersionRange - A semver version range in which the maximum version will be chosen.
|
|
669
658
|
* @param location - Optional location that was already used during installation flow.
|
|
659
|
+
* @param newVersionRange - A semver version range in which the maximum version will be chosen.
|
|
670
660
|
* @returns The snap metadata if updated, `null` otherwise.
|
|
671
661
|
*/
|
|
672
|
-
async updateSnap(origin, snapId, newVersionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION
|
|
662
|
+
async updateSnap(origin, snapId, location, newVersionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION) {
|
|
673
663
|
var _a;
|
|
674
664
|
const snap = this.getExpect(snapId);
|
|
675
|
-
if (!(0,
|
|
665
|
+
if (!(0, utils_1.isValidSemVerRange)(newVersionRange)) {
|
|
676
666
|
throw new Error(`Received invalid snap version range: "${newVersionRange}".`);
|
|
677
667
|
}
|
|
678
|
-
const newSnap = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchSnap).call(this, snapId, location
|
|
668
|
+
const newSnap = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchSnap).call(this, snapId, location);
|
|
679
669
|
const newVersion = newSnap.manifest.result.version;
|
|
680
|
-
if (!(0,
|
|
670
|
+
if (!(0, utils_1.gtVersion)(newVersion, snap.version)) {
|
|
681
671
|
console.warn(`Tried updating snap "${snapId}" within "${newVersionRange}" version range, but newer version "${snap.version}" is already installed`);
|
|
682
672
|
return null;
|
|
683
673
|
}
|
|
684
|
-
await __classPrivateFieldGet(this, _SnapController_instances, "m",
|
|
674
|
+
await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsInstallAllowed).call(this, snapId, {
|
|
685
675
|
version: newVersion,
|
|
686
|
-
|
|
676
|
+
checksum: newSnap.manifest.result.source.shasum,
|
|
687
677
|
});
|
|
688
678
|
const processedPermissions = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_processSnapPermissions).call(this, newSnap.manifest.result.initialPermissions);
|
|
689
679
|
const { newPermissions, unusedPermissions, approvedPermissions } = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_calculatePermissionsChange).call(this, snapId, processedPermissions);
|
|
@@ -764,6 +754,13 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
764
754
|
const { initialPermissions } = snap;
|
|
765
755
|
try {
|
|
766
756
|
const processedPermissions = __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_processSnapPermissions).call(this, initialPermissions);
|
|
757
|
+
const excludedPermissionErrors = Object.keys(processedPermissions).reduce((errors, permission) => {
|
|
758
|
+
if ((0, utils_1.hasProperty)(__classPrivateFieldGet(this, _SnapController_excludedPermissions, "f"), permission)) {
|
|
759
|
+
errors.push(__classPrivateFieldGet(this, _SnapController_excludedPermissions, "f")[permission]);
|
|
760
|
+
}
|
|
761
|
+
return errors;
|
|
762
|
+
}, []);
|
|
763
|
+
(0, utils_1.assert)(excludedPermissionErrors.length === 0, `One or more permissions are not allowed:\n${excludedPermissionErrors.join('\n')}`);
|
|
767
764
|
const id = (0, nanoid_1.nanoid)();
|
|
768
765
|
const _a = (await this.messagingSystem.call('ApprovalController:addRequest', {
|
|
769
766
|
origin,
|
|
@@ -836,7 +833,7 @@ class SnapController extends base_controller_1.BaseControllerV2 {
|
|
|
836
833
|
}
|
|
837
834
|
}
|
|
838
835
|
exports.SnapController = SnapController;
|
|
839
|
-
_SnapController_closeAllConnections = new WeakMap(), _SnapController_environmentEndowmentPermissions = new WeakMap(), _SnapController_featureFlags = new WeakMap(), _SnapController_fetchFunction = new WeakMap(), _SnapController_idleTimeCheckInterval = new WeakMap(),
|
|
836
|
+
_SnapController_closeAllConnections = new WeakMap(), _SnapController_environmentEndowmentPermissions = new WeakMap(), _SnapController_excludedPermissions = new WeakMap(), _SnapController_featureFlags = new WeakMap(), _SnapController_fetchFunction = new WeakMap(), _SnapController_idleTimeCheckInterval = new WeakMap(), _SnapController_registry = new WeakMap(), _SnapController_maxIdleTime = new WeakMap(), _SnapController_detectSnapLocation = new WeakMap(), _SnapController_rollbackSnapshots = new WeakMap(), _SnapController_timeoutForLastRequestStatus = new WeakMap(), _SnapController_statusMachine = new WeakMap(), _SnapController_instances = new WeakSet(), _SnapController_initializeStateMachine = function _SnapController_initializeStateMachine() {
|
|
840
837
|
const disableGuard = ({ snapId }) => {
|
|
841
838
|
return this.getExpect(snapId).enabled;
|
|
842
839
|
};
|
|
@@ -880,6 +877,7 @@ _SnapController_closeAllConnections = new WeakMap(), _SnapController_environment
|
|
|
880
877
|
target: snaps_utils_1.SnapStatus.Running,
|
|
881
878
|
cond: disableGuard,
|
|
882
879
|
},
|
|
880
|
+
[snaps_utils_1.SnapStatusEvents.Update]: snaps_utils_1.SnapStatus.Updating,
|
|
883
881
|
},
|
|
884
882
|
},
|
|
885
883
|
},
|
|
@@ -943,17 +941,18 @@ async function _SnapController_blockSnap(snapId, blockedSnapInfo) {
|
|
|
943
941
|
delete state.snaps[snapId].blockInformation;
|
|
944
942
|
});
|
|
945
943
|
this.messagingSystem.publish(`${exports.controllerName}:snapUnblocked`, snapId);
|
|
946
|
-
},
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
|
|
951
|
-
|
|
952
|
-
|
|
953
|
-
|
|
954
|
-
|
|
955
|
-
if (
|
|
956
|
-
|
|
944
|
+
}, _SnapController_assertIsInstallAllowed = async function _SnapController_assertIsInstallAllowed(snapId, snapInfo) {
|
|
945
|
+
var _a, _b;
|
|
946
|
+
const results = await __classPrivateFieldGet(this, _SnapController_registry, "f").get({
|
|
947
|
+
[snapId]: snapInfo,
|
|
948
|
+
});
|
|
949
|
+
const result = results[snapId];
|
|
950
|
+
if (result.status === registry_1.SnapsRegistryStatus.Blocked) {
|
|
951
|
+
throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The version is blocked. ${(_b = (_a = result.reason) === null || _a === void 0 ? void 0 : _a.explanation) !== null && _b !== void 0 ? _b : ''}`);
|
|
952
|
+
}
|
|
953
|
+
else if (__classPrivateFieldGet(this, _SnapController_featureFlags, "f").requireAllowlist &&
|
|
954
|
+
result.status !== registry_1.SnapsRegistryStatus.Verified) {
|
|
955
|
+
throw new Error(`Cannot install version "${snapInfo.version}" of snap "${snapId}": The snap is not on the allow list.`);
|
|
957
956
|
}
|
|
958
957
|
}, _SnapController_stopSnapsLastRequestPastMax = async function _SnapController_stopSnapsLastRequestPastMax() {
|
|
959
958
|
const entries = [...this.snapsRuntimeData.entries()];
|
|
@@ -1001,9 +1000,9 @@ async function _SnapController_add(args) {
|
|
|
1001
1000
|
// to null in the authorize() method.
|
|
1002
1001
|
runtime.installPromise = (async () => {
|
|
1003
1002
|
const fetchedSnap = await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_fetchSnap).call(this, snapId, location);
|
|
1004
|
-
await __classPrivateFieldGet(this, _SnapController_instances, "m",
|
|
1003
|
+
await __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_assertIsInstallAllowed).call(this, snapId, {
|
|
1005
1004
|
version: fetchedSnap.manifest.result.version,
|
|
1006
|
-
|
|
1005
|
+
checksum: fetchedSnap.manifest.result.source.shasum,
|
|
1007
1006
|
});
|
|
1008
1007
|
return __classPrivateFieldGet(this, _SnapController_instances, "m", _SnapController_set).call(this, Object.assign(Object.assign(Object.assign({}, args), fetchedSnap), { id: snapId }));
|
|
1009
1008
|
})();
|
|
@@ -1074,7 +1073,7 @@ async function _SnapController_getEndowments(snapId) {
|
|
|
1074
1073
|
const { id: snapId, origin, manifest, files, versionRange = snaps_utils_1.DEFAULT_REQUESTED_SNAP_VERSION, isUpdate = false, } = args;
|
|
1075
1074
|
(0, snaps_utils_1.assertIsSnapManifest)(manifest.result);
|
|
1076
1075
|
const { version } = manifest.result;
|
|
1077
|
-
if (!(0,
|
|
1076
|
+
if (!(0, utils_1.satisfiesVersionRange)(version, versionRange)) {
|
|
1078
1077
|
throw new Error(`Version mismatch. Manifest for "${snapId}" specifies version "${version}" which doesn't satisfy requested version range "${versionRange}"`);
|
|
1079
1078
|
}
|
|
1080
1079
|
const sourceCode = (_a = files
|
|
@@ -1245,6 +1244,7 @@ async function _SnapController_executeWithTimeout(snapId, promise, timer) {
|
|
|
1245
1244
|
const isLongRunning = this.messagingSystem.call('PermissionController:hasPermission', snapId, endowments_1.SnapEndowments.LongRunning);
|
|
1246
1245
|
// Long running snaps have timeouts disabled
|
|
1247
1246
|
if (isLongRunning) {
|
|
1247
|
+
console.warn(`${endowments_1.SnapEndowments.LongRunning} will soon be deprecated. For more information please see https://github.com/MetaMask/snaps-monorepo/issues/945.`);
|
|
1248
1248
|
return promise;
|
|
1249
1249
|
}
|
|
1250
1250
|
const result = await (0, utils_2.withTimeout)(promise, timer !== null && timer !== void 0 ? timer : this.maxRequestTime);
|
|
@@ -1360,10 +1360,10 @@ async function _SnapController_rollbackSnaps(snapIds) {
|
|
|
1360
1360
|
return { newPermissions, unusedPermissions, approvedPermissions };
|
|
1361
1361
|
}, _SnapController_isValidUpdate = function _SnapController_isValidUpdate(snapId, newVersionRange) {
|
|
1362
1362
|
const existingSnap = this.getExpect(snapId);
|
|
1363
|
-
if ((0,
|
|
1363
|
+
if ((0, utils_1.satisfiesVersionRange)(existingSnap.version, newVersionRange)) {
|
|
1364
1364
|
return false;
|
|
1365
1365
|
}
|
|
1366
|
-
if ((0,
|
|
1366
|
+
if ((0, utils_1.gtRange)(existingSnap.version, newVersionRange)) {
|
|
1367
1367
|
return false;
|
|
1368
1368
|
}
|
|
1369
1369
|
return true;
|