@metamask/snaps-controllers 3.1.1 → 3.2.0

package/CHANGELOG.md

@@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [3.2.0]
+### Added
+- Add support for links in custom UI and notifications ([#1814](https://github.com/MetaMask/snaps/pull/1814))
+
+### Fixed
+- Fix an issue where snaps throwing a `SnapError` would be allowed to run for longer than expected ([#1897](https://github.com/MetaMask/snaps/pull/1897))
+
 ## [3.1.1]
 ### Fixed
 - Fix a few issues with allowlist version resolving ([#1888](https://github.com/MetaMask/snaps/pull/1888))
@@ -94,7 +101,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - The version of the package no longer needs to match the version of all other
     MetaMask Snaps packages.
 
-[Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.1.1...HEAD
+[Unreleased]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.2.0...HEAD
+[3.2.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.1.1...@metamask/snaps-controllers@3.2.0
 [3.1.1]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.1.0...@metamask/snaps-controllers@3.1.1
 [3.1.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@3.0.0...@metamask/snaps-controllers@3.1.0
 [3.0.0]: https://github.com/MetaMask/snaps/compare/@metamask/snaps-controllers@2.0.2...@metamask/snaps-controllers@3.0.0

package/dist/cjs/snaps/SnapController.js

@@ -29,6 +29,7 @@ const _basecontroller = require("@metamask/base-controller");
 const _permissioncontroller = require("@metamask/permission-controller");
 const _rpcerrors = require("@metamask/rpc-errors");
 const _snapsrpcmethods = require("@metamask/snaps-rpc-methods");
+const _snapsui = require("@metamask/snaps-ui");
 const _snapsutils = require("@metamask/snaps-utils");
 const _utils = require("@metamask/utils");
 const _fsm = require("@xstate/fsm");
@@ -192,7 +193,7 @@ _initializeStateMachine = /*#__PURE__*/ new WeakSet(), /**
    *
    * @param snapId - The id of the Snap whose message handler to get.
    * @returns The RPC handler for the given snap.
-   */ _getRpcRequestHandler = /*#__PURE__*/ new WeakSet(), _executeWithTimeout = /*#__PURE__*/ new WeakSet(), _recordSnapRpcRequestStart = /*#__PURE__*/ new WeakSet(), _recordSnapRpcRequestFinish = /*#__PURE__*/ new WeakSet(), /**
+   */ _getRpcRequestHandler = /*#__PURE__*/ new WeakSet(), _assertSnapRpcRequestResult = /*#__PURE__*/ new WeakSet(), _executeWithTimeout = /*#__PURE__*/ new WeakSet(), _recordSnapRpcRequestStart = /*#__PURE__*/ new WeakSet(), _recordSnapRpcRequestFinish = /*#__PURE__*/ new WeakSet(), /**
    * Retrieves the rollback snapshot of a snap.
    *
    * @param snapId - The snap id.
@@ -1021,6 +1022,12 @@ class SnapController extends _basecontroller.BaseControllerV2 {
         _class_private_method_init(this, _validateSnapPermissions);
         _class_private_method_init(this, _getRpcRequestHandler);
         /**
+   * Asserts that the returned result of a Snap RPC call is the expected shape.
+   *
+   * @param handlerType - The handler type of the RPC Request.
+   * @param result - The result of the RPC request.
+   */ _class_private_method_init(this, _assertSnapRpcRequestResult);
+        /**
    * Awaits the specified promise and rejects if the promise doesn't resolve
    * before the timeout.
    *
@@ -1561,7 +1568,7 @@ function getRpcRequestHandler(snapId) {
         // This will either get the result or reject due to the timeout.
         try {
             const result = await _class_private_method_get(this, _executeWithTimeout, executeWithTimeout).call(this, handleRpcRequestPromise, timer);
-            _class_private_method_get(this, _recordSnapRpcRequestFinish, recordSnapRpcRequestFinish).call(this, snapId, request.id);
+            await _class_private_method_get(this, _assertSnapRpcRequestResult, assertSnapRpcRequestResult).call(this, handlerType, result);
             return result;
         } catch (error) {
             const [jsonRpcError, handled] = (0, _snapsutils.unwrapError)(error);
@@ -1569,11 +1576,24 @@ function getRpcRequestHandler(snapId) {
                 await this.stopSnap(snapId, _snapsutils.SnapStatusEvents.Crash);
             }
             throw jsonRpcError;
+        } finally{
+            _class_private_method_get(this, _recordSnapRpcRequestFinish, recordSnapRpcRequestFinish).call(this, snapId, request.id);
         }
     };
     runtime.rpcHandler = rpcHandler;
     return rpcHandler;
 }
+async function assertSnapRpcRequestResult(handlerType, result) {
+    switch(handlerType){
+        case _snapsutils.HandlerType.OnTransaction:
+            (0, _utils.assertStruct)(result, _snapsutils.OnTransactionResponseStruct);
+            await this.messagingSystem.call('PhishingController:maybeUpdateState');
+            await (0, _snapsui.assertUILinksAreSafe)(result.content, (url)=>this.messagingSystem.call('PhishingController:testOrigin', url).result);
+            break;
+        default:
+            break;
+    }
+}
 async function executeWithTimeout(promise, timer) {
     const result = await (0, _utils1.withTimeout)(promise, timer ?? this.maxRequestTime);
     if (result === _utils1.hasTimedOut) {