Merge branch 'main' into jongsun/build/251103-enable-react-compiler

Author: MajorLift

.github/workflows/check-pr-max-lines.yml

@@ -17,7 +17,10 @@ permissions:
 
 jobs:
   check-pr-max-lines:
-    uses: metamask/github-tools/.github/workflows/pr-line-check.yml@main
-    with:
-      max_lines: 1000
-      ignore_patterns: '(\.lock|\.snap|lavamoat\/.*policy\.json)$'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check PR lines changed
+        uses: MetaMask/github-tools/.github/actions/pr-line-check@v1
+        with:
+          max-lines: '1000'
+          ignore-patterns: '(\.lock|\.snap|lavamoat\/.*policy\.json)$'

.github/workflows/flaky-test-report.yml

@@ -4,17 +4,20 @@ on:
   schedule:
     # Once every day from Monday-Friday at 08:00 UTC
     - cron: 0 8 * * 1-5
+  workflow_dispatch:
 
 permissions:
   contents: read
   actions: read
 
 jobs:
   flaky-test-report:
-    uses: MetaMask/github-tools/.github/workflows/flaky-test-report.yml@main
-    with:
-      repository: ${{ github.event.repository.name }}
-      workflow_id: main.yml
-    secrets:
-      github-token: ${{ secrets.GITHUB_TOKEN }}
-      slack-webhook-flaky-tests: ${{ secrets.SLACK_WEBHOOK_FLAKY_TESTS }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate flaky test report
+        uses: MetaMask/github-tools/.github/actions/flaky-test-report@v1
+        with:
+          repository: ${{ github.event.repository.name }}
+          workflow-id: main.yml
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          slack-webhook-flaky-tests: ${{ secrets.SLACK_WEBHOOK_FLAKY_TESTS }}

.github/workflows/post-merge-validation.yml

@@ -3,13 +3,16 @@ name: Post Merge Validation
 on:
   schedule:
     - cron: '0 7 * * *'
+  workflow_dispatch:
 
 jobs:
   post-merge-validation-tracker:
-    uses: MetaMask/github-tools/.github/workflows/post-merge-validation.yml@main
-    with:
-      repo: ${{ github.repository }}
-      start_hour_utc: 7
-    secrets:
-      github-token: ${{ secrets.GITHUB_TOKEN }}
-      google-application-creds-base64: ${{ secrets.GCP_RLS_SHEET_ACCOUNT_BASE64 }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run post-merge validation
+        uses: MetaMask/github-tools/.github/actions/post-merge-validation@v1
+        with:
+          repo: ${{ github.repository }}
+          start-hour-utc: '7'
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          google-application-creds-base64: ${{ secrets.GCP_RLS_SHEET_ACCOUNT_BASE64 }}

.yarn/patches/@metamask-assets-controllers-patch-7c7d711c8c.patch

@@ -0,0 +1,13 @@
+diff --git a/dist/token-prices-service/codefi-v2.cjs b/dist/token-prices-service/codefi-v2.cjs
+index 34f7bcf4dea1b8d6a1ea45051be09059d9d35353..6aa82360e63727852cda1719f5e893508b764e75 100644
+--- a/dist/token-prices-service/codefi-v2.cjs
++++ b/dist/token-prices-service/codefi-v2.cjs
+@@ -98,6 +98,8 @@ exports.SUPPORTED_CURRENCIES = [
+     'mxn',
+     // Malaysian Ringgit
+     'myr',
++    // Monad
++    'mon',
+     // Nigerian Naira
+     'ngn',
+     // Norwegian Krone

.yarnrc.yml

@@ -31,6 +31,12 @@ npmAuditIgnoreAdvisories:
   # URL: https://github.com/advisories/GHSA-5j98-mcp5-4vw2
   - 1109809
 
+  # Issue: `body-parser` denial of service vulnerability
+  # Seemingly only impacts v2.2.0, but we're on v1. The advisory range is overly wide.
+  # The attack vector also does not apply to how we use the package.
+  # URL: https://github.com/advisories/GHSA-wqch-xfxh-vrr4
+  - 1110857
+
   ### Package Deprecations:
 
   # React-tippy brings in popper.js and react-tippy has not been updated in

CHANGELOG.md

@@ -7,6 +7,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [13.10.3]
+
+### Fixed
+
+- Feature flags sidepanel context menu (#38220)
+
+## [13.10.2]
+
+### Fixed
+
+- Fixes entry modal closed error (#38188)
+
+## [13.10.1]
+
+### Fixed
+
+- Prevents token list from fetching balances for all accounts (#38065)
+- Fixes dapp-swap comparison fiat rate fetching for native tokens (#37980)
+- Fixes dapp-swap fix conversion rate for pol native token (#38102)
+- Removes unnecessary extension permission (#38075)
+- Fixes missing native token balances in wallet balance (#38126)
+
 ## [13.10.0]
 
 ### Added
@@ -1217,7 +1239,10 @@ authorized by the user.` error until the user fully revoked dapp
 - This changelog was split off with 12.22.0
 - All older changes can be found in [docs/CHANGELOG_older.md](https://github.com/MetaMask/metamask-extension/blob/main/docs/CHANGELOG_older.md)
 
-[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v13.10.0...HEAD
+[Unreleased]: https://github.com/MetaMask/metamask-extension/compare/v13.10.3...HEAD
+[13.10.3]: https://github.com/MetaMask/metamask-extension/compare/v13.10.2...v13.10.3
+[13.10.2]: https://github.com/MetaMask/metamask-extension/compare/v13.10.1...v13.10.2
+[13.10.1]: https://github.com/MetaMask/metamask-extension/compare/v13.10.0...v13.10.1
 [13.10.0]: https://github.com/MetaMask/metamask-extension/compare/v13.9.0...v13.10.0
 [13.9.0]: https://github.com/MetaMask/metamask-extension/compare/v13.8.0...v13.9.0
 [13.8.0]: https://github.com/MetaMask/metamask-extension/compare/v13.7.0...v13.8.0