release: 7.61.5 #24224
Merged
release: 7.61.5 #24224
+59
−29
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes. |
|
No dependency changes detected. Learn more about Socket for GitHub. 👍 No dependency changes detected in pull request |
metamaskbot
added
the
release-7.61.5
<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->
## **Description**
More robust deeplinking
<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->
## **Changelog**
<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`
If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`
(This helps the Release Engineer do their job more quickly and
accurately)
-->
CHANGELOG entry:
## **Related issues**
Fixes:
## **Manual testing steps**
```gherkin
Feature: my feature name
Scenario: user [verb for user action]
Given [describe expected initial app state]
When user [verb for user action]
Then [describe expected outcome]
```
## **Screenshots/Recordings**
<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->
### **Before**
<!-- [screenshots/recordings] -->
### **After**
<!-- [screenshots/recordings] -->
## **Pre-merge author checklist**
- [ ] I’ve followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Strengthens deeplink safety by rejecting internal-origin channelIds
for external flows.
>
> - Adds `INTERNAL_ORIGINS` validation in `connectWithWC` and
`handleMetaMaskDeeplink`; throws on internal-origin `channelId`
> - Refactors to derive `channelId` once and pass it to
`handleConnection`, `handleDeeplink`, and `handleMessage`
> - No other behavior changes intended
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
925feac. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
metamaskbot
dismissed
Cal-L’s stale review
The merge-base changed after approval.
<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->
## **Description**
Refine hardware signing flow
## **Changelog**
<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`
If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`
(This helps the Release Engineer do their job more quickly and
accurately)
-->
CHANGELOG entry:null
## **Related issues**
Fixes:
## **Manual testing steps**
```gherkin
Feature: my feature name
Scenario: user [verb for user action]
Given [describe expected initial app state]
When user [verb for user action]
Then [describe expected outcome]
```
## **Screenshots/Recordings**
<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->
### **Before**
<!-- [screenshots/recordings] -->
### **After**
<!-- [screenshots/recordings] -->
Performing unified swaps and bridge
https://github.com/user-attachments/assets/224ccca4-bf1a-421b-8c35-6e33489755dc
## **Pre-merge author checklist**
- [ ] I’ve followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [ ] I've completed the PR template to the best of my ability
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [ ] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> **Hardware signing flow refinement**
>
> - In `RootRPCMethodsUI.autoSign`, detect `Ledger` and `QR` hardware
accounts and only auto-sign for those; non-hardware accounts return
early
> - Ledger transactions now navigate to the Ledger transaction
confirmation modal; QR accounts proceed via
`Engine.acceptPendingApproval`
> - Notes that unified swaps/bridge no longer use this path; maintains
transaction finish/confirm listeners and swaps metrics handling
>
> **Changelog updates**
>
> - Adds `7.61.3`, `7.61.4`, `7.61.5` sections and updates compare links
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
1761028. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| shouldShowTronReviewButton && renderReviewButton(isReviewButtonDisabled) | ||
| ///: END:ONLY_INCLUDE_IF | ||
| } | ||
| {!isTronEnabled && renderReviewButton(isReviewButtonDisabled)} |
There was a problem hiding this comment.
Undefined variables crash non-Tron builds
The variables isTronEnabled and isTronNative are only declared inside ONLY_INCLUDE_IF(tron) preprocessor blocks, but they're used outside these blocks at lines 204, 961, and 1075 in EarnInputView.tsx, and lines 198, 209, and 950 in EarnWithdrawInputView.tsx. In non-Tron builds where the preprocessor removes those blocks, accessing these undeclared variables will throw a ReferenceError, crashing the app. The code already has properly-scoped wrapper variables (showTronStakingUI, showTronUnstakingUI) initialized with fallback values that could be used instead.
Additional Locations (2)
| isOverMaximum.isOverMaximumEth || | ||
| !isNonZeroAmount || | ||
| (isTronNative ? isTronStakeValidating : isLoadingEarnGasFee) || | ||
| isSubmittingStakeDepositTransaction; |
There was a problem hiding this comment.
Tron variables used outside conditional block cause ReferenceError
Variables isTronNative and isTronStakeValidating are declared inside the ONLY_INCLUDE_IF(tron) block (lines 135-148) but are accessed outside conditional blocks at lines 204, 717, and 961. In non-Tron builds, these lines of code remain but the variable declarations are removed by the preprocessor, causing a ReferenceError crash. The pattern used for showTronStakingUI (declared outside, assigned inside) is correct, but this pattern is not followed for these variables.
Additional Locations (2)
| } | ||
|
|
||
| return percentageOptions; | ||
| }, [isTronEnabled, isPreviewVisible, isNonZeroAmount, percentageOptions]); |
There was a problem hiding this comment.
Undeclared isTronEnabled variable in withdraw view
The isTronEnabled variable is declared inside ONLY_INCLUDE_IF(tron) (line 87) but used outside at lines 198, 209, and 808. In non-Tron builds, the useMemo at line 197 and useCallback at line 807 will throw a ReferenceError because isTronEnabled is undeclared. Unlike showTronUnstakingUI which is properly declared outside the conditional block, isTronEnabled follows an incorrect pattern.
Additional Locations (1)
Contributor
🔍 Smart E2E Test Selection
click to see 🤖 AI reasoning detailsFallback: AI analysis did not complete successfully. Running all tests. |
weitingsun
approved these changes
Jan 5, 2026
|
weitingsun
added
the
skip-sonar-cloud
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚀 v7.61.5 Testing & Release Quality Process
Hi Team,
As part of our new MetaMask Release Quality Process, here’s a quick overview of the key processes, testing strategies, and milestones to ensure a smooth and high-quality deployment.
📋 Key Processes
Testing Strategy
Conduct regression and exploratory testing for your functional areas, including automated and manual tests for critical workflows.
Focus on exploratory testing across the wallet, prioritize high-impact areas, and triage any Sentry errors found during testing.
Validate new functionalities and provide feedback to support release monitoring.
GitHub Signoff
Issue Resolution
Cherry-Picking Criteria
🗓️ Timeline and Milestones
✅ Signoff Checklist
Each team is responsible for signing off via GitHub. Use the checkbox below to track signoff completion:
Team sign-off checklist
This process is a major step forward in ensuring release stability and quality. Let’s stay aligned and make this release a success! 🚀
Feel free to reach out if you have questions or need clarification.
Many thanks in advance
Reference
Note
Release bump to
7.61.5versionName/versionCodein Android,MARKETING_VERSION/CURRENT_PROJECT_VERSIONin iOS, Bitrise env vars,package.json, andCHANGELOG.mdDeeplink robustness and security
INTERNAL_ORIGINSinhandleMetaMaskDeeplink.tsandconnectWithWC.tschannelIdlocal variable in deeplink handlingTransaction auto-sign flow
RootRPCMethodsUI, only auto-signs for hardware accounts (ledgerorqr); early return for others; maintains Ledger handoff to confirmation flowWritten by Cursor Bugbot for commit 8eec71f. This will update automatically on new commits. Configure here.