feat: remove Braze Segment events filtering (#29134)

<!--
Please submit this PR as a draft initially.

Do not mark it as "Ready for review" until this PR meets the canonical
Definition of Ready For Review in `docs/readme/ready-for-review.md`.

In short: the template must be materially complete (not just section
titles
present), all status checks must be currently passing, and the only
expected
follow-up commits must be reviewer-driven.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->
Remove Braze Segment events filtering. As a consequence, all Segments
events will be forwarded to Braze

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry:

## **Related issues**

Fixes: https://consensyssoftware.atlassian.net/browse/GE-199

## **Manual testing steps**

```gherkin
Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

<!--
Every checklist item must be consciously assessed before marking this PR
as
"Ready for review". A checked box means you deliberately considered that
responsibility, not that you literally performed every action listed.

Unchecked boxes are ambiguous: they are not an implicit "N/A" and they
are not
a silent "skip". See `docs/readme/ready-for-review.md` for the full
checklist
semantics.
-->

- [ ] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I've included tests if applicable
- [ ] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

#### Performance checks (if applicable)

- [ ] I've tested on Android
  - Ideally on a mid-range device; emulator is acceptable
- [ ] I've tested with a power user scenario
- Use these [power-user
SRPs](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/edit-v2/401401446401?draftShareId=9d77e1e1-4bdc-4be1-9ebb-ccd916988d93)
to import wallets with many accounts and tokens
- [ ] I've instrumented key operations with Sentry traces for production
performance metrics
- See [`trace()`](/app/util/trace.ts) for usage and
[`addToken`](/app/components/Views/AddAsset/components/AddCustomToken/AddCustomToken.tsx#L274)
for an example

For performance guidelines and tooling, see the [Performance
Guide](https://consensyssoftware.atlassian.net/wiki/spaces/TL1/pages/400085549067/Performance+Guide+for+Engineers).

## **Pre-merge reviewer checklist**

<!--
Reviewer checklist items follow the same semantics as the author
checklist: an
unchecked box is ambiguous, a checked box means the reviewer consciously
assessed that responsibility. See `docs/readme/ready-for-review.md`.
-->

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Broadens analytics forwarding to Braze by removing allowlist gates and
remote-flag syncing, which could increase data volume and risk
unintentionally sending sensitive traits/events if upstream payloads
aren’t tightly controlled.
> 
> **Overview**
> **Removes Braze allowlist-based filtering** so `BrazePlugin` forwards
*all* `track` events and `identify` traits to the native Braze SDK
whenever a `profileId` is set.
> 
> This deletes the remote-feature-flag plumbing (`syncBrazeAllowlists`,
init-messenger wiring, and `setAllowedEvents`/`setAllowedTraits`) and
updates unit tests accordingly; `analytics-controller-init` now only
injects `getBrazePlugin()` without subscribing to RemoteFeatureFlag
updates.
> 
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
3256565. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Samir Mehta <12882259+samir-acle@users.noreply.github.com>

Author: baptiste-marchand

app/core/Braze/index.test.ts

@@ -2,15 +2,12 @@ import {
   setBrazeUser,
   clearBrazeUser,
   getBrazePlugin,
-  syncBrazeAllowlists,
   resetBrazePluginForTesting,
 } from './index';
 import { BrazePlugin } from '../Engine/controllers/analytics-controller/BrazePlugin';
 
 const mockGetSessionProfile = jest.fn();
 const mockSetBrazeProfileId = jest.fn();
-const mockSetAllowedEvents = jest.fn();
-const mockSetAllowedTraits = jest.fn();
 const mockSetLanguage = jest.fn();
 
 jest.mock('../Engine/Engine', () => ({
@@ -29,8 +26,6 @@ jest.mock('../Engine/controllers/analytics-controller/BrazePlugin', () => ({
     type: 'destination',
     key: 'Appboy',
     setBrazeProfileId: mockSetBrazeProfileId,
-    setAllowedEvents: mockSetAllowedEvents,
-    setAllowedTraits: mockSetAllowedTraits,
     setLanguage: mockSetLanguage,
   })),
 }));
@@ -93,85 +88,4 @@ describe('Braze service', () => {
       expect(mockSetBrazeProfileId).toHaveBeenCalledWith(undefined);
     });
   });
-
-  describe('syncBrazeAllowlists', () => {
-    it('updates both allowlists from a valid config', () => {
-      syncBrazeAllowlists({
-        allowedEvents: ['Event A', 'Event B'],
-        allowedTraits: ['trait_x', 'trait_y'],
-      });
-
-      expect(mockSetAllowedEvents).toHaveBeenCalledWith(['Event A', 'Event B']);
-      expect(mockSetAllowedTraits).toHaveBeenCalledWith(['trait_x', 'trait_y']);
-    });
-
-    it('handles partial config (only events)', () => {
-      syncBrazeAllowlists({ allowedEvents: ['Event A'] });
-
-      expect(mockSetAllowedEvents).toHaveBeenCalledWith(['Event A']);
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('handles partial config (only traits)', () => {
-      syncBrazeAllowlists({ allowedTraits: ['trait_a'] });
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).toHaveBeenCalledWith(['trait_a']);
-    });
-
-    it('no-ops when flag value is undefined', () => {
-      syncBrazeAllowlists(undefined);
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('no-ops when flag value is null', () => {
-      syncBrazeAllowlists(null);
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('rejects non-object flag values', () => {
-      syncBrazeAllowlists('not-an-object');
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('rejects arrays as flag values', () => {
-      syncBrazeAllowlists(['not', 'a', 'config']);
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('ignores allowedEvents when it contains non-strings', () => {
-      syncBrazeAllowlists({
-        allowedEvents: ['valid', 123, null],
-        allowedTraits: ['trait_a'],
-      });
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).toHaveBeenCalledWith(['trait_a']);
-    });
-
-    it('ignores allowedTraits when it is not an array', () => {
-      syncBrazeAllowlists({
-        allowedEvents: ['Event A'],
-        allowedTraits: 'not-an-array',
-      });
-
-      expect(mockSetAllowedEvents).toHaveBeenCalledWith(['Event A']);
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-
-    it('no-ops when object has no valid arrays', () => {
-      syncBrazeAllowlists({ allowedEvents: 42, allowedTraits: true });
-
-      expect(mockSetAllowedEvents).not.toHaveBeenCalled();
-      expect(mockSetAllowedTraits).not.toHaveBeenCalled();
-    });
-  });
 });

app/core/Braze/index.ts

@@ -25,67 +25,6 @@ export function getBrazePlugin(): BrazePlugin {
   return brazePlugin;
 }
 
-/**
- * Validate that a remote flag value has the expected BrazeAllowedConfig shape.
- *
- * @param value - The raw flag value from RemoteFeatureFlagController.
- * @returns Validated allowedEvents/allowedTraits arrays, or undefined.
- */
-function validateBrazeAllowedConfig(
-  value: unknown,
-): { allowedEvents?: string[]; allowedTraits?: string[] } | undefined {
-  if (!value || typeof value !== 'object' || Array.isArray(value)) {
-    return undefined;
-  }
-
-  const record = value as Record<string, unknown>;
-  const result: { allowedEvents?: string[]; allowedTraits?: string[] } = {};
-
-  if (
-    Array.isArray(record.allowedEvents) &&
-    record.allowedEvents.every((e: unknown) => typeof e === 'string')
-  ) {
-    result.allowedEvents = record.allowedEvents as string[];
-  }
-
-  if (
-    Array.isArray(record.allowedTraits) &&
-    record.allowedTraits.every((t: unknown) => typeof t === 'string')
-  ) {
-    result.allowedTraits = record.allowedTraits as string[];
-  }
-
-  return result.allowedEvents || result.allowedTraits ? result : undefined;
-}
-
-/**
- * Update the Braze plugin allowlists from a remote feature flag value.
- * Called by analytics-controller-init on startup and on flag updates.
- *
- * @param flagValue - The raw remote feature flag value for brazeAllowedConfig.
- */
-export function syncBrazeAllowlists(flagValue: unknown): void {
-  try {
-    const brazeConfig = validateBrazeAllowedConfig(flagValue);
-    if (!brazeConfig) {
-      return;
-    }
-
-    const plugin = getBrazePlugin();
-    if (brazeConfig.allowedEvents) {
-      plugin.setAllowedEvents(brazeConfig.allowedEvents);
-    }
-    if (brazeConfig.allowedTraits) {
-      plugin.setAllowedTraits(brazeConfig.allowedTraits);
-    }
-  } catch (error) {
-    Logger.error(
-      error as Error,
-      '[Braze] Failed to sync allowlists from remote config',
-    );
-  }
-}
-
 /**
  * Resolve the profile ID from the current session and forward it to the
  * Braze Segment plugin so all subsequent identify / track / flush calls