The Rust Programming Language Blog: Announcing Rust 1.26 |
The Rust team is happy to announce a new version of Rust, 1.26.0. Rust is a systems programming language focused on safety, speed, and concurrency.
If you have a previous version of Rust installed via rustup, getting Rust 1.26.0 is as easy as:
$ rustup update stable
If you don’t have it already, you can get rustup from the
appropriate page on our website, and check out the detailed release notes for
1.26.0 on GitHub.
The past few releases have had a steady stream of relatively minor additions. We’ve been working on a lot of stuff, however, and it’s all starting to land in stable. 1.26 is possibly the most feature-packed release since Rust 1.0. Let’s dig in!
For almost 18 months, Carol, Steve, and others have been working on a complete re-write of “The Rust Programming Language.” We’ve learned a lot about how people learn Rust since the first book was written, and this version is an improvement in every way.
We’ve shipped the draft of the second edition on the website for a while now,
but with a disclaimer that it was a work in progress. At this point, the book
is undergoing some final, minor copy-edits, and being prepared for print. As
such, with this release, we are recommending the second edition over the
first. You can read it on
doc.rust-lang.org or
locally via rustup doc --book.
Speaking of print, you can pre-order a dead tree version of the book from NoStarch Press. The contents are identical, but you get a nice physical book to put on a shelf, or a beautifully typeset PDF. Proceeds are going to charity.
impl TraitAt long last, impl Trait is here! This feature has been highly desired for
quite a while, and provides a feature known as “existential types.” It’s
simpler than that sounds, however. The core of it is this idea:
fn foo() -> impl Trait {
// ...
}
This type signature says “foo is a function that takes no arguments but
returns a type that implements the Trait trait.” That is, we’re not
going to tell you what the return type of foo actually is, only that
it implements a particular trait. You may wonder how this differs from
a trait object:
fn foo() -> Box<Trait> {
// ...
}
While it’s true that you could have written this code today, it’s not
ideal in all situations. Let’s say we have a Trait trait that
is implemented for both i32 and f32:
trait Trait {
fn method(&self);
}
impl Trait for i32 {
// implementation goes here
}
impl Trait for f32 {
// implementation goes here
}
Consider this function:
fn foo() -> ? {
5
}
We want to fill in the return type with something. Previously, only the trait object version was possible:
fn foo() -> Box<Trait> {
Box::new(5) as Box<Trait>
}
But this introduces a Box, which means allocation. We’re not actually
returning some kind of dynamic data here either, so the dynamic dispatch of
the trait object hurts too. So instead, as of Rust 1.26, you can write this:
fn foo() -> impl Trait {
5
}
This doesn’t create a trait object, it’s like we had written -> i32, but
instead, we’re only mentioning the part about Trait. We get static
dispatch, but we can hide the real type like this.
Why is this useful? One good use is closures. Remember that closures in
Rust all have a unique, un-writable type, yet implement the Fn trait.
This means that if your function returns a closure, you can do this:
// before
fn foo() -> Box<Fn(i32) -> i32> {
Box::new(|x| x + 1)
}
// after
fn foo() -> impl Fn(i32) -> i32 {
|x| x + 1
}
No boxing, no dynamic dispatch. A related scenario happens when returning iterators. Not only do iterators often include closures, but since they nest, you get quite deeply nested types. For example:
fn foo() {
vec![1, 2, 3]
.into_iter()
.map(|x| x + 1)
.filter(|x| x % 2 == 0)
}
when compiled, gives this error:
error[E0308]: mismatched types
--> src/main.rs:5:5
|
5 | / vec![1, 2, 3]
6 | | .into_iter()
7 | | .map(|x| x + 1)
8 | | .filter(|x| x % 2 == 0)
| |_______________________________^ expected (), found struct `std::iter::Filter`
|
= note: expected type `()`
found type `std::iter::Filter, [closure@src/main.rs:7:14: 7:23]>, [closure@src/main.rs:8:17: 8:31]>`
That’s a huge ‘found type’. Each adapter in the chain adds a new type. Additionally, we have that closure in there. Previously, we’d have had to use a trait object here, but now we can simply do
fn foo() -> impl Iterator<Item = i32> {
vec![1, 2, 3]
.into_iter()
.map(|x| x + 1)
.filter(|x| x % 2 == 0)
}
and be done with it. Working with futures is very similar.
It’s important to note that sometimes trait objects are still
what you need. You can only use impl Trait if your function returns
a single type; if you want to return multiple, you need dynamic dispatch.
For example:
fn foo(x: i32) -> Box<Iterator<Item = i32>> {
let iter = vec![1, 2, 3]
.into_iter()
.map(|x| x + 1);
if x % 2 == 0 {
Box::new(iter.filter(|x| x % 2 == 0))
} else {
Box::new(iter)
}
}
Here, we may return a filtered iterator, or maybe not. There’s two different types that can be returned, and so we must use a trait object.
Oh, and one last thing: to make the syntax a bit more symmetrical, you can
use impl Trait in argument position too. That is:
// before
fn foo<T: Trait>(x: T) {
// after
fn foo(x: impl Trait) {
which can look a bit nicer for short signatures.
Side note for you type theorists out there: this isn’t an existential, still a universal. In other words,
impl Traitis universal in an input position, but existential in an output position.
match bindingsHave you ever had a reference to an Option, and tried to use match? For
example, code like this:
fn hello(arg: &Option<String>) {
match arg {
Some(name) => println!("Hello {}!", name),
None => println!("I don't know who you are."),
}
}
If you tried to compile this in Rust 1.25, you’d get this error:
error[E0658]: non-reference pattern used to match a reference (see issue #42640)
--> src/main.rs:6:9
|
6 | Some(name) => println!("Hello {}!", name),
| ^^^^^^^^^^ help: consider using a reference: `&Some(name)`
error[E0658]: non-reference pattern used to match a reference (see issue #42640)
--> src/main.rs:7:9
|
7 | None => println!("I don't know who you are."),
| ^^^^ help: consider using a reference: `&None`
Okay, sure. Let’s modify the code:
fn hello(arg: &Option<String>) {
match arg {
&Some(name) => println!("Hello {}!", name),
&None => println!("I don't know who you are."),
}
}
We added the &s the compiler complained about. Let’s try to compile again:
error[E0507]: cannot move out of borrowed content
--> src/main.rs:6:9
|
6 | &Some(name) => println!("Hello {}!", name),
| ^^^^^^----^
| | |
| | hint: to prevent move, use `ref name` or `ref mut name`
| cannot move out of borrowed content
Okay, sure. Let’s make the compiler happy again by taking its advice:
fn hello(arg: &Option<String>) {
match arg {
&Some(ref name) => println!("Hello {}!", name),
&None => println!("I don't know who you are."),
}
}
This will finally compile. We had to add two &s, and a ref. But more
importantly, none of this was really helpful to us as programmers. Sure,
we forgot a & at first, but does that matter? We had to add ref to
get a reference to the inside of the option, but we couldn’t do anything but
get a reference, as we can’t move out of a &T.
So, as of Rust 1.26, the initial code, without the &s and ref, will just
compile and do exactly what you’d expect. In short, the compiler will automatically
reference or de-reference in match statements. So when we say
match arg {
Some(name) => println!("Hello {}!", name),
the compiler automatically references the Some, and since we’re borrowing,
name is bound as ref name automatically as well. If we were mutating:
fn hello(arg: &mut Option<String>) {
match arg {
Some(name) => name.push_str(", world"),
None => (),
}
}
the compiler will automatically borrow by mutable reference, and name will
be bound as ref mut too.
We think this will remove a significant papercut for new and old Rustaceans alike. The compiler will just do the right thing more often without the need for boilerplate.
main can return a ResultSpeaking of papercuts, since Rust uses the Result type for returning
errors, and ? to make handling them easy, a common pain-point of
new Rustaceans is to try and use ? in main:
use std::fs::File;
fn main() {
let f = File::open("bar.txt")?;
}
This will give an error like “error[E0277]: the ? operator can only be used
in a function that returns Result”. This leads to a pattern where many
people write code that looks like this:
fn run(config: Config) -> Result<(), Box<Error>> {
// --snip--
}
fn main() {
// --snip--
if let Err(e) = run(config) {
println!("Application error: {}", e);
process::exit(1);
}
}
Our run function has all of the real logic, and main
calls run, only checking to see if there was an error
and exiting. We need to make this second function because
main can’t return a Result, but we’d like to use ?
in that logic.
In Rust 1.26, you can now declare main that returns Result:
use std::fs::File;
fn main() -> Result<(), std::io::Error> {
let f = File::open("bar.txt")?;
Ok(())
}
This now works just fine! If main returns an error, this will
exit with an error code, and print out a debug representation
of the error.
..=Since well before Rust 1.0, you’ve been able to create exclusive ranges with ..
like this:
for i in 1..3 {
println!("i: {}", i);
}
This will print i: 1 and then i: 2. In Rust 1.26, you can now create an
inclusive range, like this:
for i in 1..=3 {
println!("i: {}", i);
}
This will print i: 1 and then i: 2 like before, but also i: 3; the
three is included in the range. Inclusive ranges are especially useful
if you want to iterate over every possible value in a range. For example,
this is a surprising Rust program:
fn takes_u8(x: u8) {
// ...
}
fn main() {
for i in 0..256 {
println!("i: {}", i);
takes_u8(i);
}
}
What does this program do? The answer: nothing. The warning we get when compiling has a hint:
warning: literal out of range for u8
--> src/main.rs:6:17
|
6 | for i in 0..256 {
| ^^^
|
= note: #[warn(overflowing_literals)] on by default
That’s right, since i is a u8, this overflows, and is the same as writing
for i in 0..0, so the loop executes zero times.
We can do this with inclusive ranges, however:
fn takes_u8(x: u8) {
// ...
}
fn main() {
for i in 0..=255 {
println!("i: {}", i);
takes_u8(i);
}
}
This will produce those 256 lines of output you might have been expecting.
Another long-awaited feature is “slice patterns.” These let you match on slices similar to how you match on other data types. For example:
let arr = [1, 2, 3];
match arr {
[1, _, _] => "starts with one",
[a, b, c] => "starts with something else",
}
In this case, we know arr has a length of three, and so we need three entries
inside the []s. We can also match when we don’t know the length:
fn foo(s: &[u8]) {
match s {
[a, b] => (),
[a, b, c] => (),
_ => (),
}
}
Here, we don’t know how long s is, so we can write the first two arms, each with
different lengths. This also means we need a _ term, since we aren’t covering
every possible length, nor could we!
We continue to work on the speed of the compiler. We discovered that deeply nesting types was non-linear in some cases, and a fix was implemented. We’re seeing up to a 12% reduction in compile times from this change, but many other smaller fixes landed as well. More to come in the future!
Finally, a very simple feature: Rust now has 128 bit integers!
let x: i128 = 0;
let y: u128 = 0;
These are twice the size of u64, and so can hold more values. More specifically,
u128: 0 - 340,282,366,920,938,463,463,374,607,431,768,211,455i128: -170,141,183,460,469,231,731,687,303,715,884,105,728 - 170,141,183,460,469,231,731,687,303,715,884,105,727Whew!
See the detailed release notes for more.
We stabilized fs::read_to_string,
a convenience over File::open and io::Read::read_to_string for easily reading an entire
file into memory at once:
use std::fs;
use std::net::SocketAddr;
let foo: SocketAddr = fs::read_to_string("address.txt")?.parse()?;
You can now format numbers as hexadecimal with Debug
formatting:
assert!(format!("{:02x?}", b"Foo\0") == "[46, 6f, 6f, 00]")
Trailing commas are now supported by all macros in the standard library.
See the detailed release notes for more.
Cargo didn’t receive many big new features this release but rather saw a steady
stream of stability and performance improvements. Cargo should now resolve lock
files even faster, backtrack more intelligently, and require manual cargo
update invocations less. Cargo’s binary now also shares the same version as
rustc.
See the detailed release notes for more.
Many people came together to create Rust 1.26. We couldn’t have done it without all of you.
|
|
Michael Kaply: An Enterprising Future |
Firefox 60 was released today with support for enterprise policies, including Windows Group Policy. If you’ve followed me or my blog for any length of time, you know that advocating for Firefox in the enterprise has been something that I’ve been doing a very long time.
The first version of the CCK Wizard was released on May 11, 2006 and was for Firefox 1.5
So, to say that I’m happy about this particular release would be an understatement. I’m absolutely ecstatic that Mozilla decided that adding support for enterprise features was important.
But I have to admit something; over the years in my zeal to get enterprise support into Firefox, I’ve encouraged just about every method possible to get customizations into Firefox. As a result, I know there are many installations of Firefox that use methods that are definitely not recommended anymore, especially now that we have real policy support. So, I want to take a moment to encourage everyone:
Please investigate using the new policy manager to replace any method you’ve used in the past, including the distribution directory, AutoConfig and CCK2. If you find things that you are not able to do with the policy engine, please let us know. There’s a possibility that some of these methods might not work in the future, so we’d like to find out now what we need to do to make things working.
If you find bugs or have feature requests, please report them on Github or in Bugzilla.
A couple other notes that might be useful:
So now, let’s address the elephant in the room – CCK2.
First off, to support Firefox 60, I released a new version of the CCK2 yesterday. It’s not perfect, but it fixes some of the major issues (bookmarks and error popups). You should get automatically updated to this release. You’ll need repackage your configurations to get these fixes.
But what about the future?
CCK2 uses AutoConfig as the underlying technology to customize Firefox. We currently have plans to sandbox AutoConfig on Rapid Release starting with Firefox 62. This will mean the CCK2 will definitely not work with Rapid Release starting with Firefox 62.
On the ESR, I plan to keep CCK2 working, but I will not be implementing any new features except as they relate to making it easier to migrate to the policy manager. One example of that is providing the ability to remove all bookmarks added by CCK2. Once Firefox 52 is out of support, I will probably migrate CCK2 to use the policy manager internally. To enable that, we are investigating allow policies to be specified via AutoConfig as JSON files.
I always knew there would come a time when the CCK2 would not work anymore. My biggest concern was that there wouldn’t be a replacement. But I’m confident with the policy management support that we’ve implemented that we can make things even better.
I appreciate the support and encouragement folks have given me over the years with regards to the CCK2. I’m glad that the work that I’ve done will live on in the new policy manager on Firefox.
One final note. You will start to see a lot of my older blog posts disappear. This because I don’t want to recommend people use those methods anymore. The official place to get documentation and support is support.mozilla.org.
|
|
K Lars Lohn: Things Gateway - Monitoring Solar Panels |
lifetime_generation = WoTThing.wot_property(
name='lifetime_generation',
initial_value=0.0,
description='Total lifetime generation in KWh',
value_source_fn=get_enphase_data,
units='KWh'
)
generating_now = WoTThing.wot_property(
name='generating_now',
initial_value=0.0,
description='currently generating in KWh',
units='KW'
)
microinverter_total = WoTThing.wot_property(
name='microinverter_total',
initial_value=0,
description='the number of microinverters installed'
)
microinverters_online = WoTThing.wot_property(
name='microinverters_online',
initial_value=0,
description='the number of microinverters online',
)
async def get_enphase_data(self):(see the entire source code in the enphase_solar.py source file in the pywot/demo directory)
async with aiohttp.ClientSession() as session:
async with async_timeout.timeout(config.seconds_for_timeout):
async with session.get(config.target_url) as response:
enphase_home_page_raw = await response.text()
enphase_page = BeautifulSoup(enphase_home_page_raw, 'html.parser')
# this is stupidly fragile - we're assuming this page format never
# changes from fetch to fetch - observation has shown this to be ok
# but don't know if that will hold over Enphase software updates.
td_elements = enphase_page.find_all('table')[2].find_all('td')
self.lifetime_generation = self._scale_based_on_units(
td_elements[self._LIFETIME_GENERATION].contents[0]
)
self.generating_now = self._scale_based_on_units(
td_elements[self._CURRENTLY_GENERATING].contents[0]
)
self.microinverter_total = td_elements[self._MICROINVERTER_TOTAL].contents[0]
self.microinverters_online = td_elements[self._MICROINVERTERS_ONLINE].contents[0]
Locate your Enphase Energy Web server on your local network. I used the program Fing on my Android phone to scan my local WiFi network.
$ sudo pip3 install configman
$ sudo pip3 install bs4
$ sudo pip3 install webthing
$ git clone https://github.com/twobraids/pywot.git
$ cd pywot
$ export PYTHONPATH=$PYTHONPATH:$PWD
$ cd demo
The program will start logging what it is doing. First you'll see all the settable parameters and their current values. Then it'll log about setting up properties and starting servers. Finally, it will start logging new values that it has found, by default, every five minutes. You can change that with the --seconds_between_polling command line switch.
$ ./enphase_solar.py --enphase_address=YOUR_LOCAL_ENPHASE_IP_ADDRESS
http://www.twobraids.com/2018/05/things-gateway-monitoring-solar-panels.html
|
|
Mozilla Localization (L10N): L10N Report: May Edition |
Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.
New localizers
Are you a locale leader and want us to include new members in our upcoming reports? Contact us!
Activity Stream has become an integral part of Firefox, officially replacing the existing New Tab and soon integrating code for displaying snippets and onboarding content. For this reason, we’re working on moving translations to mozilla-central.
Currently, Activity Stream is managed as a stand-alone project in Pontoon, and store its translations in a GitHub repository. Once this meta bug is fixed, Activity Stream’s strings will be exposed as part of the Firefox project.
While this makes the relation between Activity Stream and Firefox more obvious for localizers, it will also allow to make some improvements in the future, like reducing the lag between translations landing in repositories and actually being available for testing in Firefox.
There are some changes in the release schedule for the Summer, with the Nightly cycle for 63 lasting 10 weeks instead of 8, and the effects of this change rippling to the end of year.
Does this impact you as a localizer? Luckily, not really, thanks to cross-channel. Just don’t forget to keep an eye on the deadlines in Pontoon for the Firefox project, and you’ll be all set.
If you’re curious, you can always check the official Release Calendar.
We were waiting for the 61 Nightly cycle to end before resuming migrations. The first bug on the schedule for 62 landed on Tuesday and migrated almost 30 strings used in Privacy related permission dialogs (camera, location, pop-ups, etc.), with a second one already in review (over 20 strings, used in JavaScript across subdialogs in Preferences).
Shield studies are A/B tests, deployed to a specific portion of Firefox users, designed to test features or changes and analyze their impact.
So far, these studies have been targeting only English users (with one exception), and didn’t require localization. This week we started localizing our first study: it’s an extension that will be enabled initially only for Nightly, and for a limited number of locales (4) that have a significant population on the Nightly channel. We will also expose the opt-out preference for Shield studies, together with the about:studies page, to all languages in Firefox in the coming days.
If you’re interested in Shield studies, you can find more details in this wiki page.
There’s been quite a few things going on in mobile world recently, as you’ve probably noticed.
We’ve recently exposed strings for the upcoming release of Firefox iOS v12, that aims to launch around June 12th. The tentative deadline for localizing and testing is May 23rd. Screenshots are updated twice a week.
Firefox for Amazon Fire TV is shipping an update very soon, probably some time next week. We’ll be getting updated screenshots for testing very soon, stay tuned!
Same for Focus Android v5 that is coming up, and will feature three new locales: Angika (anp), Cornish (kw) and Pur'epecha (tsz). Congrats to the localizers involved in this effort!
Firefox for Android is updating to v60 as we speak, and is being progressively rolled out to users.
Common Voice was launched on May 2nd in 29 languages. Thanks to many communities’ active participation to get to the finish line, especially with quite a bit of last minute changes. More languages will be added as they reach the completion criteria.
The team has been continually impressed with the thoroughness of communities around the globe down to the wire, to test, to identify issues, and they have not stopped just because the product or their language is launched. The bugs keep coming, not just for translation but for site stability and UX issues. Here is one example.
Currently, only the website is localizable. The next step is to start recording voices in new languages. To that end, we need sentences for people to read in these new languages. The Common Voice team is participating the Mozilla’s Global Sprint to help collect and review new sentences for people to read. Only after that, the team will start collecting voice data in a new language.
On the advocacy and fundraising side, we’ve had an opportunity to respond to the Clear History feature announced by Facebook during the F8 conference, but the team is mostly focusing on the long term strategy on how to move the conversation to the broader data and privacy topic.
We’re happy to announce that Vishal Sharma and Pramit Singhi will be joining us for the Google Summer of Code project this year! They will help us improve the path to first contribution, including the homepage redesign and guiding new users to submitting their first translation. That should help us grow l10n communities.
Pontoon now runs compare-locales checks when you submit a translation – the same library that is used during the Firefox build process. That allows Pontoon to prevent you from submitting translations that can break Firefox. Read more about the updates we made to the way quality checks work.
Pontoon now allows you to translate strings across all projects in a single translation interface, which helps you work on all untranslated strings in one go, or review all pending suggestions submitted by your team contributors. We also changed the way search works by bringing it closer to the default behaviour of search engines.
We realized that several communications we send to the dev.l10n.web mailing list concern only a small subset of locales, and are meant to be ignored by the vast majority of people. In order to keep the signal-to-noise ratio low, we are changing the way we communicate project updates like snippets and newsletters. From now on, we will try to rely as much as possible on Pontoon built-in notification system, allowing us to send notifications only to existing contributors in the target locales. This way, communications in dev.l10n.web should be more relevant for everyone.
This also means people contributing to Engagement projects won’t get notification directly in their inbox, but using the Pontoon Tools add-on from Michal Stanke will get you almost real-time notifications in your browser. If you’re usually contributing to those projects, please keep an eye on Pontoon notifications if you don’t want to miss schedule, deadline or context about new content.
If you’re planning to meet your fellow teammates this year, or planning an event with other locales, make sure to check our plans for l10n meetups in 2018 and the process to organize meetups. We can’t wait to see the meetup ideas you may have!
Image by Elio Qoshi
Know someone in your l10n community who’s been doing a great job and should appear here? Contact on of the l10n-drivers and we’ll make sure they get a shout-out (see list at the bottom)!
Did you enjoy reading this report? Let us know how we can improve by reaching out to any one of the l10n-drivers listed above.
https://blog.mozilla.org/l10n/2018/05/09/l10n-report-may-edition/
|
|
Air Mozilla: The Joy of Coding - Episode 138 |
mconley livehacks on real Firefox bugs while thinking aloud.
|
|
Air Mozilla: Weekly SUMO Community Meeting, 09 May 2018 |
This is the SUMO weekly call
https://air.mozilla.org/weekly-sumo-community-meeting-20180509/
|
|
Hacks.Mozilla.Org: Firefox 60 – Modules and More |
Firefox 60 is here, and the Quantum lineage continues apace. The parallel processing prowess of Quantum CSS is now available on Firefox for Android, and work continues on WebRender, which modernizes the whole idea of what it means to draw a web page. But we’re not just spreading the love on internals. Firefox 60 boasts a number of web platform and developer-facing improvements as well. Here are a few highlights:
Modular code isn’t just a good idea, it’s the law it’s a great idea! Being able to separate functional units of software allows for cleaner re-use of individual modules and easier inclusion of third-party code. Many languages have support for modules, and if you’re familiar with Node.JS, they’ve been available in some form with the CommonJS require API, but a standardized syntax was created as part of ES2015 (ES6).
Although the syntax for ES modules was standardized, it was left as an exercise for browsers to understand and retrieve the modules. This took a bit of extra time, but now that the browser loading behavior is standardized, support has started rolling out, and this release brings that support to Spidermonkey, Firefox’s JavaScript engine. You can check out the docs on MDN, and of course don’t miss Lin Clark’s breakdown of ES modules either!
Firefox 60 supports the Same-Site attribute when setting cookies. When set, the browser will not send cookies along with a cross-origin request to the issuing server, e.g. during fetch or loading an image. This helps mitigate against common silent forms of Cross-Origin Request Forgery. There is a “lax” mode that does the above, as well as a strict mode that, in addition to the lax behavior, will also not send cookies with an in-bound navigation. This helps prevent a malicious site deep-linking to a page where unintentional behavior could occur when cookies are included.
Read more on the Mozilla Security Blog.
It’s been known for a while now that in many contexts, a well-known username (like an email address) and a user-generated password are not sufficiently secure for authentication. This has led to the rise of Multi-Factor Authentication, usually 2-factor authentication, in which in addition to a password, users must also provide information from an additional source. Many sites will send an SMS message with a code to a mobile device, and some also accept tokens generated by a code-generator app or purpose-built hardware “key”. This whole exchange has required the user to copy numbers from a screen into a text field, or at minimum the hardware key has had to simulate key presses.
The Web Authentication API (WebAuthn for short) seeks to eliminate the clunkier aspects of this process by letting a multi-factor authentication device or app communicate directly with a requesting site. The particulars of making this work securely are a bit too complex to cover in this post, but you can learn more about WebAuthn on MDN or here on the Hacks Blog.
The (as-of-yet non-standard) text-stroke property defines a solid fixed-width stroke centered along the path of the characters of text. It allows for effects that aren’t achievable with text-shadow alone. A wide stroke will occlude portions of the characters because by default, the stroke is drawn over top of the font glyph. This can be a bit ugly. To fix this, browsers are borrowing paint-order property from the SVG standard. When properly set, browsers will draw the stroke underneath the text glyphs. For example:
It’s super nifty- but don’t forget that it’s not yet a standard, and you should always check that text is legible without stroke effects applied! You can read more on MDN and check out the compatibility matrix there.
Firefox 60 is the next version of Firefox to be designated an “Extended Support Release”, or ESR. ESR releases are intended for system administrators who deploy and maintain desktop environments in large organizations. They receive security and stability updates in sync with the latest Release versions of Firefox, and each ESR release’s support overlaps with the next one. This overlap period allows a large organization to certify and deploy new ESR versions before leaving the support window for the prior release.
Firefox 60 ships along with the first incarnation of a new Policy Engine that allows organizational adminstrators to configure Firefox for all their users en masse. On Windows, this is accomplished using Windows Group Policy, and via a configuration file on other platforms. It’s not a feature that most Firefox users will ever need, but if your job is managing thousands of installations of Firefox, we hope you’ll find this a welcome addition.
As always, the full list of developer-facing changes is on MDN, and you can find the release notes here.
Keep on rocking the free web!
https://hacks.mozilla.org/2018/05/firefox-60-modules-and-more/
|
|
The Firefox Frontier: Firefox Quantum: Fast for Business, Better for IT |
Fast, lightweight, secure and easily configurable, Firefox Quantum for Enterprise should be your go-to for business browsing. Browsers are key to how everyone in your company works, but how often … Read more
The post Firefox Quantum: Fast for Business, Better for IT appeared first on The Firefox Frontier.
https://blog.mozilla.org/firefox/firefox-quantum-for-business/
|
|
The Mozilla Blog: Firefox gets down to Business, and it’s Personal |
Right now everybody’s talking about the right way to make the products that we love meet our individual needs AND respect our privacy.
At Mozilla, striking this balance has been our bread and butter for more than two decades. With today’s release of Firefox, we’re bringing you more features and tools that allow you to personalize your browser without sacrificing your privacy.
Here’s what’s coming out in today’s Firefox Release:
It’s not uncommon for people to use many different browsers, one they personally use at home and another at the office. Similar to how you set up your own Firefox browser with your personal preferences, Firefox Quantum for Enterprise can now be customized by your employer to optimize for performance on the job and meet the specific needs of your workplace.
Today’s release has a new feature to support IT professionals who want to customize the browser for their employees. IT professionals can now configure Firefox for their organization, either using Group Policy on Windows, or a JSON file that works across the Mac, Linux, and Windows operating systems. Here’s a look at how it works:
Easily configure Firefox with Windows Group Policy
IT professionals can choose to deploy either the standard Rapid Release (RR) of Firefox or the Extended Support Release (ESR). The standard Rapid Release auto-updates with performance improvements and new features roughly every six weeks, while the Extended Support Release usually receives these features in one big upgrade per year. Both Rapid Release and Extended Support Release receive critical security updates as soon as possible. With today’s release, the Extended Support Release of Firefox is now version 60.
IT professionals eager to use to Firefox Quantum in their organization can visit this site for access. IT professionals curious about why the new Firefox is great for for organizational use can learn more in this blog post about Firefox Quantum for Enterprise.
Almost every online transaction we make, from paying bills to buying movie tickets, needs a password to access our personal online accounts securely. Today, Firefox is the first browser to support a new security standard, Web Authentication (WebAuthn).
With Firefox, WebAuthn allows people to use a single device like a YubiKey to log into their online accounts without typing a password, or as secondary authentication after entering a password. Only websites that have adopted WebAuthn will recognize your YubiKey and allow you access. Essentially, WebAuthn is a set of anti-phishing rules that uses a sophisticated level of authenticators and cryptography to protect user accounts. It supports various authenticators, such as physical security keys today, and in the future mobile phones, or biometric mechanisms such as face recognition or fingerprints. When your YubiKey is plugged in, the website will read it and automatically log you into your accounts. Web developers and product managers interested in learning more about WebAuthn can read about it on our Hacks Blog.
The New Tab Experience was one of the features we rolled out with Firefox Quantum last year. We launched it as a visual snapshot of the top sites you’ve visited, recent history and bookmarks, and recommendations from Pocket. And from what we’ve heard from our users, it gets them faster to the sites they visit and check frequently.
Today, when you click on the New Tab, you’ll see a wider layout which includes Search, Top Sites, Recommendations by Pocket and Highlights. “Top Sites” is one of our most requested features so we increased the “Top Sites” menu from six to eight icons and increased the size of the “Highlights” icons.
As part of our exploration into new models that can support high quality content on the web, users in the US may now see an occasional sponsored story within Pocket’s recommendation section on New Tab. It’s part of our focus to deliver personalization, without sacrificing user privacy. What’s unique is that all the recommendations happen on your computer, meaning neither Mozilla, Pocket, nor sponsors receive a copy of your browsing history. You can learn more about how the process works here.
One of the elements which made the launch of our new Firefox Quantum browser successful was the addition of our new CSS engine, Stylo. It’s written in Rust, a systems programming language sponsored by Mozilla. Today, we’re shipping Firefox for Android with Stylo, giving it a Firefox Quantum boost. It takes better advantage of mobile devices with multiple cores that are optimized for low power consumption, which is perfect for anyone on the go.
Last year, we introduced the new WebExtensions API when we launched our new Firefox Quantum browser so you could continue to personalize your browser in the Quantum era. In March, we launched a contest asking consumers and developers for more fun and useful extensions to use with the new API. We had more than 100+ entries in our Firefox Quantum Extensions Challenge, which have also been added to our Add-ons library. Today, we’re happy to announce the winners, Envify for Best Dynamic Theme, Session Sync for Best Tab Manager/Organizer, and Worldwide Radio for Best Games & Entertainment. To learn more about the winners, visit our Firefox Frontier blog.
Check out and download the latest version of Firefox Quantum for the desktop and Android.
The post Firefox gets down to Business, and it’s Personal appeared first on The Mozilla Blog.
https://blog.mozilla.org/blog/2018/05/09/firefox-gets-down-to-business-and-its-personal/
|
|
The Mozilla Blog: Mozilla Fights for Net Neutrality this May (and Always) |
Mozilla is continuing to fight for net neutrality — in the courts, alongside Americans, on Twitter and, today, by joining the Red Alert protest.
The Red Alert protest raises awareness about net neutrality’s importance, and the means for keeping it intact: In mid-May, the Senate will vote on a Congressional Review Act (CRA) resolution to overturn the FCC’s net neutrality repeal. We’re partnering with organizations like Consumer Reports, the Electronic Frontier Foundation, and Reddit to encourage Americans to call Congress in support of net neutrality.
Says Ashley Boyd, Mozilla’s VP of Advocacy:
“Policymakers need to listen to their constituents: The majority of Americans are in favor of strong net neutrality rules. Mozilla’s latest public opinion poll reveals that outside of Washington, D.C., net neutrality isn’t a partisan issue. 91% of Americans believe consumers should be able to freely and quickly access their preferred content on the internet.”
Says Denelle Dixon, Mozilla COO:
“We are proud to be a leader in the fight for net neutrality both through our legal challenge in Mozilla v. FCC and through our deep work in education and advocacy for an open, equal, accessible internet. Today, Mozilla joins many other companies and civil society organizations to take another stand for net neutrality, as we try to protect against erosion into a discriminatory internet, with ultimately a far worse experience for any users and businesses who don’t pay more for special treatment.”
“Mozilla will always fight for net neutrality because it is fundamental for free speech, competition, and innovation online. Net neutrality is a core characteristic of the internet as we know it, and crucial for the economy and everyday lives. It is imperative that all internet traffic be treated equally, without discrimination against content or type of traffic — that’s how the internet was built and what has made it one of the greatest inventions of all time.”
To get involved: Call your members of Congress and express your support for net neutrality.
Last month, Mozilla published results from a nationwide poll that reveals where Americans stand on net neutrality. The survey reinforces what grassroots action has already demonstrated: Americans support equal access.
Mozilla and Ipsos conducted this public opinion poll in February of 2018, surveying 1,007 American adults from across 50 states. Among our key findings:
See the full results from our poll here.
The post Mozilla Fights for Net Neutrality this May (and Always) appeared first on The Mozilla Blog.
https://blog.mozilla.org/blog/2018/05/09/mozilla-fights-for-net-neutrality-this-may-and-always/
|
|
Air Mozilla: Intro to Participation at the Global Sprint |
An introduction to finding projects, using communications channels, and working with the collaboration software GitHub at Mozilla's Global Sprint. We discuss "working open" and why...
https://air.mozilla.org/intro-to-participation-at-the-global-sprint/
|
|
Mozilla Addons Blog: Firefox Quantum Extensions Challenge Winners |
The results are in for the Firefox Quantum Extensions Challenge! We were thrilled to see so many creative, helpful, and delightful submission entries.
After our judging panel selected finalists from more than 100 submitted entries, the add-ons community voted for each category winner. The winners were announced for the first time during the livestream broadcast of the Firefox Quantum Extensions Challenge Awards. A recording of the event is available on Air Mozilla.
These extensions bring great functionality and delight to Firefox, so please check them out. Congratulations to the winners!
This extension can edit, save, change, and restore sessions. Sessions can be saved as bookmarks and synced using Firefox Sync.
“Well done. Manages sessions in an intuitive way. UX is polished and works extremely well.”
by William Wng
Navigate the browser tabs with window screenshots.
Have you ever wanted a quick way to tell if you are in a staging or production environment? This extension will change your Firefox theme every time you switch environments.
“Simple but practical idea, particularly for webmasters.”
by spikespaz
Replace Firefox’s default themes with adaptive colorization of the title bar, tabs, and URL bar based on the accent color of your current window.
by Oleksandr
Listen to live radio stations from around the world and create custom playlists.
“This is a really cool radio add-on with radio stations from all over the world. You can favorite stations, search by country and adjust sound. Listening to Indian radio might become my new favorite hobby.”
By Yalini
Space invaders have come to the web and it’s up to you to fight them off!
The post Firefox Quantum Extensions Challenge Winners appeared first on Mozilla Add-ons Blog.
https://blog.mozilla.org/addons/2018/05/08/firefox-quantum-extensions-challenge-winners/
|
|
The Firefox Frontier: Firefox Quantum Extensions Challenge Winners Announced! |
We know many Firefox users love web extensions, and we do, too. Today we’re announcing the winners of our Firefox Quantum Extensions Challenge. Web Extensions are the code innovations that … Read more
The post Firefox Quantum Extensions Challenge Winners Announced! appeared first on The Firefox Frontier.
|
|
Air Mozilla: Quantum Extensions Challenge Winners Announcement |
Today, we're announcing the winners of the Quantum Extension Challenge.
https://air.mozilla.org/quantum-extensions-challenge-winners-announcement/
|
|
The Mozilla Blog: We Asked People How They Feel About Facebook. Here’s What They Said. |
Facebook has been in the news a lot lately. It started with the announcement that over 87 million Facebook users had their personal information shared with the private firm Cambridge Analytica without their knowledge. Since then, Facebook CEO Mark Zuckerberg has testified twice in front of the US Congress and people all around the world have been talking about Facebook’s data practices. We took this opportunity to survey people on how they felt about Facebook these days. 47,000 people responded to our survey. The data is interesting and open for your exploration.
The top takeaways? Most people (76%) say they are very concerned about the safety of their personal information online. Yet few people (24%) reported making changes to their Facebook accounts following the recent news of privacy concerns around Facebook. The majority of people who responded to our survey (65%) see themselves — rather than companies or the government — as being most responsible for protecting their personal information online. And very few people (only 12%) said they would consider paying for Facebook, even a version of Facebook that doesn’t make money by collecting and selling personal data.
Mozilla believes in making our survey data open and accessible to everyone safely and respectfully, without sharing any personally identifying information. If you would like to go deeper into this survey data, we built this awesome interactive tool for you. Enjoy!
Methodology:
This was not a scientific poll. This was a self-selecting survey targeted mostly at people on the Mozilla Foundation email list, the Pocket newsletter email list, through the Mozilla Twitter channel, through a Medium blog post, and through users sharing with friends and family.
Mozilla makes this data available under a CC BY 4.0 license.
Enjoy this open data? Care about things like privacy, data, the Internet being awesome. Sign up here and we at Mozilla will keep you updated with the latest news and useful information.
The post We Asked People How They Feel About Facebook. Here’s What They Said. appeared first on The Mozilla Blog.
|
|
Mozilla Reps Community: Rep of the Month – April 2018 |
Please join us in congratulating David Ross, our Rep of the Month for April 2018!
David is a Mozillian living the UK and active in a lot of different Mozilla projects. In his day job he is building an Open Source Fitness platform. You might have seen him at the past few MozFests in London. Last year he did a great job wrangling the Privacy&Security space.
In the past few months David has organized several MozCoffees in London as well as online meetings for the London community. This is part of an effort to re-activate the UK
community he took on. David likes to plan ahead and he already has 7 upcoming activities he is going to participate at, including an event in summer of 2019 (that’s not a typo)! Last but not least he was a nominee for the recent Council election.
Thanks David, keep rocking the Open Web!
https://blog.mozilla.org/mozillareps/2018/05/08/rep-of-the-month-april-2018/
|
|
Gervase Markham: In the Navel of the Moon |
Question: which country’s name translates literally as “In the Navel of the Moon”?
I recently came across this fascinating map which gives the literal translation of every country name. Some are very pedestrian, but some are fascinating. (I’m not sure why it’s on a site dedicated to comparing credit cards, but other places I’ve found it give them the credit. If this is an SEO thing, I’m happy to reward them for producing decent content…) Most appropriately, Canada apparently means “The Village”…
http://feedproxy.google.com/~r/HackingForChrist/~3/kSHcDXNhLyI/
|
|
Mozilla Security Blog: Blocking FTP subresource loads within non-FTP documents in Firefox 61 |
Firefox 61 will block subresource loads that rely on the insecure FTP protocol unless the document itself is an FTP document. For example, Firefox will block FTP subresource loads within HTTP(S) pages.
The File Transfer Protocol (FTP) enables file exchange between computers on a network. While this standard protocol is supported by all major browsers and allows convenient file sharing within a network, it’s one of the oldest protocols in use today and has a number of security issues.
The fundamental underlying problem with FTP is that any data transferred will be unencrypted and hence sent across networks in plain text, allowing attackers to steal, spoof and even modify the data transmitted. To date, many malware distribution campaigns rely on compromising FTP servers, downloading malware on an end users device using the FTP protocol. Further, FTP makes HSTS protection somewhat useless, because the automated upgrading from an unencrypted to an encrypted connection that HSTS promises does not apply to FTP.
Following through to our intent to deprecate non-secure HTTP and aligning with Mozilla’s effort to improve adoption of HTTPS Firefox will block subresource loads, like images, scripts and iframes, relying on the insecure FTP protocol. Starting with Firefox 61, loading an FTP subresource within a non-FTP document will be blocked and the following message will be logged to the console:
For the Mozilla Security Team:
Tom Schuster and Christoph Kerschbaumer
The post Blocking FTP subresource loads within non-FTP documents in Firefox 61 appeared first on Mozilla Security Blog.
|
|
K Lars Lohn: Things Gateway - the Virtual Weather Station Code |
class ExampleDimmableLight(Thing):
def __init__(self):
Thing.__init__('a lamp', 'dimmable light', 'a Web connected lamp')
self.add_property(
Property(
self,
'level',
Value(0.0, lambda l: print('New light level is', l)),
metadata={
'type': 'number',
'description': 'The level of light from 0-100',
'minimum': 0,
'maximum': 100,
}))
class ExampleDimmableLight(WoTThing):
def __init__(self, config, lamp_hardware):
super(ExampleDimmableLight, self).__init__(
config, 'a lamp', 'dimmableLight', 'a Web connected lamp')
level = WoTThing.wot_property(
name='level',
initial_value=0,
description="lamp brightness level",
value_forwarder=_set_hardware_level,
minimum=0,
maximum=100
)
class WoTThing(Thing, RequiredConfig):
@classmethod
def wot_property(
kls,
*,
name,
initial_value,
description,
value_source_fn=None,
value_forwarder=None,
**kwargs
):
kls.wot_property_functions[name] = partial(
create_wot_property,
name=name,
initial_value=initial_value,
description=description,
value_source_fn=value_source_fn,
value_forwarder=value_forwarder,
**kwargs
)
if value_source_fn is not None:
async def a_property_fetching_coroutine(thing_instance):
while True:
try:
await value_source_fn(thing_instance)
except CancelledError:
logging.debug('cancel detected')
break
except Exception as e:
logging.error('loading data fails: %s', e)
await sleep(thing_instance.config.seconds_between_polling)
a_property_fetching_coroutine.property_name = name
kls.property_fetching_coroutines.append(a_property_fetching_coroutine)
def get_value_fn(thing_instance):
return thing_instance.properties[name].value.get()
def set_value_fn(thing_instance, new_value):
thing_instance.properties[name].value.notify_of_external_update(new_value)
return property(get_value_fn, set_value_fn)
current_observation = self.weather_data['current_observation']
self.temperature = current_observation['temp_f']
self.barometric_pressure = current_observation['pressure_in']
self.wind_speed = current_observation['wind_mph']
current_observation = self.weather_data['current_observation']
self.properties['temperature'].value.notify_of_external_update(
current_observation['temp_f']
)
self.properties['barometric_pressure'].value.notify_of_external_update(
current_observation['pressure_in']
)
self.properties['wind_speed'].value.notify_of_external_update(
current_observation['wind_mph']
)
temperature = WoTThing.wot_property(
name='temperature',
initial_value=0.0,
description='the temperature in °F',
value_source_fn=get_weather_data,
units='°F'
)
barometric_pressure = WoTThing.wot_property(
name='barometric_pressure',
initial_value=30.0,
description='the air pressure in inches',
units='in'
)
wind_speed = WoTThing.wot_property(
name='wind_speed',
initial_value=30.0,
description='the wind speed in mph',
units='mph'
)
async def get_weather_data(self):
async with aiohttp.ClientSession() as session:
async with async_timeout.timeout(config.seconds_for_timeout):
async with session.get(config.target_url) as response:
self.weather_data = json.loads(await response.text())
current_observation = self.weather_data['current_observation']
self.temperature = current_observation['temp_f']
self.barometric_pressure = current_observation['pressure_in']
self.wind_speed = current_observation['wind_mph']
http://www.twobraids.com/2018/05/things-gateway-virtual-weather-station.html
|
|
Air Mozilla: Mozilla Weekly Project Meeting, 07 May 2018 |
The Monday Project Meeting
https://air.mozilla.org/mozilla-weekly-project-meeting-20180507/
|
|