MetaMask
fix: update isConfirmed logic in AlertModal to handle Danger severity correctly
Description
Fixed the Alert modal so that now when you see the "Malicious address" alert, you'll need to check "I have acknowledged the alert and still want to proceed" before the "Got it" button becomes clickable.
Changelog
CHANGELOG entry: update isConfirmed logic in AlertModal to handle Danger severity correctly
Related issues
Fixes:
Manual testing steps
Feature: my feature name
Scenario: user [verb for user action]
Given [describe expected initial app state]
When user [verb for user action]
Then [describe expected outcome]
Screenshots/Recordings
Before
After
Pre-merge author checklist
- [ ] I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
- [ ] I've completed the PR template to the best of my ability
- [ ] I’ve included tests if applicable
- [ ] I’ve documented my code using JSDoc format if applicable
- [ ] I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.
Pre-merge reviewer checklist
- [ ] I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.
[!NOTE] Cursor Bugbot is generating a summary for commit ae1a9f2170f81fee1fa6b29d1e95520ff985052c. Configure here.
CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
🔍 Smart E2E Test Selection
- Selected E2E tags: SmokeConfirmationsRedesigned
- Risk Level: medium
- AI Confidence: 90%
click to see 🤖 AI reasoning details
The change modifies the AlertModal component's button enable/disable logic based on alert severity and blocking status. The previous logic allowed the "Got It" button to be enabled for non-blocking alerts regardless of severity. The new logic requires checkbox acknowledgement (isConfirmed) for Danger severity non-blocking alerts, while other non-blocking alerts remain always enabled and blocking alerts remain disabled until acknowledged.
This is a targeted change to the confirmations alert modal system that affects user flows when acknowledging security/danger alerts. The E2E test file e2e/specs/confirmations-redesigned/signatures/alert-system.spec.ts directly tests this functionality including:
- Security alert display for malicious requests
- Alert acknowledgement via checkbox
- Confirm button behavior after acknowledgement
The SmokeConfirmationsRedesigned tag is the appropriate choice as it covers all confirmation-related flows including the alert system being modified. This ensures the changed button enabled/disabled logic is validated through actual user flow testing.
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}