-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use the iframe provider #18
Conversation
package.json
Outdated
@@ -50,6 +50,7 @@ | |||
"@ensdomains/ens-022": "npm:@ensdomains/ens@0.2.2", | |||
"@ensdomains/ethregistrar": "^1.2.2", | |||
"@ensdomains/resolver": "^0.1.6", | |||
"@ethvault/iframe-provider": "^0.1.8", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there anyway we can pin it to a hash first or point to the specific commit/version of github to prevent accidentally upgrading to a version which could have malicious version when doing npm update "@ethvault/iframe-provider"
? That's requested by @Arachnid
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added a package.json.test.js file so it is not possible to accidentally upgrade the iframe provider version
Can add other things to this test like checking that no versions are not specific, i.e. do not contain ^
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's just lock the version to 0.1.8, rather than ^0.1.8.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Locked to 0.1.9, 0.1.9 changes the JSON RPC request IDs to numbers because older web3 versions check this
ethvault/iframe-provider@d22a4c7
…provider can be enabled within 1 second
Use the iframe provider in the case where the window is in an iframe, and the parent iframe is ethvault.xyz, and the parent iframe enables the app