fix: PPOMController related issues in blockaid integration

[jpuri]

Description

The package updates to latest verison of ppom-validator, to leverage new fixes in PPOMController.

Related issues

Fixes: MetaMask/MetaMask-planning#1820

Manual testing steps

1. Enable blockaid validation for user
2. Go to test dapp and submit a malicious transaction
3. It should show blockaid error

Screenshots/Recordings

NA

Pre-merge author checklist

• I’ve followed MetaMask Coding Standards.
• I've clearly explained what problem this PR is solving and how it is solved.
• I've linked related issues
• I've included manual testing steps
• I've included screenshots/recordings if applicable
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
• I’ve properly set the pull request status:
  • In case it's not yet "ready for review", I've set it to "draft".
  • In case it's "ready for review", I've changed it from "draft" to "non-draft".

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
@metamask/ppom-validator	0.14.0...0.15.0	None	+0/-0	144 kB

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: @metamask/ppom-validator@0.15.0

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (d7869a6) 38.90% compared to head (0fb9d97) 38.90%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8085   +/-   ##
=======================================
  Coverage   38.90%   38.90%           
=======================================
  Files        1198     1198           
  Lines       29729    29729           
  Branches     2829     2829           
=======================================
  Hits        11566    11566           
  Misses      17479    17479           
  Partials      684      684           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[jpuri]

@SocketSecurity ignore @metamask/ppom-validator@0.15.0

[github-actions]

E2E test started on Bitrise: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/84821a80-91d6-4dbc-a0ec-ae5071e3e4c7
You can also kick off another Bitrise E2E smoke test by removing and re-applying the (Run Smoke E2E) label

[metamaskbot]

Missing release label release-7.14.0 on PR. Adding release label release-7.14.0 on PR and removing other release labels(release-7.15.0), as PR was added to branch 7.14.0 when release was cut.