chore: Update @metamask/controller-utils to v3.4

[Gudahtt]

Development & PR Process

1. Follow MetaMask Mobile Coding Standards
2. Add release-xx label to identify the PR slated for a upcoming release (will be used in release discussion)
3. Add needs-dev-review label when work is completed
4. Add needs-qa label when dev review is completed
5. Add QA Passed label when QA has signed off

Description

The @metamask/controller-utils package has been updated to v3.4. This package had previously been held back because v3.1.0 introduced a usage of the BigInt API, which was a compatibility issue. But that should no longer be a problem now that React Native has been upgraded.

There were no breaking changes in this range of updates, but there were a few additions and rearrangements that required substantial patch updates.

Issue

This change was done to simplify PR #6872, which is part of https://github.com/MetaMask/mobile-planning/issues/798

Checklist

• There is a related GitHub issue
• Tests are included if applicable
• Any added code is fully documented

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
@metamask/controller-utils	3.0.0...3.4.0	None	+5/-1	4.2 MB	metamaskbot

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: @spruceid/siwe-parser@1.1.3, apg-js@4.1.3

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

[Gudahtt]

@SocketSecurity ignore @spruceid/siwe-parser@1.1.3
@SocketSecurity ignore apg-js@4.1.3

The parser package has been evaluated by us already, and the lack of a README in general isn't a big concern for us.

The flagged module in apg-js appears to be a development script included in the published package by mistake.

[Gudahtt]

Passing e2e test run: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/36eda36b-b4f9-4ca3-a8b9-691366cdfe85

[Gudahtt]

For reference, here is the source for v3.4.0: https://github.com/MetaMask/core/blob/%40metamask/controller-utils%403.4.0/packages/controller-utils/src/constants.ts
You can see the intended structure there.

The networks Linea Goerli and Linea Mainnet weren't added until a later version, here: MetaMask/core#1423

[leotm]

lgtm!

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information