Mozilla WebDev Community: Extravaganza – August 2015 |
Once a month, web developers from across Mozilla get together to recreate classic dishes using only soylent and food coloring. As we discover what oven temperatures are safe for the techno-wizard goop, we find time to talk about the work that we’ve shipped, share the libraries we’re working on, meet new folks, and talk about whatever else is on our minds. It’s the Webdev Extravaganza! The meeting is open to the public; you should stop by!
You can check out the wiki page that we use to organize the meeting, or view a recording of the meeting in Air Mozilla. Or just read on for a summary!
The shipping celebration is for anything we finished and deployed in the past month, whether it be a brand new site, an upgrade to an existing one, or even a release of a library.
First up was Osmose (that’s me!) sharing the news that Pontoon is now able to localize Firefox, Thunderbird, and other Gecko-based apps, making it a single tool capable of localizing every project across Mozilla! The Slovenian localization team is already using it for all the projects they actively translate, and more locales are signing up every day.
Here we introduce any newcomers to the Webdev group, including new employees, interns, volunteers, or any other form of contributor.
Intern season is winding down, and that means beloved Webdev interns new_one and nolski are leaving us! We wish them well and thank them for their hard work. New_one already gave a presentation on his contributions to DXR, and nolski’s presentation will be streamed on Air Mozilla on August 11th.
The Roundtable is the home for discussions that don’t fit anywhere else.
Mythmon shared the news that the React Developer Tools extension has released a pre-release Firefox add-on. The extension allows developers working on React-based webapps to inspect the component hierarchy on their page as well as modify state and props for debugging purposes.
While we haven’t really nailed that “taste” thing, we were able to make imitation caesar dressing by pouring the soylent into an old Hidden Valley bottle!
If you’re interested in web development at Mozilla, or want to attend next month’s Extravaganza, subscribe to the dev-webdev@lists.mozilla.org mailing list to be notified of the next meeting, and maybe send a message introducing yourself. We’d love to meet you!
See you next month!
https://blog.mozilla.org/webdev/2015/08/10/extravaganza-august-2015/
|
|
Daniel Pocock: Going 4K |
I recently started using a 4K monitor. I've generally had a positive experience and thought I would share some comments about it.
Originally the hardware was expensive and people would have to do things like using multiple cables to join their video card to their 4K screen. The latest generation of video cards and monitors don't have this problem.
I chose to use NVIDIA's entry-level Quadro K420 card, the smallest and least expensive Quadro supporting 4K. The PC is a HP Z800 workstation. HP suggests they only certify the K420 with their latest workstations (e.g. Z840) but I have observed no problem using it in a Z800.
The monitor is a 32" BenQ display. After reading comments from other 4K users, I felt that any monitor less than 30" would not help me get the most from the world of 4K.
The monitor connects to the video card using a DisplayPort 1.2 cable that was in the box with the monitor.
I've been able to get sound through the monitor but I found the volume is always a bit low and at one point sound stopped completely.
Everything just appeared to work although the fonts are a bit smaller than what I'm used to. This appears to be related to DPI issues. DPI is not automatically detected and several applications have their own way of handling non-standard DPI. Discussion about this started on the debian-devel mailing list, given that non-standard DPI will be an issue with many newer monitors, handheld devices and more exotic displays such as televisions.
Some web sites just don't look so good when the browser window is maximized to 4K resolution while others use the extra space really well. For example, using the AirBNB search, the maps show more detail but using another hotel booking site I found that it was still trying to render a map within a constant size region using less than ten percent of the page.
|
|
Atul Varma: Discovering Accessibility |
My final project working at the Mozilla Foundation was teach.mozilla.org, which was the first content-based website I’ve helped create in quite some time. During the site’s development, I finally gave myself the time to learn about a practice I’d been procrastinating to learn about for an embarrassingly long time: accessibility.
One of the problems I’ve had with a lot of guides on accessibility is that they focus on standards instead of people. As a design-driven engineer, I find standards necessary but not sufficient to create compelling user experiences. What I really wanted to know about was not the ARIA markup to use for my code, but how to empathize with the way “extreme users”–people with disabilities–use the Web.
I finally found a book with such a holistic approach to accessibility called A Web For Everyone by Sarah Horton and Whitney Quesenbery. I’m still not done reading it, but I highly recommend it.
The first thing I did in an attempt to empathize with users of screen readers was to actually be proactive and learn to use a screen reader. The first one I learned how to use was the open-source NVDA screen reader for Windows. Learning how to use it actually reminded me a bit of learning vi and emacs for the first time: for example, because I couldn’t visually scan through a page to see its headings, I had to learn special keyboard commands to advance to the next and previous heading.
Obviously, however, I am a very particular kind of user when I use a screen reader: because I don’t actually rely on auditory information as much as a blind person, I can’t listen to a screen reader’s narration very fast. And because I’m a highly technical user who is good at remembering keyboard shortcuts, I can remember a lot of them. So it was useful to compare my own use of screen readers against Ginny Redish’s paper on Observing Users Who Work With Screen Readers (PDF).
After learning the basics of NVDA, I found Terrill Thompson’s blog post on Good Examples of Accessible Web Sites and tried visiting some of them with my shiny new screen reader. Doing this gave me lots of inspiration on how to make my own sites more accessible.
The web service tenon.io was also quite helpful in educating me on best practices my existing websites lacked, and The Paciello Group’s Web Components Punch List was helpful when I needed to create or evaluate custom UI widgets.
All of this has constituted what I’ve begun to call my “honeymoon” with accessibility. It was quite satisfying to empathize with the needs of extreme users, and I was excited about creating sites that were delightful to use with NVDA.
What ended up being much harder, though, was actually building a delightful experience for users who might be using any screen reader.
The second screen reader I learned how to use was Apple’s excellent VoiceOver, which comes built-in with all OS X and iOS devices. And like the early days of the Web, when a delightful experience on one browser was completely unusable in another, I often found that my hard work to improve my site’s usability on NVDA often made the site less usable on VoiceOver. For example, as Steve Faulkner has documented, the behavior of the ARIA role="alert" varies immensely across different browser and screen reader combinations, which led to some frustrating trade-offs on the Teach site.
One potential short-term solution to this might be for sites to have slightly different code depending on the particular browser/screen-reader combination being used. Aside from being a bad idea for a number of reasons, though, it’s also technically impossible–the current screen reader isn’t reflected in navigator.userAgent or anything else.
So, that’s the current situation I find myself in with respect to accessibility: creating accessible static content is easy and helps extreme users, but creating accessible rich internet applications is quite difficult because screen readers implement the standards so differently. I’m eagerly hoping that this situation improves over the coming years.
http://www.toolness.com/wp/2015/08/discovering-accessibility/
|
|
Mozilla Open Policy & Advocacy Blog: Host the Heroes of Tomorrow |
Last year Ford Foundation and Mozilla came together to launch the Open Web Fellows Program, an international leadership initiative that brings together the best emerging technology talent and civil society organizations to advance and protect the open Web. This came at a critical point for the evolution and health of the Web, which Mark Surman, Executive Director of Mozilla Foundation, and Darren Walker, President of Ford Foundation wrote about here:
“The Internet remains a contested space. Far too often, we see its core ethos – a medium where anyone can make anything and share it with anyone – undermined by forces that wish to make it less free and open. In a world in which the future health of the Internet is vital to democratic discourse and a free flow of ideas, we need a band of dedicated individuals standing ready to protect it.”
As part of the NetGain initiative, the program provides an ecosystem for the next generation of open Web advocates to make an early impact while growing into the capable leaders we need as threats to digital freedom proliferate.
Looking towards 2016, we’ve opened the call for applications for host organizations (closing Sept. 11, 2015).
Year Two will include 8-9 host organizations and Open Web Fellows who will work together to keep the Internet a global public resource by focusing on salient issues like privacy, access, and online rights.
Specifically, the goals of the Open Web Fellows program are:
Host organizations are involved in the recruitment and selection process of the candidates. Other responsibilities include:
In turn, Mozilla will provide:
Each year, fellows spend 10 months embedded at leading advocacy organizations to lend their expertise to the field. They receive a stipend of $60,000, plus a number of supplemental benefits to help with relocation, housing, childcare, and equipment acquisition. We will also cover the cost of certain Mozilla-organized trips, but ask the host organizations to cover trips they deem required. Mozilla strives to make this a global program, and as such provides visa assistance where necessary.
To better understand the type of organizations with which the Open Web Fellows Program is looking to partner, please see our “Spotlight” series on our 2015 host organizations:
American Civil Liberties Union, Massachusetts
Amnesty International
Free Press
New America’s Open Technology Institute
Public Knowledge
[Note: Association for Progressive Communications is also a 2015 host organization, but were recruited at a later date.]
Apply now to become a 2016 Ford-Mozilla Open Web Fellows host organization.
FAQ:
Q: How should host organizations be”advancing the open Web”?
A: “Open Web” needn’t be specifically about net neutrality and access; open practices, research, privacy, surveillance, and promoting the web as a public resource all fit within the focus of the program.
Q: How technical are the fellows?
A: It depends on the needs of the host organization. Generally, they are quite technical (full-stack engineers), and some have specialities. To get a sense of they types of people this program attracts, meet our 2015 cohort of Open Web Fellows.
Q: How involved are host organizations in the selection process?
A: First pass is done by a core Mozilla team. The host organizations will then be given a list of about 100 candidates (depending on how many apply) from which they first choose who Mozilla should interview, and later who they want to interview. The final decision is made in negotiation with Mozilla and the host organization. Read more about the 2015 Fellows selection process.
Q: What if we don’t have a physical office space?
A: Fellows are generally encouraged to work in the office space of the host organization to better understand the culture of civil society organizations and the public sector. If an organization doesn’t have a physical space, arrangements for remote working can be made. However, this requires more oversight and involvement from the host organization.
Q: What sorts of projects do fellows work on?
A: Host organizations and fellows “ship” a tangible outcome over the course of the project. Initial projects range from content productions, campaign sites, mobile apps, mashups of open data sets, and tooling for activist organizations.
Apply now to become a 2016 Ford-Mozilla Open Web Fellows host organization.
https://blog.mozilla.org/netpolicy/2015/08/10/host-the-heroes-of-tomorrow/
|
|
Tantek Celik: Alaska Cruise Log Day 3: Juneau |
ISO date 2015-08-03. I awoke to my first terrestrial travel timezone change on the open water. We gained an hour. It was ~5:45 Alaska Time, or more reliably for today, 05:45 -0800. I put on just enough casual clothes to go outside, and brought my book to read.
Everyone else was sleeping, and I was hungry, again. After photographing another sunrise at sea, I picked up some breakfast to go from Horizon Court and walked up to deck 17 to enjoy the outside air & view. My mom showed up and wanted to check out the deck 19 walking track. Having found the stairs to it yesterday, I took us up and we fastwalked a few laps, taking more photos.
It was colder than expected, but a quick room roundtrip and a layer fixed that. Got my dad while I was at it and rejoined my mom outside on the sun deck railing just in time for the ship’s naturalist to announce over the speakers: there she blows!
We started seeing the humpback whales two at a time, one water spout, then another, sometimes a tail flip, then another. Between the pairs, sometimes a whale cruising on its own. Rather than take photographs, I looked through binoculars for the best views I could get. Besides, my parents were taking plenty of photos and videos on their iPhone 6s.
There were so many whales, they just kept coming, or rather we just kept passing them by. They seemed happy enough, arching their backs above the surface, and flipping their tails up too.
Two of them came quite close to the ship. As they passed by us on the port side, they leapt from the water and breached with big crashing splashes! Amazing, I’d never seen whales breach like that in person before.
Finally the ship’s naturalist exclaimed that we’d seen somewhere between 50-60 whales, a super pod of whales, larger than he’d ever seen before.
No yoga class today; instead I joined my mom in the hardwood floor area of the gym and we did a bunch of stretches. I completed a simple floor stretch yoga routine from memory. Afterwards I took photos of the weird day spa marketing materials I had noticed the day before, then went to second breakfast with everyone else.
Back in our rooms we watched our approach to Juneau from the balconies. Fascinating scenery in the nearby mountains, more and more signs of human habitation as the passage narrowed. We kept watching as the ship turned to approach the piers and docked.
Knowing it would be a little while before we could disembark, I showered, changed, and packed my backpack for a full day of all possible Juneau adventures. Totally overpacked.
We gathered in the hall outside our rooms and descended together to the disembarkation deck. Rather than wait twice as long for taxis, we walked 15 minutes into town and quickly came upon the Heritage Coffee Roasting Company.
Securing our first local coffee of the trip, my younger sister and I said bye to everyone else who decided to take a taxi to a salmon hatchery. Sis and I just wanted to explore downtown, plus she wanted to meet up with a local friend of hers.
I took advantage of our few minutes at the cafe to get on their wifi (captive portal password: coffee), post a couple of photos, and receive a few text messages.
We walked back down to the docks to look for the meeting point my sister’s Juneau friend suggested. They’d last seen each other a decade ago in New York City, both having left years ago after tiring of its dehumanizing grime & grind.
While waiting we watched sea planes land in the harbor. One in particular came towards us so I captured a clip for a friend — a sea plane propels itself forward on the water, turns to approach its docking slot, and gets help from humans on adjacent piers who rotate it around and back it into place — like something you might see in a Richard Scary book.
My sister’s friend showed up. I saw her before my sister did, before she saw my sister. When they did, their faces lit up, their voices exclaimed joy in harmony.
On her recommendation, we went to a nearby taqueria for halibut tacos which were quite tasty. They even had Cholula. My sister and her friend caught up as if not a moment of 10 years had passed. I was happy to be a silent third wheel sitting in the sun, without any expectation of interaction, a social break without solitude.
Two things have dominated the use of my mobile device for the entire cruise: taking notes and taking photos (or short videos).
Filming the sea plane docking filled up my iPod and it refused to do many things (obviously take photos or video) until I had cleared out some space. At least it helpfully directed me to “Usage” preferences which quickly revealed the most bloated apps.
The biggest culprits? iOS8 “default” apps.
I’d previously deleted a dozen iOS native apps after being annoyed by their update noise. This was much worse: loss of primary device functionality. So I deleted the most bloated apps that Apple installed with the iOS8 upgrade that I never asked for nor needed nor used:
… and got back 1.1GB from dumping just those four! Two of which should have simply been well designed indiewebapps instead of “native” apps.
My sister’s friend led us uphill out of downtown, into rows of residences, which disappeared after a few blocks. Suddenly (while I was distracted deleting apps) we were hiking up Mt. Juneau, dense woods on either side, cut only by the road and rushing river below.
The air was as clean and crisp as any I’d ever breathed. Summer hikes in Yosemite came to mind. We crossed a bridge over the river and found a spot where it slowed to a crawl over polished stones and walked over to splash our faces.
Spotting a few flat & thin rocks, I piled them into a stack ten high, topped with a chunk of bright white quartz. We stood for moments in silence just breathing and listening.
The hike back down went by much more quickly, as it always does. We stopped by the state capitol where I took the opportunity to use the facilities.
Without a specific plan, we wandered around more of downtown, browsed a local used bookstore, and stopped for another round of coffees.
I posted day 1’s log, a brief note, and sent replies to a few text messages. Receiving them, a day or two old already, it was nice taking the time to absorb, reflect, as you might with letters received, even if short, and short in reply.
We continued our wanderings, a gift shop, a juice bar, and finally walked back towards the ship, considering a meal or a tram ride & hike. We found the rest of the family who had just returned from said tram.
Restaurant wait times having swollen with cruise tourists, we decided an appetizing hike was in order. We took the tram a ways up Mt. Roberts, bringing along my sister’s friend as our guide. We hiked from the tram terminus Mt. Roberts Nature Center uphill past the edge of the map they’d posted to an incredible view of the bay below, lit by a slowly setting sun. Now we were hungry.
After scampering down the hill, we had to wait just 10 minutes in line for the tram ride back to the shore. Restaurant wait times unchanged, I used their wifi for one last grid sync and confirmed that a professional recommendation I'd sent had been received.
With our ship scheduled to leave port soon, we said our goodbyes to my sister’s friend, thanked her for guiding us on such an active day, and reboarded as the sun sank toward the mountains opposite the bay. Every sunset at sea has been different, and I have yet to tire of them and the landscape’s orange glow.
I returned to my quarters to drop off my overpacked backpack. At ~30-40 pounds extra, I figured hiking swiftly at altitude and keeping up with my sister and the local served as good trail strength training. And made a mental note to pack one tenth as much next time we went ashore.
Now starving, my sister and I went to our usual, the Horizon Court buffet, where my other sister and brother-in-law had saved us a table. I devoured a couple of rounds of Alaskan halibut in a Thai coconut sauce, buttered peas, mashed potatoes, mixed greens salad with shredded carots, beets, blue cheese dressing, and a bowl of corn & potato chowder.
My sister and I returned to our rooms to rest our legs for a bit. My roommate (nephew1) was getting ready for bed so I took the the opportunity to read a bit more MATM. He asked if we could watch the rest of TRON, and with only 27 minutes remaining I set it up.
I kept reading with TRON in the background, occasionally underlining or making notes in the margins. Nephew1 asked me why I was writing in the book, I said because I’m taking notes. He asked if it was my book, I said yes, it was given to me by the author because I’m in it.
He looked incredulous. I had just reached the chapter on the 2010 Federated Social Web Summit, paused the movie, and flipped the book around with my finger on the paragraph where the author had mentioned me, and explained microformats as building blocks for a social web. For a moment nephew1 was speechless and looked like he thought that was even cooler than the movie he was watching. Then he turned his gaze back to TRON.
We finished the movie, and I said goodnight to him as I turned out the lights and ventured out. My day adventures sister also happened to exit her room. She was in search of hot water for tea, I was hungry again. We parted ways at the pizza bar, I got my slice of cheese, found a deck chair under the night sky, and started writing up day 2.
I started fading just after midnight, and only then found out that the “The Age of Adaline” was the movie playing in the background (on a large digital display above the pool) while I wrote. Its frequent shots of San Francisco kept drawing my attention. A brief glimpse of The Conservatory of Flowers from JFK drive brought back a flood of fond memories of running through Golden Gate Park.
The movie finished, I called it a night, and went to bed while the memories lingered.
|
|
Christie Koehler: I have joined tableflip club |
If you’ve never heard of tableflip, read this.
After nearly 4 years of employment, I have given notice at Mozilla. My last day will be 27 August.
I’m not going quietly.
Mozilla has serious, systemic cultural and organizational issues. Addressing these is imperative to Mozilla’s advancing its stated mission to “promote openness, innovation & opportunity on the Web.”
In the coming weeks, I’ll be writing more about Mozilla. In the meantime, you can read these collected tweets about why I’m leaving: part 1 and part 2.
http://subfictional.com/2015/08/09/i-have-joined-tableflip-club/
|
|
Cameron Kaiser: 38.2 available, and Google Code ain't |
Langpacks for 38 are also available.
The next step will be updating the home page with the new URLs, then starting work on the revised FAQ, hashes and release note templates. As usual, 38 will become final on Monday afternoon-ish Pacific time.
http://tenfourfox.blogspot.com/2015/08/382-available-and-google-code-aint.html
|
|
Benjamin Kerensa: The Mozilla We Want |
Hello,
In case you, as a Mozillian, have missed Christie Koehler’s tweets of the last 24 hours, I implore you to have a look but also at the responses from Mozillians and employees current and former who agree that the issues she is pointing out are real and you can read about them here.
These issues are making Mozilla bleed and some are caused or allowed to exist because our leadership, our very governance allows them. We need to have a conversation about these problems and cannot just let Christie’s departure be in vain and roll along with the status quo.
We need to fix the culture at Mozilla and we need to invest in community and diversity and we CANNOT let the status quo continue if we expect to be able to be competitive, innovative and push the mission forward.
Can we have a town hall to discuss some of these issues? Can we get a response from Mitchell, Chris or Mark on these issues?
Discussion on this post is closed but feel free to engage on the Twitterverse. (Be polite)
http://feedproxy.google.com/~r/BenjaminKerensaDotComMozilla/~3/3rq2DLhf8xE/the-mozilla-we-want
|
|
Chris Cooper: RelEng & RelOps Weekly highlights - August 07, 2015 |
Wow, what a week. Between tree closures and some unexpected security releases, release engineering was stretched pretty thin. Here’s hoping for a more “normal” week next week as we try to release Firefox 40.
Modernize infrastructure: Greg Arndt deployed a fix to mozilla-taskcluster to eliminate noisy ‘deadline-exceeded’ dependant tasks whose parent tasks fail. This improves sheriffing and is part of the work to make TaskCluster and TreeHerder the best of pals.
Jake Watkins implemented timezone and w32time configurations via puppet and compiled ntpdate for Windows (for stepping the clock on systems where w32time has been disabled). This allows us to control time on Windows machines without need of the AD domain.
Q and Callek have managed to get one Windows 10 host connected to the Try server with buildbot. The machine has successfully run a selection of tests so far, some of which are even passing! We still have more work to do in order to green up the other tests and need to create more machines for the pool before we can open the platform up for general use.
Dustin got a Linux build running in a CentOS 6.6 docker image within TaskCluster. There are lots of things to fix, but this will produce much more compatible builds than the earlier attempts with an Ubuntu 14.04 docker image.
Improve release pipeline: Nick increased the l10n and update test chunking, shaving multiple hours off of the release process. This helped immensely as we prepared the release builds for Firefox 40.
Improve CI pipeline: Morgan tweeted about her latest work on .taskclusterrc, bringing WebMaker CI over: https://twitter.com/mrrrgn/status/628653555214192640
Hooked @Webmaker Android up to GitHub->TaskCluster for testing :) https://t.co/IDSBYBbxI2 Next stop … all the repos.
— Morgan Phillips (@mrrrgn) August 4, 2015Release: Urgent Firefox security releases shipped on multiple branches in under 24 hours! This all happened in the shadow of next week’s milestone release of Firefox 40, and the regular parade of beta builds. Kudos to those on release duty, specifically catlee and Nick, for getting them all out the door without tripping over each other.
Operational: John Ford and Jonas Jensen debugged a frustrating problem in the TC provisioner causing it to fail unexpectedly. Many yaks were shaved. The cause was an obscure bit of logic calling a buggy library in one of our dependencies. Since deploying the fix last week, the TC provisioner has been stable.
Greg blogged about TaskCluster and try: https://twitter.com/gregarndt/status/629063925338914816
Demystifying in-tree TaskCluster scheduling http://t.co/qQpxXPYtnh
— Greg Arndt (@gregarndt) August 5, 2015Dustin deployed a new version of relengapi that includes support for database migrations (with Alembic), improvements to Archiver, and a new (but not-yet-used) implementation of treestatus.
The buildduty contractors continue to make strides as we knock down access hurdles for them. They are now able to handle slave loans with minimal intervention from releng or IT, and can now update python packages on our internal servers when requested by developers.
See you next week!
|
|
William Lachance: More Perfherder updates |
Since my last update, we’ve been trucking along with improvements to Perfherder, the project for making Firefox performance sheriffing and analysis easier.
Compare visualization improvements
I’ve been spending quite a bit of time trying to fix up the display of information in the compare view, to address feedback from developers and hopefully generally streamline things. Vladan (from the perf team) referred me to Blake Winton, who provided tons of awesome suggestions on how to present things more concisely.
Here’s an old versus new picture:
|
|
Summary of significant changes in this view:
The point of these changes isn’t necessarily to make everything “immediately obvious” to people. We’re not building general purpose software here: Perfherder will always be a rather specialized tool which presumes significant domain knowledge on the part of the people using it. However, even for our audience, it turns out that there’s a lot of room to improve how our presentation: reducing the amount of extraneous noise helps people zero in on the things they really need to care about.
Special thanks to everyone who took time out of their schedules to provide so much good feedback, in particular Avi Halmachi, Glandium, and Joel Maher.
Of course more suggestions are always welcome. Please give it a try and file bugs against the perfherder component if you find anything you’d like to see changed or improved.
Getting the word out
Hammersmith:mozilla-central wlach$ hg push -f try
pushing to ssh://hg.mozilla.org/try
no revisions specified to push; using . to avoid pushing multiple heads
searching for changes
remote: waiting for lock on repository /repo/hg/mozilla/try held by 'hgssh1.dmz.scl3.mozilla.com:8270'
remote: got lock after 4 seconds
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
remote: Trying to insert into pushlog.
remote: Inserted into the pushlog db successfully.
remote:
remote: View your change here:
remote: https://hg.mozilla.org/try/rev/e0aa56fb4ace
remote:
remote: Follow the progress of your build on Treeherder:
remote: https://treeherder.mozilla.org/#/jobs?repo=try&revision=e0aa56fb4ace
remote:
remote: It looks like this try push has talos jobs. Compare performance against a baseline revision:
remote: https://treeherder.mozilla.org/perf.html#/comparechooser?newProject=try&newRevision=e0aa56fb4ace
Try pushes incorporating Talos jobs now automatically link to perfherder’s compare view, both in the output from mercurial and in the emails the system sends. One of the challenges we’ve been facing up to this point is just letting developers know that Perfherder exists and it can help them either avoid or resolve performance regressions. I believe this will help.
Data quality and ingestion improvements
Over the past couple weeks, we’ve been comparing our regression detection code when run against Graphserver data to Perfherder data. In doing so, we discovered that we’ve sometimes been using the wrong algorithm (geometric mean) to summarize some of our tests, leading to unexpected and less meaningful results. For example, the v8_7 benchmark uses a custom weighting algorithm for its score, to account for the fact that the things it tests have a particular range of expected values.
To hopefully prevent this from happening again in the future, we’ve decided to move the test summarization code out of Perfherder back into Talos (bug 1184966). This has the additional benefit of creating a stronger connection between the content of the Talos logs and what Perfherder displays in its comparison and graph views, which has thrown people off in the past.
Continuing data challenges
Having better tools for visualizing this stuff is great, but it also highlights some continuing problems we’ve had with data quality. It turns out that our automation setup often produces qualitatively different performance results for the exact same set of data, depending on when and how the tests are run.
A certain amount of random noise is always expected when running performance tests. As much as we might try to make them uniform, our testing machines and environments are just not 100% identical. That we expect and can deal with: our standard approach is just to retrigger runs, to make sure we get a representative sample of data from our population of machines.
The problem comes when there’s a pattern to the noise: we’ve already noticed that tests run on the weekends produce different results (see Joel’s post from a year ago, “A case of the weekends”) but it seems as if there’s other circumstances where one set of results will be different from another, depending on the time that each set of tests was run. Some tests and platforms (e.g. the a11yr suite, MacOS X 10.10) seem particularly susceptible to this issue.
We need to find better ways of dealing with this problem, as it can result in a lot of wasted time and energy, for both sheriffs and developers. See for example bug 1190877, which concerned a completely spurious regression on the tresize benchmark that was initially blamed on some changes to the media code– in this case, Joel speculates that the linux64 test machines we use might have changed from under us in some way, but we really don’t know yet.
I see two approaches possible here:
For now, I’m leaning towards (2). I don’t think we’ll ever completely solve this problem and I think coming up with better approaches to understanding and managing it will pay the largest dividends. Open to other opinions of course!
|
|
Cameron Kaiser: TenFourFox and MFSA 2015-78 |
TenFourFox 31 does not have the PDF viewer enabled by default, so it is not known to be vulnerable in the shipped configuration. Several diligent attempts to exploit it through other means last night were fruitless, so while it may be possible, I doubt some bright person will manage to do so before the general availability of TenFourFox 38 this coming week. On the other hand, if you have enabled PDF.js in 31.8 through about:config, your browser is now in an unsupported and exploitable configuration, and you should turn it off. This is not true of regular Firefox ESR 31.8, which is vulnerable, and due to the impending end of support for that branch will not be updated.
The TenFourFox 38 betas are vulnerable. If you're using a vulnerable version of TenFourFox (or Firefox ESR, though you should really just update if you're on a Tier-1 platform), you should disable in-browser PDF viewing by setting pdfjs.disabled to true temporarily until 38.2 final is available, which is building as we speak and should be available to testers sometime tomorrow Pacific time. It includes minor cosmetic fixes for the gradient over the URL and bookmarks bars (I used Grafik's numbers since they seemed to work the best; thanks!), fixes the update interval and removes the unsupported Marketplace button from about:home.
http://tenfourfox.blogspot.com/2015/08/tenfourfox-and-mfsa-2015-78.html
|
|
Support.Mozilla.Org: What’s up with SUMO – 7th August |
Friday the… 7th! Is that supposed to be a lucky day, as opposed to Friday the 13th? Who knows… All we know is that there’s some updates from the world of SUMO that we want to share with you – let’s go!
Whew… Quite a lot of news and more to come before this year is over, of course!
Any great summer adventures you want to share with us in the comments? See you next week!
https://blog.mozilla.org/sumo/2015/08/07/whats-up-with-sumo-7th-august/
|
|
Pascal Finette: Guy Kawasaki’s Talk on “The Art of the Start” |
I recently brought Guy Kawasaki to Singularity University where he delivered a fantastic keynote on "The Art of the Start".
Here's the video:
|
|
Mozilla Security Blog: Firefox exploit found in the wild |
Yesterday morning, August 5, a Firefox user informed us that an advertisement on a news site in Russia was serving a Firefox exploit that searched for sensitive files and uploaded them to a server that appears to be in Ukraine. This morning Mozilla released security updates that fix the vulnerability. All Firefox users are urged to update to Firefox 39.0.3. The fix has also been shipped in Firefox ESR 38.1.1.
The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable. The vulnerability does not enable the execution of arbitrary code but the exploit was able to inject a JavaScript payload into the local file context. This allowed it to search for and upload potentially sensitive local files.
The files it was looking for were surprisingly developer focused for an exploit launched on a general audience news site, though of course we don’t know where else the malicious ad might have been deployed. On Windows the exploit looked for subversion, s3browser, and Filezilla configurations files, .purple and Psi+ account information, and site configuration files from eight different popular FTP clients. On Linux the exploit goes after the usual global configuration files like /etc/passwd, and then in all the user directories it can access it looks for .bash_history, .mysql_history, .pgsql_history, .ssh configuration files and keys, configuration files for remina, Filezilla, and Psi+, text files with “pass” and “access” in the names, and any shell scripts. Mac users are not targeted by this particular exploit but would not be immune should someone create a different payload. [Update: we’ve now seen variants that do have a Mac section, looking for much the same kinds of files as on Linux.]
The exploit leaves no trace it has been run on the local machine. If you use Firefox on Windows or Linux it would be prudent to change any passwords and keys found in the above-mentioned files if you use the associated programs. People who use ad-blocking software may have been protected from this exploit depending on the software and specific filters being used.
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
|
|
John O'Duinn: “An Illustrated Book of Bad Arguments” by Ali Almossawi |
Most engineers I know are good at writing software. Some engineers I know are good at writing software for extraordinarily complex projects. Some have a brain that naturally, instinctively, just worked this way while some took all sorts of courses on algorithms and structured programming in university. Regardless, when you are coding by yourself, these important coding and problem solving skills are probably good enough. However, when you transition from coding-by-yourself to coding-in-a-team, there is the need for an additional skill.
Now you need the skills to explain to other engineers why your code, your approach, is best. Maybe even why your approach is better then an alternate approach being proposed by someone else. It is a given that you can write good code – that is how you got on the team in the first place. The question is: can you explain why your code is better then any other alternatives available?
This skill might sound deceptively simple, but in reality it has a few super complex twists to it. Someone once explained it to me as follows: smart people, given the same start point, the same goal, and the same restrictions/limitations, would come up with similar-enough solutions. Maybe not identical, because all humans are slightly different, but at least similar in approach – and would solve the same problem. Given that, if I was to find myself in a situation where very different solutions are being discussed, maybe we have different understanding of what the starting point is? Or what the goal is? Or what restrictions/assumptions/limitations to work within? Double checking all those can quickly uncover missing (or invalid) problem statements, restrictions/assumptions/limitations or goals. If it turns out that we’re trying to solve different problems, then of course the proposed solutions would be very different!
If your skills in logic/reasoning/conflict are weak, and if you skip the verification step, then it is easy to get frustrated by your inability to “convince others” of the greatness of your code or design. Maybe you cannot explain it correctly. Maybe the others don’t want to listen to you – because they feel equally about their proposals. Maybe both. If you are passionate about your code, but cannot have others understand its greatness, the situation can easily turn to frustration (“I give up – why does no-one understand how great my code is?”) or even anger (“This code is too important to give up on – what do they know anyway – they’re just idiots”). This shift from working together to find the best code/design (something which can be objectively measured or stress-tested, after everyone agrees on what they all think is “best”.) to destructively debating the other humans (using hard-to-measure qualities) is dangerous. Even if the “right” code is actually chosen in the end, the manner in which the discussion was carried out can be toxic to the group.
Like many other engineers, I never had any formal training in logic/reasoning/conflict at any of my universities, so I had to learn these skills on-the-job, or at workshops I found over the years. Sometimes it went well. Sometimes it did not. I’m still working on this. Being able to talk through differences of opinions, in a constructive way, is a crucial skill set to develop as you work with others during your engineering career. And essential for *everyone* in a team to have, in order for the *team* to work together effectively.
I stumbled across this book in 2014, loved it, and was then delighted and surprised to discover that it was written by someone I knew from when I worked at Mozilla!! Ali’s book is focused on describing the different types of arguments used in logic debates, with very easy-to-understand examples. This will help you keep your logic and reasoning honest when you are a discussion. It will also make it easy to notice when someone else switches to using “Ad Hominem” or “No True Scotsman” or “Genetic Fallacy” or “Straw Man” or any other of these types of arguments on you.
I think many many people, including myself, find the idea of a book about arguments to be daunting, almost off-putting, so I really like how the simple one-page description and the full page cartoon images make the whole topic area more approachable, appealing and in turn, very easy to understand in a non-threatening way. At 56 pages, it is a super short book, and almost 50% of those pages are cartoons, so you could expect to be done in a few minutes. However, each page found me sitting rethinking different conflicts over the years, so this took a lot longer to read then I expected. And I re-read it often. In addition to the printed version of the book, there is also a fun https://bookofbadarguments.com/.
Try it, I think you will like it.
John.
=====
ps: This is one of two great books that I really like in this area – both of which I think should be required reading for engineers. Both of which I just discovered I had not yet blogged about, hence this post. Watch for another post coming soon.
http://oduinn.com/blog/2015/08/06/an-illustrated-book-of-bad-arguments-by-ali-almossawi/
|
|
Clint Talbert: Looking Ahead |
About two months ago, when many of you were probably at Whistler, Amazon appeared to have an outage. The eastern region seemed to go completely dark, and about half the internet (or half the internet I was connected to anyway) seemed to go down. It turned out to be a mistakenly published route by an ISP that caused traffic bound for Amazon’s east region to redirect to them.
You can look at that incident and say “we need more regulation”. But you can also look at that and see exactly the power and the promise of the internet. The fabric is distributed, power is at the edges, and creativity (or its darker twin, destruction) are within reach of everyone who understands enough of how it works to contribute. And that’s why the work Mozilla does is so important: Helping the people of the world realize the promise of the open web, and how to embrace that as a source of creativity while championing security and privacy.
When I left my position with MoCo back in April, I wasn’t sure what I’d do next. I wanted to focus on my writing for a while, and though I knew I would find another job at some point, I didn’t know how active I would remain in the Mozilla Community where I’ve been for much of the last decade. Since leaving, I’ve landed at a small company called Nuna that is working to improve health care for everyone by using data. And if you have heard anything about the US health care system, you have probably heard that it is one of the most broken systems in the developed world by nearly every measure. So, like Mozilla, it’s another role where what we build will create changes to make people’s lives better in meaningful, tangible ways.
I’m going to be focused on helping build the data analytics platform by doing what I enjoy: building automation and teams. But in order to really focus on the new space and on the problems before me, I am not going to be able to remain active in the Mozilla community. So sadly, I am relinquishing my duties as module peer, and I’m closing my Bugzilla account. It is bittersweet for certain, but it’s best to remain clearly focused on my goals, just as it is best for the Mozilla community to remain likewise focused on yours. The world needs us both to succeed.
My friends in this wonderful community have often felt more like family to me than friends. I wish you all the very best, and I know that many of us will endeavor to stay in touch as best we can. I look forward to celebrating your successes, and if ever I can be of service, you can find me here or on Twitter.
Keep on Rockin’ the Free Web
|
|
Air Mozilla: Web QA Weekly Meeting |
This is our weekly gathering of Mozilla'a Web QA team filled with discussion on our current and future projects, ideas, demos, and fun facts.
|
|
About:Community: Q3 Objectives for the Participation Team |
After weeks of meetings and planning the Participation Team has decided on six objectives to focus on this quarter.
Each of these objectives was chosen for it’s ability to bring us closer to our 2015 goal: Demonstrate that participation brings strategic advantage to Mozilla’s key product and functional goals.
Here are our six objectives for Q3 and the key results for each:
We work in three week sprints called “heartbeats” and you can follow along with each of these projects on GitHub to see what we will be working on for the next three weeks.
Can’t find what you’re looking for? Team members also have individual projects and objectives that aren’t directly related to these team objectives. You can read about the other projects we’re working on here.
Want to get involved? Search for tasks with the “Volunteer Task” label here.
http://blog.mozilla.org/community/2015/08/06/q3-objectives-for-the-participation-team/
|
|
Brian Birtles: Mozilla Japan engineering is quite hot right now |
Fortunately Taipei’s shaved ice extravaganza Ice Monster has popped-up just around the corner from our office in Tokyo!
Now that I’ve sufficiently buried the lede, I’d like to introduce you to what our platform engineers have been up to in the land of the rising (and scorching) sun.
Since April we’ve been trying to focus our efforts around two themes: Input and Animation although we also work on other items like fonts and supporting partner projects. Some of the things we’re tackling this quarter include:
Input:
Animation:
Other:
Last night we held our first “Gecko inside” meetup. The idea is for engineers to teach each other about different parts of our code and provide some useful information to people who are interested in contributing. This time, Makoto gave us a great overview of e10s in Firefox (slides).
We plan to do it again on September 8 including a special guest appearance from Gary Kwong presenting on fuzzing in Firefox!
If you’re in Tokyo please drop by! Better still, if you’re hacking on any of the same things, why not pay us an extended visit? In addition to Taiwanese shaved ice, we’ll gladly introduce you to some tasty sushi or barbecued beef tongue.
https://birtles.wordpress.com/2015/08/06/mozilla-japan-engineering-is-quite-hot-right-now/
|
|
Weekly Mozilla Reps call