From 33b78339cc0542343fc80a08d0c0f1517f5f7073 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Tue, 2 Nov 2021 15:44:43 -0400 Subject: [PATCH 01/10] add lavamoat --- .github/workflows/ci.yml | 1 + .yarnrc | 1 + package.json | 20 ++++-- yarn.lock | 149 ++++++++++++++++++++++++++++++++++++++- 4 files changed, 165 insertions(+), 6 deletions(-) create mode 100644 .yarnrc diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c10d635e322..910460436cf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,6 +34,7 @@ jobs: path: ${{ steps.yarn-cache-dir.outputs.YARN_CACHE_DIR }} key: yarn-cache-${{ runner.os }}-${{ steps.yarn-version.outputs.YARN_VERSION }}-${{ hashFiles('yarn.lock') }} - run: yarn --frozen-lockfile + - run: yarn setup - run: yarn lint - run: yarn audit:ci - run: yarn test:tgz-check diff --git a/.yarnrc b/.yarnrc new file mode 100644 index 00000000000..5455c6c5d38 --- /dev/null +++ b/.yarnrc @@ -0,0 +1 @@ +ignore-scripts true diff --git a/package.json b/package.json index 96630f19a88..09f5619d15a 100644 --- a/package.json +++ b/package.json @@ -15,6 +15,7 @@ "lint": "eslint '**/*.js' --ignore-path=.prettierignore", "lint:fix": "eslint '**/*.js' --fix --ignore-path=.prettierignore", "format": "prettier '**/*.{js,json}' --write", + "setup": "yarn clean && yarn allow-scripts", "start:ios": "./scripts/build.sh ios debug", "start:ios:e2e": "./scripts/build.sh ios debugE2E", "start:ios:device": "./scripts/build.sh ios debug --device", @@ -233,6 +234,7 @@ "devDependencies": { "@babel/core": "^7.8.4", "@babel/runtime": "^7.8.4", + "@lavamoat/allow-scripts": "^1.0.6", "@metamask/eslint-config": "^7.0.0", "@metamask/eslint-config-typescript": "^7.0.0", "@metamask/mobile-provider": "^2.1.0", @@ -353,9 +355,19 @@ "node": "^14.0.0", "yarn": "^1.22.0" }, - "rnpm": { - "assets": [ - "./app/fonts" - ] + "lavamoat": { + "allowScripts": { + "@sentry/cli": true, + "detox": true, + "husky": true, + "secp256k1": true, + "keccak": true, + "@lavamoat/preinstall-always-fail": false, + "core-js-pure": false, + "dtrace-provider": false, + "core-js": false, + "fsevents": false, + "sharp": false + } } } diff --git a/yarn.lock b/yarn.lock index b22d0dd5e4a..0134a96f855 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1547,6 +1547,24 @@ "@types/yargs" "^16.0.0" chalk "^4.0.0" +"@lavamoat/allow-scripts@^1.0.6": + version "1.0.6" + resolved "https://registry.yarnpkg.com/@lavamoat/allow-scripts/-/allow-scripts-1.0.6.tgz#fbdf7c35a5c2c2cff05ba002b7bc8f3355bda22c" + integrity sha512-bBUN2xuQEXWmWTJrfkwaM8Ige7TNfTTRodyW353VYnzX7kW866Tm/Ag0hdbukFvJfNjRHabVmLKxYYL8l/uyZQ== + dependencies: + "@lavamoat/preinstall-always-fail" "^1.0.0" + "@npmcli/run-script" "^1.8.1" + "@yarnpkg/lockfile" "^1.1.0" + npm-logical-tree "^1.2.1" + resolve "^1.20.0" + semver "^7.3.4" + yargs "^16.2.0" + +"@lavamoat/preinstall-always-fail@^1.0.0": + version "1.0.0" + resolved "https://registry.yarnpkg.com/@lavamoat/preinstall-always-fail/-/preinstall-always-fail-1.0.0.tgz#e78a6e3d9e212a4fef869ec37d4f5fb498dea373" + integrity sha512-vD2DcC0ffJj1w2y1Lu0OU39wHmlPEd2tCDW04Bm6Kf4LyRnCHCezTsS8yzeSJ+4so7XP+TITuR5FGJRWxPb+GA== + "@metamask/contract-metadata@^1.29.0", "@metamask/contract-metadata@^1.30.0": version "1.30.0" resolved "https://registry.yarnpkg.com/@metamask/contract-metadata/-/contract-metadata-1.30.0.tgz#fa8e1b0c3e7aaa963986088f691fb553ffbe3904" @@ -1687,6 +1705,28 @@ "@nodelib/fs.scandir" "2.1.5" fastq "^1.6.0" +"@npmcli/node-gyp@^1.0.2": + version "1.0.3" + resolved "https://registry.yarnpkg.com/@npmcli/node-gyp/-/node-gyp-1.0.3.tgz#a912e637418ffc5f2db375e93b85837691a43a33" + integrity sha512-fnkhw+fmX65kiLqk6E3BFLXNC26rUhK90zVwe2yncPliVT/Qos3xjhTLE59Df8KnPlcwIERXKVlU1bXoUQ+liA== + +"@npmcli/promise-spawn@^1.3.2": + version "1.3.2" + resolved "https://registry.yarnpkg.com/@npmcli/promise-spawn/-/promise-spawn-1.3.2.tgz#42d4e56a8e9274fba180dabc0aea6e38f29274f5" + integrity sha512-QyAGYo/Fbj4MXeGdJcFzZ+FkDkomfRBrPM+9QYJSg+PxgAUL+LU3FneQk37rKR2/zjqkCV1BLHccX98wRXG3Sg== + dependencies: + infer-owner "^1.0.4" + +"@npmcli/run-script@^1.8.1": + version "1.8.6" + resolved "https://registry.yarnpkg.com/@npmcli/run-script/-/run-script-1.8.6.tgz#18314802a6660b0d4baa4c3afe7f1ad39d8c28b7" + integrity sha512-e42bVZnC6VluBZBAFEr3YrdqSspG3bgilyg4nSLBJ7TRGNCzxHa92XAHxQBLYg0BmgwO4b2mf3h/l5EkEWRn3g== + dependencies: + "@npmcli/node-gyp" "^1.0.2" + "@npmcli/promise-spawn" "^1.3.2" + node-gyp "^7.1.0" + read-package-json-fast "^2.0.1" + "@react-native-clipboard/clipboard@^1.8.4": version "1.8.4" resolved "https://registry.yarnpkg.com/@react-native-clipboard/clipboard/-/clipboard-1.8.4.tgz#4bc1fb00643688e489d8220cd635844ab5c066f9" @@ -2642,6 +2682,11 @@ abab@^2.0.0: resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.5.tgz#c0b678fb32d60fc1219c784d6a826fe385aeb79a" integrity sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q== +abbrev@1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8" + integrity sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q== + abort-controller@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/abort-controller/-/abort-controller-3.0.0.tgz#eaf54d53b62bae4138e809ca225c8439a6efb392" @@ -3999,6 +4044,11 @@ chownr@^1.1.1: resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b" integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg== +chownr@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/chownr/-/chownr-2.0.0.tgz#15bfbe53d2eab4cf70f18a8cd68ebe5b3cb1dece" + integrity sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ== + ci-info@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46" @@ -5114,6 +5164,11 @@ entities@^2.0.0: resolved "https://registry.yarnpkg.com/entities/-/entities-2.2.0.tgz#098dc90ebb83d8dffa089d55256b351d34c4da55" integrity sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A== +env-paths@^2.2.0: + version "2.2.1" + resolved "https://registry.yarnpkg.com/env-paths/-/env-paths-2.2.1.tgz#420399d416ce1fbe9bc0a07c62fa68d67fd0f8f2" + integrity sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A== + envinfo@^7.7.2: version "7.8.1" resolved "https://registry.yarnpkg.com/envinfo/-/envinfo-7.8.1.tgz#06377e3e5f4d379fea7ac592d5ad8927e0c4d475" @@ -7048,6 +7103,13 @@ fs-extra@^8.1.0: jsonfile "^4.0.0" universalify "^0.1.0" +fs-minipass@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-2.1.0.tgz#7f5036fdbf12c63c169190cbe4199c852271f9fb" + integrity sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg== + dependencies: + minipass "^3.0.0" + fs.realpath@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" @@ -7300,6 +7362,11 @@ graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.3 resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.6.tgz#ff040b2b0853b23c3d31027523706f1885d76bee" integrity sha512-nTnJ528pbqxYanhpDYsi4Rd8MAeaBA67+RZ10CM1m3bTAVFEDcd5AuA4a6W5YkGZ1iNXHzZz8T6TBKLeBuNriQ== +graceful-fs@^4.2.3: + version "4.2.8" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.8.tgz#e412b8d33f5e006593cbd3cee6df9f2cebbe802a" + integrity sha512-qkIilPUYcNhJpd33n0GBXTB1MMPp14TxEsEs0pTrsSVucApsYzW5V+Q8Qxhik6KU3evy+qkAAowTByymK0avdg== + "graceful-readlink@>= 1.0.0": version "1.0.1" resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" @@ -7687,6 +7754,11 @@ indexof@~0.0.1: resolved "https://registry.yarnpkg.com/indexof/-/indexof-0.0.1.tgz#82dc336d232b9062179d05ab3293a66059fd435d" integrity sha1-gtwzbSMrkGIXnQWrMpOmYFn9Q10= +infer-owner@^1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/infer-owner/-/infer-owner-1.0.4.tgz#c4cefcaa8e51051c2a40ba2ce8a3d27295af9467" + integrity sha512-IClj+Xz94+d7irH5qRyfJonOdfTzuDaifE6ZPWfx0N0+/ATZCbuTPq2prFl526urkQd90WyUKIh1DfBQ2hMz9A== + inflight@^1.0.4: version "1.0.6" resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" @@ -9929,6 +10001,21 @@ minimist@^1.1.1, minimist@^1.1.2, minimist@^1.2.0, minimist@^1.2.3, minimist@^1. resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== +minipass@^3.0.0: + version "3.1.5" + resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.1.5.tgz#71f6251b0a33a49c01b3cf97ff77eda030dff732" + integrity sha512-+8NzxD82XQoNKNrl1d/FSi+X8wAEWR+sbYAfIvub4Nz0d22plFG72CEVVaufV8PNf4qSslFTD8VMOxNVhHCjTw== + dependencies: + yallist "^4.0.0" + +minizlib@^2.1.1: + version "2.1.2" + resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.2.tgz#e90d3466ba209b932451508a11ce3d3632145931" + integrity sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg== + dependencies: + minipass "^3.0.0" + yallist "^4.0.0" + mixin-deep@^1.2.0: version "1.3.2" resolved "https://registry.yarnpkg.com/mixin-deep/-/mixin-deep-1.3.2.tgz#1120b43dc359a785dce65b55b82e257ccf479566" @@ -9949,6 +10036,11 @@ mkdirp@0.x.x, mkdirp@^0.5.1, mkdirp@^0.5.5, mkdirp@~0.5.1: dependencies: minimist "^1.2.5" +mkdirp@^1.0.3: + version "1.0.4" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e" + integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw== + moment@^2.19.3: version "2.29.1" resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3" @@ -10157,6 +10249,22 @@ node-gyp-build@^4.2.0: resolved "https://registry.yarnpkg.com/node-gyp-build/-/node-gyp-build-4.2.3.tgz#ce6277f853835f718829efb47db20f3e4d9c4739" integrity sha512-MN6ZpzmfNCRM+3t57PTJHgHyw/h4OWnZ6mR8P5j/uZtqQr46RRuDE/P+g3n0YR/AiYXeWixZZzaip77gdICfRg== +node-gyp@^7.1.0: + version "7.1.2" + resolved "https://registry.yarnpkg.com/node-gyp/-/node-gyp-7.1.2.tgz#21a810aebb187120251c3bcec979af1587b188ae" + integrity sha512-CbpcIo7C3eMu3dL1c3d0xw449fHIGALIJsRP4DDPHpyiW8vcriNY7ubh9TE4zEKfSxscY7PjeFnshE7h75ynjQ== + dependencies: + env-paths "^2.2.0" + glob "^7.1.4" + graceful-fs "^4.2.3" + nopt "^5.0.0" + npmlog "^4.1.2" + request "^2.88.2" + rimraf "^3.0.2" + semver "^7.3.2" + tar "^6.0.2" + which "^2.0.2" + node-int64@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b" @@ -10194,6 +10302,13 @@ node-version@^1.0.0: resolved "https://registry.yarnpkg.com/node-version/-/node-version-1.2.0.tgz#34fde3ffa8e1149bd323983479dda620e1b5060d" integrity sha512-ma6oU4Sk0qOoKEAymVoTvk8EdXEobdS7m/mAGhDJ8Rouugho48crHBORAmy5BoOcv8wraPM6xumapQp5hl4iIQ== +nopt@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-5.0.0.tgz#530942bb58a512fccafe53fe210f13a25355dc88" + integrity sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ== + dependencies: + abbrev "1" + normalize-package-data@^2.3.2, normalize-package-data@^2.5.0: version "2.5.0" resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.5.0.tgz#e66db1838b200c1dfc233225d12cb36520e234a8" @@ -10223,6 +10338,16 @@ normalize-svg-path@^1.0.1: dependencies: svg-arc-to-cubic-bezier "^3.0.0" +npm-logical-tree@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/npm-logical-tree/-/npm-logical-tree-1.2.1.tgz#44610141ca24664cad35d1e607176193fd8f5b88" + integrity sha512-AJI/qxDB2PWI4LG1CYN579AY1vCiNyWfkiquCsJWqntRu/WwimVrC8yXeILBFHDwxfOejxewlmnvW9XXjMlYIg== + +npm-normalize-package-bin@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz#6e79a41f23fd235c0623218228da7d9c23b8f6e2" + integrity sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA== + npm-run-path@^2.0.0: version "2.0.2" resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-2.0.2.tgz#35a9232dfa35d7067b4cb2ddf2357b1871536c5f" @@ -11864,6 +11989,14 @@ read-env@^1.3.0: dependencies: camelcase "5.0.0" +read-package-json-fast@^2.0.1: + version "2.0.3" + resolved "https://registry.yarnpkg.com/read-package-json-fast/-/read-package-json-fast-2.0.3.tgz#323ca529630da82cb34b36cc0b996693c98c2b83" + integrity sha512-W/BKtbL+dUjTuRL2vziuYhp76s5HZ9qQhd/dKfWIZveD0O40453QNyZhC0e63lqZrAQ4jiOapVoeJ7JrszenQQ== + dependencies: + json-parse-even-better-errors "^2.3.0" + npm-normalize-package-bin "^1.0.1" + read-pkg-up@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-3.0.0.tgz#3ed496685dba0f8fe118d0691dc51f4a1ff96f07" @@ -12114,7 +12247,7 @@ request-promise-native@^1.0.7: stealthy-require "^1.1.1" tough-cookie "^2.3.3" -request@^2.72.0, request@^2.85.0, request@^2.88.0: +request@^2.72.0, request@^2.85.0, request@^2.88.0, request@^2.88.2: version "2.88.2" resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3" integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw== @@ -12523,7 +12656,7 @@ semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.3.0: resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== -semver@^7.0.0, semver@^7.2.1, semver@^7.3.2, semver@^7.3.5: +semver@^7.0.0, semver@^7.2.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5: version "7.3.5" resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== @@ -13325,6 +13458,18 @@ tar-stream@^2.1.4: inherits "^2.0.3" readable-stream "^3.1.1" +tar@^6.0.2: + version "6.1.11" + resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.11.tgz#6760a38f003afa1b2ffd0ffe9e9abbd0eab3d621" + integrity sha512-an/KZQzQUkZCkuoAA64hM92X0Urb6VpRhAFllDzz44U2mcD5scmT3zBc4VgVpkugF580+DQn8eAFSyoQt0tznA== + dependencies: + chownr "^2.0.0" + fs-minipass "^2.0.0" + minipass "^3.0.0" + minizlib "^2.1.1" + mkdirp "^1.0.3" + yallist "^4.0.0" + teeny-request@7.0.1: version "7.0.1" resolved "https://registry.yarnpkg.com/teeny-request/-/teeny-request-7.0.1.tgz#bdd41fdffea5f8fbc0d29392cb47bec4f66b2b4c" From f764403ca410bff0c7d368ef3f8e8f16f8c9bed3 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Tue, 2 Nov 2021 16:27:32 -0400 Subject: [PATCH 02/10] add lavamoat setup to bitrise.yml --- bitrise.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/bitrise.yml b/bitrise.yml index cbc86068d04..6b82e9d9fa5 100644 --- a/bitrise.yml +++ b/bitrise.yml @@ -22,6 +22,11 @@ workflows: - cache_local_deps: 'yes' - command: install --network-timeout 300000 --frozen-lockfile --network-concurrency 1 title: Yarn Install + - yarn@0: + inputs: + - cache_local_deps: 'yes' + - command: setup --network-timeout 300000 --frozen-lockfile --network-concurrency 1 + title: Yarn Setup - yarn@0: inputs: - cache_local_deps: 'yes' @@ -43,6 +48,11 @@ workflows: - cache_local_deps: 'yes' - command: install --network-timeout 300000 --frozen-lockfile --network-concurrency 1 title: Yarn Install + - yarn@0: + inputs: + - cache_local_deps: 'yes' + - command: setup --network-timeout 300000 --frozen-lockfile --network-concurrency 1 + title: Yarn Setup - yarn@0: inputs: - cache_local_deps: 'yes' From ef19d58dea9961e70bb8700c180332834b17aff6 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Tue, 2 Nov 2021 16:42:41 -0400 Subject: [PATCH 03/10] only run setup in ci and add --frozen-lockfile to `clean:node` --- .github/workflows/ci.yml | 1 - bitrise.yml | 14 ++------------ package.json | 2 +- 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 910460436cf..4cfc24eeada 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,7 +33,6 @@ jobs: with: path: ${{ steps.yarn-cache-dir.outputs.YARN_CACHE_DIR }} key: yarn-cache-${{ runner.os }}-${{ steps.yarn-version.outputs.YARN_VERSION }}-${{ hashFiles('yarn.lock') }} - - run: yarn --frozen-lockfile - run: yarn setup - run: yarn lint - run: yarn audit:ci diff --git a/bitrise.yml b/bitrise.yml index 6b82e9d9fa5..4d5202425c9 100644 --- a/bitrise.yml +++ b/bitrise.yml @@ -20,12 +20,7 @@ workflows: - yarn@0: inputs: - cache_local_deps: 'yes' - - command: install --network-timeout 300000 --frozen-lockfile --network-concurrency 1 - title: Yarn Install - - yarn@0: - inputs: - - cache_local_deps: 'yes' - - command: setup --network-timeout 300000 --frozen-lockfile --network-concurrency 1 + - command: setup --network-timeout 300000 --network-concurrency 1 title: Yarn Setup - yarn@0: inputs: @@ -46,12 +41,7 @@ workflows: - yarn@0: inputs: - cache_local_deps: 'yes' - - command: install --network-timeout 300000 --frozen-lockfile --network-concurrency 1 - title: Yarn Install - - yarn@0: - inputs: - - cache_local_deps: 'yes' - - command: setup --network-timeout 300000 --frozen-lockfile --network-concurrency 1 + - command: setup --network-timeout 300000 --network-concurrency 1 title: Yarn Setup - yarn@0: inputs: diff --git a/package.json b/package.json index 09f5619d15a..069c7da3d8d 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "clean:ios": "rm -rf ios/build", "pod:install": "command -v pod && (cd ios/ && pod install && cd ..) || echo \"pod command not found\"", "clean:android": "rm -rf android/app/build", - "clean:node": "rm -rf node_modules && yarn install", + "clean:node": "rm -rf node_modules && yarn install --frozen-lockfile", "clean": "yarn clean:ios && yarn clean:android && yarn clean:node && yarn pod:install", "clean-android": "yarn clean:android && yarn clean:node", "lint": "eslint '**/*.js' --ignore-path=.prettierignore", From eef6d766466329ac5a3db47ba34c9b4aa116c415 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Tue, 2 Nov 2021 16:55:02 -0400 Subject: [PATCH 04/10] move network flags into package.json --- bitrise.yml | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bitrise.yml b/bitrise.yml index 4d5202425c9..3f3023c0359 100644 --- a/bitrise.yml +++ b/bitrise.yml @@ -20,7 +20,7 @@ workflows: - yarn@0: inputs: - cache_local_deps: 'yes' - - command: setup --network-timeout 300000 --network-concurrency 1 + - command: setup title: Yarn Setup - yarn@0: inputs: @@ -41,7 +41,7 @@ workflows: - yarn@0: inputs: - cache_local_deps: 'yes' - - command: setup --network-timeout 300000 --network-concurrency 1 + - command: setup title: Yarn Setup - yarn@0: inputs: diff --git a/package.json b/package.json index 069c7da3d8d..62a2816a0d3 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "clean:ios": "rm -rf ios/build", "pod:install": "command -v pod && (cd ios/ && pod install && cd ..) || echo \"pod command not found\"", "clean:android": "rm -rf android/app/build", - "clean:node": "rm -rf node_modules && yarn install --frozen-lockfile", + "clean:node": "rm -rf node_modules && yarn install --frozen-lockfile --network-timeout 300000 --network-concurrency 1", "clean": "yarn clean:ios && yarn clean:android && yarn clean:node && yarn pod:install", "clean-android": "yarn clean:android && yarn clean:node", "lint": "eslint '**/*.js' --ignore-path=.prettierignore", From 42ee418068b142f1f99a7858fff7932effd3efaa Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Tue, 2 Nov 2021 18:07:24 -0400 Subject: [PATCH 05/10] remove install --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 62a2816a0d3..89e9f9661dc 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "clean:ios": "rm -rf ios/build", "pod:install": "command -v pod && (cd ios/ && pod install && cd ..) || echo \"pod command not found\"", "clean:android": "rm -rf android/app/build", - "clean:node": "rm -rf node_modules && yarn install --frozen-lockfile --network-timeout 300000 --network-concurrency 1", + "clean:node": "rm -rf node_modules && yarn --frozen-lockfile --network-timeout 300000 --network-concurrency 1", "clean": "yarn clean:ios && yarn clean:android && yarn clean:node && yarn pod:install", "clean-android": "yarn clean:android && yarn clean:node", "lint": "eslint '**/*.js' --ignore-path=.prettierignore", From 8dfede2a9224f52db5e14412bbd3376a69654f6f Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Wed, 3 Nov 2021 11:30:34 -0400 Subject: [PATCH 06/10] address feedback --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 89e9f9661dc..ac5821e9622 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "clean:ios": "rm -rf ios/build", "pod:install": "command -v pod && (cd ios/ && pod install && cd ..) || echo \"pod command not found\"", "clean:android": "rm -rf android/app/build", - "clean:node": "rm -rf node_modules && yarn --frozen-lockfile --network-timeout 300000 --network-concurrency 1", + "clean:node": "rm -rf node_modules && yarn --frozen-lockfile", "clean": "yarn clean:ios && yarn clean:android && yarn clean:node && yarn pod:install", "clean-android": "yarn clean:android && yarn clean:node", "lint": "eslint '**/*.js' --ignore-path=.prettierignore", From 38fcc5fae015baa94e949ce4a7e58c9781909cba Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Thu, 4 Nov 2021 10:59:41 -0400 Subject: [PATCH 07/10] update readme --- README.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3926385a94e..3f35fa10f56 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ sudo gem install cocoapods ```bash git clone ... cd metamask-mobile -yarn install # this will run a lengthy postinstall flow +yarn setup # not the usual install command, this will run a lengthy postinstall flow cd ios && pod install && cd .. # install pods for iOS ``` @@ -190,6 +190,19 @@ yarn test:e2e:ios yarn test:e2e:android ``` +### Changing dependencies + +Whenever you change dependencies (adding, removing, or updating, either in `package.json` or `yarn.lock`), there are various files that must be kept up-to-date. + +* `yarn.lock`: + * Run `yarn setup` again after your changes to ensure `yarn.lock` has been properly updated. +* The `allow-scripts` configuration in `package.json` + * Run `yarn allow-scripts auto` to update the `allow-scripts` configuration automatically. This config determines whether the package's install/postinstall scripts are allowed to run. Review each new package to determine whether the install script needs to run or not, testing if necessary. + * Unfortunately, `yarn allow-scripts auto` will behave inconsistently on different platforms. macOS and Windows users may see extraneous changes relating to optional dependencies. +* The LavaMoat auto-generated policy in `lavamoat/node/policy.json` + * Run `yarn lavamoat:auto` to re-generate this policy file. Review the changes to determine whether the access granted to each package seems appropriate. + * Unfortunately, `yarn lavamoat:auto` will behave inconsistently on different platforms. macOS and Windows users may see extraneous changes relating to optional dependencies. + ### Architecture To get a better understanding of the internal architecture of this app take a look at [this diagram](https://github.com/MetaMask/metamask-mobile/blob/develop/architecture.svg). From cf63f7b57fdbd76b6be11c9e69dd30edde1c34c6 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Thu, 4 Nov 2021 11:05:59 -0400 Subject: [PATCH 08/10] remove lavamoat policy steps from readme --- README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/README.md b/README.md index 3f35fa10f56..fb0d561f927 100644 --- a/README.md +++ b/README.md @@ -199,9 +199,6 @@ Whenever you change dependencies (adding, removing, or updating, either in `pack * The `allow-scripts` configuration in `package.json` * Run `yarn allow-scripts auto` to update the `allow-scripts` configuration automatically. This config determines whether the package's install/postinstall scripts are allowed to run. Review each new package to determine whether the install script needs to run or not, testing if necessary. * Unfortunately, `yarn allow-scripts auto` will behave inconsistently on different platforms. macOS and Windows users may see extraneous changes relating to optional dependencies. -* The LavaMoat auto-generated policy in `lavamoat/node/policy.json` - * Run `yarn lavamoat:auto` to re-generate this policy file. Review the changes to determine whether the access granted to each package seems appropriate. - * Unfortunately, `yarn lavamoat:auto` will behave inconsistently on different platforms. macOS and Windows users may see extraneous changes relating to optional dependencies. ### Architecture From 28f08c206c8a1dcc35b75defd7f26b6b9625e303 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Thu, 4 Nov 2021 11:12:03 -0400 Subject: [PATCH 09/10] use gh actions badges --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index fb0d561f927..85a1cfbb200 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ # MetaMask -![BitriseCI](https://app.bitrise.io/app/be69d4368ee7e86d/status.svg?token=OBhpG-OxuDtWGezLhceqhw&branch=develop) +![CI](https://github.com/MetaMask/metamask-mobile/actions/workflows/ci.yml/badge.svg?branch=develop) ![CLA](https://github.com/MetaMask/metamask-mobile/actions/workflows/cla.yml/badge.svg?branch=develop) MetaMask is a mobile web browser that provides easy access to websites that use the [Ethereum](https://ethereum.org/) blockchain. From 41a72316342cc28a78de7a3555d91997c6660d44 Mon Sep 17 00:00:00 2001 From: Ricky Miller Date: Thu, 4 Nov 2021 12:34:28 -0400 Subject: [PATCH 10/10] make badges into links --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 85a1cfbb200..446273b2b52 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ # MetaMask -![CI](https://github.com/MetaMask/metamask-mobile/actions/workflows/ci.yml/badge.svg?branch=develop) ![CLA](https://github.com/MetaMask/metamask-mobile/actions/workflows/cla.yml/badge.svg?branch=develop) +[![CI](https://github.com/MetaMask/metamask-mobile/actions/workflows/ci.yml/badge.svg?branch=develop)](https://github.com/MetaMask/metamask-mobile/actions/workflows/ci.yml) [![CLA](https://github.com/MetaMask/metamask-mobile/actions/workflows/cla.yml/badge.svg?branch=develop)](https://github.com/MetaMask/metamask-mobile/actions/workflows/cla.yml) MetaMask is a mobile web browser that provides easy access to websites that use the [Ethereum](https://ethereum.org/) blockchain.