Improve error handling

[Mrtenz]

This improves error handling by:

• Using @metamask/rpc-errors instead of eth-rpc-errors throughout the entire stack.
• Introducing a new SnapError, which will not cause the Snap to crash when thrown.
• Unwrapping errors where possible.
• Also bumps a ton of MetaMask dependencies, see Bump MetaMask core packages #1818

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
json-rpc-middleware-stream	5.0.1	None	+0	20.5 kB	gudahtt
@metamask/eth-json-rpc-middleware	11.0.2...12.0.0	None	+18/-8	1.89 MB	metamaskbot
@metamask/approval-controller	3.5.2...4.0.0	None	+0/-0	109 kB	metamaskbot
@metamask/permission-controller	4.1.2...5.0.0	None	+10/-10	1.51 MB	metamaskbot
@metamask/providers	11.1.1...13.0.0	None	+0/-0	197 kB	metamaskbot

🚮 Removed packages: @metamask/[email protected], @metamask/[email protected]

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: [email protected]

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

[codecov]

Codecov Report

Attention: 21 lines in your changes are missing coverage. Please review.

Comparison is base (495bdd4) 96.06% compared to head (c9a9288) 96.11%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1841      +/-   ##
==========================================
+ Coverage   96.06%   96.11%   +0.05%     
==========================================
  Files         243      243              
  Lines        5664     5771     +107     
  Branches      895      925      +30     
==========================================
+ Hits         5441     5547     +106     
- Misses        223      224       +1     

Files	Coverage Δ
...ages/snaps-controllers/src/snaps/SnapController.ts	97.55% <100.00%> (+0.01%)	⬆️
.../snaps-controllers/src/snaps/endowments/keyring.ts	96.96% <100.00%> (ø)
...ps-controllers/src/snaps/endowments/name-lookup.ts	100.00% <100.00%> (ø)
...ages/snaps-controllers/src/snaps/endowments/rpc.ts	100.00% <100.00%> (ø)
...ollers/src/snaps/endowments/transaction-insight.ts	100.00% <100.00%> (ø)
...cution-environments/src/common/endowments/index.ts	100.00% <100.00%> (ø)
...ion-environments/src/common/endowments/interval.ts	100.00% <100.00%> (ø)
...tion-environments/src/common/endowments/timeout.ts	100.00% <100.00%> (ø)
...-execution-environments/src/common/globalEvents.ts	100.00% <100.00%> (ø)
...s/snaps-execution-environments/src/common/utils.ts	100.00% <ø> (+6.25%)	⬆️
... and 27 more

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Mrtenz]

@SocketSecurity ignore [email protected]

This is ours.

[FrederikBolding]

LGTM

Holding off on approving until someone else has approved.

[hmalik88]

LGTM. Great work, guys 🚀