The interesting Google transfer protocol that is known as QUIC is being passed through the IETF grinding machines to hopefully end up with a proper “spec” that has been reviewed and agreed to by many peers and that will end up being a protocol that is thoroughly documented with a lot of protocol people’s consensus. Follow the IETF QUIC mailing list for all the action.

I’d like us to join the fun

Similarly to how we implemented HTTP/2 support early on for curl, I would like us to get “on the bandwagon” early for QUIC to be able to both aid the protocol development and serve as a testing tool for both the protocol and the server implementations but then also of course to get us a solid implementation for users who’d like a proper QUIC capable client for data transfers.

implementations

The current version (made entirely by Google and not the output of the work they’re now doing on it within the IETF) of the QUIC protocol is already being widely used as Chrome speaks it with Google’s services in preference to HTTP/2 and other protocol options. There exist only a few other implementations of QUIC outside of the official ones Google offers as open source. Caddy offers a separate server implementation for example.

the Google code base

For curl’s sake, it can’t use the Google code as a basis for a QUIC implementation since it is C++ and code used within the Chrome browser is really too entangled with the browser and its particular environment to become very good when converted into a library. There’s a libquic project doing exactly this.

for curl and others

The ideal way to implement QUIC for curl would be to create “nghttp2” alternative that does QUIC. An ngquic if you will! A library that handles the low level protocol fiddling, the binary framing etc. Done that way, a QUIC library could be used by more projects who’d like QUIC support and all people who’d like to see this protocol supported in those tools and libraries could join in and make it happen. Such a library would need to be written in plain C and be suitably licensed for it to be really interesting for curl use.

a needed QUIC library

I’m hoping my post here will inspire someone to get such a project going. I will not hesitate to join in and help it get somewhere! I haven’t started such a project myself because I think I already have enough projects on my plate so I fear I wouldn’t be a good leader or maintainer of a project like this. But of course, if nobody else will do it I will do it myself eventually. If I can think of a good name for it.

some wishes for such a library

• Written in C, to offer the same level of portability as curl itself and to allow it to get used as extensions by other languages etc
• FOSS-licensed suitably
• It should preferably not “own” the socket but also work in-memory and to allow applications to do many parallel connections etc.
• Non-blocking. It shouldn’t wait for things on its own but let the application do that.
• Should probably offer both client and server functionality for maximum use.
• What else?

https://daniel.haxx.se/blog/2016/07/20/curl-wants-to-quic/

Weekly project updates from the Mozilla Connected Devices team.

https://air.mozilla.org/connected-devices-weekly-program-update-20160719/

Reuni'on bi-semanal para hablar sobre el estado de Mozilla, la comunidad y sus proyectos. Bi-weekly meeting to talk (in Spanish) about Mozilla status, community and...

https://air.mozilla.org/martes-mozilleros-20160719/

the following changes have been pushed to bugzilla.mozilla.org:

• [1283323] Rename “Triage Report” link on Reports page.
• [1286650] Allow explicit specification of an API key in scripts/issue-api-key.pl
• [1287039] Please add Katharina Borchert and CIO to recruiting lists
• [1286960] certain github commit messages are not being auto-linkified properly
• [1254882] develop a nightly script to revoke access to legal bugs from ex-employees

discuss these changes on mozilla.tools.bmo.

https://dlawrence.wordpress.com/2016/07/19/happy-bmo-push-day-24/

• Debugging tests on interactive workers (only Linux on TaskCluster)
• Improve end to end times on Try (Thunder Try project)

• Landed support for running reftest and xpcshell via tests.zip
• Many UX improvements to the interactive loaner workflow

• Make sure Xvfb is running so you can actually run the tests!
• Mochitest support + all other harnesses

• Landed prerequisites for Windows and OS X artifact builds on try.
• Identified which tests should be skipped with artifact builds

• Provide a try syntax flag to trigger only artifact builds instead of full builds; starting with opt Linux 64.

• Sccache’s Rust re-write has reached feature parity with Python’s sccache
• Now testing sccache2 on Try

• We want to roll out a two-tier sccache for Try, which will enable it to benefit from cache objects from integration branches

• Preliminary analytics / research based on job data from Treeherder found at: http://nbviewer.jupyter.org/url/people.mozilla.org/%7Ewlachance/try%20analysis.ipynb
• Which jobs finish last?
• Which jobs have the highest wait times?
• Which jobs have the longest total wall clock time (i.e. are the largest consumers of resources)

• Putting Mozharness steps’ data inside Treeherder’s database for aggregate analysis

• TaskCluster Linux builds are currently built using a mix of m3/r3/c3 2xlarge AWS instances, depending on pricing and availability. We’re going to be looking to assess the effects on build speeds of using more powerful AWS instances types, as one potential way of reducing e2e Try times.
• https://bugzilla.mozilla.org/show_bug.cgi?id=1287604

http://feedproxy.google.com/~r/armenzg_mozilla/~3/0G5lu0KOUsY/usability-improvements-for-firefox.html

Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us an email! Want to get involved? We love contributions.

This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.

Updates from Rust Community

News & Blog Posts

• Mozilla is shipping its first production Rust code in Firefox 48.
• Linux perf gets Rust symbol demangling support.
• Testing strategies for Corrode. Corrode is a C to Rust translator.
• Rust for Node.js developers - Part 3. Crates, Modules and the web.
• How to package Rust applications to RPM using vendoring.
• A Rust-powered public web page in 5 minutes.

New Crates & Project Updates

• Rust Project changelog for 2016-07-15. Updates to rustup, libc, net2, regex, websites.
• rustup 0.3 released. Includes fixes for downloading old releases, various cleanups, and preliminary (non-functional) rustls support.
• Lyon. GPU-based 2D graphics rendering experiments in Rust.
• Gluon. A static, type inferred and embeddable language written in Rust.
• Tango. Markdown-based Literate programming in Rust, integrated with Cargo.
• ScreenRuster. X11 screen saver and locker.
• These weeks in Servo 71.
• This week in Rust docs 13.
• This week in Ruma - July 17, 2016.
• What's coming up in imag 11.

Crate of the Week

This week has a belated Crate of the Week with Vincent Esche's self-submitted cargo-modules, which gives us the cargo modules subcommand that shows the module structure of our crates in a tree view, optionally warning of orphans. Thanks, Vincent!

Submit your suggestions for next week!

Call for Participation

Always wanted to contribute to open-source projects but didn't know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

Some of these tasks may also have mentors available, visit the task page for more information.

• [easy] imag: Make imag forward --debug and --verbose to subcommands.
• [moderate] rust: Very confusing error on attempt to pass path::Path by value. This is bad error message that is hit often. Good bug to get familiar with the compiler.
• [easy] rust: move coerce_match, coerce_calls and related tests into run-pass-valgrind. Just moving tests around. Easy introduction to the build system.
• [easy] rustbyexample.com is in need of maintainers. Good first tasks are writing Mutex examples and Arc examples.
• [hard] rustup: Write a GUI installer for rustup on Windows. This is involved but should be fun. It's an integration problem, writing a Windows GUI that hooks into the MSI installation system and calls into the rustup libraries. Required for rustup 1.0.
• [easy] cargo: Warn on the duplicate entry points for lib and bin.
• [easy] cargo: Can't specify precise crate version if there are multiple versions.
• [easy] error-chain: Display implementation should show the error's Display, not just the description. Looks like a simple fix.
• [easy] rust: Parsing inconsistencies (lambda, proc, return). This bug identifies some bugs where the rustc parser disagrees with the reference parser. Good first bug for someone interested in parsers.
• [easy] imag: --version and --versions yield helptext instead of version(s).

If you are a Rust project owner and are looking for contributors, please submit tasks here.

Updates from Rust Core

105 pull requests were merged in the last two weeks.

• Match whole statements in macros
• Harder floats on MIPS
• New method new_parser_from_ts
• Non-Squiggly-braced Macros now need Semicolon
• Simplify Macro Hygiene
• Stable order for handling type projection bounds
• calling directly imported trait methods no longer crashes rustc
• Unicode 9.0 update
• Simplify error reporting (potentially plugin-breaking)
• readdir now also works on Solaris
• String interner cleanup
• &Mutex is now RefUnwindSafe
• Simplify LinkedList with Shared instead of Box
• Deprecated API spring clean
• Cargo can now enable dependencies' features
• cargo publish --dry-run

New Contributors

• abhi
• Aravind Gollakota
• Ben Boeckel
• Ben Stern
• David
• Dridi Boukelmoune
• Isaac Andrade
• Zhen Zhang

Approved RFCs

Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

• RFC 1574: Introduce more conventions around documenting Rust projects.
• RFC 1644: Default and expanded errors for rustc.

Final Comment Period

Every week the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now. This week's FCPs are:

• Promote ! to a type
• Add language support for bitfields.
• Add support for 128-bit integers.
• Add space-friendly arguments. Add -C link-arg and -C llvm-arg which allow you to pass along argument with spaces.
• Exclude macros from importing with #[macro_use(not(...))].
• Add global_asm! for module-level inline assembly.
• Allow all literals in attributes.
• RFC process for formatting style and Rustfmt defaults.
• Replace synchronization primitives with those from parking_lot.
• Dedicated strike team to resolve unsafe code guidelines.
• Add assert_ne to compliment assert_eq.
• Introduce non-panicking borrow methods on RefCell.
• Propose asserts. This rfc proposes that the following macros be added: assert_gt, assert_lt, assert_ge, and assert_le.

New RFCs

• Procedural macros 1.1.
• Startup initialized statics. Introduce the ability to initialize (i.e., mutate) static items (even non-mut ones) at the beginning of main in a compiler-guaranteed safe manner.
• Unified machine word trait. Unify functionality peculiar to i8…i64 and u8…u64 in a trait containing the family of overflowing/checked/wrapping/saturating variants of arithmetic operations, as well as a few new ones.
• Add non-panicking abs() functions to all signed integer types.
• Add "panic-safe" or "total" alternatives to the existing panicking indexing syntax.

Upcoming Events

• 7/20. Rust Community Team Meeting at #rust-community on irc.mozilla.org.
• 7/21. Rust Hack & Learn Karlsruhe.
• 7/27. Rust Community Team Meeting at #rust-community on irc.mozilla.org.

If you are running a Rust event please add it to the calendar to get it mentioned here. Email Erick Tryzelaar or Brian Anderson for access.

fn work(on: RustProject) -> Money

• Rust developer at The Blackbird.
• Engineering positions at Zcash mention Rust.

Tweet us at @ThisWeekInRust to get your job offers listed here!

Quote of the Week

fzammetti: Am I the only one that finds highly ironic the naming of something that's supposed to be new and cutting-edge after a substance universally synonymous with old, dilapidated and broken down?

paperelectron: Rust is as close to the bare metal as you can get.

On /r/programming.

Submit your quotes for next week!

This Week in Rust is edited by: nasa42, llogiq, and brson.

https://this-week-in-rust.org/blog/2016/07/19/this-week-in-rust-139/

Tracking protection is an interesting beast. A feature to help users but users think the site is broken. I guess it's something similar to habits. If you put a mask on your face and you have forgotten about it, you may be surprised that people do not want to talk to you.

Webcompat Life

Progress this week:

Today: 2016-07-19T11:32:54.030052
316 open issues
----------------------
needsinfo       5
needsdiagnosis  76
needscontact    20
contactready    41
sitewait        168
----------------------

You are welcome to participate

Webcompat issues

(a selection of some of the bugs worked on this week).

• issue with MLB site displaying the plays.
• Interesting CSS issue about display:table and max-height having a different behavior in Chrome and Firefox, maybe something related to a known issue. To be confirmed.
• Enabling Tracking Protection in Firefox creates a lot of issues, which are not completely understood by users. We are starting to have a set of Web Compatibility reports because the site breaks or crashes when tracking protection is enabled. Usually, the JavaScript code of the site didn't take into account that some people might want to block some of the page assets, and this creates unintended consequences. There is probably something around UX to improve here. So users really understand their choices.

WebCompat.com dev

• Started to look at issue 722

Reading List

• CSS Containment.

  the contain property, which indicates that the element’s subtree is independent of the rest of the page.

  If I understand, this seems like something which would answer many of the complaints we hear from Web developers about CSS isolation. Specifically the layout term: contain: layout.

  This value turns on layout containment for the element. This ensures that the containing element is totally opaque for layout purposes; nothing outside can affect its internal layout, and vice versa.

  Implemented in Blink. I didn't find an issue on WebKit project (Safari). I didn't find a bug in Mozilla Bugzilla either. Can I use?. Probably no.

Follow Your Nose

• Previous Worklog
• Bugzilla Activity
• Github Activity

TODO

• Document how to write tests on webcompat.com using test fixtures.
• ToWrite: Amazon prefetching resources with for Firefox only.

Otsukare!

http://www.otsukare.info/2016/07/15/worklog-boxes

Havi Hoffman introduces the Mozilla Tech Speakers Series.

https://air.mozilla.org/introducing-mozilla-tech-speakers/

There isn’t a single day going by right now where you can’t read a post or see a talk about diversity and inclusiveness in our market. And that’s a great thing. Most complain about the lack of them. And that’s a very bad thing.

It has been proven over and over that diverse teams create better products. Our users are all different and have different needs. If your product team structure reflects that you’re already one up against the competition. You’re also much less likely to build a product for yourself – and we are not our end users.

Let’s assume we are pro-diversity and pro-inclusiveness. And it should be simple for us – we come from a position of strength:

• We’re expert workers and we get paid well.
• We are educated and we have companies courting us and looking after our needs once we have been hired.
• We’re not worried about being able to pay our bills or random people taking our jobs away.

I should say yet, because automation is on the rise and even our jobs can be optimised away sooner or later. Some of us are even working on that.

For now, though, we are in a very unique position of power. There are not enough expert workers to fill the jobs. We have job offers thrown at us and our hiring bonuses, perks and extra offers are reaching ridiculous levels. When you tell someone outside our world about them, you get shocked looks. We’re like the investment bankers and traders of the eighties and we should help to ensure that our image won’t turn into the same they have now.

If we really want to change our little world and become a shining beacon of inclusion, we need not to only talk about it – we should demand it. A large part of the lack of diversity in our market is that it is not part of our hiring practices. The demands to our new hires make it very hard for someone not from a privileged background or with a degree from a university of standing to get into our market. And that makes no sense. The people who can change that is us – the people in the market who tick all the marks.

To help the cause and make the things we demand in blog posts and keynotes happen, we should bring our demands to the table when and where they matter: in job interviews and application processes.

Instead of asking for our hardware, share options and perks like free food and dry cleaning we should ask for the things that really matter:

• What is the maternity leave process in the company? Can paternity leave be matched? We need to make it impossible for an employer to pick a man over a woman because of this biological reason.
• Why is a degree part of the job? I have none and had lots of jobs that required one. This seems like an old requirement that just got copied and pasted because of outdated reasons.
• What is the long term plan the company has for me? We kept getting asked where we see ourselves in five years. This question has become clich'e by now. Showing that the company knows what to do with you in the long term shows commitment, and it means you are not a young and gifted person to be burned out and expected to leave in a year.
• Is there a chance for a 4 day week or flexible work hours? For a young person it is no problem doing an 18 hours shift in an office where all is provided for you. As soon as you have children all kind of other things add to your calendar that can’t me moved.
• What does this company do to ensure diversity? This might be a bit direct, but it is easy to weed out those that pay lip service.
• What is the process to move in between departments in this company? As you get older and you stay around for longer, you might want to change career. A change in your life might make that necessary. Is the company supporting this?
• Is there a way to contribute to hiring and resourcing even when you are not in HR? This could give you the chance to ask the right questions to weed out applicants that are technically impressive but immature or terrible human beings.
• What is done about accessibility in the internal company systems? I worked for a few companies where internal systems were inaccessible to visually impaired people. Instead of giving them extra materials we should strive for making internal systems available out-of-the-box.
• What is the policy on moving to other countries or working remotely? Many talented people can not move or don’t want to start a new life somewhere else. And they shouldn’t have to. This is the internet we work on.
• What do you do to prevent ageism in the company? A lot of companies have an environment that is catering to young developers. Is the beer-pong table really a good message to give?

I’ve added these questions to a repo on GitHub, please feel free to add more questions if you find them.

FWIW, I started where I am working right now because I got good answers to questions like these. My interviews were talking to mixed groups of people telling me their findings as teams and not one very aggressive person asking me to out-code them. It was such a great experience that I started here, and it wasn’t a simple impression. The year I’ve worked here now proved that even in interviewing, diversity very much matters.

Photo Credit: shawncplus

https://www.christianheilmann.com/2016/07/18/a-great-time-and-place-to-ask-about-diversity-and-inclusion/

The Monday Project Meeting

https://air.mozilla.org/mozilla-weekly-project-meeting-20160718/

Once a month, web developers from across Mozilla get together to talk about the work that we’ve shipped, share the libraries we’re working on, meet new folks, and talk about whatever else is on our minds. It’s the Webdev Extravaganza! The meeting is open to the public; you should stop by!

You can check out the wiki page that we use to organize the meeting, or view a recording of the meeting in Air Mozilla. Or just read on for a summary!

Shipping Celebration

The shipping celebration is for anything we finished and deployed in the past month, whether it be a brand new site, an upgrade to an existing one, or even a release of a library.

Basket switch to Salesforce

First up was pmac, who shared the news that Basket, email newsletter subscription service, has switched to using Salesforce as the backend for storing newsletter subscriptions. In addition, the service now has a nifty public DataDog metrics dashboard showing off statistics about how the service is performing.

Engagement Engineering Status Board

Next was giorgos, who shared status.mozmar.org, a status page listing the current status of all the services that Engagement Engineering maintains. The status board pulls monitoring information from Dead Man’s Snitch as well as New Relic‘s application and Synthetics monitoring. The app runs a worker using AWS Lambda that pulls the information and writes it to a YAML file in the repo‘s gh-pages branch, and the status page itself reads the YAML file via JavaScript to build the display.

DXR

ErikRose stopped by to share more cool things that shipped in DXR this month:

• Indexing for XBL and JavaScript.
• Indexing 32+ new projects
• Added a 3rd build server
• Several performance optimizations that cut down build times by roughly 25%.
• C++ macro definitions, method overrides, pure virtuals, substructs, and more are all now indexed. In addition, you can now easily jump between header files and their implementations.
• UI improvements, including contrast improvements, a new filename filter, and jumping directly to files that are the only result of a query.

Special thanks to intern new_one and contributors twointofive and abbeyj. Also special thanks to MXR for being shut down due to security bugs and allowing DXR to flourish in its wake.

Fathom 1.0 and 1.1

Erik also brought up Fathom, an experimental framework for extracting meaning from webpages. Fathom allows you to write declarative rules that score and classify DOM nodes, and then extract those nodes from a DOM that it analyzes.

This month we shipped the 1.0 version of Fathom, as well as a 1.1 release with a bug fix for Firefox support as well as an optimization fix. It’s available as an NPM module for use as a library.

Roundtable

The Roundtable is the home for discussions that don’t fit anywhere else.

Engagement Engineering Hiring – Senior Webdev and Site Reliability Engineer

Last up was pmac again, who wanted to mention that the Mozilla Engagement Engineering team is hiring a Senior Web Developer and a Site Reliability Engineer. If you’re interested in working at Mozilla, click those links to apply on our careers site!

If you’re interested in web development at Mozilla, or want to attend next month’s Extravaganza, subscribe to the dev-webdev@lists.mozilla.org mailing list to be notified of the next meeting, and maybe send a message introducing yourself. We’d love to meet you!

See you next month!

https://blog.mozilla.org/webdev/2016/07/18/extravaganza-july-2016/

Hit augmented-reality mobile gaming sensation Pok'emon GO is now available in the UK, so it’s time to test my hypothesis about searches for 5km converted to miles in that second bastion of “Let’s use miles as distance units in defiance of basically every other country”:

Results are consistent with hypothesis.

(( Now if only I could get around how the Google Play Store is identifying my Z10 as incompatible with the game… ))

:chutten

https://chuttenblog.wordpress.com/2016/07/18/units-and-data-follow-up-pokemon-go-in-the-united-kingdom/

People who personalize Firefox like their Firefox better. However, many people don’t know that they can, and for those who know it isn’t particularly easy to do. So a few months ago, we began rethinking our entire add-on discovery experience—from helping people understand the benefits of personalization, to making it easier to install an add-on, to putting the right add-on in front of people at the right time.

The first step we’ve taken towards a better discovery experience is in the redesign of our Add-on Discovery Pane. This is typically the first page users see when they launch the Add-on Manager at about:addons.

Add-on Discovery Pane before Firefox 48

We updated this page to target people who are just getting started with add-ons, by simplifying add-on installation to just one click and using clean images and text to quickly orient a new user.

It features a tightly curated list of add-ons that provide customizations that are easy for new users to understand.

Add-on Discovery Pane starting with Firefox 48

We started with a small list and collaborated with their developers to ensure the best possible experience for users. For future releases, we will refresh the featured content on a more frequent basis and open up the nomination process for inclusion.

Our community of developers create awesome add-ons, and we want to help users discover them and love their Firefox even more. In the coming months, we are going to continue improving the experience by making recommendations that are as uniquely helpful to users as possible.

In the meantime, this first step toward improving the Firefox personalization experience will land in Firefox 48 on August 1, and is available in Firefox Beta now. So download Firefox Beta, go to about:addons and give it a try! (You can also reach this page by going to the Tools menu and choosing “Add-ons”). We would love to hear your feedback in the forums.

https://blog.mozilla.org/addons/2016/07/18/a-better-add-on-discovery-experience/

The web as we know it basically runs on advertising. Which is not really great, for a variety of reasons. But charging people outright for content doesn't work that great either. How about bitcoin mining instead?

Webpages can already run arbitary computation on your computer, so instead of funding themselves through ads, they could instead include a script that does some mining client-side and submits the results back to their server. Instead of paying with dollars and cents you're effectively paying with electricity and compute cycles. Seems a lot more palatable to me. What do you think?

https://staktrace.com/spout/entry.php?id=837

I wrote a chapter in the latest book in the “Architecture of Open Source Applications”, “500 Lines or Less”.

The theme of the book is to look in detail at the decisions software engineers make “in the small”. This isn’t about large-scale system design, community management, or working on huge codebases (like, say, Firefox). Nor is it about the design and implementation of “classic” computer science algorithms that a student might learn in school. The focus is in the middle ground: given a single real-world problem, how do we approach solving it and implementing the solution in an elegant, instructive form?

My chapter is on distributed consensus. I chose the topic because I was not already familiar with it, and I felt that I might produce a more instructive result if I experienced the struggles of solving a novel problem first-hand. Indeed, distributed consensus delivered! Building on some basic, published algorithms, I worked to build a practical library to provide distributed state to an application. In the process, I ran into issues from data structure aliasing to livelock (Paxos promises not to reach more than one different decisions. It does not promise to reach more than zero!)

The line limit (500 lines) was an interesting constraint. Many of my attempts to work around fundmantal issues in distributed consensus, such as detecting failed nodes, quickly ran hundreds of lines too long. Where in a professional setting I might have produced a library of many thousands of lines and great complexity. Instead, I produced a simple, instructive implementation with some well-understood limitations.

The entire book is available for reading online, or you can buy a PDF or printed copy. All proceeds go to charity, so please do consider buying, but at any rate please have a look and let me know what you think!

I haven’t yet read the other chapters, aside from a few early drafts. My copy is being printed, and once it arrives I’ll enjoy reading the remainder of the book.

http://code.v.igoro.us/posts/2016/07/aosa-book.html

At Mozilla we share a lot of open source libraries. When you’re using someone else’s library, you might find that an upgrade breaks something in your application — but why? Glancing at the library’s changelog can help. However, manually maintaining a changelog when building features for a library can be a challenge.

We’ve been experimenting with auto-generating a changelog from commit history itself and so far it makes changelogs easy and painless. Here’s how to set it up. These tools require NodeJS so it’s best suited for JavaScript libraries.

First, you need to write commit messages in a way that allows you to extract metadata for a changelog. We use the Angular conventions which specify simple prefixes like feat: for new features and fix: for bug fixes. Here’s an example of a commit message that adds a new feature:

feat: Added a `--timeout` option to the `run` command

Here’s an example of a bug fix:

fix: Fixed `TypeError: runner is undefined` in the `run` command

The nice thing about this convention is that tools such as Greenkeeper, which sends pull requests for dependency updates, already support it.

The first problem with this is a social one; all your contributors need to follow the convention. We chose to solve this with automation by making the tests fail if they don’t follow the conventions

https://blog.mozilla.org/webdev/2016/07/15/auto-generating-a-changelog-from-git-history/

Once a month web developers across the Mozilla community get together (in person and virtually) to share what cool stuff we've been working on in...

https://air.mozilla.org/webdev-beer-and-tell-july-2016/

Our review policies for addons.mozilla.org (AMO) require transparency when it comes to an add-on’s features and how they might affect a user’s privacy and security.

These policies are particularly relevant in cases where an add-on includes monetization features that are unrelated to its main function. For example, a video downloader add-on could include a shopping recommendation feature that injects offers from commercial websites. In cases like this, to be listed on AMO the feature would need to be opt-in. Opt-in means the add-on needs to present to the user the option to enable the feature, with a default action of keeping it disabled.

We’re often asked for examples of add-ons that do this, so I decided to create a sample WebExtension for this purpose. You can find the code on GitHub, and the built and signed example can be downloaded here.

The extension implements two opt-in prompts:

1. A new tab.
2. A panel in the main add-on button.

(If you don’t recognize the dark theme in the screenshots, it’s because I’m using Firefox Developer Edition—currently Firefox 49—for testing.)

An add-on would normally implement one prompt or the other. Opening a new tab has the advantage of getting the user’s attention right away, and has more room for content. The main disadvantage is that it can annoy users and feel too pushy. The pop-up approach is more user-friendly because it appears when the user is ready to engage with the add-on and is better integrated with the add-on UI. However, it wouldn’t work if the add-on doesn’t include buttons.

This example is completely minimal, hence the almost complete lack of styling. However, it includes the elements that AMO policies deem necessary:

• Text explaining clearly to the user what the opt-in feature does and why it’s being offered. In this case, the extra feature is a variation of the borderify example on GitHub.
• A link to a privacy policy and/or more information about the feature. That page should spell out its privacy and security implications.
• A clear choice between enabling the feature and keeping it disabled, defaulting to disabled. I set autofocus="true" to the Cancel button, which can be clearly seen in the popup screenshot.

Hitting the Return key in either case, or closing the opt-in tab should be assumed to mean that the user is choosing not to accept the feature (the tab closing case isn’t implemented in this example to make it easier to test). The example uses the storage API to keep track of two flags: one that indicates the user has clicked on either button, and one that indicates if the user has enabled the feature or not. After the opt-in is registered as shown, the tab won’t show up again, and the content changes to something else.

Note: I couldn’t find a way to look at the extension’s storage in the developer tools (I suppose it’s not implemented yet). You can clear the storage to reset the state of the extension by deleting the browser-extension-data folder in the profile.

Remember that sneaking in unwanted features is bad for your users and your add-on’s reputation, so make sure you give your users control and give them clear information to make a decision. Happy coding!

https://blog.mozilla.org/addons/2016/07/15/writing-an-opt-in-ui-for-an-extension/

Please join us in congratulating Konstantina Papadea as Rep of the Month for May.

Konstantina is a long-time Mozilla Reps from Greece. Additionally she is also responsible for the budget and swag requests in the Reps program.

In the past months Konstantina has helped out with organizing and chairing the Reps weekly call together with Ioana. That means that they are weekly in contact with many mozillians to find new interesting topics and prepare the agenda and the notifications. Further she is helping the Council with the formation of the Review Team we are implementing. This was already announce here and will give council more time to spend on mission and strategy. She became a mentor and will help inspire the new people applying for the program.

Please don’t forget to congratulate her on Discourse!

https://blog.mozilla.org/mozillareps/2016/07/15/rep-of-the-month-may-2016/

We recently relaxed our graphics blocklist for users with NVIDIA hardware using certain older graphics drivers. The original blocklist entry blocked all versions less than v8.17.11.8265 due to stability issues with NVIDIA 182.65 and earlier. We recently learned however that the first two numbers in the version string indicate platform version and the latter numbers refer to the actual driver version. As a result we were inadvertently blocking newer drivers on older platforms.

We have since opened up the blacklist for versions newer than 8.15.11.8265 (Win XP) and 8.16.11.8265 (Vista/Win7) via bug 1284322, effectively drivers released beyond mid-2009.This change only exists on Nightly currently but we expect it to ride the trains unless some critical regression is discovered.

If you are triaging bugs and user feedback, or are engaging with users on social media, please keep an eye out for users with NVIDIA hardware. If the user does have NVIDIA hardware please have them check the Graphics section of about:support to confirm if they are using a driver version that was previously blocked. If they are try to help them get updated to the most recent driver version. If the issue persists, have them disable hardware acceleration to see if the issue goes away.

The same goes if you are a user experiencing quality issues (crashes, hangs, black screening, checkerboarding, etc) on NVIDIA hardware with these drivers. Please make sure your drivers are up to date.

In either case, if the issue persists please file a bug so we can investigate what is happening.

Feel free to email me if you have any questions.

Thank you for your help!

https://ashughes.com/?p=357