Skip to content

feat: Add snaps-sandbox package and integrate into CLI #3306

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Mrtenz merged 18 commits into from
Apr 23, 2025
Merged

feat: Add snaps-sandbox package and integrate into CLI #3306

Mrtenz merged 18 commits into from
Apr 23, 2025

Conversation

@Mrtenz
Copy link
Member

@Mrtenz Mrtenz commented Apr 5, 2025
edited
Loading

This adds a new package, @metamask/snaps-sandbox, which is a tool to interact with Snaps through a web app. It's a replacement for the Snaps Simulator, but doesn't simulate any functionality. Instead, it calls MetaMask through the usual JSON-RPC methods.

The sandbox can be used from the Snaps CLI by running mm-snap sandbox.

Mrtenz
Mrtenz commented Apr 5, 2025
View reviewed changes
.yarn/patches/monaco-editor-npm-0.52.2-584d16bfa6.patch
export var walkTokens = (__marked_exports.walkTokens || exports.walkTokens);
// ESM-uncomment-end
-
-//# sourceMappingURL=marked.umd.js.map
Copy link
Member Author

@Mrtenz Mrtenz Apr 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This source map doesn't exist, and Vite was complaining about it.

@socket-security
Copy link

socket-security bot commented Apr 5, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​vitest/​coverage-istanbul@​3.0.8 ⏵ 3.1.1991006597100
Added@​types/​express@​5.0.11001006881100
Updated@​types/​debug@​4.1.7 ⏵ 4.1.1210010087 -276100
Updatedagent-base@​7.1.1 ⏵ 7.1.3100 +110090 +178100
Updatedhttps-proxy-agent@​7.0.4 ⏵ 7.0.6100 +110090 +178100
Added@​monaco-editor/​react@​4.7.010010010078100
Addedreact-icons@​5.5.01001001008670
Addedreact@​19.1.01001008397100
Added@​emotion/​react@​11.14.01001008685100
Updatedpirates@​4.0.6 ⏵ 4.0.7100 +110091 +286100
Added@​tanstack/​react-query@​5.74.4991008797100
Addedhappy-dom@​17.4.4991008891100
Added@​testing-library/​jest-dom@​6.6.310010010089100
Updatedreact-dom@​18.3.1 ⏵ 19.1.0100 +110092 +197100
Addedjotai@​2.12.310010010092100
Added@​testing-library/​react@​16.3.010010010093100
Added@​vitejs/​plugin-react@​4.4.110010010095100
Added@​chakra-ui/​react@​3.16.1991009896100

View full report

@socket-security
Copy link

socket-security bot commented Apr 5, 2025
edited
Loading

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert (click for details)
Block Low
[email protected] has a New author.

New Author: ulisesgascon

Previous Author: wesleytodd

Source

ℹ Read more on: This package | This alert | What is new author?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Ignoring alerts on:

View full report

@Mrtenz
Copy link
Member Author

Mrtenz commented Apr 9, 2025

@SocketSecurity ignore npm/[email protected]

False positive.

@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/[email protected]
@SocketSecurity ignore npm/@chakra-ui/[email protected]
@SocketSecurity ignore npm/[email protected]

These seem fine.

@codecov
Copy link

codecov bot commented Apr 9, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.03%. Comparing base (18e4993) to head (d7ce527).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3306      +/-   ##
==========================================
+ Coverage   97.80%   98.03%   +0.23%     
==========================================
  Files         364      402      +38     
  Lines        9911    11111    +1200     
  Branches     1616     1754     +138     
==========================================
+ Hits         9693    10893    +1200     
  Misses        218      218

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Mrtenz Mrtenz mentioned this pull request Apr 9, 2025
Merged
github-merge-queue bot pushed a commit that referenced this pull request Apr 11, 2025
@Mrtenz
Remove @metamask/snaps-simulator (#3311)
889e1f7 
This will be replaced with `@metamask/snaps-sandbox` in #3306.
@Mrtenz Mrtenz force-pushed the mrtenz/sandbox branch 3 times, most recently from 8fcb57c to ece3569 Compare April 15, 2025 13:07
@Mrtenz Mrtenz changed the title Add snaps-sandbox package and integrate into CLI feat: Add snaps-sandbox package and integrate into CLI Apr 15, 2025
@Mrtenz Mrtenz marked this pull request as ready for review April 16, 2025 08:30
@Mrtenz Mrtenz requested a review from a team as a code owner April 16, 2025 08:30
@Mrtenz
Copy link
Member Author

Mrtenz commented Apr 16, 2025

@SocketSecurity ignore [email protected]

New author is ok.

GuillaumeRx
GuillaumeRx approved these changes Apr 22, 2025
View reviewed changes
Copy link
Contributor

@GuillaumeRx GuillaumeRx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small nit otherwise LGTM

packages/snaps-cli/README.md
mm-snap build Build snap from source [aliases: b]
mm-snap eval Attempt to evaluate snap bundle in SES [aliases: e]
mm-snap manifest Validate the snap.manifest.json file [aliases: m]
mm-snap sandbox Start a sandbox server to interact with the Snap
Copy link
Contributor

@GuillaumeRx GuillaumeRx Apr 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No alias for this one ?

Copy link
Member Author

@Mrtenz Mrtenz Apr 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s was already taken, and I'm not sure what else to use 😅 And in general I don't think we really need it.

Copy link
Collaborator

@Montoya Montoya Apr 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

x?

@Mrtenz Mrtenz added this pull request to the merge queue Apr 23, 2025
Merged via the queue into main with commit 81c33fd Apr 23, 2025
167 of 168 checks passed
@Mrtenz Mrtenz deleted the mrtenz/sandbox branch April 23, 2025 09:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Montoya Montoya Montoya left review comments

@GuillaumeRx GuillaumeRx GuillaumeRx approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Mrtenz @Montoya @GuillaumeRx