Merge branch 'main' into feat/musd-455-bring-back-claim-section-on-asset-details-screen

Author: Matt561

.github/CODEOWNERS

@@ -47,6 +47,7 @@ scripts/build.sh                                            @MetaMask/mobile-pla
 fingerprint.config.js                                       @MetaMask/mobile-platform
 builds.yml                                                  @MetaMask/mobile-platform
 .github/workflows/push-eas-update.yml                       @MetaMask/mobile-admins
+.github/workflows/upload-to-testflight.yml                  @MetaMask/mobile-admins
 scripts/update-expo-channel.js                              @MetaMask/mobile-admins
 certs/certificate.pem                                       @MetaMask/mobile-admins
 ios/fastlane/                                               @MetaMask/mobile-admins

.github/workflows/build.yml

@@ -13,6 +13,11 @@ on:
         required: false
         type: boolean
         default: false
+      source_branch:
+        description: 'Branch, tag, or SHA to build'
+        required: false
+        type: string
+        default: ''
       ref:
         description: 'Git ref to checkout when skip_version_bump is true. Defaults to the triggering event ref.'
         required: false
@@ -60,7 +65,7 @@ jobs:
       contents: write
       id-token: write
     with:
-      base-branch: ${{ github.ref_name }}
+      base-branch: ${{ inputs.source_branch != '' && inputs.source_branch || github.ref_name }}
     secrets:
       PR_TOKEN: ${{ secrets.PR_TOKEN }}
 
@@ -75,8 +80,12 @@ jobs:
       signing_aws_role: ${{ steps.config.outputs.signing_aws_role }}
       signing_aws_secret: ${{ steps.config.outputs.signing_aws_secret }}
       signing_android_keystore_path: ${{ steps.config.outputs.signing_android_keystore_path }}
+      checkout_ref_for_setup: ${{ !inputs.skip_version_bump && needs.update-build-version.outputs.commit-hash || (inputs.source_branch != '' && inputs.source_branch || github.ref_name) }}
     steps:
       - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ !inputs.skip_version_bump && needs.update-build-version.outputs.commit-hash || (inputs.source_branch != '' && inputs.source_branch || github.ref_name) }}
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
@@ -110,6 +119,8 @@ jobs:
         platform: ${{ inputs.platform == 'both' && fromJSON('["android", "ios"]') || fromJSON(format('["{0}"]', inputs.platform)) }}
     uses: ./.github/workflows/setup-node-modules.yml
     with:
+      ref: ${{ needs.prepare.outputs.checkout_ref_for_setup }}
+      fetch-depth: 0
       checkout-submodules: true
       platform: ${{ matrix.platform }}
       build_name: ${{ inputs.build_name }}

.github/workflows/expo-dev-build.yml

@@ -20,7 +20,7 @@ on:
   workflow_dispatch:
 
 permissions:
-  contents: read
+  contents: write
   id-token: write
 
 jobs:

.github/workflows/generate-rc-test-plan.yml

@@ -6,6 +6,11 @@ name: Upload to TestFlight
 on:
   workflow_dispatch:
     inputs:
+      source_branch:
+        description: 'Branch, tag, or SHA to build'
+        required: true
+        type: string
+        default: 'main'
       environment:
         description: 'Build environment / track'
         required: true
@@ -38,6 +43,7 @@ jobs:
       build_name: main-${{ inputs.environment || 'rc' }}
       platform: ios
       skip_version_bump: false
+      source_branch: ${{ inputs.source_branch }}
     secrets: inherit
 
   testflight-upload-summary:
@@ -48,6 +54,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          ref: ${{ inputs.source_branch }}
       - name: Display TestFlight upload summary
         run: |
           BUILD_VERSION=$(node -p "require('./package.json').version")
@@ -56,18 +63,19 @@ jobs:
             echo ""
             echo "| Field | Value |"
             echo "| --- | --- |"
+            echo "| **Workflow ref** | ${{ github.ref_name }} (required for AWS) |"
+            echo "| **Source branch** | ${{ inputs.source_branch }} |"
             echo "| **Build name** | main-${{ inputs.environment || 'rc' }} |"
             echo "| **Build version** | ${BUILD_VERSION} |"
             echo "| **TestFlight group** | ${{ inputs.testflight_group || 'MetaMask BETA & Release Candidates' }} |"
-            echo "| **Branch** | ${{ github.ref_name }} |"
           } >> "$GITHUB_STEP_SUMMARY"
 
-  # Uses GitHub Environment "apple" for App Store Connect API secrets.
+  # Pulls App Store Connect API keys from AWS Secrets Manager (OIDC).
+  # Workflow must run from main; build uses inputs.source_branch.
   upload-ios-testflight:
     name: Upload iOS to TestFlight
     needs: [build, testflight-upload-summary]
     runs-on: ghcr.io/cirruslabs/macos-runner:sequoia-xl
-    environment: apple
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -97,22 +105,63 @@ jobs:
           case "$IPA" in /*) ABS="$IPA" ;; *) ABS="$PWD/$IPA" ;; esac
           echo "path=$ABS" >> "$GITHUB_OUTPUT"
 
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_APPLE_TESTFLIGHT }}
+          aws-region: 'us-east-2'
+
+      - name: Fetch Apple API keys from AWS Secrets Manager
+        run: |
+          echo "🔐 Fetching App Store Connect API keys from Secrets Manager..."
+          secret_id="metamask-mobile-main-apple-api-keys"
+          secret_json=$(aws secretsmanager get-secret-value \
+            --region 'us-east-2' \
+            --secret-id "$secret_id" \
+            --query SecretString \
+            --output text)
+
+          for key in APP_STORE_CONNECT_API_KEY_ISSUER_ID APP_STORE_CONNECT_API_KEY_KEY_ID; do
+            value=$(echo "$secret_json" | jq -r --arg k "$key" '.[$k] // empty')
+            if [ -z "$value" ]; then
+              echo "::error::Missing key in secret: $key"
+              exit 1
+            fi
+            echo "::add-mask::$value"
+            echo "${key}=${value}" >> "$GITHUB_ENV"
+          done
+
+          key=APP_STORE_CONNECT_API_KEY_KEY_CONTENT
+          value=$(echo "$secret_json" | jq -r --arg k "$key" '.[$k] // empty')
+          if [ -z "$value" ]; then
+            echo "::error::Missing key in secret: $key"
+            exit 1
+          fi
+          while IFS= read -r line || [ -n "$line" ]; do
+            [ -n "$line" ] && echo "::add-mask::$line"
+          done <<< "$(printf '%s\n' "$value")"
+
+          delim="APPLEP8$(openssl rand -hex 16)"
+          {
+            printf '%s<<%s\n' "$key" "$delim"
+            printf '%s\n' "$value"
+            printf '%s\n' "$delim"
+          } >> "$GITHUB_ENV"
+
+          echo "✅ Apple API keys loaded from AWS"
+
       - name: Setup App Store Connect API Key
         run: |
           bash scripts/setup-app-store-connect-api-key.sh \
             "$APP_STORE_CONNECT_API_KEY_ISSUER_ID" \
             "$APP_STORE_CONNECT_API_KEY_KEY_ID" \
             "$APP_STORE_CONNECT_API_KEY_KEY_CONTENT"
-        env:
-          APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }}
-          APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_KEY_ID }}
-          APP_STORE_CONNECT_API_KEY_KEY_CONTENT: ${{ secrets.APP_STORE_CONNECT_API_KEY_KEY_CONTENT }}
 
       - name: Upload to TestFlight
         run: |
           bash scripts/upload-to-testflight.sh \
             "github_actions_main-${{ inputs.environment || 'rc' }}" \
-            "${{ github.ref_name }}" \
+            "${{ inputs.source_branch }}" \
             "${{ steps.ipa.outputs.path }}" \
             "${{ inputs.testflight_group || 'MetaMask BETA & Release Candidates' }}"
 

.github/workflows/upload-to-testflight.yml

@@ -185,3 +185,8 @@ temp/
 tests/coverage-systems/
 
 runway-artifacts/
+
+# E2E AI Analyzer output files
+release-test-plan.json
+release-delta.json
+release-signoffs.json

.gitignore

@@ -0,0 +1,48 @@
+diff --git a/dist/TokenBalancesController.cjs b/dist/TokenBalancesController.cjs
+index 8df3058aea9bd28aaabe1d09f8c3b38fa5949600..39468505fed9c6776a193917fed0cea73de65c23 100644
+--- a/dist/TokenBalancesController.cjs
++++ b/dist/TokenBalancesController.cjs
+@@ -805,18 +805,30 @@ async function _TokenBalancesController_importUntrackedTokens(balances) {
+     if (!changes.length) {
+         return;
+     }
+-    const chainConfigs = {};
+-    for (const [chainId, status] of changes) {
+-        const hexChainId = (0, exports.caipChainIdToHex)(chainId);
+-        chainConfigs[hexChainId] =
+-            status === 'down'
+-                ? { interval: __classPrivateFieldGet(this, _TokenBalancesController_defaultInterval, "f") }
+-                : { interval: __classPrivateFieldGet(this, _TokenBalancesController_websocketActivePollingInterval, "f") };
+-    }
+-    const jitterDelay = Math.random() * __classPrivateFieldGet(this, _TokenBalancesController_defaultInterval, "f");
+-    setTimeout(() => {
+-        this.updateChainPollingConfigs(chainConfigs, { immediateUpdate: true });
+-    }, jitterDelay);
++    try {
++        const chainConfigs = {};
++        for (const [chainId, status] of changes) {
++            if ((0, utils_1.isCaipChainId)(chainId) &&
++                (0, utils_1.parseCaipChainId)(chainId).namespace !== 'eip155') {
++                continue;
++            }
++            const hexChainId = (0, exports.caipChainIdToHex)(chainId);
++            chainConfigs[hexChainId] =
++                status === 'down'
++                    ? { interval: __classPrivateFieldGet(this, _TokenBalancesController_defaultInterval, "f") }
++                    : { interval: __classPrivateFieldGet(this, _TokenBalancesController_websocketActivePollingInterval, "f") };
++        }
++        if (Object.keys(chainConfigs).length === 0) {
++            return;
++        }
++        const jitterDelay = Math.random() * __classPrivateFieldGet(this, _TokenBalancesController_defaultInterval, "f");
++        setTimeout(() => {
++            this.updateChainPollingConfigs(chainConfigs, { immediateUpdate: true });
++        }, jitterDelay);
++    }
++    catch (error) {
++        console.warn('Error processing accumulated status changes:', error);
++    }
+ };
+ exports.default = TokenBalancesController;
+ //# sourceMappingURL=TokenBalancesController.cjs.map
+\ No newline at end of file

.yarn/patches/@metamask-assets-controllers-npm-100.2.1-4f7a0c8320.patch

@@ -1,6 +1,5 @@
 import React, {
   useCallback,
-  useLayoutEffect,
   useRef,
   useMemo,
   useEffect,
@@ -84,10 +83,6 @@ const TokenListComponent = ({
   const navigation = useNavigation();
   const { trackEvent, createEventBuilder } = useAnalytics();
 
-  useLayoutEffect(() => {
-    listRef.current?.recomputeViewableItems();
-  }, [isTokenNetworkFilterEqualCurrentNetwork]);
-
   // Apply maxItems limit if specified
   const displayTokenKeys = useMemo(
     () => (tokenKeys || []).slice(0, maxItems || undefined),

app/components/UI/Tokens/TokenList/TokenList.tsx

@@ -57,19 +57,18 @@ describe('ConnectingContent', () => {
     expect(getByTestId(CONNECTING_CONTENT_TEST_ID)).toBeOnTheScreen();
   });
 
-  it('renders activity indicator', () => {
+  it('renders spinner', () => {
     const { getByTestId } = renderComponent();
 
     expect(getByTestId(CONNECTING_CONTENT_SPINNER_TEST_ID)).toBeOnTheScreen();
   });
 
-  it('renders tips', () => {
+  it('renders connection tips', () => {
     const { getByText } = renderComponent();
 
     expect(
       getByText('hardware_wallet.connecting.tips_header'),
     ).toBeOnTheScreen();
-    // All tips are rendered with { device: deviceName } interpolation params
     expect(
       getByText(/hardware_wallet\.connecting\.tip_unlock/),
     ).toBeOnTheScreen();
@@ -79,8 +78,5 @@ describe('ConnectingContent', () => {
     expect(
       getByText(/hardware_wallet\.connecting\.tip_enable_bluetooth/),
     ).toBeOnTheScreen();
-    expect(
-      getByText(/hardware_wallet\.connecting\.tip_dnd_off/),
-    ).toBeOnTheScreen();
   });
 });