fix: Ensure phishing stale list network request is not sent before onboarding and if basic functionality is off

[danjm]

Description

This fix ensures that network requests for the phishing list are sent in two cases:

1. before onboarding is complete
2. after onboarding is complete if either the basic functionality toggle or the use phishing detection toggle is off

To ensure the first, a call to this.phishingController.maybeUpdateState() in the metamask controller constructor was moved to the postOnboardingInitialization function.

To ensure #2, two fixes were needed:

• prevent the aforementioned call from occury of the usePhishDetect preference property is false
• have the setUsePhishDetect call that is made in handleSubmit of onboarding-flow/privacy-settings/privacy-settings.js submit false if the basic functionality toggle is off and the user has not independently set the phishing detection toggle to on. This requires, in the advanced section of the onboarding flow, to default the phishing detection toggle setting to the basic functionality toggle value (externalServicesOnboardingToggleState), but then only using the phishing toggle value if the user sets that independently.

the basic-functionality.spec.js e2e tests were updated to ensure that when the basic functionality toggle is off, no network request is sent to the phishing endpoint, and that a request is sent when the toggle is on.

Related issues

Fixes: https://github.com/MetaMask/MetaMask-planning/issues/2625

Manual testing steps

1. Install and open the service worker (background) console, and open the network tab
2. There should be no request to the phishing endpoint
3. Go through onboarding and toggle off the basic functionality toggle in advanced settings, there should still be not network request to the phishing endpoint
4. Uninstall and re-install and go through the above steps, but do not toggle off the basic functionality toggle. There should now be a network request to the phishing endpoint after the user completes onboarding.

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Extension Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[darkwing]

Worked as expected!

[codecov]

Codecov Report

Attention: Patch coverage is 62.50000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 65.68%. Comparing base (6eee01a) to head (7297b1b).

Files	Patch %	Lines
app/scripts/metamask-controller.js	0.00%	3 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #25306      +/-   ##
===========================================
- Coverage    65.69%   65.68%   -0.00%     
===========================================
  Files         1377     1377              
  Lines        54624    54623       -1     
  Branches     14317    14320       +3     
===========================================
- Hits         35882    35879       -3     
- Misses       18742    18744       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[metamaskbot]

Builds ready [7297b1b]

• builds: chrome, firefox
• builds (beta): chrome
• builds (flask): chrome, firefox
• builds (MMI): chrome, firefox
• builds (test): chrome, firefox
• builds (test-flask): chrome, firefox
• build viz: Build System
• mv3: Background Module Init Stats
• mv3: UI Init Stats
• mv3: Module Load Stats
• mv3: Bundle Size Stats
• mv2: E2e Actions Stats
• code coverage: Report
• storybook: Storybook
• typescript migration: Dashboard
• all artifacts
• bundle viz:

  • background: 0, 1, 2, 3, 4, 5
  • common: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
  • content-script: 0
  • offscreen: 0
  • ui: 0, 1, 10, 11, 2, 3, 4, 5, 6, 7, 8, 9

Page Load Metrics (132 ± 166 ms)

Platform	Page	Metric	Min (ms)	Max (ms)	Average (ms)	StandardDeviation (ms)	MarginOfError (ms)
Chrome	Home	firstPaint	69	109	84	10	5
		domContentLoaded	9	24	12	4	2
		load	42	1642	132	347	166
		domInteractive	9	24	12	4	2

Bundle size diffs [🚨 Warning! Bundle size has increased!]

• background: 71 Bytes (0.00%)
• ui: 3 Bytes (0.00%)
• common: 0 Bytes (0.00%)