release: 13.1.0

.eslintrc.js

@@ -20,7 +20,7 @@ module.exports = {
   parser: '@babel/eslint-parser',
   plugins: ['@metamask/design-tokens'],
   rules: {
-    '@metamask/design-tokens/color-no-hex': 'warn',
+    '@metamask/design-tokens/color-no-hex': 'error',
     'import/no-restricted-paths': [
       'error',
       {
@@ -390,6 +390,35 @@ module.exports = {
         },
       },
     },
+    /**
+     * Tailwind CSS
+     */
+    {
+      files: [
+        'ui/pages/design-system/**/*.{ts,tsx}',
+        // Add your workspace if you'd like to start using tailwind css,
+        // for example:
+        // 'ui/pages/your-page/**/*.{ts,tsx}',
+      ],
+      plugins: ['tailwindcss'],
+      rules: {
+        // Tailwind CSS rules - same as design system
+        'tailwindcss/classnames-order': 'error',
+        'tailwindcss/enforces-negative-arbitrary-values': 'error',
+        'tailwindcss/enforces-shorthand': 'error',
+        'tailwindcss/no-arbitrary-value': 'off', // There are legitimate reasons to use arbitrary values but we should specifically error on static colors
+        'tailwindcss/no-custom-classname': 'error',
+        'tailwindcss/no-contradicting-classname': 'error',
+        'tailwindcss/no-unnecessary-arbitrary-value': 'error',
+      },
+      settings: {
+        tailwindcss: {
+          callees: ['twMerge'],
+          config: 'tailwind.config.js',
+          classRegex: ['^(class(Name)?)$'],
+        },
+      },
+    },
     /**
      * Mocha tests
      *

.github/CODEOWNERS

@@ -19,7 +19,7 @@ lavamoat/                            @MetaMask/extension-devs @MetaMask/policy-r
 # file is responsible, at present, for loading the snaps execution environment
 # for MV3. Any changes to this file should require at least one member of the
 # snaps development team to review and approve the changes.
-offscreen/scripts/offscreen.ts       @MetaMask/snaps-devs
+offscreen/scripts/offscreen.ts       @MetaMask/core-platform
 
 
 # The privacy-snapshot.json file includes a list of all hosts that the
@@ -91,13 +91,13 @@ app/scripts/controllers/swaps                         @MetaMask/swaps-engineers
 **/ramps/**                                           @MetaMask/ramp
 
 # Snaps
-**/snaps/**                          @MetaMask/snaps-devs
-shared/constants/permissions.ts      @MetaMask/snaps-devs
-ui/helpers/utils/permission.js       @MetaMask/snaps-devs
-app/scripts/constants/snaps.ts       @MetaMask/snaps-devs
+**/snaps/**                          @MetaMask/core-platform
+shared/constants/permissions.ts      @MetaMask/core-platform
+ui/helpers/utils/permission.js       @MetaMask/core-platform
+app/scripts/constants/snaps.ts       @MetaMask/core-platform
 
 # Co-owned by Confirmations and Snaps
-ui/components/app/metamask-template-renderer @MetaMask/confirmations @MetaMask/snaps-devs
+ui/components/app/metamask-template-renderer @MetaMask/confirmations @MetaMask/core-platform
 
 # Wallet UX
 ui/components/app/whats-new-popup     @MetaMask/wallet-ux
@@ -136,8 +136,17 @@ ui/components/ui/nft-collection-image                 @MetaMask/metamask-assets
 
 # Extension Platform
 .yarnrc.yml                                           @MetaMask/extension-platform
-test/e2e/mock-e2e-allowlist.js                        @MetaMask/extension-platform
 
 # Smart Transactions
 app/scripts/controller-init/smart-transactions    @MetaMask/transactions
-app/scripts/lib/smart-transaction                 @MetaMask/transactions
+app/scripts/lib/smart-transaction                 @MetaMask/transactions
+
+# QA Team - E2E Framework
+test/e2e/page-objects/                    @MetaMask/qa
+test/e2e/seeder/                          @MetaMask/qa
+test/e2e/default-fixture.js               @MetaMask/qa
+test/e2e/fixture-builder.js               @MetaMask/qa
+test/e2e/fixture-server.js                @MetaMask/qa
+test/e2e/helpers.js                       @MetaMask/qa
+test/e2e/mock-e2e-allowlist.js            @MetaMask/qa
+test/e2e/mock-e2e.js                      @MetaMask/qa

.github/scripts/bundle.sh

@@ -1,5 +1,11 @@
 #!/usr/bin/env bash
 
+# Keep this list synchronized with:
+# * The environment variables used by the `run-build` step in `.github/workflows/run-build.yml`.
+# * The environment variables used by the `publish-release` step in `.github/workflows/publish-release.yml`.
+export APPLE_BETA_CLIENT_ID=""
+export APPLE_FLASK_CLIENT_ID=""
+export APPLE_PROD_CLIENT_ID=""
 export CONTENTFUL_ACCESS_SPACE_ID=""
 export CONTENTFUL_ACCESS_TOKEN=""
 export ETHERSCAN_API_KEY=""
@@ -10,22 +16,27 @@ export FIREBASE_MEASUREMENT_ID=""
 export FIREBASE_MESSAGING_SENDER_ID=""
 export FIREBASE_PROJECT_ID=""
 export FIREBASE_STORAGE_BUCKET=""
+export GOOGLE_BETA_CLIENT_ID=""
+export GOOGLE_FLASK_CLIENT_ID=""
+export GOOGLE_PROD_CLIENT_ID=""
 export INFURA_BETA_PROJECT_ID=""
 export INFURA_FLASK_PROJECT_ID=""
 export INFURA_PROD_PROJECT_ID=""
-export INFURA_PROJECT_ID=""
-export PUBNUB_PUB_KEY=""
+export QUICKNODE_ARBITRUM_URL=""
+export QUICKNODE_AVALANCHE_URL=""
+export QUICKNODE_BASE_URL=""
+export QUICKNODE_LINEA_MAINNET_URL=""
+export QUICKNODE_MAINNET_URL=""
+export QUICKNODE_OPTIMISM_URL=""
+export QUICKNODE_POLYGON_URL=""
 export SEGMENT_BETA_WRITE_KEY=""
 export SEGMENT_FLASK_WRITE_KEY=""
 export SEGMENT_PROD_WRITE_KEY=""
-export SEGMENT_WRITE_KEY=""
 export ANALYTICS_DATA_DELETION_SOURCE_ID=""
 export ANALYTICS_DATA_DELETION_ENDPOINT=""
-export SENTRY_AUTH_TOKEN=""
 export SENTRY_DSN=""
-export SENTRY_DSN_DEV=""
-export VAPID_KEY=""
 export TZ="UTC"
+export VAPID_KEY=""
 export ENABLE_MV3="false"
 
 # 1. Download and install nvm:

.github/scripts/close-release-bug-report-issue.ts

@@ -33,7 +33,7 @@ async function main(): Promise<void> {
 
   // Extract semver version number from the branch name
   const releaseVersionNumberMatch = branchName.match(
-    /^Version-v(\d+\.\d+\.\d+)$/,
+    /^(?:Version-v|release\/)(\d+\.\d+\.\d+)$/,
   );
 
   if (!releaseVersionNumberMatch) {

.github/scripts/create-bug-report-issue.ts

@@ -103,7 +103,7 @@ async function main(): Promise<void> {
     process.exit(1);
   }
 
-  const issueBody = `**What is this bug report issue for?**\n\n1. This issue is used to track release dates on this [Github Project board](https://github.com/orgs/MetaMask/projects/${projectNumber}/views/${projectViewNumber}), which content then gets pulled into our metrics system.\n\n2. This issue is also used by our Zapier automations, to determine if automated notifications shall be sent on Slack for release \`${releaseVersion}\`. Notifications will only be sent as long as this issue is open.\n\n**Who created and/or closed this issue?**\n\n- This issue was automatically created by a GitHub action upon the creation of the release branch \`Version-v${releaseVersion}\`, indicating the release was cut.\n\n- This issue gets automatically closed by another GitHub action, once the \`Version-v${releaseVersion}\` branch merges into \`main\`, indicating the release is prepared for store submission.`;
+  const issueBody = `**What is this bug report issue for?**\n\n1. This issue is used to track release dates on this [Github Project board](https://github.com/orgs/MetaMask/projects/${projectNumber}/views/${projectViewNumber}), which content then gets pulled into our metrics system.\n\n2. This issue is also used by our Zapier automations, to determine if automated notifications shall be sent on Slack for release \`${releaseVersion}\`. Notifications will only be sent as long as this issue is open.\n\n**Who created and/or closed this issue?**\n\n- This issue was automatically created by a GitHub action upon the creation of the release branch \`Version-v${releaseVersion}\`, indicating the release was cut.\n\n- This issue gets automatically closed by another GitHub action, once the release branch \`Version-v${releaseVersion}\` or \`release/${releaseVersion}\` merges into \`main\`, indicating the release is prepared for store submission.`;
   const issueId = await createIssue(octokit, repoOwner, planningRepoName, issueTitle, issueBody, [regressionLabelTestingId, typeBugLabelId, teamLabelId]);
 
   // Retrieve project, in order to obtain its ID

.github/scripts/get-next-semver-version.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+FORCE_NEXT_SEMVER_VERSION=$1
+
+# If FORCE_NEXT_SEMVER_VERSION is defined and not empty, use its value and skip the next operations
+if [ -n "$FORCE_NEXT_SEMVER_VERSION" ]
+then
+  echo "NEXT_SEMVER_VERSION=${FORCE_NEXT_SEMVER_VERSION}" >> "$GITHUB_ENV"
+  exit 0
+fi
+
+# Pattern for Version-vX.Y.Z branches
+VERSION_BRANCHES_VERSION_V=$(git branch -r | grep -o 'Version-v[0-9]*\.[0-9]*\.[0-9]*' | grep -o '[0-9]*\.[0-9]*\.[0-9]*' | sort --version-sort | tail -n 1)
+# Default pattern for release/x.y.z branches
+VERSION_BRANCHES_RELEASE=$(git branch -r | grep -o 'release/[0-9]*\.[0-9]*\.[0-9]*' | grep -o '[0-9]*\.[0-9]*\.[0-9]*' | sort --version-sort | tail -n 1)
+
+
+# Get the highest version from tags
+VERSION_TAGS=$(git tag | grep -o 'v[0-9]*\.[0-9]*\.[0-9]*' | grep -o '[0-9]*\.[0-9]*\.[0-9]*' | sort --version-sort | tail -n 1)
+
+# Get the version from package.json
+VERSION_PACKAGE=$(node -p "require('../../package.json').version")
+
+# Compare versions and keep the highest one
+HIGHEST_VERSION=$(printf "%s\n%s\n%s\n%s" "$VERSION_BRANCHES_VERSION_V" "$VERSION_BRANCHES_RELEASE" "$VERSION_TAGS" "$VERSION_PACKAGE" | sort --version-sort | tail -n 1)
+echo "HIGHEST_VERSION=${HIGHEST_VERSION}, VERSION_BRANCHES_VERSION_V=${VERSION_BRANCHES_VERSION_V}, VERSION_BRANCHES_RELEASE=${VERSION_BRANCHES_RELEASE}, VERSION_TAGS=${VERSION_TAGS}, VERSION_PACKAGE=${VERSION_PACKAGE}"
+
+# Increment the minor version of the highest version found and reset the patch version to 0
+NEXT_VERSION=$(echo "$HIGHEST_VERSION" | awk -F. -v OFS=. '{$2++; $3=0; print}')
+
+echo "NEXT_SEMVER_VERSION=${NEXT_VERSION}" >> "$GITHUB_ENV"

.github/workflows/auto-update-pr-targeting-release.yml

@@ -4,6 +4,7 @@ on:
   pull_request:
     branches:
       - Version-v*
+      - release/*
 
 jobs:
   auto-update:

.github/workflows/check-attributions.yml

@@ -2,7 +2,9 @@ name: Check Attributions
 
 on:
   push:
-    branches: Version-v*
+    branches:
+      - Version-v*
+      - release/*
 
 jobs:
   check-attributions:

.github/workflows/check-pr-labels.yml

@@ -12,7 +12,7 @@ on:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master')) }}
+  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master') || contains(github.ref, 'refs/heads/stable')) }}
 
 jobs:
   check-pr-labels:

.github/workflows/check-pr-max-lines.yml

@@ -9,7 +9,9 @@ on:
     branches-ignore:
       # Do not count lines on PRs targeting master or releases
       - master
+      - stable
       - Version-v*
+      - release/*
 
 jobs:
   check-pr-max-lines:

.github/workflows/cla.yml

@@ -7,7 +7,7 @@ on:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master')) }}
+  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master') || contains(github.ref, 'refs/heads/stable')) }}
 
 jobs:
   CLABot:

.github/workflows/close-bug-report.yml

@@ -4,13 +4,14 @@ on:
   pull_request:
     branches:
       - master
+      - stable
     types:
       - closed
 
 jobs:
   close-bug-report:
     runs-on: ubuntu-latest
-    if: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'Version-v')
+    if: github.event.pull_request.merged == true && ( startsWith(github.event.pull_request.head.ref, 'Version-v') || startsWith(github.event.pull_request.head.ref, 'release/') )
     steps:
       - name: Checkout and setup environment
         uses: MetaMask/action-checkout-and-setup@v1

.github/workflows/create-bug-report.yml

@@ -9,8 +9,8 @@ jobs:
       - name: Extract version from branch name if release branch
         id: extract_version
         run: |
-          if [[ "$GITHUB_REF" =~ ^refs/heads/Version-v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-            version="${GITHUB_REF#refs/heads/Version-v}"
+          if [[ "$GITHUB_REF" =~ ^refs/heads/(Version-v|release/)[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            version=$(echo "$GITHUB_REF" | sed -E 's#^refs/heads/(Version-v|release/)##')
             echo "New release branch($version), continue next steps"
             echo "version=$version" >> "$GITHUB_OUTPUT"
           else

.github/workflows/create-release-pr.yml

@@ -4,16 +4,18 @@ on:
   workflow_dispatch:
     inputs:
       base-branch:
-        description: 'The base branch, tag, or SHA for git operations and the pull request (usually `main`)'
+        description: 'The base branch, tag, or SHA for git operations and the pull request. Usually `main`'
         required: true
       semver-version:
         description: 'A semantic version, eg: x.x.x'
         required: true
       previous-semver-version:
         description: 'Previous semantic version, eg: x.x.x'
         required: true
+
 jobs:
   create-release-pr:
+    name: Create Release Pull Request using Github Tools
     uses: MetaMask/github-tools/.github/workflows/create-release-pr.yml@fc6fe1a3fb591f6afa61f0dbbe7698bd50fab9c7
     with:
       platform: extension

.github/workflows/identify-codeowners.yml

@@ -10,7 +10,7 @@ on:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master')) }}
+  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master') || contains(github.ref, 'refs/heads/stable')) }}
 
 jobs:
   identify-codeowners:

.github/workflows/main.yml

@@ -5,7 +5,9 @@ on:
     branches:
       - main
       - master
+      - stable
       - Version-v*
+      - release/*
       - trigger-ci*
   pull_request:
     types:
@@ -23,7 +25,7 @@ on:
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master')) }}
+  cancel-in-progress: ${{ !(contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/heads/master') || contains(github.ref, 'refs/heads/stable')) }}
 
 env:
   # For a `pull_request` event, the branch is `github.head_ref``.
@@ -49,6 +51,13 @@ jobs:
           skip-allow-scripts: true
           yarn-custom-url: ${{ vars.YARN_URL }}
 
+      # Need to cache `.metamask` folder for the anvil binary
+      - name: Cache .metamask folder
+        uses: actions/cache/save@v4
+        with:
+          path: .metamask
+          key: .metamask-${{ hashFiles('yarn.lock') }}
+
   lint-workflows:
     name: Lint workflows
     uses: metamask/github-tools/.github/workflows/lint-workflows.yml@1299bb1de0c6974ae6d0a32c7e8897fe168239ac
@@ -99,14 +108,14 @@ jobs:
     uses: ./.github/workflows/run-build.yml
     with:
       build-name: build-dist-browserify
-      build-command: ${{ (github.head_ref || github.ref_name) == 'master' && 'yarn build prod' || 'yarn build dist' }}
+      build-command: ${{ ((github.head_ref || github.ref_name) == 'master' || (github.head_ref || github.ref_name) == 'stable') && 'yarn build prod' || 'yarn build dist' }}
     secrets: inherit
 
   build-dist-mv2-browserify:
     uses: ./.github/workflows/run-build.yml
     with:
       build-name: build-dist-mv2-browserify
-      build-command: ${{ (github.head_ref || github.ref_name) == 'master' && 'yarn build prod' || 'yarn build dist' }}
+      build-command: ${{ ((github.head_ref || github.ref_name) == 'master' || (github.head_ref || github.ref_name) == 'stable') && 'yarn build prod' || 'yarn build dist' }}
       mozilla-lint: true
       enable-mv3: false
     secrets: inherit
@@ -131,14 +140,14 @@ jobs:
     uses: ./.github/workflows/run-build.yml
     with:
       build-name: build-flask-browserify
-      build-command: ${{ (github.head_ref || github.ref_name) == 'master' && 'yarn build --build-type flask prod' || 'yarn build --build-type flask dist' }}
+      build-command: ${{ ((github.head_ref || github.ref_name) == 'master' || (github.head_ref || github.ref_name) == 'stable') && 'yarn build --build-type flask prod' || 'yarn build --build-type flask dist' }}
     secrets: inherit
 
   build-flask-mv2-browserify:
     uses: ./.github/workflows/run-build.yml
     with:
       build-name: build-flask-mv2-browserify
-      build-command: ${{ (github.head_ref || github.ref_name) == 'master' && 'yarn build --build-type flask prod' || 'yarn build --build-type flask dist' }}
+      build-command: ${{ ((github.head_ref || github.ref_name) == 'master' || (github.head_ref || github.ref_name) == 'stable') && 'yarn build --build-type flask prod' || 'yarn build --build-type flask dist' }}
       mozilla-lint: true
       enable-mv3: false
     secrets: inherit
@@ -186,6 +195,7 @@ jobs:
   run-benchmarks:
     uses: ./.github/workflows/run-benchmarks.yml
     needs:
+      - prep-deps
       - build-test-browserify
       - build-test-webpack
 
@@ -360,7 +370,7 @@ jobs:
 
   publish-release:
     name: Publish release
-    if: ${{ github.event_name == 'push' && github.ref_name == 'master' }}
+    if: ${{ github.event_name == 'push' && (github.ref_name == 'master' || github.ref_name == 'stable') }}
     needs:
       - build-dist-browserify
       - build-dist-mv2-browserify

.github/workflows/needs-e2e.yml

@@ -40,7 +40,7 @@ jobs:
   prep-e2e:
     # For a `pull_request` event, the branch is `github.head_ref``.
     # For a `push` event, the branch is `github.ref_name`.
-    if: ${{ needs.needs-e2e.outputs.needs-e2e == 'true' && (github.head_ref || github.ref_name) != 'master' }}
+    if: ${{ needs.needs-e2e.outputs.needs-e2e == 'true' && (github.head_ref || github.ref_name) != 'master' && (github.head_ref || github.ref_name) != 'stable' }}
     needs:
       - needs-e2e
     runs-on: ubuntu-latest

.github/workflows/publish-prerelease.yml

@@ -34,7 +34,7 @@ jobs:
           yarn-custom-url: ${{ vars.YARN_URL }}
 
       - name: Find the associated PR
-        if: ${{ startsWith(env.BRANCH, 'Version-v') && (!env.PR_NUMBER || !env.BASE_COMMIT_HASH || !env.HEAD_COMMIT_HASH) }}
+        if: ${{ (startsWith(env.BRANCH, 'Version-v') || startsWith(env.BRANCH, 'release/')) && (!env.PR_NUMBER || !env.BASE_COMMIT_HASH || !env.HEAD_COMMIT_HASH) }}
         uses: actions/github-script@v7
         with:
           script: |