Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla: Firefox, Rust and XUL Extensions

Filed under
Moz/FF
  • These Weeks in Firefox: Issue 66
  • How to speed up the Rust compiler some more in 2019

    In July I wrote about my efforts to speed up the Rust compiler in 2019. I also described how the Rust compiler has gotten faster in 2019, with compile time reductions of 20-50% on most benchmarks. Now that Q3 is finished it’s a good time to see how things have changed since then.

  • Extensions in Firefox 70

    Welcome to another round of new additions and changes to extensions, this time in Firefox 70. We have a new API, some improvements on existing APIs, and some great additions to Firefox Developer Tools to make it easier to debug your extensions.

    [...]

    We’ve made a few improvements to the downloads API in Firefox 70. By popular request, the Referer header is now allowed in the browser.downloads.download API’s headers object. This allows extensions, such as download managers, to download files for sites that require a referrer to be set.

    Also, we’ve improved error reporting for failed downloads. In addition to previously reported failures, the browser.downloads.download API will now report an error in case of various http 4xx failures. This makes the API more compatible with Chrome and gives developers a way to react to these errors in their code.

  • Last version

    Yesterday I released Mail Redirect 0.10.5, which may very well be the last version of Mail Redirect, at least in this form. The version contains some small bug fixes, with relation to compatibility with other extensions, Cardbook and Thunderbird Conversations to be precise.

    I already started trying to make Mail Redirect compatible with Thunderbird 71.0a1, when the Thunderbird developers announced that support traditional XUL-overlay add-ons, which Mail Redirect is, will be dropped in Thunderbird 72. This means that any effort I put in the add-on now with relation to compatibility with future Thunderbird versions will stop working in a month or so, so that won’t do any good.

    The good thing is that XUL-overlay add-ons will beep working in this major ESR-release, so Mail Redirect 0.10.5 will keep on working in Thunderbird 68., and will only stop working in Daily and Beta and in the next major Thunderbird release 76, which is planned to be released somewhere in july, I think.

    I haven’t decided what to do with Mail Redirect. In order to keep on working in Thunderbird 72+, I need to convert it to a WebExtension Experiment, but that will be a major rewrite and the future of WebExtension Experiments isn’t clear either. Thunderbird developers indicated that support for WebExtension Experiments will also be dropped somewhere in the future, so I’m not quite convinced yet that it will be worth the effort.

Critical Security Issue identified in iTerm2 as part of Mozilla Open Source Audit

Filed under
Mac
Moz/FF
Security

A security audit funded by the Mozilla Open Source Support Program (MOSS) has discovered a critical security vulnerability in the widely used macOS terminal emulator iTerm2. After finding the vulnerability, Mozilla, Radically Open Security (ROS, the firm that conducted the audit), and iTerm2’s developer George Nachman worked closely together to develop and release a patch to ensure users were no longer subject to this security threat. All users of iTerm2 should update immediately to the latest version (3.3.6) which has been published concurrent with this blog post.

Founded in 2015, MOSS broadens access, increases security, and empowers users by providing catalytic support to open source technologists. Track III of MOSS — created in the wake of the 2014 Heartbleed vulnerability — supports security audits for widely used open source technologies like iTerm2. Mozilla is an open source company, and the funding MOSS provides is one of the key ways that we continue to ensure the open source ecosystem is healthy and secure.

iTerm2 is one of the most popular terminal emulators in the world, and frequently used by developers. MOSS selected iTerm2 for a security audit because it processes untrusted data and it is widely used, including by high-risk targets (like developers and system administrators).

Read more

Firefox 71: new kiosk mode for the browser

Filed under
Moz/FF

Mozilla plans to integrate kiosk mode functionality in version 71 of the Firefox web browser that users of the browser may launch from the command line.

First requested more than 17 years ago, work on integrating a kiosk mode in the Firefox web browser started five months ago. Current Firefox Nightly versions support the new mode already.

Kiosk mode refers to a special display mode that launches the browser without interface elements in fullscreen. It is different from the browser's fullscreen mode that users can activate with a tap on the F11-key on the keyboard. F11 switches the browser to fullscreen and removes interface elements by default, but these can be displayed by moving the mouse to the top; additionally, another tap on F11 exits fullscreen mode again and restores the default browsing mode.

Read more

Also: Future OpenPGP Support in Thunderbird

Browsers: Opera 64 (Proprietary), Firefox and Chrome Benchmarks, New Firefox Features

Filed under
Google
Moz/FF
Web
  • Opera 64 is out: New tracker blocker promises you up to 20% faster page loads

    Browser maker Opera is releasing Opera 64 to the stable channel, offering users improved privacy protections from online tracking and updates to its Snapshot tool.

  • Firefox 69 + Chrome 77 On Windows 10 vs. Ubuntu / Clear Linux Benchmarks

    With running some fresh cross-OS benchmarks now that Ubuntu 19.10 is imminent followed by Ubuntu 19.10, a new Windows 10 update coming in the days ahead, and also the release of macOS 10.15, a lot of fun benchmarks are ahead. In today's article is a quick look at the Windows 10 vs. Ubuntu 19.10 vs. Clear Linux web browser performance for both Mozilla Firefox and Google Chrome.

  • Firefox 71 Landing Wayland DMA-BUF Textures Support

    Landing recently into the Mozilla code-base for the Firefox 71 release is DMA-BUF textures support on Wayland. When using Firefox with the OpenGL compositor enabled, the DMA-BUF EGL texture back-end is used that allows for sharing of buffers between the main/compositor process, working directly in GPU memory, and other benefits with this DMA-BUF usage. That code has been merged as another step forward for Firefox on Linux/Wayland.

Thunderbird, Enigmail and OpenPGP

Filed under
Moz/FF

Today the Thunderbird project is happy to announce that for the future Thunderbird 78 release, planned for summer 2020, we will add built-in functionality for email encryption and digital signatures using the OpenPGP standard. This new functionality will replace the Enigmail add-on, which will continue to be supported until Thunderbird 68 end of life, in the Fall of 2020.

For some background on encrypted email in Thunderbird: Two popular technologies exist that add support for end-to-end encryption and digital signatures to email. Thunderbird has been offering built-in support for S/MIME for many years and will continue to do so.

The Enigmail Add-on has made it possible to use Thunderbird with external GnuPG software for OpenPGP messaging. Because the types of add-ons supported in Thunderbird will change with version 78, the current Thunderbird 68.x branch (maintained until Fall 2020) will be the last that can be used with Enigmail.

Read more

Mozilla: Oktoberfest, Celery AMQP Backends, Mozilla v. Federal Communications Commission (FCC)

Filed under
Moz/FF
  • Distributed Teams: Regional Peculiarities Like Oktoberfest and Bagged Milk

    It’s Oktoberfest! You know, that German holiday about beer and lederhosen?

    No. As many Germans will tell you it’s not a German thing as much as it is a Bavarian thing. It’s like saying kilts are a British thing (it’s a Scottish thing). Or that milk in bags is a Canadian thing (in Canada it’s an Eastern Canada thing).

    In researching what the heck I was talking about when I was making this comparison at a recent team meeting, Alessio found a lovely study on the efficiency of milk bags as milk packaging in Ontario published by The Environment and Plastics Industry Council in 1997.

    I highly recommend you skim it for its graphs and the study conclusions. The best parts for me are how it highlights that the consumption of milk (by volume) increased 22% from 1968 to 1995 while at the same time the amount (by mass) of solid waste produced by milk packaging decreased by almost 20%.

  • Celery AMQP Backends

    Celery comes with many results backends, two of which use AMQP under the hood: the “AMQP” and “RPC” backends. Both of them publish results as messages into AMQP queues. They’re convenient since you only need one piece of infrastructure to handle both tasks and results (e.g. RabbitMQ). Check the result_backend setting if you’re unsure what you’re using!

  • The Mozilla Blog: Breaking down this week’s net neutrality court decision

    This week, the U.S. Court of Appeals for the D.C. Circuit issued its ruling in Mozilla v. Federal Communications Commission (FCC), the court case to defend net neutrality protections for American consumers. The opinion opened a path for states to put net neutrality protections in place, even as the fight over FCC federal regulation is set to continue. While the decision is disappointing as it failed to restore net neutrality protections at the federal level, the fight for these essential consumer rights will continue in the states, in Congress, and in the courts.

    The three-judge panel disagreed with the FCC’s argument that the FCC is able to preempt state net neutrality legislation across the board. States have already shown that they are ready to step in and enact net neutrality rules to protect consumers, with laws in California and Vermont among others. The Court is also requiring the FCC to consider the effect the repeal may have on public safety and subsidies for low-income consumer broadband internet access.

Mozilla Firefox 69.0.2 Released to Fix YouTube Crash on Linux, Other Issues

Filed under
Linux
Moz/FF

Mozilla Firefox 69.0.2 is a very small maintenance update that addresses three bugs, including a crash that would occur when changing the playback speed while watching a YouTube video, which affects only Linux systems, as well as a crash that may occur when editing files on Office 365 websites.

Additionally, Firefox 69.0.2 addresses an issue that could prevent the detection of the Windows 10 Parental Controls feature when it's enabled. Of course, this issue only affects Windows 10 users. However, we recommend all users to update to Firefox 69.0.2 as soon as possible.

Read more

Mozilla: CSS, Rust, Addons and Docker

Filed under
Moz/FF
  • Hacks.Mozilla.Org: Why is CSS so Weird?

    CSS is the design language of the web — one of three core web languages — but it also seems to be the most contentious and often perplexing. It’s too easy and too hard, too fragile and too resilient. Love it or hate it, CSS is weird: not quite markup, not quite programming in the common (imperative) sense, and nothing like the design programs we use for print. How did we get here?

    I’ve seen some people claim that “CSS is for documents” — as though HTML and JavaScript weren’t also originally for documents. The entire web was for documents, but that hasn’t stopped us from pushing the medium to new extremes. This is a young platform, and all the core languages are growing fast, with CSS advancing leaps and bounds over the last few years.

  • This Week In Rust: This Week in Rust 306

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

  • Mozilla Addons Blog: Friend of Add-ons: B.J. Herbison

    Please meet our newest Friend of Add-ons, B.J. Herbison! B.J. is a longtime Mozillian and joined add-on content review team for addons.mozilla.org two years ago, where he helps quickly respond to spam submissions and ensures that public listings abide by Mozilla’s Acceptable Use Policy.

    A software developer with a knack for finding bugs, B.J. is an avid user of ASan Nightly and is passionate about improving open source software. “The best experience is when I catch a bug in Nightly and it gets fixed before that code ships,” B.J. says. “It doesn’t happen every month, but it happens enough to feel good.”

  • Docker, some notes

    We converted webcompat.com to Python 3, which included reconfiguring a couple of things on the server itself with nginx, uwsgi and so on. Let's say modernizing everything. As an aside, I would say that our unit tests made the code conversion to python 3 quite smooth. That was a good surprise. In the process, I started to wonder if it would make it easier for us to switch to Docker and containers. These are my notes trying to educate myself about the topic. They are probably naive for some of the readers but might be useful for others. They will also become handy for this 2019Q4 OKR.

Mozilla Leftovers

Filed under
Moz/FF
  • WebHint in Firefox DevTools: Improve Compatibility, Accessibility and more

    Creating experiences that look and work great across different browsers is one of the biggest challenges on the web. It also is the most rewarding part, as it gets your app to as many users as possible. On the other hand, cross-browser compatibility is also the web’s biggest frustration. Testing legacy browsers late in the development process can break a feature that you spent hours on, even requiring rewrites to fix.

    What if the tools in your primary development browser could warn you sooner? Thanks to Webhint in Firefox DevTools, we can do exactly that, and more.

  • Mozilla Reps Community: Rep of the Month – August 2019

    Please join us in congratulating Yamama Shakaa, our Rep of the Month for August 2019!

    Yamama is from Nablus, Palestine. She is a teacher and has become a very active Mozillian, she joined the Reps program in November 2018 and is also part of the Mozilla Tech Speaker program. She keeps contributing deeply in the program as Reps Resources member.

  • Aaron Klotz: Coming Around Full Circle

    One thing about me that most Mozillians don’t know is that, when I first applied to work at MoCo, I had applied to work on the mobile platform. When all was said and done, it was decided at the time that I would be a better fit for an opening on Taras Glek’s platform performance team.

    My first day at Mozilla was October 15, 2012 – I will be celebrating my seventh anniversary at MoCo in just a couple short weeks! Some people with similar tenures have suggested to me that we are now “old guard,” but I’m not sure that I feel that way! Anyway, I digress.

    The platform performance team eventually evolved into a desktop-focused performance team by late 2013. By the end of 2015 I had decided that it was time for a change, and by March 2016 I had moved over to work for Jim Mathies, focusing on Gecko integration with Windows. I ended up spending the next twenty or so months helping the accessibility team port their Windows implementation over to multiprocess.

    Once Firefox Quantum 57 hit the streets, I scoped out and provided technical leadership for the InjectEject project, whose objective was to tackle some of the root problems with DLL injection that were causing us grief in Windows-land.

    I am proud to say that, over the past three years on Jim’s team, I have done the best work of my career. I’d like to thank Brad Lassey (now at Google) for his willingness to bring me over to his group, as well as Jim, and David Bolter (a11y manager at the time) for their confidence in me. As somebody who had spent most of his adult life having no confidence in his work whatsoever, their willingness to entrust me with taking on those risks and responsibilities made an enormous difference in my self esteem and my professional life.

    Over the course of H1 2019, I began to feel restless again. I knew it was time for another change. What I did not expect was that the agent of that change would be James Willcox, aka Snorp. In Whistler, Snorp planted the seed in my head that I might want to come over to work with him on GeckoView, within the mobile group which David was now managing.

  • Julien Vehent: Beyond The Security Team

    Good morning everyone, and thank you for joining us on this second day of DevSecCon. My name is Julien Vehent. I run the Firefox Operations Security team at Mozilla, where I lead a team that secures the backend services and infrastructure of Firefox. I’m also the author of Securing DevOps.

Announcing Rust 1.38.0

Filed under
Development
Moz/FF

The Rust team is happy to announce a new version of Rust, 1.38.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

Read more

More of Mozilla this afternoon: Charting a new course for tech competition

Syndicate content

More in Tux Machines

Pocket PC handheld Linux computer coming in 2020 for $199 and up (maybe — crowdfunding)

Sure, there’s a chance you could turn your old smartphone into a pocket-sized Linux computer by replacing the operating system. But if you’re looking for a purpose-built device with a touchscreen display, a QWERTY keyboard, and features you won’t typically find on phones (like 4 USB ports), the folks at Popcorn Computer have you covered. Maybe. The team has unveiled plans to launch a new pocket-sized computer, appropriately called the Pocket P.C. It’s set to go up for pre-order through a crowdfunding campaign beginning November 24th. Prices will start at $199 (or $249 for a model with a LoRa radio). And if everything goes according to plan, it could ship by May 1st, 2020. Read more

today's howtos

Thermostats, Locks and Extension Add-ons – WebThings Gateway 0.10

Happy Things Thursday! Today we are releasing WebThings Gateway 0.10. If you have a gateway using our Raspberry Pi builds then it should already have automatically updated itself. This new release comes with support for thermostats and smart locks, as well as an updated add-ons system including extension add-ons, which enable developers to extend the gateway user interface. We’ve also added localisation settings so that you can choose your country, language, time zone and unit preferences. From today you’ll be able to use the gateway in American English or Italian, but we’re already receiving contributions of translations in different languages! Read more

A technical comparison between the snap and the Flatpak formats

Since we’ve already discussed the snap layout and architecture in greater details in the previous weeks, let’s start with a quick overview of Flatpak. Much like snaps, Flatpak packages come with necessary components contained inside standalone archives, so they can be deployed and maintained with simplicity on a range of Linux distributions. Runtime and image components are bundled into a single file using the OCI format. In general, Flatpak applications are built against runtimes, but they can also contain additional libraries inside their own bundles. A Linux system with the Flatpak binary (primary command) installed and configured can then run Flatpak applications. At the moment, there are 21 distributions that offer Flatpak support. Furthermore, applications are sandboxed using Bubblewrap, which utilises kernel security and namespace features to set up unprivileged containers. Communication outside the sandbox is possible through a mechanism of portals, which allows granular access to system resources. Flatpak packages are available to end users primarily through Flathub, an app store and build service that is (semi)-officially associated with the Flatpak project. Submissions to Flathub are done as pull requests through GitHub, and require approval from the store admins. Similarly, publishers of proprietary software have to manually request inclusion of their applications. Flatpak applications are also sometimes available as manual download links. There is no automatic update mechanism available by default. Read more