Planet MozillaUpdated GPG key for signing Firefox Releases

The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to new key shortly.

The new GPG subkey’s fingerprint is 097B 3130 77AE 62A0 2F84 DA4D F1A6 668F BB7D 572E, and it expires 2021-05-29.

The public key can be fetched from KEY files from Firefox 68 beta releases, or from below. This can be used to validate existing releases signed with the current key, or future releases signed with the new key.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFWpQAQBEAC+9wVlwGLy8ILCybLesuB3KkHHK+Yt1F1PJaI30X448ttGzxCz
PQpH6BoA73uzcTReVjfCFGvM4ij6qVV2SNaTxmNBrL1uVeEUsCuGduDUQMQYRGxR
tWq5rCH48LnltKPamPiEBzrgFL3i5bYEUHO7M0lATEknG7Iaz697K/ssHREZfuuc
B4GNxXMgswZ7GTZO3VBDVEw5GwU3sUvww93TwMC29lIPCux445AxZPKr5sOVEsEn
dUB2oDMsSAoS/dZcl8F4otqfR1pXg618cU06omvq5yguWLDRV327BLmezYK0prD3
P+7qwEp8MTVmxlbkrClS5j5pR47FrJGdyupNKqLzK+7hok5kBxhsdMsdTZLd4tVR
jXf04isVO3iFFf/GKuwscOi1+ZYeB3l3sAqgFUWnjbpbHxfslTmo7BgvmjZvAH5Z
asaewF3wA06biCDJdcSkC9GmFPmN5DS5/Dkjwfj8+dZAttuSKfmQQnypUPaJ2sBu
blnJ6INpvYgsEZjV6CFG1EiDJDPu2Zxap8ep0iRMbBBZnpfZTn7SKAcurDJptxin
CRclTcdOdi1iSZ35LZW0R2FKNnGL33u1IhxU9HRLw3XuljXCOZ84RLn6M+PBc1eZ
suv1TA+Mn111yD3uDv/u/edZ/xeJccF6bYcMvUgRRZh0sgZ0ZT4b0Q6YcQARAQAB
tC9Nb3ppbGxhIFNvZnR3YXJlIFJlbGVhc2VzIDxyZWxlYXNlQG1vemlsbGEuY29t
PohGBBARAgAGBQJVrP9LAAoJEHYlQD1/DRWxU2QAoOOFRbkbIU1zKP2i3jy/6VKH
kYEgAJ9N6f9Gmjm1/vtSrvjjlxWzzQQrkIhGBBARAgAGBQJVrTrjAAoJEMNOV0fi
PdZ3BbkAoJUNHEqNv9dioaGMEIpiFtDjEm44AJ9UinMTfAYsL9yb15SdJWe/56VC
coheBBARCAAGBQJWBldjAAoJEAJasBBrF+oerNYA/13MQehk3AfkljGi252/cU6i
1VOFpCuOeT7lK2c5unGcAP0WZjIDJgaHijtrF4MKCZbUnz37Vxm0OcU8qcGkYUwH
i4heBBARCgAGBQJVrSz+AAoJEPCp59zTnkUulAYA/31nYhIpb7sVigone8OvFO19
xtkR9/vy5+iKeYCVlvZtAP9rZ85ymuNYNqX06t+ruDqG2RfdUhJ6aD5IND+KD5ve
7IkBHAQQAQIABgUCVaz9fgAKCRCzxalYUIpD8muMB/sH58bMSzzF9zTXRropldw7
Vbj9VrRD7NyoX4OlDArtvdLqgPm0JUoP2gXINeSuVPpOfC676yVnBEMjIfqEjq09
vcbwayS+Ncx4vQh2BmzDUNLE3SlnRn2bEWr9SQL/pOYUDUgmY5a0UIf/WKtBapsP
E+Zan51ezYSEfxDNfUpA4T2/9iWwJ2ZOy0yIfLdHyvumuyiekJrfrMaF4L9Q0OnJ
wp1PwkvN4IVwhZeYDtIJN4nRcJK5LrwU7B97uef2hqBBll7/qCHl5y4Khb0csFan
Ig+pQLPUJdIiYtzoFtlgykB61pxqtU9rqGKW02JzEUT8DdPUXxmMBy6A8oGeBRH/
iQEcBBABAgAGBQJVrRdcAAoJEGVzgtv/JREKQJgH/3nD/3/SumL7nG2g7Y1HQqWp
hUbn40XWvjZcHq3uBUn1QYXeZ5X56SANLM2t+uirGnNaZXW3cxEl5IyZVLbmcLWE
BlVAcp2Bf3FXFbdJK59f+M+y2+jZT9feTyrw+EtLoiGTxgkLdJyMyI0xGmQhMx5V
1ex1CxhZK2JPjzCVYriBI0wIbmKi90YNMQoSsdMhYmX9bHl6XWS9TCDWsqj25FLY
JL+WeVXpjO0NjRwEE6pc/qldeJYG5Vbf0snGxIerXe+l5D8Yd4PEAnpj58+5pXeo
GYZn3WjX8eTFMAEU+QhLKWQ+j/Y8Kijge7fUxnSNBZ2KEnuDN/4Hv/DrCFLv14CJ
ARwEEAECAAYFAlWtZVoACgkQ5DJ8bD4CmcBzsAf/RMqDdVHggQHc0/YLt1f/vY9Y
7QQ6HwnDrtcNxxErSVcMguD8K6Oxir0TMSh+/YuZAW8K4KSgEURwZqz4na8/eOxj
8bluNmlcAseQDHswqU6CyB95Woy3BocihH7L0eDXZOMzsa33vRQHBMioLxIbpnVt
VbFR1z7tmyfjcOrzP32xo5QoPoczKX26luMBjAvbw1FC0is2INnmUSYM4uH7iFZu
XGPFYxcAqODqy5ys3MoPa4oZ71d0HoiRil1+s0Y+2ByddZ19pE2TXp4ZXNYNUj/2
aRj8b4sTjR4rqhHIx/vfoK+VCNy/skFUZOyPdbbymE0stTRSJ1gr9CZLcBWYF4kB
HAQQAQIABgUCVcFZcAAKCRCJFz+VfFX5XqApB/938p+CJiDRnh2o7eDWnjSyAu7F
WmWGkOQnjI/kraKx1vojsYnKRXD6mjq1QJ8Hsp4taJnLQjcokNTUiST4m/e4ZJEx
PWuJKkwlralWGH6NpqYcgWPajSYb0eYQC4YqS0kfyzolrHdKI8Y4NGEU7yy5zsHw
WkHt/mpNQMrYnXwyWdIrc03X/OXo51dJyshJDRw3InREyBblFJcLvArNHz219wMr
XAicPytw4wfPpVrmDx6GrZcI8q8ECWCjwSXXv7hRpEuFLSy5XPhMc+wYBJjNlUoi
FBAF/7zENd3rMn9SCQLiIFYe0ubmO+bpeGy7TizbxOaCIfgUouyy0BQXNuJBiQEc
BBABAgAGBQJV0hrqAAoJEK18uZ+CSLoPzEIH/1D6sJMNAJtZCRGhJXvv6SYhv4pU
VNyDF9FnUvRsovliojoe4IkuBTWKhPGrxbiD5IO/izr38shqNhhm9JE2/SQZHObY
Pi+lyfDKbJgImTNxmS4F7JHnRLr37VxK1sVvuNkynJnqvCcp1g5xwNIx1rKcka3i
uqJj6toM8XQfgsTHH1rUkWHbUV3QwNzXm+yhFm2s6QzxBooPzmFn8AY7CXD4pvcM
R+M0Zy+e42nngd8lzRnmTBVig4pRq0GCMulFG+XjeVQZFpoIIxo2k1lczbRmGttO
NdGWSjxBUxReoTbSwM3C/50NrobycGQgY0gd6LGtWtU8/uEfklEy2NluxYWJARwE
EAEIAAYFAlWtAUYACgkQVu5xjc4OFUs0OAf+LM0dyyvUFGdXfJDpP2xMknXzsHAX
WFEtH5jein58mv6dD3fTVcCouo1vMQH3WFFSLYZvwtNnHGrSBqFbNKqZ0ATQ5tcY
aWsSZ+MVJJMXJDXFG/Oihg1nNOM33VdfV0RGPKP1I4cEROxms3TUFkHW3cSCgMzs
8I1OxfSoLrm6da8EN+2ct2InqzdQL2yisyTyrdmXoNpwXDxApKYkvVHQ4+9eJI5m
0ZAr0mBjIeJdATcw4/lIVKTrV7UhrChxiffYJcz4SSC1crmr+2Fzw53CyAsAmYal
UHep3Yr05oQ4oJRX9X3VrY/yELHwwxXaxCAdwwHbbXAMhZsPk9Mc20J6BokBHAQQ
AQgABgUCVa0isQAKCRCj1lIXO3Y+j6ZeB/91Q9/qr5oMWgOMsix8kflBLw2f/t+t
RR0SWDw90bG1npJB6nq5Hl+Bz4/A4SWFTFrrrlZi1Enjn1FYBiZuHaSQ/+loYF/2
dbQDbBKShfIk3J0lxqfKPAfKopRsEuxckC8YW1thGxt5eQQ8zkJoqBFTBzwiXOj3
/ncJkX9q9krgUlfTSVmrT9nx0hjyNQQXrghsmBtpR7WCS7G7vNRGCNUorhtviUvL
+ze1F7TTSGspVsVxo2ghmz5WT/cD9MV1gcVjojYmksh5JIl39jCHr9hl8aRId/Of
zsN+TKuBcpAxDkm9BCAps7oY8FlLKDFZTtHa000AkodKHT88nwnvKuqPiQEcBBAB
CAAGBQJVrTkDAAoJEPbQ92HczOykK9YH/0MARo3HlYXeS2bDqM/lwK/rQcPCCyYk
e6wbICjncbCOjgXHqG/lBhClNs7hp/7gqkUaR7H5tmeI4lalP40mSHHnnFvMD3Tc
yhn350igK0bgrjWQDaYxhKlHT3vIXd/C24/vRSAxmqIKbP+IoXOyt2GMTQq8GOm2
dgYRaTkwyHnGWnMaibctX8D4oCYR0/D4YJqPkfqobf8+1ZfP5GaMbSxE/Jwdo0kJ
a4vPjEzFXbygAbncapzdwN6zgel2zh885rz7B7vIpMr/Y7eV85Q68qdyyhLe8cL8
Y18YPzpFf+/PZNbgYxouafvnFwBhPQwg0gUF/+1eM3UE2ua+saSTGduJARwEEAEK
AAYFAlWtCVsACgkQM0LhtmejiGMovwf8CfYJHNbwiwSMUoP4n7FrmElhBtxvlbnC
MZKz08v+lFsfS3wU1LUN69GqirfF0vkQRSlSBp7niCLHQCfSoqHMLgxF0P2xgXLj
aYM/t/rxXDawJmW18G04dqFrtCPZTbwMT2PsPHTiWQdaN0e50lXk9Vo+l6VbwQMg
4zH7icZadeJgQooxFalHYFVXUVeex9t8/YdanFVrHFa3tao6azBTSUkJvZtIu14S
fxigDWIIwsx0xpVfJf3a/xC6HY3Q1a3NeBz3i6DwaK5wYqijZKl0WVdULKyqU98o
F6y0mUv3d2o/p07Cqgeo6xxMkHqu83OLa2a0C7tYPLgL4EFc2FtikYkCHAQQAQIA
BgUCVaz7KAAKCRCWO3gxCjexfKxrD/4npm1rB7+pPlotbqK37Mur7egPbVSAzVNU
/zUKPAuGUeP3C64YN77ETx1kDuS+meAqMDHFc9Bf8HivPbtj6QcK96U5KstbmSh1
Ow9YiQtxJgxGjg/CzREgZAFcjy0MhoklyPsFhv07s6MLOJMSM/krEN5nqjifQ0Wd
mTk02FLoHVWcLdjfgMiPiSjGbU3k7luvjPyRNzk831szE5mfa74rEYh4TBklse+2
uB4DFQ/3oHZ1Sj6OBK6ujmNKQjIP7Cl+jmjr7+QK0OJcRaj/8AckDA5qXTZACh1S
2syCDDMnX0V+dTxGCIoWOK+tt9mLohMzpEeD4NIX4qdpbbCRzeYZMHSomyBIsbA6
B+/ftDE7W1N0/FtJ9adkkCynKULvh2CH5c5hgOOL22M+2spnywRoeJRUWU7hBM5O
UH3JjA4Tu4j/cwp7dD7QzZrzmC9f5LQJ3OelejvVowWPQd3/tky4o1q6wlmFqAcA
gtu97UwgBOSR9sJPGDlt1iC91UYAiBQQAA7ya8uXUS84mCQwTlr8j+YrowvEHK4I
xpPREytT1LzzV/4Am4ndDFtujy83QjL0qaIIim1xIwoEosd4yidhpczw7f3b9dQp
uBIFeQuhM7JsxP4tmE7S6k6GlEmqa3INPVaPGnsUGS7+xSMlcJXLtimPCSQvFma9
YiGV5vtLy4kCHAQQAQIABgUCVaz8uAAKCRASy06X4H5n0dg0D/9QoxIh9LRt1jor
7OHG4xKUjKiXxn/KeQNlJnxI55dlWIvJEJGheFjaDomzKBYuxmm2Ejx+eV5CHDLU
YsLFYwWf8+JGOP75Ueglgr8A0/bdsL63KX6NP2DCg8XR4Z1aeei3WMY7p/qMWpqb
QoAv9c3p49Ss2jSNuthWsRR6vbQ9iwze2oaUaA44WKQyhhbCwBU4SHYjlKCLqIBh
/HXZFhZ4rDfuWgPBKvYU1nnOPF0jJRCco3Vgx3T9F+LZ3zo5UPt1Xapr3hMVS9ia
Jyl1w4z2miApUaZuHPuWKuO4CJ1GF1mS5T6vG8gB3Ts5zdtBF2xQIkCz+SM7vW/2
i/82oq6P8EuLHEhrQPR4oTjXIvXdEJ9kgbjqcj8Xk+8teEOnuwh6iEhay9i/bf0D
3Jd+roFN5dnWPxhOVjzrI3fwlK1/ylsZYqUYBEzt7Wj0MdhjeKssI5YICcqYXXjB
ttMw4B7DZXPFXzz3kHB56jZ/II4YUjpLO85Jo5A9SV+aIqa0mvCt6DvVWy/rhfxf
oUdqNlhX11gkVLaA7xxgn/NqPOf+h5hVO2mwWkmart9YHKMZ3ukCdke65ITL/nsY
Sm2ZhG7OYjaCfu9jPWtkBstOEWyT9q4JTdViR7wN3eMefEG6rb49rxOYvGJu+cTV
kp3SCpl0w1j+tPj4tkj7ENzPMXdnuYkCHAQQAQIABgUCVa0s4gAKCRCKsTKWOgZT
euMyEACKOySKAd/xDcPcHg7Prvdws04Z8DIR0dY2qUlbRVx2jTmIXyry63CqbOJF
bDg9uk5x0+lSotvrWtZ+NKSrg9VM6vyV4cc2P9rhqIBi3wO2elzAmpOaS2KKOjQ+
2fS/xqh91ElJUu09xXQXJ0vMrqgui+zN1YBDiJV0WOmm90Mm2NPiihcWZmBmDorO
qMQabwbjBLi0yUVHgAlkilY3mAB4tmEKDeN+4pYSAAhXAll9U+nyoVMgwMJscZya
zOp4MqMbmFjyr4p5AGzv+OOJtjtCNKT6oW9Y+URLY0YKeOsPk0v5PlbQCVBlLeSB
sNZudKav/Gvo7Mvz5uLTcneBFb+haYIiXO/FQm4uBHkzdNFLgaph81Wzh62AhbtB
lfBOj/lbzN3k/xRwo64QU+2Z9GOhFlhjfROquY70FCQcspwNuqCdZybnkdpF2Qrr
6Pi0qKR/Xb9Vd7PW0/gKQdwwlYTiDemgA21mYeJrYw873/7U/+kLFRvmPAEX4IOI
OEN6XVjxvu78REi6CmXxOoYnH4aRSXDRyi1nsGjB43AtfAMMNCUigDgFP4sUsZAG
1RAoxBhOsO/g9S5wx8H3rKITCXDjQh2SYeBwHFcU03EMcyzEQhbZNighN+aRKGIi
bteRxISiKU+kcWaHolemeo6wGF87QXEpJaQ2OwIoIxQYvDDmQokCHAQQAQgABgUC
Vaz/8QAKCRA/8xuvEEv54t06D/9n1Nyn2QSUN1mXd7pomoaka+I2ogDbQpu9iuFq
bkqfcH3UuG8yTKlPp9lYDBs0IEfG85Js6iVxJIultocrcDmOyDkyEsnYbdel/tn3
X4yqD8eI6ImRoCE+gnQ3LoEIHuODfJoosM/jAHANs4fsla4/u5CZDXaaq7pYXGiT
t7ndsfmLiCa7dAg7bVFfJagsnL/VjlfeWM9nW01rDL9LPxSN4tq7ZKXWZDonFZYJ
4unsK/Cn6Pqco4Wb+FUOWCcWt8in1pgeNHZ9WnAgXG999/3iCbbQTLB6uVwY4Ax5
P7VApnLVXV6QFVf7bN1DxE8kZk+pfLGcuD1LJSF0skE80M17kAt+iV+fam8EYzeG
dG6cY6w+srndaMaq9ddiHIiQkR35SjJAGnrNRj8ooUr/vKOBnFfuwJLA2MOUVPZ8
HWB+WXW8qhihw9CXa38Hdt4o5knMGRIyTWEF0TQDtRGQ6hisVBN3OxJRXBj7/QgC
G/GoYpweGKcsMU43p57TzbnXVVUytJsLFyexOGNzrUIxgDVPEvTUnNvdAihNZPdb
W3YdFkP9pdwOyDpQwebXELUx1kp4ql0laueex4L1v+0a6rDYQeK1gOq5UGY+THRS
gB2xsHl5zeryfgnjlUkUlxKuumz+9FI2fRtSpxmWllJkRF2oFMGRuLPGAWe8nHvf
gkuGVokCHAQQAQgABgUCVa0bowAKCRCVY0f2+/OkFWKREACZ9TOmzvY6mrfWVEdl
dcYPj8cU/1LJhGdbNo5YYMx+A72nchxGXepHA65OEK+f6rFMeZFPwpQPy6Sj3MhT
623H/PECfeG87WcLOyJbfc3i9T5jvxS+ztG6abYI2J/50oMvjUWdWkDX3VvdPc0Z
Z+KC+oHvx9a/9Yki48m4CEKglgVsrRW/b9AXZQCj07bB0GjQQtkqY/m1Z8m4ttzx
fO7OBo/jHNF2An4/4gUDirXNDj0UdB5FYFJaTEUCneIj2x0fk1r4u6na8tINhiZ0
M7IgjnDlBD5jwzvwG+3kYE6TnYp9Mfeg2MPC13tp7jrJatLLutrOzvmSVLGLXbkh
9w+v+vx7qO3TxZUNlFqTmYs+vI2V/9j7KYV7Ttoind6Io7X9ImnYrvd8JOyVcO38
67MplKnrnqHJvFStE+JcHEcw5aRw+WVmoFd/obGc34V3K62T977QQGOkrTYDEdje
KADfjXXZkZMZc0IvzLBOJ1XB45+PKqJYCcJJS8Xr55+NGCDaaUPWDpkNGIqmX2n9
kYROMKG6uWkZIqG0JlZkga3THSJIvLiy6uoOvDC4GoQ9JnTwpGv6r1Hwcg+4DCOr
YKOoPKMMU24vHx2FtRRUgCXtr2cmi2ymHlUrtz8EXS4tblic8lixcbvPUqLEvbJ2
gfWQvjXNd1whYE/wfvI9WBTEIokCHAQQAQgABgUCVa0b3wAKCRC8FzAbSRs/IQhX
EADiKbCnsN/+Plllxn6SQHACEU75ackx+Q02XiD/u+wUptYUGmJi4aaW9f6mgzed
OxYK4S+/dCiFtkcYlL+FjaR0C7G6tMjrDgW+8nQCTPUNQA0gX2B8n06a7Zmdv3Eb
V/PIJJwTNSBp/dqKbvPKnRquOOpH+ayZ3awKOq/LlWBErbW1gB+FabN0lCe0iUIQ
TF9OH3GC4QsMtIrePueBmVrVPcHATV2Vw9UPqX1uX/tlXm5eai06oVT7V0FwUbg0
o1eacblNXvHciHpe33zZIKkGBWwSjDVcU9/SN+U8GfoMYmyCma4iN3KaCklpzBkJ
iQZtNKPAB5KJti8LDUxFi2sJd3sqWaZDGFhO+/PKhBKpqIhAzx1ppd11zLgh0eg6
gQlXN8D8ELISRvQqGGNNZdChEFdzGElg5SMfmeEd37OaX4wceLLV0v7EA0doHMVo
0enFhSwU3YwtwxbiukKc7H/ylG7+jvntjY+z7KktRsY/FkklrbrNhddMBQMMSAQU
Uz1GJ+6NUKmzXjqxFuuh3OAhqNzhJyABZWQcNMph+rogEslkenwoHV9gWRWtS3CM
ybJkKkbsWpYhMZNY6hFtgCwida7NPs8369v+yTTE6TU/NIlXUKYIf2LMqtOpEBTj
aN3jKpUi5DeE3zBeh6iVKUrfCXbt8O0rYQPNWGSW+MZ2t4kCHAQQAQgABgUCVvA4
GwAKCRBE9G4UbQI5XfS9D/9XPK7jg0lmsNZ2sDIyeAw5n6ohSR5F20ocTMAVeXqN
7VkvJdNpIqHJa13EP408DgTy9BsSptym/OQGE6B82BU7FZTEL6eMHnGGDg+5ktx9
+b73xLedzK75ti6ED+QuA4kDYcvW8hASht0zRcmFUzwbtuEopJ1Lk1R3oFLwCAov
lhduC45nANWrTK5U+D1U2obl5PAvx+9mEfgvojlGH/C/WD74W+cQZFH7t4+muRza
mckLyPftnTxjNF/lpYIm7z0QOwvzBYj+PJ09wYueK00RE5+i9Ff8DrjtVSXsziQv
SjJuUlv0kVvM8r3th4zBBNRhA4cinwqxhgqO4G+r2r9Gv0M2nKKOnWmyF+MSIRnh
gONOQZe5a7kQxKVWkLicS2IGUpPeQyTWaqZzYXsD+Dm6DXD57vYTURtUkwO0CDON
zT5XiS1HG1MZrw+V/Jai4HAvpF5WkTJXPc1Lv75BxJj3wOAw4MzEWCCdr/N/dt5/
+ULpEaSQfIg4L4iEj6rvabQyN0KbOxIDx+pPQ81izfj36wIrDqhyCNIdmVH/yARl
tkL4XDEl/pt7Y3t6jqFhy057lektowClWcPeq3DoL0LFYnjNPpYvIjRIAXdhaYiA
u2ViF8WdGzQ5tFeI7u3PQUG5NcPe+WOPOru3wMMrUhLgLHkCdNkjivP79qIPSTkC
GYkCHAQQAQgABgUCVvA48gAKCRC3hu8lqKOJoLRMEACmlyePsyE5CH7JALOWPDjT
f+ERbn+JUTKF+QS0XyWclA/BIK8qmGWfgH38T9nocFnkw17D3GP8msv8ll+T4TzW
9Kz9+GCUJcHzdsWj99npyeqG5tw+VfJctIBjsnX3mf4N0idvNrkAG5olbpR5UdsY
Yz62HstLqxibOg4zWhTyYvO6CjnszZrRJk0TYZON4cXN14WYq2OTrMaElx0My8o1
qVBnK58pIRzv72PmvQqUk5ZjhUyp9gxjqqCJDz0hVK61ZuGP6iKK8KCLTfSxeat0
5LAbz8aC58qlg5DVktevHOjBgnTa8B7BgJ7bQ9PLMa3lF4H1eSiR9+8ecpzEfGHI
LoeIDIYH7z7J/S0mTgV3u5brOMYO+mE9CEfps85tVVoyJrIR8mGEdtE2YmdQpdFz
YIYvRfq9tnXZjVsAAsC20Smw0LnjhYzAt9QJwZ9pFMXUTg6lC5xT+6LNrEY+JR3w
C16q36bcbCNj0cBv1A3x6OI5OQfpexhLPDgoDiI+qozJIdj8MzJ8W6KU1Z3yb3dq
ACk77yv37rGO6uduSHnSti26c/cUIy6XZBbXBdobE9O3tr8hwvTQ1FXBmYnBrdiz
U6tgxEA5czRC9HOkdk6y6ocbjmONpF6MxkpJAvTMk7IqC2/hisbV9x4utla+7tmN
ZU137QGcaK2AGQablVAy4YkCHAQQAQgABgUCVvCMigAKCRCkhaDtUbi3xAU7D/9g
UPZSJ8pbZV9TLaKD57Bc7B78HNV/B438ib4dI33iihMTBHnCB1giPE9X54QoV8AS
xrO/xveS1kkj78jERqUcED6ZHhMLb9SWs6CxUKdMdgovnIlFUc+t05D5mb6STi+z
NihwO0JI+n79qhETy73WLpC7RR0aMx7zYcbqp3NWPptcf1kVGJZGx+QbEHfVye98
T5pkH5Wp+7LSlup6AldQT/oifxdGxLXbECTnwozRvyMpAaphoEHrET1YOmKnmw/J
yi6DLpTb3XvSf5Tntzr7HklCEcL9FvYCoHxiXWawLhuPhSyrFYeYtF1ypmzTgaJW
yuTZ8sN9J+y7Tbchk/I6FpX+3YoTgPCcC7hv1Krs803N/3KuyBEvhzg7NYRikzO3
fxXlBG0RMm+662E7KlERU24izbWhGiYwl34+MaxrIO4oDvF79LEN7y0+SjL4V0B9
689d+HI1ZfS9O1xkOlW6y0QyagOzsTOUF12s2mWydFmipbYnIwsSsu6Nzk3yO4M+
qYABJXJ3tIFQPTd7xqmPNlJ8mFtmzHDhb3Pv6sRNFLLujYM9cJpuNMbAHWdohz1b
jBT9pZQ3zWpll5wotUvGmJd6hTAXdUgmZ7lh7Uq6axClMmiLe1WYntcNpb04PyyE
m2+GU5x123UTiSX2LGKa4t+HNSM8nJL8BJiGk80xVIkCHAQQAQoABgUCVa0OAwAK
CRDDvTXkbdRdpVR+D/4/37e8WqKOHNPteQu42sj0ZOfcqyVMA9TQ578F0s9MwoQu
qfVhXGSWevOctuMv2qTBjBfFjkdPrKR5L4LNAgMsu1epHU0DPcRZUCbh1P7Gpolm
Z8KgnjT5Wpl1AcuOCaP08VMrt/e/JndTHp6btn6HsLVtryNhlL7oaeYbDr6/ovHN
GHVIVSZgGP9f4Y8FiDpyfKav71vYLBMxtzM7lc3eFT1S10XhSW6k+8S5XldYWkLD
riRXDE85C+9QndpOoQaIICp3ye3JVnUxa1qhvsYj9uPt1M6hKiBSoXdplrB+hQc+
nqLNN3jxpGdmGmwrjtjqMhocMIguEqgARJOek3XKOppEhu+IcnJgU4edARJNLsBa
uiVBWY/6mZOFlZq6H48tVyziS2n/oIpi+aCc/fQeGs9zMTtFUohPfYtTcy9PecXM
OYpSu4p4tQ07oucnxfBkRUgTdM5VwX7YwTcRwp9XhHACUEGBhrwMH8Iz+sK2jLF3
FhJGkef1vFs0vqSf4I8DBFkYAKF848YyEcGHeINQloi3v0Kr2PpBxlRh+GPWwi++
QPKXQFzlTiyVtMzoo/lpmAWUJwj0dbAbH/mohtvWtA1WPHC2JRZ52JLThhpDrK3t
//Jdt2WHE91cMx7/2B0PK4O8/j7UVlsOJXpVPsGX5SFCeTB/iS4JtIwWN275zIkC
MwQQAQgAHRYhBFnKni0qMx3iUaokJ18Dx2fCR6TVBQJZDvZCAAoJEF8Dx2fCR6TV
oGkQAIjqaQ7tpdhDJ6ORNtLIt0TsWg0jg2rpoq+9Au36+UYBMuBJ3Py/tAsZ3cqQ
lig7lJiQqOuQZkbg1vcY4Kdad7AGa8Kq3sLn8h2XUlNU90X0KAwdCTA/YXxODlfU
CD2hl4vJEoH/FZtfUsaLNHLmz0brKGrWvChq00j5bPfp90KYKqamGb3a4/LG4DHL
4lmEBtP++YA0YqUQ3laOvKune2YwSGe4nKRarZnFiIn2OnH9w0vKN/x9IMGEtc5M
bQVgGtmT5km3DUuXMDforshue6c7ao4nMOC96ajkWYZhybqHJgLOrEGPVUkOaEe7
s1kx4ye9Ph3w/LXEE8Y8VFiZorkA/8PTtx0M9hrCVkDp0w8YTzFJ9DFutrImuPT6
+mNIk+0NQeuDsv492m/JXGLw/LRl97TmHpKME+vDd5NBLo4OShlDKHwPszYcpSJT
G9+5++csR95al3tWnuGX9V0/dO1s7Mv0f/z07nLB/tL+hEpqqA5aRiGzdx/KOrPZ
uhCTyfA3b2wvOblwf4A/E1yO7uzPTuSWnx1E14iZuaCPyZPXEh3XSYCLEnQ05jy5
0uGXCDVR+xiE/5i/L3IxyhJk6zn5GOW5b8Taq5s/dFS3zWiFS6l0zQ1VQmJH8jdG
LoBFvdVLZoAa1bihLo+nJVPR2RauWnxWoWk1NQoT3l02Lk6DiQI4BBMBAgAiBQJV
qUAEAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBht7Um2Y8DU1CqD/9G
vr9Xu4uqsjDHRQWSfI0lqxElmFSRjF0awsPXzM7Q1rxV7dCxik4LeiOmpoVTOmqb
oo2/x5d938q7uPdYav2Q+RuNk2CG/LpXku9rgmTE7oszEqQliqKoXajUZ91rw19w
rTwYXLgLQvzM3CUAO+Z0yjjfza2Yc0ZtNN+3sF5VpGsT3Fb14aYZDaNg6yPFvkyx
p0B1lS4rwgL3lkeVQNHeAf0qqF9tBankGj3bgqK/5/YlTM2usb3x46bVBvwX2t4/
NnYM5hEnI57inwamX6SiMJc2e2QmBzAnVrXJETrDL1HOl4GUJ6hC4tL3Yw2d7515
BlSyRNkWhhdRp1/q9t1+ovSe48Ip2X2WF5/VA3ATfQhHKa3p+EkIV98VCMZ14x9K
IIeBwjyJyFBuvOEEIYZHdsAdqf1zYRtD6m6obcBrRiNfoNsYmNY4joDrVupI96ks
IxVpepXaZkQhplZ1mQ4eOdGtToIl1cb/4PibVgFnBgzrR4mQ27h4wzAwWdGweJZ/
tuGoqm3C6TwfIganajiPyKqsVFUkRsr9y12EDcfUCUq6D182t/AJ+qE0JIGO73tX
TdTbqPTgkyf2etnZQQZum3L7w41NvfxZfn+gLrUGDBXwqLjovDJvt8iZTPPyMTze
mOHuzf40Iq+9sf5V9PXZ/5X9+ymE3cTAbAk9MLd9fbkCDQRVqUD0ARAAr/Prvt+m
hVSPjNDPSDrTBVZ/7XLaUZvyIVggKa+snJoStrlJGTKKFgDVaYTOE3hP/+0fDdQh
97rjr4aRjd4hBbaNj0MzZdoSWYw3yT+/nidufmgPus0TIJMVO8I6rl3vgcfW/D3o
vNrLW/LjkTuM9a+p+D1J7woCfMSWiFMmOLPKFT7RBuY8edCVjyA6RP9K9Gj1sURS
eqNaHR9Gr4rW10s+FwUHWxxzbmIWqH0gApQYO6vyND5IMcKOBCWQU6Detuq1pQ6d
Uc+iF+sEz3Rk3C6d4WBBjtkVJSJ0KKan8Q3gJefOCMNhdRQDjZLwbzr4bgoAkLba
BFCjiZxWZ6HAdMfSCV8uZQrtMS7b0DUpY0vdH9Htl3JqOOkK9RorYDQBuPdkTYFI
NsmtWVsFV/LmR891mOF3fBRaoVoMeJVwiZyNlFY+dyWWFzLp+GoTLcQtmuR7OkmO
cBGxWSKPcZfPqhf4dVQud7bDR2RNfJ1Hqa5kj8Z422sseYDwHf/T9OWWYvLwKGZh
lUgpnzO3WCGrd/6EVNeC1mKXt4F7BmADov4Rdcrp1mPXiVt7oIxLaS6eBNf2y1TW
zjYj5ZFuKqIukDEJfqpwsE5asnCw56nae+7luGs8em1J9GEXhWzXG15UVyQJaFwu
B1iL8l7VcEQz4ABVrSTUWLLAKDsyqUbq2gsAEQEAAYkERAQYAQIADwUCValA9AIb
AgUJA8JnAAIpCRBht7Um2Y8DU8FdIAQZAQIABgUCValA9AAKCRAcacTlXpkF2y/F
D/oDrZm143Rv9NV9InnVJ0brpqbB7aulFfhR1LDuJ/GjeqGAQgJCZdHlzT2pfCXX
swUlYzcWEatvGcDkoaB5Ya2qs+6nhBk8pT6XYRrZAtIlKIGrlCqoSBm9HXguGv+E
IaEECr2z/Funx9so0mP+5aJn65M9u3lPmuAonj6DcHoM07WsfsXvQ4ut3fabFmzi
lLGeAdEDKIw8Hn3JBUOxUyFrQlOoL4/3qK1TO+cidz/2bATQQyIG2kNOSgHBslU+
e6/7sWOQ4ufmzm7dEsf197zPXGdXR88LT+d2uU2K4GkCffNUKxZqy9bXxXPwr4JB
jxLDQnDvl50GAWjPZAwXEd8Okwl5+8xp0HuZ217WUqT8ib0oUUfwh2H1vrMPRr/4
6i6O6THpCkV8BWF7axPYIibaeYwC4BkjZwK3tIL5ESf2f0xK4hbE3xhMTeqABQHo
Xd5rQ7SEaUuX7PlQ59fRs0Cz55vH8/o9zMm0PN6qmZFvRBeqjnklZcu+ZdP9+CMX
t81NMuzIK1X7EfpkUoam8YkYkwcCkRvPZrSHLXZFkfnx4jW543dPOfycjnv6hhKy
oXD9CBx0ZcOicsYmw9XMilBGD3b8ZdK6RYX4ywKNU6KUdFJjXB88+Ynv6QxDit1e
mMCHA1glzV9/k36iYLEIqgWBiwJeUUIcUqzgnBFtN13cyS6oEACUGUiPKbw3IkgG
W19ZyS6FBNfgGIGW0Y82Br0KlCyaXnX0R4+4u2h7kfR9NSnhRhsvRnPIkiZATa7D
+Ew1nfpsDTnti0c6g/gVw9TC/rCyXkkLztRHVcWEBdvnFJTSp2LeFaHSGbvvZfoI
GUzyUzoa1P98NmRIY1cxBoizVf8729/zAaD4fAslxoK/JsjjDvDUrRHtaNZmUle6
0Jl/yFFzR3zxb+pJliigoP2rZLt+ipomHJIhoXXWwfkRO9U/egJ8ZUhWEpZvROna
Nc9eVct5EBADxL7gHWjlceIz4ndI1eE9AdEZDdUZwOfjmK2DcXjFBfZC+jhJXjY0
xh3pPKQz90h9DIkM5WDcJPf6ep+MKSd/3hI2/JmmscQ+alwN6x6g8zDySMo3APA9
cUvEFGe0+CepVcNw03jU4faSrHiMXsUuVGbA2kHaYVUfzF5W5GbuHZZlGxoSiq+K
+HNG0RJUDa6bkSDvrcJVNw1iUrowP+LLwnNsy5kGuU4evnwcoN1w7LVbTPaq4RIa
iqvAD33kiA9q//UNKnK4k81z+hRNaWGliyGpgqh+V7MDIqPfT5TMLdH+ZjTeuLrN
S8KBcc2BmUpSwzdUReTqHmgO5peeIcsvO7GNMFWsgucZiAdIVE/zQv+SfP6jhS+r
jCPs0eeu5zl8/V+gXFE2wy3jTJEl9bkCDQRZS9m1ARAAvh1Nh4GgjpTFZy7uQRFz
5PPXdZTBI+Y4hTpF2heoFzZDI6SLyz64Ooglum3ZglQ9ac+ChTSsO36aw4b22kCM
9WDmkcl7wf21fG9o8gJDVjFjDWbwTWREaKjgS6s/Yb8f9gje/BGySojxynTi3zyT
UN94q9dhVjfiQ79UzXZdN9FyyIx2YO5tOo09hTWSZg16oxP47Mj1ATaS6UIrQMcM
nOp0kuc6SufXPSWsUA+g2lW0dmHgPvIHwUfcjWqT2elF01e9KOFe7im29G6zOS2M
Rx8cr6KRg/eNWpHh5aI4quRUhYk4Kw4ohQTbs9ed0YttS4PMK+sq6xHpb28X6Zgr
WnelPY9hfwcR4m7Ot3VQUG8JY9/aTlFCoeTgkhop+MCUI+dJeY8depIa0PTzdEmE
WRvPhTTv+CUdZ6v4z5LD6FhP+/5c6FCbcIb89Rp5fa53oYV5/KZf+0DUVgmpXFU7
J7ZrGgDeU7vIzmwr8kcx0vtsVm1dVwYLACpTaaQPbISQUDM8sEcqKAqD7hWKaxNs
b2M85L6q2/rnHq4g46yJzdR3b8EH+V9u+mUi9DIljDwcpvw7ReRQ9wPdDWLynngl
IeGImbjYfr324yaIl4vNORAkbsoCkS/qc5v6MvKvYNle5fzb9S9kCbNZmD9c5/bH
Pjj9ENeQvzrl2pFh6dc1o5cAEQEAAYkEcgQYAQgAJhYhBBTyZoLQkWzdgeN7bWG3
tSbZjwNTBQJZS9m1AhsCBQkDwmcAAkAJEGG3tSbZjwNTwXQgBBkBCAAdFiEE3OrF
2WE1uRxOpnKru769uyTG81UFAllL2bUACgkQu769uyTG81UFUw//bW5T7w2k8ukG
fpIcm0gB98VgxKenSCmU6N+Ii0DwcNtzW+pmVWl2TbHIXDpvuD69ODWBDMXu6gBk
rVzNEsK3uhzGe0tWA+5I7Vke3iEkbll7VRQlIOrw+n5NMvjeuDqKsMt1gMEEdgRK
ddYApEAi49vV7XnqkB2lLKfAnf6o/KqPm8MuQ+u0xYanupZCldwdpcx5rybj79Es
0iO9Gh/+3qOtR6ubOz3Vn78Lc3y6AP9pmtdOI2QX8foGK4hNmgHSP6uPLh/ERC9N
ir0Lc2hoEhHEkQ8CnEaccp70r03VkEQuMJQJPUyRsGZ/gIm0SAm9JJxWHXJk2/5N
UN83pHAX0LA4zxtWs4fVW5f8v9eIhFFPTZ4au+/cS9D4GFx4mlY34awcpAzrny2t
ntGEejY9HSJv4PuFZCmtyS2q61N9EU8yuBwVM9cp5HntzG+OT4HYugtI6ibehM0S
1Roy4ETwT+Ns41ffhCwdYMp8tzdeksQ35s7rkB9OJHj+q2dkGaV0FQb3FutbSpxb
P4zk/dLqyxuivdUPHGtf4W/qklxzCWBg0VDFA7PwatmEXRxTjx77RelTY0V7K54d
DyVv3Jh2+FzuaQZzzuIhv4gtqHntaqLnYl3h/QNLbOTE3ppvn9RUSR983Bd+M3Qh
bbwZrgG1m+hdUZUmji+wbK0wV0xHNEH+4BAAjbVzdNOs7hMvjY1wVDRFjvICVorN
dNdU3ELy/9BAoiwOs2+zjDXmsX+3YtdzwKvdpQ24O0TvH4Vo3BkvKkJ75EU7LroA
bYQ2423m1MY3eaBslmX7TUJ3XE+k7OZF8AmcftgP4nhC4IQSCtoBc9+ncyGN4da1
BpYO7b19tO0/HST8GHSrEcU9bGGdimS2eNkSgybA8wF6K0K9yvrpTNSZ7OBVlzQf
En8s70Gyzs/d6C/rTA+defnv3AMaciuINSEdFyfYq4wjt5PikvgceMAAkH/z69xT
Ng+6q3FQt/lyK7xX5qPMe2oFyDA1H+Cb/uL7ioo+jXh9gF+0fk8OP2IPzxYhBful
pVtgclmOuaekzaKeIv8NFW7GoA9OghziExePxg95OpL/VyQ7PJiAUj1pFovFk5HS
6ejVZNEGJ/A5zLc1PBIcr/phu0luqhXAhImsZS6858GWQllWULNWw8bX5Blo8Avc
fFVdq9iAK7aHN7g45ZR7Ze6qKHDyFv4XWuE/rj9C2mM/GAstvU0gGmbo6B1mNGMJ
uX3Gd3dG8fqFjE77OB2feJyfZ8UeF1nvG1hxlmuD1A5e6/osO9V7kjhXKzM2zSO1
1zHQ/5PlUisoUBjJ/QIK4v9RBNGtbRKso5X9Fke692lVgrdggDJ3j2QqMuTo71rA
VDLtxerc+GNq0GK5Ag0EXPA56gEQAK3x5otbuNfefm1BD4gJ4Y4EhVvMCdeUf1uN
1OqiWUz6KLCR2UE00QaS7v65D11Oh96bpxtJRe6HmQk0vLm1QgbigZku+kCMt0c/
zOyWBOCVDKahZJu/ayzimrzGgNunoTnV2SjCTIVK4QtkowUeA+Ilt9hfFCZvASIW
Eazj7bWXC0ji1U73OzVdvMkP1e2ibGRxhp494HGkj0metYhQq3vQk9mL9BzE8wba
yL9iK2cJVqZxXDxauL5bswAlbdLI2MlSrH9wg6Jvy91lXG91ZEhmZ2RaQU7q+/gi
i0QEJ+W3pwPQQjLciOfecMN/n2/vCl1ZeJ2PNWMoXQXyNSJfpL9m4TPiW92i2kKA
kaEOZ2LilUJhuZKEpt9+BxIn8FafjAI4co8D5cHvnPM+PXt1xZHwP0Yz+yC6wnLZ
9scNw50AM/Kcpbc6TUIQ0kPHsNMPCbZ89Ey63i61IvUUxKXvMENFptw+vWfD7MRG
OZKObdH3VrKtD1QqU//g/xeSGNzcUVatFDVDv9KWRSatOpKi5Bw6iUYxrYQ02Co1
45jugTnGc+zrhMsDND3Prq7R0dMw4MBLUDoLSXrous9VgahAsOQztZCfvPOcV2cp
Haew85SLSYx3Ksb/raIBG02+4XjF2xQCgIq2LfA6xdG5SGJd6Lg3ip2vwhogQgWB
gQoq1qrPABEBAAGJBHIEGAEKACYWIQQU8maC0JFs3YHje21ht7Um2Y8DUwUCXPA5
6gIbAgUJA8JnAAJACRBht7Um2Y8DU8F0IAQZAQoAHRYhBAl7MTB3rmKgL4TaTfGm
Zo+7fVcuBQJc8DnqAAoJEPGmZo+7fVcuilAQAIq/yZi3hoxzSgDblQlcxGKDaVck
Oo5kFRK8UWby3peB0bTMV3MWjiCqmN7ryQ3K3126G84yxXCTNSv7kOLsVxy+DBx5
TdfmeBamdX8ZxeDv2bm+KKlZR0FGjJn3SiLgPkrp+GWazOZbKIPsoOuN20h0aeMC
6mvO2Rz8kGUjCWa7/jQnINHkN/GnbnoOXOwn8cfwtt2Mkb8XRe+1lTBwd59ruYNe
0hazOwygmcSgvM6Rm8nXeuElxMdVAiYKXJLej34+ToNN/LgB3TD72cXStmn7z8Zd
kaKV+f81cyPR6Vi7laLIIGpquBGSsel5s0pb2PFFxrTZoNLZit/x2Wx47V30Vdk8
4FYjENEb75OpGEErwVRbTQOKREOutXlGwiJe2C1Gof6HCScTfeLybz8ooLn+lSXc
B/l/68wqxPezWYxfbMD42YtTEkJcvPvRaouhKEjxASP5EuT3K6T3tujsqg1K/rE3
Bei0krOnTxUCdU1f9B12ZXpntKehwSz5LpnQvr2wR98yBRoKQfT2Yi3XK7QNp46X
t8zaIPdVw7qMn3gODyiWSEGCtkRF7exdHZ9yIW2yofFhz3M/tjIvu89tRDwGiDER
8hBk8Z2mcbmlMzQ1Jf+aCQ5YjZUkUN7+s4VN1OT7yYpWcV1pR8cDjyoh5LRXTMwt
3g5mStiVbeIq9mmzogAQAJq6KK9Z28q8mAozKLd++JxefiovydXVfqWY4GoOfhtv
Q3Sa2mKpd+8b3nT7b2twIlKPqpIxWPxke7BWS2sShZfqWkltbAR1SH7fkOeN8Y5g
3yBbxvHQJ/KoTHnRb74MrlaP4v4MvuOAn+Xt0wrEt2OKOSD6/jIjnXqfNFuvHfHv
tTyf4fVX1sesN9JwRKevc+1ZLjN7jIOuv1en5grwDtGQhy0fZOjISLGKfy6299rn
p0alRqLuAhFn7Ru1ZjQVfqD9VEfDCEsjNOxoW95Aa7MVtdoaQ6FEBKK0q1tCjZ8P
f2oAyLGQo5y030D+cDd1lTwGUmPvbnz4/fqNAM6KWvZjtGVNJNlLlpd4A9vAgvAo
I1wONXSR56sZKqJXbOSIfS8AlzFWiSf6IyPpU5ozVHLGySAVqtrRW3ci4COeKsRL
85W4iSGCl5uYZcE9weotakUO0R0u/pi07BJwTR5hvn9IDdeyYreqDMQDMF9yHCXg
+oCGJAB/+1vHkSABRsWbCERyB33ExjnDr7z/kWOhfAdiZ1+MpP2IPtDEXcufKayS
gpBAZYEeLAmNoDwtg+milSD3B7TTM11IY1e/Utq70Az/8BOK6wfyIsmPfeh9CHoW
+JAbpbdOUs+rH+gjHE2Pls8BDLp1EoHVPGVavhfSlRbG6oF45s+gdL2PTKzEo+u7
=xFcH
-----END PGP PUBLIC KEY BLOCK-----

The post Updated GPG key for signing Firefox Releases appeared first on Mozilla Security Blog.

Planet MozillaUpdated GPG key for signing Firefox Releases

The GPG key used to sign the Firefox release manifests is expiring soon, and so we're going to be switching over to new key shortly.

The new GPG subkey's fingerprint is 097B 3130 77AE 62A0 2F84 DA4D F1A6 668F BB7D 572E, and it expires 2021-05-29.

The public key can be fetched from KEY files from Firefox 68 beta releases, or from below. This can be used to validate existing releases signed with the current key, or future releases signed with the new key.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFWpQAQBEAC+9wVlwGLy8ILCybLesuB3KkHHK+Yt1F1PJaI30X448ttGzxCz
PQpH6BoA73uzcTReVjfCFGvM4ij6qVV2SNaTxmNBrL1uVeEUsCuGduDUQMQYRGxR
tWq5rCH48LnltKPamPiEBzrgFL3i5bYEUHO7M0lATEknG7Iaz697K/ssHREZfuuc
B4GNxXMgswZ7GTZO3VBDVEw5GwU3sUvww93TwMC29lIPCux445AxZPKr5sOVEsEn
dUB2oDMsSAoS/dZcl8F4otqfR1pXg618cU06omvq5yguWLDRV327BLmezYK0prD3
P+7qwEp8MTVmxlbkrClS5j5pR47FrJGdyupNKqLzK+7hok5kBxhsdMsdTZLd4tVR
jXf04isVO3iFFf/GKuwscOi1+ZYeB3l3sAqgFUWnjbpbHxfslTmo7BgvmjZvAH5Z
asaewF3wA06biCDJdcSkC9GmFPmN5DS5/Dkjwfj8+dZAttuSKfmQQnypUPaJ2sBu
blnJ6INpvYgsEZjV6CFG1EiDJDPu2Zxap8ep0iRMbBBZnpfZTn7SKAcurDJptxin
CRclTcdOdi1iSZ35LZW0R2FKNnGL33u1IhxU9HRLw3XuljXCOZ84RLn6M+PBc1eZ
suv1TA+Mn111yD3uDv/u/edZ/xeJccF6bYcMvUgRRZh0sgZ0ZT4b0Q6YcQARAQAB
tC9Nb3ppbGxhIFNvZnR3YXJlIFJlbGVhc2VzIDxyZWxlYXNlQG1vemlsbGEuY29t
PohGBBARAgAGBQJVrP9LAAoJEHYlQD1/DRWxU2QAoOOFRbkbIU1zKP2i3jy/6VKH
kYEgAJ9N6f9Gmjm1/vtSrvjjlxWzzQQrkIhGBBARAgAGBQJVrTrjAAoJEMNOV0fi
PdZ3BbkAoJUNHEqNv9dioaGMEIpiFtDjEm44AJ9UinMTfAYsL9yb15SdJWe/56VC
coheBBARCAAGBQJWBldjAAoJEAJasBBrF+oerNYA/13MQehk3AfkljGi252/cU6i
1VOFpCuOeT7lK2c5unGcAP0WZjIDJgaHijtrF4MKCZbUnz37Vxm0OcU8qcGkYUwH
i4heBBARCgAGBQJVrSz+AAoJEPCp59zTnkUulAYA/31nYhIpb7sVigone8OvFO19
xtkR9/vy5+iKeYCVlvZtAP9rZ85ymuNYNqX06t+ruDqG2RfdUhJ6aD5IND+KD5ve
7IkBHAQQAQIABgUCVaz9fgAKCRCzxalYUIpD8muMB/sH58bMSzzF9zTXRropldw7
Vbj9VrRD7NyoX4OlDArtvdLqgPm0JUoP2gXINeSuVPpOfC676yVnBEMjIfqEjq09
vcbwayS+Ncx4vQh2BmzDUNLE3SlnRn2bEWr9SQL/pOYUDUgmY5a0UIf/WKtBapsP
E+Zan51ezYSEfxDNfUpA4T2/9iWwJ2ZOy0yIfLdHyvumuyiekJrfrMaF4L9Q0OnJ
wp1PwkvN4IVwhZeYDtIJN4nRcJK5LrwU7B97uef2hqBBll7/qCHl5y4Khb0csFan
Ig+pQLPUJdIiYtzoFtlgykB61pxqtU9rqGKW02JzEUT8DdPUXxmMBy6A8oGeBRH/
iQEcBBABAgAGBQJVrRdcAAoJEGVzgtv/JREKQJgH/3nD/3/SumL7nG2g7Y1HQqWp
hUbn40XWvjZcHq3uBUn1QYXeZ5X56SANLM2t+uirGnNaZXW3cxEl5IyZVLbmcLWE
BlVAcp2Bf3FXFbdJK59f+M+y2+jZT9feTyrw+EtLoiGTxgkLdJyMyI0xGmQhMx5V
1ex1CxhZK2JPjzCVYriBI0wIbmKi90YNMQoSsdMhYmX9bHl6XWS9TCDWsqj25FLY
JL+WeVXpjO0NjRwEE6pc/qldeJYG5Vbf0snGxIerXe+l5D8Yd4PEAnpj58+5pXeo
GYZn3WjX8eTFMAEU+QhLKWQ+j/Y8Kijge7fUxnSNBZ2KEnuDN/4Hv/DrCFLv14CJ
ARwEEAECAAYFAlWtZVoACgkQ5DJ8bD4CmcBzsAf/RMqDdVHggQHc0/YLt1f/vY9Y
7QQ6HwnDrtcNxxErSVcMguD8K6Oxir0TMSh+/YuZAW8K4KSgEURwZqz4na8/eOxj
8bluNmlcAseQDHswqU6CyB95Woy3BocihH7L0eDXZOMzsa33vRQHBMioLxIbpnVt
VbFR1z7tmyfjcOrzP32xo5QoPoczKX26luMBjAvbw1FC0is2INnmUSYM4uH7iFZu
XGPFYxcAqODqy5ys3MoPa4oZ71d0HoiRil1+s0Y+2ByddZ19pE2TXp4ZXNYNUj/2
aRj8b4sTjR4rqhHIx/vfoK+VCNy/skFUZOyPdbbymE0stTRSJ1gr9CZLcBWYF4kB
HAQQAQIABgUCVcFZcAAKCRCJFz+VfFX5XqApB/938p+CJiDRnh2o7eDWnjSyAu7F
WmWGkOQnjI/kraKx1vojsYnKRXD6mjq1QJ8Hsp4taJnLQjcokNTUiST4m/e4ZJEx
PWuJKkwlralWGH6NpqYcgWPajSYb0eYQC4YqS0kfyzolrHdKI8Y4NGEU7yy5zsHw
WkHt/mpNQMrYnXwyWdIrc03X/OXo51dJyshJDRw3InREyBblFJcLvArNHz219wMr
XAicPytw4wfPpVrmDx6GrZcI8q8ECWCjwSXXv7hRpEuFLSy5XPhMc+wYBJjNlUoi
FBAF/7zENd3rMn9SCQLiIFYe0ubmO+bpeGy7TizbxOaCIfgUouyy0BQXNuJBiQEc
BBABAgAGBQJV0hrqAAoJEK18uZ+CSLoPzEIH/1D6sJMNAJtZCRGhJXvv6SYhv4pU
VNyDF9FnUvRsovliojoe4IkuBTWKhPGrxbiD5IO/izr38shqNhhm9JE2/SQZHObY
Pi+lyfDKbJgImTNxmS4F7JHnRLr37VxK1sVvuNkynJnqvCcp1g5xwNIx1rKcka3i
uqJj6toM8XQfgsTHH1rUkWHbUV3QwNzXm+yhFm2s6QzxBooPzmFn8AY7CXD4pvcM
R+M0Zy+e42nngd8lzRnmTBVig4pRq0GCMulFG+XjeVQZFpoIIxo2k1lczbRmGttO
NdGWSjxBUxReoTbSwM3C/50NrobycGQgY0gd6LGtWtU8/uEfklEy2NluxYWJARwE
EAEIAAYFAlWtAUYACgkQVu5xjc4OFUs0OAf+LM0dyyvUFGdXfJDpP2xMknXzsHAX
WFEtH5jein58mv6dD3fTVcCouo1vMQH3WFFSLYZvwtNnHGrSBqFbNKqZ0ATQ5tcY
aWsSZ+MVJJMXJDXFG/Oihg1nNOM33VdfV0RGPKP1I4cEROxms3TUFkHW3cSCgMzs
8I1OxfSoLrm6da8EN+2ct2InqzdQL2yisyTyrdmXoNpwXDxApKYkvVHQ4+9eJI5m
0ZAr0mBjIeJdATcw4/lIVKTrV7UhrChxiffYJcz4SSC1crmr+2Fzw53CyAsAmYal
UHep3Yr05oQ4oJRX9X3VrY/yELHwwxXaxCAdwwHbbXAMhZsPk9Mc20J6BokBHAQQ
AQgABgUCVa0isQAKCRCj1lIXO3Y+j6ZeB/91Q9/qr5oMWgOMsix8kflBLw2f/t+t
RR0SWDw90bG1npJB6nq5Hl+Bz4/A4SWFTFrrrlZi1Enjn1FYBiZuHaSQ/+loYF/2
dbQDbBKShfIk3J0lxqfKPAfKopRsEuxckC8YW1thGxt5eQQ8zkJoqBFTBzwiXOj3
/ncJkX9q9krgUlfTSVmrT9nx0hjyNQQXrghsmBtpR7WCS7G7vNRGCNUorhtviUvL
+ze1F7TTSGspVsVxo2ghmz5WT/cD9MV1gcVjojYmksh5JIl39jCHr9hl8aRId/Of
zsN+TKuBcpAxDkm9BCAps7oY8FlLKDFZTtHa000AkodKHT88nwnvKuqPiQEcBBAB
CAAGBQJVrTkDAAoJEPbQ92HczOykK9YH/0MARo3HlYXeS2bDqM/lwK/rQcPCCyYk
e6wbICjncbCOjgXHqG/lBhClNs7hp/7gqkUaR7H5tmeI4lalP40mSHHnnFvMD3Tc
yhn350igK0bgrjWQDaYxhKlHT3vIXd/C24/vRSAxmqIKbP+IoXOyt2GMTQq8GOm2
dgYRaTkwyHnGWnMaibctX8D4oCYR0/D4YJqPkfqobf8+1ZfP5GaMbSxE/Jwdo0kJ
a4vPjEzFXbygAbncapzdwN6zgel2zh885rz7B7vIpMr/Y7eV85Q68qdyyhLe8cL8
Y18YPzpFf+/PZNbgYxouafvnFwBhPQwg0gUF/+1eM3UE2ua+saSTGduJARwEEAEK
AAYFAlWtCVsACgkQM0LhtmejiGMovwf8CfYJHNbwiwSMUoP4n7FrmElhBtxvlbnC
MZKz08v+lFsfS3wU1LUN69GqirfF0vkQRSlSBp7niCLHQCfSoqHMLgxF0P2xgXLj
aYM/t/rxXDawJmW18G04dqFrtCPZTbwMT2PsPHTiWQdaN0e50lXk9Vo+l6VbwQMg
4zH7icZadeJgQooxFalHYFVXUVeex9t8/YdanFVrHFa3tao6azBTSUkJvZtIu14S
fxigDWIIwsx0xpVfJf3a/xC6HY3Q1a3NeBz3i6DwaK5wYqijZKl0WVdULKyqU98o
F6y0mUv3d2o/p07Cqgeo6xxMkHqu83OLa2a0C7tYPLgL4EFc2FtikYkCHAQQAQIA
BgUCVaz7KAAKCRCWO3gxCjexfKxrD/4npm1rB7+pPlotbqK37Mur7egPbVSAzVNU
/zUKPAuGUeP3C64YN77ETx1kDuS+meAqMDHFc9Bf8HivPbtj6QcK96U5KstbmSh1
Ow9YiQtxJgxGjg/CzREgZAFcjy0MhoklyPsFhv07s6MLOJMSM/krEN5nqjifQ0Wd
mTk02FLoHVWcLdjfgMiPiSjGbU3k7luvjPyRNzk831szE5mfa74rEYh4TBklse+2
uB4DFQ/3oHZ1Sj6OBK6ujmNKQjIP7Cl+jmjr7+QK0OJcRaj/8AckDA5qXTZACh1S
2syCDDMnX0V+dTxGCIoWOK+tt9mLohMzpEeD4NIX4qdpbbCRzeYZMHSomyBIsbA6
B+/ftDE7W1N0/FtJ9adkkCynKULvh2CH5c5hgOOL22M+2spnywRoeJRUWU7hBM5O
UH3JjA4Tu4j/cwp7dD7QzZrzmC9f5LQJ3OelejvVowWPQd3/tky4o1q6wlmFqAcA
gtu97UwgBOSR9sJPGDlt1iC91UYAiBQQAA7ya8uXUS84mCQwTlr8j+YrowvEHK4I
xpPREytT1LzzV/4Am4ndDFtujy83QjL0qaIIim1xIwoEosd4yidhpczw7f3b9dQp
uBIFeQuhM7JsxP4tmE7S6k6GlEmqa3INPVaPGnsUGS7+xSMlcJXLtimPCSQvFma9
YiGV5vtLy4kCHAQQAQIABgUCVaz8uAAKCRASy06X4H5n0dg0D/9QoxIh9LRt1jor
7OHG4xKUjKiXxn/KeQNlJnxI55dlWIvJEJGheFjaDomzKBYuxmm2Ejx+eV5CHDLU
YsLFYwWf8+JGOP75Ueglgr8A0/bdsL63KX6NP2DCg8XR4Z1aeei3WMY7p/qMWpqb
QoAv9c3p49Ss2jSNuthWsRR6vbQ9iwze2oaUaA44WKQyhhbCwBU4SHYjlKCLqIBh
/HXZFhZ4rDfuWgPBKvYU1nnOPF0jJRCco3Vgx3T9F+LZ3zo5UPt1Xapr3hMVS9ia
Jyl1w4z2miApUaZuHPuWKuO4CJ1GF1mS5T6vG8gB3Ts5zdtBF2xQIkCz+SM7vW/2
i/82oq6P8EuLHEhrQPR4oTjXIvXdEJ9kgbjqcj8Xk+8teEOnuwh6iEhay9i/bf0D
3Jd+roFN5dnWPxhOVjzrI3fwlK1/ylsZYqUYBEzt7Wj0MdhjeKssI5YICcqYXXjB
ttMw4B7DZXPFXzz3kHB56jZ/II4YUjpLO85Jo5A9SV+aIqa0mvCt6DvVWy/rhfxf
oUdqNlhX11gkVLaA7xxgn/NqPOf+h5hVO2mwWkmart9YHKMZ3ukCdke65ITL/nsY
Sm2ZhG7OYjaCfu9jPWtkBstOEWyT9q4JTdViR7wN3eMefEG6rb49rxOYvGJu+cTV
kp3SCpl0w1j+tPj4tkj7ENzPMXdnuYkCHAQQAQIABgUCVa0s4gAKCRCKsTKWOgZT
euMyEACKOySKAd/xDcPcHg7Prvdws04Z8DIR0dY2qUlbRVx2jTmIXyry63CqbOJF
bDg9uk5x0+lSotvrWtZ+NKSrg9VM6vyV4cc2P9rhqIBi3wO2elzAmpOaS2KKOjQ+
2fS/xqh91ElJUu09xXQXJ0vMrqgui+zN1YBDiJV0WOmm90Mm2NPiihcWZmBmDorO
qMQabwbjBLi0yUVHgAlkilY3mAB4tmEKDeN+4pYSAAhXAll9U+nyoVMgwMJscZya
zOp4MqMbmFjyr4p5AGzv+OOJtjtCNKT6oW9Y+URLY0YKeOsPk0v5PlbQCVBlLeSB
sNZudKav/Gvo7Mvz5uLTcneBFb+haYIiXO/FQm4uBHkzdNFLgaph81Wzh62AhbtB
lfBOj/lbzN3k/xRwo64QU+2Z9GOhFlhjfROquY70FCQcspwNuqCdZybnkdpF2Qrr
6Pi0qKR/Xb9Vd7PW0/gKQdwwlYTiDemgA21mYeJrYw873/7U/+kLFRvmPAEX4IOI
OEN6XVjxvu78REi6CmXxOoYnH4aRSXDRyi1nsGjB43AtfAMMNCUigDgFP4sUsZAG
1RAoxBhOsO/g9S5wx8H3rKITCXDjQh2SYeBwHFcU03EMcyzEQhbZNighN+aRKGIi
bteRxISiKU+kcWaHolemeo6wGF87QXEpJaQ2OwIoIxQYvDDmQokCHAQQAQgABgUC
Vaz/8QAKCRA/8xuvEEv54t06D/9n1Nyn2QSUN1mXd7pomoaka+I2ogDbQpu9iuFq
bkqfcH3UuG8yTKlPp9lYDBs0IEfG85Js6iVxJIultocrcDmOyDkyEsnYbdel/tn3
X4yqD8eI6ImRoCE+gnQ3LoEIHuODfJoosM/jAHANs4fsla4/u5CZDXaaq7pYXGiT
t7ndsfmLiCa7dAg7bVFfJagsnL/VjlfeWM9nW01rDL9LPxSN4tq7ZKXWZDonFZYJ
4unsK/Cn6Pqco4Wb+FUOWCcWt8in1pgeNHZ9WnAgXG999/3iCbbQTLB6uVwY4Ax5
P7VApnLVXV6QFVf7bN1DxE8kZk+pfLGcuD1LJSF0skE80M17kAt+iV+fam8EYzeG
dG6cY6w+srndaMaq9ddiHIiQkR35SjJAGnrNRj8ooUr/vKOBnFfuwJLA2MOUVPZ8
HWB+WXW8qhihw9CXa38Hdt4o5knMGRIyTWEF0TQDtRGQ6hisVBN3OxJRXBj7/QgC
G/GoYpweGKcsMU43p57TzbnXVVUytJsLFyexOGNzrUIxgDVPEvTUnNvdAihNZPdb
W3YdFkP9pdwOyDpQwebXELUx1kp4ql0laueex4L1v+0a6rDYQeK1gOq5UGY+THRS
gB2xsHl5zeryfgnjlUkUlxKuumz+9FI2fRtSpxmWllJkRF2oFMGRuLPGAWe8nHvf
gkuGVokCHAQQAQgABgUCVa0bowAKCRCVY0f2+/OkFWKREACZ9TOmzvY6mrfWVEdl
dcYPj8cU/1LJhGdbNo5YYMx+A72nchxGXepHA65OEK+f6rFMeZFPwpQPy6Sj3MhT
623H/PECfeG87WcLOyJbfc3i9T5jvxS+ztG6abYI2J/50oMvjUWdWkDX3VvdPc0Z
Z+KC+oHvx9a/9Yki48m4CEKglgVsrRW/b9AXZQCj07bB0GjQQtkqY/m1Z8m4ttzx
fO7OBo/jHNF2An4/4gUDirXNDj0UdB5FYFJaTEUCneIj2x0fk1r4u6na8tINhiZ0
M7IgjnDlBD5jwzvwG+3kYE6TnYp9Mfeg2MPC13tp7jrJatLLutrOzvmSVLGLXbkh
9w+v+vx7qO3TxZUNlFqTmYs+vI2V/9j7KYV7Ttoind6Io7X9ImnYrvd8JOyVcO38
67MplKnrnqHJvFStE+JcHEcw5aRw+WVmoFd/obGc34V3K62T977QQGOkrTYDEdje
KADfjXXZkZMZc0IvzLBOJ1XB45+PKqJYCcJJS8Xr55+NGCDaaUPWDpkNGIqmX2n9
kYROMKG6uWkZIqG0JlZkga3THSJIvLiy6uoOvDC4GoQ9JnTwpGv6r1Hwcg+4DCOr
YKOoPKMMU24vHx2FtRRUgCXtr2cmi2ymHlUrtz8EXS4tblic8lixcbvPUqLEvbJ2
gfWQvjXNd1whYE/wfvI9WBTEIokCHAQQAQgABgUCVa0b3wAKCRC8FzAbSRs/IQhX
EADiKbCnsN/+Plllxn6SQHACEU75ackx+Q02XiD/u+wUptYUGmJi4aaW9f6mgzed
OxYK4S+/dCiFtkcYlL+FjaR0C7G6tMjrDgW+8nQCTPUNQA0gX2B8n06a7Zmdv3Eb
V/PIJJwTNSBp/dqKbvPKnRquOOpH+ayZ3awKOq/LlWBErbW1gB+FabN0lCe0iUIQ
TF9OH3GC4QsMtIrePueBmVrVPcHATV2Vw9UPqX1uX/tlXm5eai06oVT7V0FwUbg0
o1eacblNXvHciHpe33zZIKkGBWwSjDVcU9/SN+U8GfoMYmyCma4iN3KaCklpzBkJ
iQZtNKPAB5KJti8LDUxFi2sJd3sqWaZDGFhO+/PKhBKpqIhAzx1ppd11zLgh0eg6
gQlXN8D8ELISRvQqGGNNZdChEFdzGElg5SMfmeEd37OaX4wceLLV0v7EA0doHMVo
0enFhSwU3YwtwxbiukKc7H/ylG7+jvntjY+z7KktRsY/FkklrbrNhddMBQMMSAQU
Uz1GJ+6NUKmzXjqxFuuh3OAhqNzhJyABZWQcNMph+rogEslkenwoHV9gWRWtS3CM
ybJkKkbsWpYhMZNY6hFtgCwida7NPs8369v+yTTE6TU/NIlXUKYIf2LMqtOpEBTj
aN3jKpUi5DeE3zBeh6iVKUrfCXbt8O0rYQPNWGSW+MZ2t4kCHAQQAQgABgUCVvA4
GwAKCRBE9G4UbQI5XfS9D/9XPK7jg0lmsNZ2sDIyeAw5n6ohSR5F20ocTMAVeXqN
7VkvJdNpIqHJa13EP408DgTy9BsSptym/OQGE6B82BU7FZTEL6eMHnGGDg+5ktx9
+b73xLedzK75ti6ED+QuA4kDYcvW8hASht0zRcmFUzwbtuEopJ1Lk1R3oFLwCAov
lhduC45nANWrTK5U+D1U2obl5PAvx+9mEfgvojlGH/C/WD74W+cQZFH7t4+muRza
mckLyPftnTxjNF/lpYIm7z0QOwvzBYj+PJ09wYueK00RE5+i9Ff8DrjtVSXsziQv
SjJuUlv0kVvM8r3th4zBBNRhA4cinwqxhgqO4G+r2r9Gv0M2nKKOnWmyF+MSIRnh
gONOQZe5a7kQxKVWkLicS2IGUpPeQyTWaqZzYXsD+Dm6DXD57vYTURtUkwO0CDON
zT5XiS1HG1MZrw+V/Jai4HAvpF5WkTJXPc1Lv75BxJj3wOAw4MzEWCCdr/N/dt5/
+ULpEaSQfIg4L4iEj6rvabQyN0KbOxIDx+pPQ81izfj36wIrDqhyCNIdmVH/yARl
tkL4XDEl/pt7Y3t6jqFhy057lektowClWcPeq3DoL0LFYnjNPpYvIjRIAXdhaYiA
u2ViF8WdGzQ5tFeI7u3PQUG5NcPe+WOPOru3wMMrUhLgLHkCdNkjivP79qIPSTkC
GYkCHAQQAQgABgUCVvA48gAKCRC3hu8lqKOJoLRMEACmlyePsyE5CH7JALOWPDjT
f+ERbn+JUTKF+QS0XyWclA/BIK8qmGWfgH38T9nocFnkw17D3GP8msv8ll+T4TzW
9Kz9+GCUJcHzdsWj99npyeqG5tw+VfJctIBjsnX3mf4N0idvNrkAG5olbpR5UdsY
Yz62HstLqxibOg4zWhTyYvO6CjnszZrRJk0TYZON4cXN14WYq2OTrMaElx0My8o1
qVBnK58pIRzv72PmvQqUk5ZjhUyp9gxjqqCJDz0hVK61ZuGP6iKK8KCLTfSxeat0
5LAbz8aC58qlg5DVktevHOjBgnTa8B7BgJ7bQ9PLMa3lF4H1eSiR9+8ecpzEfGHI
LoeIDIYH7z7J/S0mTgV3u5brOMYO+mE9CEfps85tVVoyJrIR8mGEdtE2YmdQpdFz
YIYvRfq9tnXZjVsAAsC20Smw0LnjhYzAt9QJwZ9pFMXUTg6lC5xT+6LNrEY+JR3w
C16q36bcbCNj0cBv1A3x6OI5OQfpexhLPDgoDiI+qozJIdj8MzJ8W6KU1Z3yb3dq
ACk77yv37rGO6uduSHnSti26c/cUIy6XZBbXBdobE9O3tr8hwvTQ1FXBmYnBrdiz
U6tgxEA5czRC9HOkdk6y6ocbjmONpF6MxkpJAvTMk7IqC2/hisbV9x4utla+7tmN
ZU137QGcaK2AGQablVAy4YkCHAQQAQgABgUCVvCMigAKCRCkhaDtUbi3xAU7D/9g
UPZSJ8pbZV9TLaKD57Bc7B78HNV/B438ib4dI33iihMTBHnCB1giPE9X54QoV8AS
xrO/xveS1kkj78jERqUcED6ZHhMLb9SWs6CxUKdMdgovnIlFUc+t05D5mb6STi+z
NihwO0JI+n79qhETy73WLpC7RR0aMx7zYcbqp3NWPptcf1kVGJZGx+QbEHfVye98
T5pkH5Wp+7LSlup6AldQT/oifxdGxLXbECTnwozRvyMpAaphoEHrET1YOmKnmw/J
yi6DLpTb3XvSf5Tntzr7HklCEcL9FvYCoHxiXWawLhuPhSyrFYeYtF1ypmzTgaJW
yuTZ8sN9J+y7Tbchk/I6FpX+3YoTgPCcC7hv1Krs803N/3KuyBEvhzg7NYRikzO3
fxXlBG0RMm+662E7KlERU24izbWhGiYwl34+MaxrIO4oDvF79LEN7y0+SjL4V0B9
689d+HI1ZfS9O1xkOlW6y0QyagOzsTOUF12s2mWydFmipbYnIwsSsu6Nzk3yO4M+
qYABJXJ3tIFQPTd7xqmPNlJ8mFtmzHDhb3Pv6sRNFLLujYM9cJpuNMbAHWdohz1b
jBT9pZQ3zWpll5wotUvGmJd6hTAXdUgmZ7lh7Uq6axClMmiLe1WYntcNpb04PyyE
m2+GU5x123UTiSX2LGKa4t+HNSM8nJL8BJiGk80xVIkCHAQQAQoABgUCVa0OAwAK
CRDDvTXkbdRdpVR+D/4/37e8WqKOHNPteQu42sj0ZOfcqyVMA9TQ578F0s9MwoQu
qfVhXGSWevOctuMv2qTBjBfFjkdPrKR5L4LNAgMsu1epHU0DPcRZUCbh1P7Gpolm
Z8KgnjT5Wpl1AcuOCaP08VMrt/e/JndTHp6btn6HsLVtryNhlL7oaeYbDr6/ovHN
GHVIVSZgGP9f4Y8FiDpyfKav71vYLBMxtzM7lc3eFT1S10XhSW6k+8S5XldYWkLD
riRXDE85C+9QndpOoQaIICp3ye3JVnUxa1qhvsYj9uPt1M6hKiBSoXdplrB+hQc+
nqLNN3jxpGdmGmwrjtjqMhocMIguEqgARJOek3XKOppEhu+IcnJgU4edARJNLsBa
uiVBWY/6mZOFlZq6H48tVyziS2n/oIpi+aCc/fQeGs9zMTtFUohPfYtTcy9PecXM
OYpSu4p4tQ07oucnxfBkRUgTdM5VwX7YwTcRwp9XhHACUEGBhrwMH8Iz+sK2jLF3
FhJGkef1vFs0vqSf4I8DBFkYAKF848YyEcGHeINQloi3v0Kr2PpBxlRh+GPWwi++
QPKXQFzlTiyVtMzoo/lpmAWUJwj0dbAbH/mohtvWtA1WPHC2JRZ52JLThhpDrK3t
//Jdt2WHE91cMx7/2B0PK4O8/j7UVlsOJXpVPsGX5SFCeTB/iS4JtIwWN275zIkC
MwQQAQgAHRYhBFnKni0qMx3iUaokJ18Dx2fCR6TVBQJZDvZCAAoJEF8Dx2fCR6TV
oGkQAIjqaQ7tpdhDJ6ORNtLIt0TsWg0jg2rpoq+9Au36+UYBMuBJ3Py/tAsZ3cqQ
lig7lJiQqOuQZkbg1vcY4Kdad7AGa8Kq3sLn8h2XUlNU90X0KAwdCTA/YXxODlfU
CD2hl4vJEoH/FZtfUsaLNHLmz0brKGrWvChq00j5bPfp90KYKqamGb3a4/LG4DHL
4lmEBtP++YA0YqUQ3laOvKune2YwSGe4nKRarZnFiIn2OnH9w0vKN/x9IMGEtc5M
bQVgGtmT5km3DUuXMDforshue6c7ao4nMOC96ajkWYZhybqHJgLOrEGPVUkOaEe7
s1kx4ye9Ph3w/LXEE8Y8VFiZorkA/8PTtx0M9hrCVkDp0w8YTzFJ9DFutrImuPT6
+mNIk+0NQeuDsv492m/JXGLw/LRl97TmHpKME+vDd5NBLo4OShlDKHwPszYcpSJT
G9+5++csR95al3tWnuGX9V0/dO1s7Mv0f/z07nLB/tL+hEpqqA5aRiGzdx/KOrPZ
uhCTyfA3b2wvOblwf4A/E1yO7uzPTuSWnx1E14iZuaCPyZPXEh3XSYCLEnQ05jy5
0uGXCDVR+xiE/5i/L3IxyhJk6zn5GOW5b8Taq5s/dFS3zWiFS6l0zQ1VQmJH8jdG
LoBFvdVLZoAa1bihLo+nJVPR2RauWnxWoWk1NQoT3l02Lk6DiQI4BBMBAgAiBQJV
qUAEAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBht7Um2Y8DU1CqD/9G
vr9Xu4uqsjDHRQWSfI0lqxElmFSRjF0awsPXzM7Q1rxV7dCxik4LeiOmpoVTOmqb
oo2/x5d938q7uPdYav2Q+RuNk2CG/LpXku9rgmTE7oszEqQliqKoXajUZ91rw19w
rTwYXLgLQvzM3CUAO+Z0yjjfza2Yc0ZtNN+3sF5VpGsT3Fb14aYZDaNg6yPFvkyx
p0B1lS4rwgL3lkeVQNHeAf0qqF9tBankGj3bgqK/5/YlTM2usb3x46bVBvwX2t4/
NnYM5hEnI57inwamX6SiMJc2e2QmBzAnVrXJETrDL1HOl4GUJ6hC4tL3Yw2d7515
BlSyRNkWhhdRp1/q9t1+ovSe48Ip2X2WF5/VA3ATfQhHKa3p+EkIV98VCMZ14x9K
IIeBwjyJyFBuvOEEIYZHdsAdqf1zYRtD6m6obcBrRiNfoNsYmNY4joDrVupI96ks
IxVpepXaZkQhplZ1mQ4eOdGtToIl1cb/4PibVgFnBgzrR4mQ27h4wzAwWdGweJZ/
tuGoqm3C6TwfIganajiPyKqsVFUkRsr9y12EDcfUCUq6D182t/AJ+qE0JIGO73tX
TdTbqPTgkyf2etnZQQZum3L7w41NvfxZfn+gLrUGDBXwqLjovDJvt8iZTPPyMTze
mOHuzf40Iq+9sf5V9PXZ/5X9+ymE3cTAbAk9MLd9fbkCDQRVqUD0ARAAr/Prvt+m
hVSPjNDPSDrTBVZ/7XLaUZvyIVggKa+snJoStrlJGTKKFgDVaYTOE3hP/+0fDdQh
97rjr4aRjd4hBbaNj0MzZdoSWYw3yT+/nidufmgPus0TIJMVO8I6rl3vgcfW/D3o
vNrLW/LjkTuM9a+p+D1J7woCfMSWiFMmOLPKFT7RBuY8edCVjyA6RP9K9Gj1sURS
eqNaHR9Gr4rW10s+FwUHWxxzbmIWqH0gApQYO6vyND5IMcKOBCWQU6Detuq1pQ6d
Uc+iF+sEz3Rk3C6d4WBBjtkVJSJ0KKan8Q3gJefOCMNhdRQDjZLwbzr4bgoAkLba
BFCjiZxWZ6HAdMfSCV8uZQrtMS7b0DUpY0vdH9Htl3JqOOkK9RorYDQBuPdkTYFI
NsmtWVsFV/LmR891mOF3fBRaoVoMeJVwiZyNlFY+dyWWFzLp+GoTLcQtmuR7OkmO
cBGxWSKPcZfPqhf4dVQud7bDR2RNfJ1Hqa5kj8Z422sseYDwHf/T9OWWYvLwKGZh
lUgpnzO3WCGrd/6EVNeC1mKXt4F7BmADov4Rdcrp1mPXiVt7oIxLaS6eBNf2y1TW
zjYj5ZFuKqIukDEJfqpwsE5asnCw56nae+7luGs8em1J9GEXhWzXG15UVyQJaFwu
B1iL8l7VcEQz4ABVrSTUWLLAKDsyqUbq2gsAEQEAAYkERAQYAQIADwUCValA9AIb
AgUJA8JnAAIpCRBht7Um2Y8DU8FdIAQZAQIABgUCValA9AAKCRAcacTlXpkF2y/F
D/oDrZm143Rv9NV9InnVJ0brpqbB7aulFfhR1LDuJ/GjeqGAQgJCZdHlzT2pfCXX
swUlYzcWEatvGcDkoaB5Ya2qs+6nhBk8pT6XYRrZAtIlKIGrlCqoSBm9HXguGv+E
IaEECr2z/Funx9so0mP+5aJn65M9u3lPmuAonj6DcHoM07WsfsXvQ4ut3fabFmzi
lLGeAdEDKIw8Hn3JBUOxUyFrQlOoL4/3qK1TO+cidz/2bATQQyIG2kNOSgHBslU+
e6/7sWOQ4ufmzm7dEsf197zPXGdXR88LT+d2uU2K4GkCffNUKxZqy9bXxXPwr4JB
jxLDQnDvl50GAWjPZAwXEd8Okwl5+8xp0HuZ217WUqT8ib0oUUfwh2H1vrMPRr/4
6i6O6THpCkV8BWF7axPYIibaeYwC4BkjZwK3tIL5ESf2f0xK4hbE3xhMTeqABQHo
Xd5rQ7SEaUuX7PlQ59fRs0Cz55vH8/o9zMm0PN6qmZFvRBeqjnklZcu+ZdP9+CMX
t81NMuzIK1X7EfpkUoam8YkYkwcCkRvPZrSHLXZFkfnx4jW543dPOfycjnv6hhKy
oXD9CBx0ZcOicsYmw9XMilBGD3b8ZdK6RYX4ywKNU6KUdFJjXB88+Ynv6QxDit1e
mMCHA1glzV9/k36iYLEIqgWBiwJeUUIcUqzgnBFtN13cyS6oEACUGUiPKbw3IkgG
W19ZyS6FBNfgGIGW0Y82Br0KlCyaXnX0R4+4u2h7kfR9NSnhRhsvRnPIkiZATa7D
+Ew1nfpsDTnti0c6g/gVw9TC/rCyXkkLztRHVcWEBdvnFJTSp2LeFaHSGbvvZfoI
GUzyUzoa1P98NmRIY1cxBoizVf8729/zAaD4fAslxoK/JsjjDvDUrRHtaNZmUle6
0Jl/yFFzR3zxb+pJliigoP2rZLt+ipomHJIhoXXWwfkRO9U/egJ8ZUhWEpZvROna
Nc9eVct5EBADxL7gHWjlceIz4ndI1eE9AdEZDdUZwOfjmK2DcXjFBfZC+jhJXjY0
xh3pPKQz90h9DIkM5WDcJPf6ep+MKSd/3hI2/JmmscQ+alwN6x6g8zDySMo3APA9
cUvEFGe0+CepVcNw03jU4faSrHiMXsUuVGbA2kHaYVUfzF5W5GbuHZZlGxoSiq+K
+HNG0RJUDa6bkSDvrcJVNw1iUrowP+LLwnNsy5kGuU4evnwcoN1w7LVbTPaq4RIa
iqvAD33kiA9q//UNKnK4k81z+hRNaWGliyGpgqh+V7MDIqPfT5TMLdH+ZjTeuLrN
S8KBcc2BmUpSwzdUReTqHmgO5peeIcsvO7GNMFWsgucZiAdIVE/zQv+SfP6jhS+r
jCPs0eeu5zl8/V+gXFE2wy3jTJEl9bkCDQRZS9m1ARAAvh1Nh4GgjpTFZy7uQRFz
5PPXdZTBI+Y4hTpF2heoFzZDI6SLyz64Ooglum3ZglQ9ac+ChTSsO36aw4b22kCM
9WDmkcl7wf21fG9o8gJDVjFjDWbwTWREaKjgS6s/Yb8f9gje/BGySojxynTi3zyT
UN94q9dhVjfiQ79UzXZdN9FyyIx2YO5tOo09hTWSZg16oxP47Mj1ATaS6UIrQMcM
nOp0kuc6SufXPSWsUA+g2lW0dmHgPvIHwUfcjWqT2elF01e9KOFe7im29G6zOS2M
Rx8cr6KRg/eNWpHh5aI4quRUhYk4Kw4ohQTbs9ed0YttS4PMK+sq6xHpb28X6Zgr
WnelPY9hfwcR4m7Ot3VQUG8JY9/aTlFCoeTgkhop+MCUI+dJeY8depIa0PTzdEmE
WRvPhTTv+CUdZ6v4z5LD6FhP+/5c6FCbcIb89Rp5fa53oYV5/KZf+0DUVgmpXFU7
J7ZrGgDeU7vIzmwr8kcx0vtsVm1dVwYLACpTaaQPbISQUDM8sEcqKAqD7hWKaxNs
b2M85L6q2/rnHq4g46yJzdR3b8EH+V9u+mUi9DIljDwcpvw7ReRQ9wPdDWLynngl
IeGImbjYfr324yaIl4vNORAkbsoCkS/qc5v6MvKvYNle5fzb9S9kCbNZmD9c5/bH
Pjj9ENeQvzrl2pFh6dc1o5cAEQEAAYkEcgQYAQgAJhYhBBTyZoLQkWzdgeN7bWG3
tSbZjwNTBQJZS9m1AhsCBQkDwmcAAkAJEGG3tSbZjwNTwXQgBBkBCAAdFiEE3OrF
2WE1uRxOpnKru769uyTG81UFAllL2bUACgkQu769uyTG81UFUw//bW5T7w2k8ukG
fpIcm0gB98VgxKenSCmU6N+Ii0DwcNtzW+pmVWl2TbHIXDpvuD69ODWBDMXu6gBk
rVzNEsK3uhzGe0tWA+5I7Vke3iEkbll7VRQlIOrw+n5NMvjeuDqKsMt1gMEEdgRK
ddYApEAi49vV7XnqkB2lLKfAnf6o/KqPm8MuQ+u0xYanupZCldwdpcx5rybj79Es
0iO9Gh/+3qOtR6ubOz3Vn78Lc3y6AP9pmtdOI2QX8foGK4hNmgHSP6uPLh/ERC9N
ir0Lc2hoEhHEkQ8CnEaccp70r03VkEQuMJQJPUyRsGZ/gIm0SAm9JJxWHXJk2/5N
UN83pHAX0LA4zxtWs4fVW5f8v9eIhFFPTZ4au+/cS9D4GFx4mlY34awcpAzrny2t
ntGEejY9HSJv4PuFZCmtyS2q61N9EU8yuBwVM9cp5HntzG+OT4HYugtI6ibehM0S
1Roy4ETwT+Ns41ffhCwdYMp8tzdeksQ35s7rkB9OJHj+q2dkGaV0FQb3FutbSpxb
P4zk/dLqyxuivdUPHGtf4W/qklxzCWBg0VDFA7PwatmEXRxTjx77RelTY0V7K54d
DyVv3Jh2+FzuaQZzzuIhv4gtqHntaqLnYl3h/QNLbOTE3ppvn9RUSR983Bd+M3Qh
bbwZrgG1m+hdUZUmji+wbK0wV0xHNEH+4BAAjbVzdNOs7hMvjY1wVDRFjvICVorN
dNdU3ELy/9BAoiwOs2+zjDXmsX+3YtdzwKvdpQ24O0TvH4Vo3BkvKkJ75EU7LroA
bYQ2423m1MY3eaBslmX7TUJ3XE+k7OZF8AmcftgP4nhC4IQSCtoBc9+ncyGN4da1
BpYO7b19tO0/HST8GHSrEcU9bGGdimS2eNkSgybA8wF6K0K9yvrpTNSZ7OBVlzQf
En8s70Gyzs/d6C/rTA+defnv3AMaciuINSEdFyfYq4wjt5PikvgceMAAkH/z69xT
Ng+6q3FQt/lyK7xX5qPMe2oFyDA1H+Cb/uL7ioo+jXh9gF+0fk8OP2IPzxYhBful
pVtgclmOuaekzaKeIv8NFW7GoA9OghziExePxg95OpL/VyQ7PJiAUj1pFovFk5HS
6ejVZNEGJ/A5zLc1PBIcr/phu0luqhXAhImsZS6858GWQllWULNWw8bX5Blo8Avc
fFVdq9iAK7aHN7g45ZR7Ze6qKHDyFv4XWuE/rj9C2mM/GAstvU0gGmbo6B1mNGMJ
uX3Gd3dG8fqFjE77OB2feJyfZ8UeF1nvG1hxlmuD1A5e6/osO9V7kjhXKzM2zSO1
1zHQ/5PlUisoUBjJ/QIK4v9RBNGtbRKso5X9Fke692lVgrdggDJ3j2QqMuTo71rA
VDLtxerc+GNq0GK5Ag0EXPA56gEQAK3x5otbuNfefm1BD4gJ4Y4EhVvMCdeUf1uN
1OqiWUz6KLCR2UE00QaS7v65D11Oh96bpxtJRe6HmQk0vLm1QgbigZku+kCMt0c/
zOyWBOCVDKahZJu/ayzimrzGgNunoTnV2SjCTIVK4QtkowUeA+Ilt9hfFCZvASIW
Eazj7bWXC0ji1U73OzVdvMkP1e2ibGRxhp494HGkj0metYhQq3vQk9mL9BzE8wba
yL9iK2cJVqZxXDxauL5bswAlbdLI2MlSrH9wg6Jvy91lXG91ZEhmZ2RaQU7q+/gi
i0QEJ+W3pwPQQjLciOfecMN/n2/vCl1ZeJ2PNWMoXQXyNSJfpL9m4TPiW92i2kKA
kaEOZ2LilUJhuZKEpt9+BxIn8FafjAI4co8D5cHvnPM+PXt1xZHwP0Yz+yC6wnLZ
9scNw50AM/Kcpbc6TUIQ0kPHsNMPCbZ89Ey63i61IvUUxKXvMENFptw+vWfD7MRG
OZKObdH3VrKtD1QqU//g/xeSGNzcUVatFDVDv9KWRSatOpKi5Bw6iUYxrYQ02Co1
45jugTnGc+zrhMsDND3Prq7R0dMw4MBLUDoLSXrous9VgahAsOQztZCfvPOcV2cp
Haew85SLSYx3Ksb/raIBG02+4XjF2xQCgIq2LfA6xdG5SGJd6Lg3ip2vwhogQgWB
gQoq1qrPABEBAAGJBHIEGAEKACYWIQQU8maC0JFs3YHje21ht7Um2Y8DUwUCXPA5
6gIbAgUJA8JnAAJACRBht7Um2Y8DU8F0IAQZAQoAHRYhBAl7MTB3rmKgL4TaTfGm
Zo+7fVcuBQJc8DnqAAoJEPGmZo+7fVcuilAQAIq/yZi3hoxzSgDblQlcxGKDaVck
Oo5kFRK8UWby3peB0bTMV3MWjiCqmN7ryQ3K3126G84yxXCTNSv7kOLsVxy+DBx5
TdfmeBamdX8ZxeDv2bm+KKlZR0FGjJn3SiLgPkrp+GWazOZbKIPsoOuN20h0aeMC
6mvO2Rz8kGUjCWa7/jQnINHkN/GnbnoOXOwn8cfwtt2Mkb8XRe+1lTBwd59ruYNe
0hazOwygmcSgvM6Rm8nXeuElxMdVAiYKXJLej34+ToNN/LgB3TD72cXStmn7z8Zd
kaKV+f81cyPR6Vi7laLIIGpquBGSsel5s0pb2PFFxrTZoNLZit/x2Wx47V30Vdk8
4FYjENEb75OpGEErwVRbTQOKREOutXlGwiJe2C1Gof6HCScTfeLybz8ooLn+lSXc
B/l/68wqxPezWYxfbMD42YtTEkJcvPvRaouhKEjxASP5EuT3K6T3tujsqg1K/rE3
Bei0krOnTxUCdU1f9B12ZXpntKehwSz5LpnQvr2wR98yBRoKQfT2Yi3XK7QNp46X
t8zaIPdVw7qMn3gODyiWSEGCtkRF7exdHZ9yIW2yofFhz3M/tjIvu89tRDwGiDER
8hBk8Z2mcbmlMzQ1Jf+aCQ5YjZUkUN7+s4VN1OT7yYpWcV1pR8cDjyoh5LRXTMwt
3g5mStiVbeIq9mmzogAQAJq6KK9Z28q8mAozKLd++JxefiovydXVfqWY4GoOfhtv
Q3Sa2mKpd+8b3nT7b2twIlKPqpIxWPxke7BWS2sShZfqWkltbAR1SH7fkOeN8Y5g
3yBbxvHQJ/KoTHnRb74MrlaP4v4MvuOAn+Xt0wrEt2OKOSD6/jIjnXqfNFuvHfHv
tTyf4fVX1sesN9JwRKevc+1ZLjN7jIOuv1en5grwDtGQhy0fZOjISLGKfy6299rn
p0alRqLuAhFn7Ru1ZjQVfqD9VEfDCEsjNOxoW95Aa7MVtdoaQ6FEBKK0q1tCjZ8P
f2oAyLGQo5y030D+cDd1lTwGUmPvbnz4/fqNAM6KWvZjtGVNJNlLlpd4A9vAgvAo
I1wONXSR56sZKqJXbOSIfS8AlzFWiSf6IyPpU5ozVHLGySAVqtrRW3ci4COeKsRL
85W4iSGCl5uYZcE9weotakUO0R0u/pi07BJwTR5hvn9IDdeyYreqDMQDMF9yHCXg
+oCGJAB/+1vHkSABRsWbCERyB33ExjnDr7z/kWOhfAdiZ1+MpP2IPtDEXcufKayS
gpBAZYEeLAmNoDwtg+milSD3B7TTM11IY1e/Utq70Az/8BOK6wfyIsmPfeh9CHoW
+JAbpbdOUs+rH+gjHE2Pls8BDLp1EoHVPGVavhfSlRbG6oF45s+gdL2PTKzEo+u7
=xFcH
-----END PGP PUBLIC KEY BLOCK-----

Planet MozillaExtensions in Firefox 68

In Firefox 68, we are introducing a new API and some enhancements to webRequest and private browsing. We’ve also fixed a few issues in order to improve compatibility and resolve issues developers were having with Firefox.

Captivating Add-ons

At airports and cafés you may have seen Firefox asking you to log in to the network before you can access the internet. In Firefox 68, you can make use of this information in an extension. The new captive portal API will assist you in making sure your add-on works gracefully when locked behind a captive portal.

For example, you could hold off your requests until network access is available again. If you have been using other techniques for detecting captive portals, we encourage you to switch to this API so your extension uses the same logic as Firefox.

Here is an example of how to use this API:

(async function() {
  // The current portal state, one of `unknown`, `not_captive`, `unlocked_portal`, `locked_portal`.
  let state = await browser.captivePortal.getState();

  // Get the duration since the captive portal state was last checked
  let lastChecked = await browser.captivePortal.getLastChecked();

  console.log(`The captive portal has been ${state} since at least ${lastChecked} milliseconds`);

  browser.captivePortal.onStateChanged.addListener((details) => {
    console.log("Captive portal state is: " + details.state);
  });

  browser.captivePortal.onConnectivityAvailable.addListener((status) => {
    // status can be "captive" in an (unlocked) captive portal, or "clear" if we are in the open
    console.log("Internet connectivity is available: " + status);
  });
})();

Note: if you use this API, be sure to add the captivePortal permission to your manifest.

Private and contained

We’ve made a few additions to the webRequest API to better support private browsing mode. You can now limit your webRequests to only include requests from private browsing mode. If instead you are interested in both types of requests it is now possible to differentiate them in the webRequest listener.

To improve the integration of containers, we’ve also added the container ID (cookieStoreId) to the webRequest listener.

Proxy new and proxy old

The two additional fields mentioned in the previous section are also available in the details object passed to the proxy.onRequest listener.

At the same time, we’d like to make you aware that we are deprecating the proxy.register, proxy.unregister and proxy.onProxyError APIs. As an alternative, you can use the proxy.onRequest API to determine how requests will be handled, and proxy.onError to handle failures. If your extension is using these APIs you will see a warning in the console. These APIs will ultimately be removed in Firefox 71, to be released on December 10th, 2019.

Timing is everything

We’ve changed the timing of tabs.duplicate for better compatibility with Chrome. The promise is now resolved immediately, before the duplicated tab finished loading. If you have been relying on this promise for a completed duplicated tab in Firefox, please adjust your code and make use of the tabs.onUpdated listener.

Miscellaneous

    • Since extensions cannot add bookmarks to the root folder, we’ve improved the error message you get when you try.
    • If you’ve been trying to remove indexedDB data via browser.browsingData.remove({}, { indexedDB: true }); and it failed in some cases, we’ve fixed this on our end now.
    • Removing cookies for IPv6 addresses has been fixed.
    • Fixes an issue when setting cookies with an IP address in the domain field, along with the url field being set.
    • Hard-to-debug performance issues using webRequest.onBeforeRequest with requestBody during large uploads have been solved.
    • An issue with identity.launchWebAuthFlow hanging after authentication has been resolved.
    • storage.onChanged is now fired when values are removed.

Thank You

We’ve had a great amount of support from the community. I’d like to thank everyone who has taken part, but especially our volunteer contributors Jan Henning, Myeongjun Go, Oriol Brufau, Mélanie Chauvel, violet.bugreport and Piro. If you are interested in contributing to the WebExtensions ecosystem, please take a look at our wiki.

The post Extensions in Firefox 68 appeared first on Mozilla Add-ons Blog.

Planet WebKitRelease Notes for Safari Technology Preview 85

Safari Technology Preview Release 85 is now available for download for macOS Catalina betas and macOS Mojave. If you already have Safari Technology Preview installed, you can update in the Software Update pane of System Preferences on macOS.

This release covers WebKit revisions 245618-246093.

Web Authentication

  • Added support for Attestation Conveyance Preference (r245638)

Pointer Events

  • Updated to ensure that capturing data managed by the PointerCaptureController gets cleared upon navigation (r245809, r246031)
  • Changed compatibility mouse events to be able to be prevented while the pointer is pressed (r245699)
  • Exposed navigator.maxTouchPoints (r246070)
  • Changed to only allow pointer capture if the pointer is in the active buttons state (r246074)
  • Changed to not prevent mouseover, mouseout, mouseenter, and mouseleave events while the pointer is down (r245695)
  • Changed toElement and fromElement on PointerEvent to be null (r245867)
  • Changed mouseenter and pointerenter events to be fired from the bottom up (r246061)

Editing

  • Fixed inserting a newline in contenteditable add one character, not two (r245912, r245980)

Media

  • Added an option to mute audio capture automatically when page is not visible (r246002)
  • Allowed for resizing camera video feeds to very small resolutions (r246049)
  • Fixed createAnswer() SDP Rejected by setLocalDescription() (r245829)
  • Fixed playing one video at a time for multiple videos with audio, and the autoplay and playinline attributes (r245712)
  • Changed to hide MediaCapabilities.encodingInfo() when the platform does not support it. (r245636)

CSS

  • Changed precedence for min-width to always win over max-width (r245966)
  • Fixed font-optical-sizing to apply the correct variation value (r245672)
  • Updated to include searching sub-selectors when determining the property whitelist for selector (r245664)
  • Updated to preserve CSS Grid repeat() notation when serializing declared values (r245798)

Web API

  • Fixed bounding client rect for an inline element in Intersection Observer (r245642)
  • Implemented feature policy self, none, and * parsing (r245625)
  • Implemented imagesrcset and imagesizes attributes on link rel=preload (r246045)
  • Implemented Promise.allSettled (r245869)
  • Fixed programmatic scroll in right-to-left overflow with async scrolling enabled (r245771)
  • Added support for preferred presentation size when pasting an image (r245637)
  • Made the computed width of non-replaced inline return computed style (r245768)

JavaScript

  • Implemented support for Numeric Separators (r245655)
  • Implemented opwide16 and opwide32 and introduced 16-bit version bytecode (r245906)
  • Fixed InferredValue to not be a JSCell (r246073)
  • Reduced metadata footprint (r245658)
  • Changed createListFromArrayLike to throw a type error if the value is not an object (r245675)

WebAssembly

  • Added support for anyref in globals (r245765)

Web GPU

  • Updated vertex buffers and Input State API (r245905)

WHLSL

  • Enforced variable lifetimes (r245945)
  • Implemented property resolver (r245680, r245722)
  • Improved the speed of parsing and lexing the standard library (r246052)

Web Inspector

  • Exposed a way to get the current Audit version from within an Audit (r245909)
  • Allowed arbitrary JSON data to be returned as part of the result of an Audit (r245914)
  • Changed CSS modifications to be shared for rules that match multiple elements (r245991)
  • Updated the debugger navigation sidebar to always reveal the active call frame when hitting a breakpoint (r246026)
  • Moved the overlay rulers to the opposite vertical or horizontal side if they intersect the highlighted nodes so that no content is obstructed (r245728)
  • Added a setting to show overlay rulers and guides whenever element selection is enabled (r245730)

Planet MozillaSocorro: May 2019 happenings

Summary

Socorro is the crash ingestion pipeline for Mozilla's products like Firefox. When Firefox crashes, the crash reporter collects data about the crash, generates a crash report, and submits that report to Socorro. Socorro saves the crash report, processes it, and provides an interface for aggregating, searching, and looking at crash reports.

This blog post summarizes Socorro activities in May.

Read more… (5 min remaining to read)

Planet MozillaA Firefox browser extension promoting quality online content?

We are excited to announce the launch of the “What’s your idea for a Firefox extension for promoting credible content?”, a competition sponsored by Mozilla and posted to MindSumo, the world’s largest crowdsourcing community of Millennial and GenZ solvers. The goal of the competition is to create an extension (or other browser technology solution) to help internet users identify credible voices and credible sources of information online.

<figure></figure>

The Problems Plaguing the Internet of Today

Imagine the internet that is a place where meaningful and credible content is easily found. A place where everyone feels safe, empowered, and accurately informed.

Is this the internet we’re having today? Unfortunately, not. Today’s internet is unsavory mix of intrusive advertising, misinformation, and toxic social media full of offensive language, harassment, and harmful content. The problems plaguing the web are magnified by the economy that benefits from engagement of the most extreme and attention-grabbing material. Instead of improving a civil, informed online discourse, the internet of today is degrading it.

Solutions to the internet problems exist. Interestingly enough, they are owned by the large tech companies that allowed the problems grow and fester. However, the tech giants are reluctant to implement these solutions because doing so may negatively affect their bottom lines.

Mozilla is a recognized leader in the field of online Privacy & Security. Our commitment to the open and human internet anchored in the Mozilla Manifesto is solidified by our unwavering desire to put people before profits. This commitment was on display again recently with Mozilla’s launch of Enhanced Tracking Protection that blocks third-party tracking cookies by default.

Removing “Bad” Content or Promoting a Quality One?

Ensuring safe internet browsing is only part of Mozilla’s efforts to protect its users; equally important is fighting online harassment. Two general approaches can be considered here. The first is to design online tools to remove or filter “bad” content. However, serious doubts have been expressed whether this approach is technically feasible at all. Besides, this approach is also threatening free expression and the open internet ecosystem.

Instead of asking how we can filter hateful and misleading content, we’re asking: How can browser technology amplify credible and quality content and conversations?

As part of this new paradigm, we’ve launched a crowdsourcing challenge to identify approaches to using Firefox extensions or other browser technology solutions to find and promote credible sources of information online. (For a primer to technological approaches to access credibility online, see this report.)

How to Participate

The challenge was posted to the MindSumo platform, the world’s largest crowdsourcing community of Millennial and GenZ solvers. The competition will run until July 7 and the submitted proposals will be evaluated by the members of Mozilla’s Privacy & Security and Product Management teams. Up to $1,600 in prizes will be awarded to the best proposals.

The challenge is open to everyone (except for Mozilla employees and their families), and we especially encourage members of Mozilla’s communities to take part in it.


A Firefox browser extension promoting quality online content? was originally published in Mozilla Open Innovation on Medium, where people are continuing the conversation by highlighting and responding to this story.

Planet MozillaFirefox: The Evolution Of A Brand

Consider the fox. It’s known for being quick, clever, and untamed — attributes easily applied to its mythical cousin, the “Firefox” of browser fame. Well, Firefox has another trait not found in earthly foxes: stretchiness. (Just look how it circumnavigates the globe.) That fabled flexibility now enables Firefox to adapt once again to a changing environment.

The “Firefox” you’ve always known as a browser is stretching to cover a family of products and services united by putting you and your privacy first. Firefox is a browser AND an encrypted service to send huge files. It’s an easy way to protect your passwords on every device AND an early warning if your email has been part of a data breach. Safe, private, eye-opening. That’s just the beginning of the new Firefox family.

Now Firefox has a new look to support its evolving product line. Today we’re introducing the Firefox parent brand — an icon representing the entire family of products. When you see it, it’s your invitation to join Firefox and gain access to everything we have to offer. That includes the famous Firefox Browser icon  for desktop and mobile, and even that icon is getting an update to be rolled out this fall.

Here’s a peek behind the curtain of how the new brand look was born:

Design beyond identity.

This update is about more than logos. The Firefox design system includes everything we need to make product and web experiences today and long into the future.

  • A new color palette that expands the range of possibilities and makes distinctive gradients possible.

  • A new shape system derived from the geometry of the product logos that makes beautiful background patterns, spot illustrations, motion graphics and pictograms.

  • A modern typeface for product marks with a rounded feel that echoes our icons.

  • An emphasis on accessible color and type standards to make the brand open to everyone. Button colors signal common actions within products and web experiences.

Meaning beyond design.

Privacy is woven into every Firefox brand experience. With each release, our products will continue to add features that protect you and alert you to risks. Unlike Big Tech companies that claim to offer privacy but still use you and your data, with us you know where you stand. Everything Firefox is backed by our Personal Data Promise: Take Less, Keep It Safe, No Secrets.

The brand system is built on four pillars, present in everything we make and do:

Radical. It’s a radical act to be optimistic about the future of the internet. It’s a radical act to serve others before ourselves. We disrupt the status quo because it’s the right thing to do.

Kind. We want what’s best for the internet and for the world. So we lead by example. Build better products. Start conversations, Partner, collaborate, educate and inform. Our empathy extends to everybody.

Open. Open-minded. Open-hearted. Open source. An open book. We make transparency and a global perspective integral to our brand, speaking many languages and striving to reflect all vantage points.

Opinionated. Our products prove that we are driven by strong convictions. Now we’re giving voice to our point of view. While others can speak only to settings, we ground everything in our ethos.

The end of the beginning

The Firefox brand exploration began more than 18 months ago, and along the way we tapped into many talents. Michael Johnson of Johnson Banks provided early inspiration while working on the Mozilla brand identity. Jon Hicks, the designer behind the original Firefox browser logo, was full of breathtaking design and wise advice. Michael Chu of Ramotion was the driving force behind the new parent brand and system icons.

We worked across internal brand, marketing, and product teams to reach a consistent brand system for our users. Three members of our cross-org team have since moved on to new adventures: Madhava Enros, Yuliya Gorlovetsky, and Vince Joy. Along with Mozilla team members Liza Ruzer, Stephen Horlander, Natalie Linden, and Sean Martell, they formed the core working team.

Finally, we’re grateful to everyone who has commented on this blog with your passionate opinions, critiques, words of encouragement, and unique points of view.

Tell us. We can take it.

As a living brand, Firefox will never be done. It will continue to evolve as we change and the world changes around us. We have to stretch our brand guidelines even further in the months ahead, so we’re interested in hearing your reaction to what we’ve done so far. Feel free to let us know in the comments below. Thanks for being with us on this journey, and please stay tuned for more.

The post Firefox: The Evolution Of A Brand appeared first on Mozilla Open Design.

Planet Mozillareact-content-marker Released – Marking Content with React

Last year, in a React side-project, I had to replace some content in a string with HTML markup. That is not a trivial thing to do with React, as you can't just put HTML as string in your content, unless you want to use dangerouslySetInnerHtml — which I don't. So, I hacked a little code to smartly split my string into an array of sub-strings and DOM elements.

More recently, while working on Translate.Next — the rewrite of Pontoon's translate page to React — I stumbled upon the same problem. After looking around the Web for a tool that would solve it, and coming up short handed, I decided to write my own and make it a library.

Introducing react-content-marker v1.0

react-content-marker is a library for React to mark content in a string based on rules. These rules can be simple strings or regular expressions. Let's look at an example.

Say you have a blob of text, and you want to make the numbers in that text more visible, for example by making them bold.

const content = 'The fellowship had 4 Hobbits but only 1 Dwarf.';

Matching numbers can be done with a simple regex: /(\d+)/. If we turn that into a parser:

const parser = {
    rule: /(\d+)/,
    tag: x => <strong>{ x }</strong>,
};

We can now use that parser to create a content marker, and use it to enhance our content:

import createMarker from 'react-content-marker';
const Marker = createMarker([parser]);
render(<Marker>{ content }</Marker>);

This will show:

The fellowship had 4 Hobbits but only 1 Dwarf.

Hurray!

Advanced usage

Passing parsers

The first thing to note is that you can pass any number of parsers to the createMarker function, and they will all be called in turn. The order of the parsers is very important though, because content that has already been marked will not be parsed again. Let's look at another example.

Say you have a rule that matches content between brackets: /({.*})/, and a rule that matches content between brackets that contain only capital letters: /({[A-W]+})/. Now let's say you are marking this content: I have {CATCOUNT} cats. Whichever rule you passed first will match the content between brackets, and the second rule will not apply. You thus need to make sure that your rules are ordered so that the most important ones come first. Generally, that means you want to have the more specific rules first.

The reason why this happens is that, behind the scene, the matched content is turned into a DOM element, and parsers ignore non-string content. With the previous example, the initial string, I have {CATCOUNT} cats, would be turned into ['I have ', &lt;mark>{CATCOUNT}&lt;/mark>, ' cats'] after the first parser is called. The second one then only looks at 'I have ' and ' cats', which do not match.

Using regex

The second important thing to know relates to regex. You might have noticed that I put parentheses in my examples above: they are required for the algorithm to capture content. But that also gives you more flexibility: you can use a regex that matches some content that you do not want to mark. Let's say you want to match only the name of someone who's being greeted, with this rule: /hello (\w+)/i. Applying it to Hello Adrian will only mark the Adrian part of that content.

Sometimes, however, you need to use more complex regex that include several groups of parentheses. When that's the case, by default react-content-marker will mark the content of the last non-null capturing group. In such cases, you can add a matchIndex number to your parser: that index will be used to select the capture group to mark.

Here's a simple example:

const parser = {
    rule: /(hello (world|folks))/i,
    tag: x => <b>{ x }</b>,
};

Applying this rule to Hello World will show: Hello World. If we want to, instead, make the whole match bold, we'll have to use matchIndex:

const parser = {
    rule: /(hello (world|folks))/i,
    matchIndex: 0,
    tag: x => <b>{ x }</b>,
};

Now our entire string will correctly be made bold: Hello World.

Advanced example

If you're interested in looking at an advanced usage example of this library, I recommend you check out how we use in Pontoon, Mozilla's localization platform. We have a long list of parsers there, and they have a lot of edge-cases.

Installation and stuff

react-content-marker is available on npm, so you can easily install it with your favorite javascript package manager:

npm install -D react-content-marker
# or
yarn add react-content-marker

The code is released under the BSD 3-Clause License, and is available on github. If you hit any problems with it, or have a use case that is not covered, please file an issue. And of course, you are always welcome to contribute a patch!

I hope this is useful to someone out there. It has been for me at least, on Pontoon and on several React-based side-projects. I like how flexible it is, and I believe it does more than any other similar tools I could find around the Web.

Planet MozillaFirefox 68 Beta 10 Testday, June 14th

Hello Mozillians,

We are happy to let you know that Friday, June 14th we are organizing Firefox 68 Beta 10 Testday. We’ll be focusing our testing on: Sync & Firefox Account and Browser notifications & prompts.

Check out the detailed instructions via this etherpad.

No previous testing experience is required, so feel free to join us on #qa IRC channel where our moderators will offer you guidance and answer your questions.

Join us and help us make Firefox better!

See you on Friday! 🙂

Planet MozillaIt’s time for the US Senate to Save the Net

On the one year anniversary of the Federal Communications Commission’s repeal of net neutrality, Mozilla is joining millions of people across the internet to once again stand up to protect the open internet.

When the FCC gutted net neutrality protections last year, we filed our lawsuit because we believed that repeal was unlawful. We also believed taking on the FCC was the right thing to do for the future of the internet and everyone who uses it.

Until the Senate listens to the American people and protects the open Internet, Mozilla v. FCC continues to be net neutrality’s best hope.

But it’s time our Senators do what they were elected to do – represent their constituents, and pass net neutrality legislation that has overwhelming support and protects Americans. With a victory in the courts, or bipartisan legislation, we can ensure that people – and not big cable and telephone companies – get to choose what they see and do online.

 

The post It’s time for the US Senate to Save the Net appeared first on Open Policy & Advocacy.

Planet MozillaThis Week in Rust 290

Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.

Updates from Rust Community

News & Blog Posts

Crate of the Week

This week's crate is uom, Units of measurement is a crate that does automatic type-safe zero-cost dimensional analysis. Thanks to ehsanmok for the suggestion!

Submit your suggestions and votes for next week!

Call for Participation

Always wanted to contribute to open-source projects but didn't know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

Some of these tasks may also have mentors available, visit the task page for more information.

If you are a Rust project owner and are looking for contributors, please submit tasks here.

Updates from Rust Core

242 pull requests were merged in the last week

Approved RFCs

Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

No RFCs were approved this week.

Final Comment Period

Every week the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.

RFCs
Tracking Issues & PRs

New RFCs

Upcoming Events

Asia Pacific
Europe
North America

If you are running a Rust event please add it to the calendar to get it mentioned here. Please remember to add a link to the event too. Email the Rust Community Team for access.

Rust Jobs

Tweet us at @ThisWeekInRust to get your job offers listed here!

Quote of the Week

No quote was selected for QotW.

Please submit quotes and vote for next week!

This Week in Rust is edited by: nasa42, llogiq, and Flavsditz.

Discuss on r/rust.

Planet MozillaThese Weeks in Firefox: Issue 59

Highlights

  • Integrated add-on abuse reporting landed in Firefox 68
    • You need to enable the HTML-based about:addons by setting extensions.htmlaboutaddons.enabled to true in about:config
    • The abuse reporting UI can be enabled by setting extensions.abuseReport.enabled to true in about:config
  • Work on the new login manager UI is progressing well
    • To see it go to about:config and set signon.management.page.enabled to true
    • Then load about:logins (will need to set the pref before loading the page)
    • Initial password generation code has also landed
      • WIP UI that only works on autocomplete=”new-password” fields
        • This is very early in the project so there is no additional attempt to save the generated password.
        • www.facebook.com is a good test page.
      • Enable both prefs to test the feature:
        • signon.generation.enabled is the user pref to enable/disable the feature from about:preferences (UI not implemented yet).
        • signon.generation.available controls whether the feature is available for users (e.g. if the about:preferences UI should show in the future).
  • The DevTools Inspector color picker widget just got a bit of a re-design. Thanks Maliha Islam [:maliha] for pushing this over the edge!
    • The new color-picker in the Inspector Panel!

      The new color-picker in the Inspector Panel!

Friends of the Firefox team

Introductions/Shout-Outs

  • New interns!
    • Mandy Cheang (@mcheang, mandy__)
      • Working on improving start-up performance
    • Abdoulaye Ly (@Abdoulaye O. Ly, abdoulaye)
      • Working on Fission

Resolved bugs (excluding employees)

Fixed more than one bug
  • Florens Verschelde :fvsch
  • Ian Moody [:Kwan]
  • jaril
  • Kestrel
  • Monika Maheshwari [:MonikaMaheshwari]
  • Tim Nguyen :ntim
New contributors (🌟 = first patch)

 

 

Project Updates

Activity Stream

  • The new Pocket Newtab is on track for 68 with performance parity
    • Slight regression with our usage of -webkit-line-clamp (thanks heycam for platform implementation!) and fixing with requestAnimationFrame (thanks performance best practices doc)
  • We’ve made some progress on migrating our build process into Firefox / making it easier to develop on Activity Stream features
  • Introducing our new intern: Emily (:emcminn)!

Add-ons / Web Extensions

Applications

Lockwise
  • Work on the Lockwise addon is complete
    • Final release waiting on localizers to translate strings
  • Future Lockwise work will happen in tree as part of the Firefox Password Manager
  • Removing this Lockwise item after this meeting

Developer Tools

Layout Tools
  • Inactive CSS landed! It’s currently only ON by default in nightly (since 68) but will ship to everyone with Firefox 69. Bug 1306054. We will be adding a larger collection of warnings very soon too, to warn users about more tricky CSS cases.
    • A tooltip in the CSS property inspector explains that a justify-content property doesn't apply to a non-flex element.

      This tooltip shows a CSS property that has no effect on the current element in the Inspector, and explains why.

  • Expandable CSS warnings also landed (shipping with 68). This allows jumping directly from a CSS warning displayed in the console to a node in the inspector when the warning occurred inside a CSS rule. Bug 1093953.
    • CSS warnings in the web console, with one of them being expanded, and revealing a list of DOM nodes that the warning applies to.

      Now errors can expand and collapse, and link directly to any nodes they’re associated with.

  • CSS Grid level 2 (subgrid) is close to shipping in Firefox. We’re getting the tooling for it ready in Firefox 69 so it’s easy to see the relationship between a grid and a subgrid.
  • We’re continuing to prototype on WebCompat awareness tools. Our latest prototype is an addon that displays CSS compatibility information about a page from the Firefox toolbar. It now allows to jump from a warning into the Style Editor, and to open other browsers where issues occur. GitHub repo for the addon
    • GIF demonstrating the doorhanger menu added by this extension, which contains the list of CSS compatibility problems detected on the page.

      This WebExtension helps bring attention to any detected web compatibility issues on the page. Handy!

  • We’re also focusing on fixing the last few remaining issues preventing to support the <meta viewport> tag in RDM, and therefore simulate mobile devices better.
Console
  • We now have borders between messages to make them easier to read. Bug 1519904. Thanks Florens Verschelde :fvsch for your keen eye for details.
    • Screenshot of the Web Console in Firefox 68 with borders between each console log message.

      Better visual separation and readability? Yes, please!

  • It is possible to resend network requests that were logged in the console. Bug 1530138. Thank you Christoph Walcher.
    • Screenshot of the context menu in the Web Console, showing the new "Resend request" feature for network requests.

      Want to resend that network request from the console? Now you can!

Debugger
  • Column breakpoints are stable now and we’re super happy with it.
  • Event breakpoints making good progress. The UI is ready and we’ll be landing the feature very soon. Follow along in this bug.
    • A preview of the nascent event breakpoints panel in the Debugger, allowing you to set breakpoints on all event types.

      When this lands, developers will be able to set breakpoints on events, as well as lines of code.

  • Workers are now displayed in the source tree along all the other sources.
  • The new logpoint feature is now even better with dedicated icons in the web console.
    • This shows the new "Add log" menu item in the debugger context menu, allowing you to log an expression when a certain line of code is executed.

      Log log log!

Remote Debugging
  • The new about:debugging page will ride the trains with Firefox 69. A final QA testing phase will happen in beta 69 in a few weeks. The main implementation phase is over and the final few fixes have happened:
    • Stay on the same page when reloading about:debugging (reconnects to remote runtimes automatically) (bug)
    • Remember last temporary addon install directory (bug)
    • Disable temporary addon installation if xpinstall.enabled is false (bug)
    • Updated error message colors and borders
    • New “Remote Debugging” menu item in the Web Developer menu
    • Update for Fenix/Firefox Preview (name, icon and version) (bug)
      • The new logo and header in about:debugging if an instance of Firefox Preview is connected.

        Coming soon to a phone near you!

Fission

  • Abdoulaye has an initial version of the <select> dropdown working with Fission
  • Neil has a version of drag and drop working with Fission! \o/
  • mconley has a patch that makes PermitUnload work with Fission, but is blocked on some DOM work
  • mconley is starting efforts to make the context menu work with Fission

Lint

Password Manager

Performance

Performance tools

  • Properly updating the URL state after publishing now.
  • Improved algorithm to find idle threads at load time.
  • Firefox Profiler now supports SimplePerf output format.
  • Added more relevant information to window title to improve the searchability of tabs. Thanks to our GSoC student Raj!
    • A tooltip for Firefox Profile showing the Firefox version, OS version, as well as collection date and time.

      This should make it easier for developers to tell various profiles apart when opened in multiple tabs.

  • Transforms are usable inside stack chart via context menu now.
    • The transfomation utilities are now available in the stack chart panel of the Firefox Profiler.

      Stack chart getting some love!

Picture-in-Picture

  • Dave Justice is about to get a patch landed that decorates the tab that a Picture-in-Picture video is coming from
  • Keyboard access and RTL support for Picture-in-Picture is still underway
  • The tentative plan is to let this ship to Firefox 69 Beta / Dev Edition and get feedback from our users and web developers

Policy Engine

  • ExtensionSettings policy finally landed (bug 1522823)
  • Added a number of preferences to the new Preferences policy (bug 1545539)
  • Download related policies (bug 1546973)
  • Activity Stream policies (bug 1548080)
  • Legacy Browser Support
    • EXE built
    • Able to test extension
    • Working on IE BHO
  • Investigating multiple intermittents on policy that have been around a while

Privacy/Security

Search and Navigation

Search
Quantum Bar
  • Bugs and cleanup work
  • Active in Beta, no critical regressions reported so far
  • Nightly XUL/HTML experiment didn’t show any fallout
  • Adding core support for the WebExtension APIs that will be driving our future experiments

Planet WebKitJavier Fernández: A new terminal-style line breaking with CSS Text

The CSS Text 3 specification defines a module for text manipulation and covers, among a few other features, the line breaking behavior of the browser, including white space handling. I’ve been working lately on some new features and bug fixing for this specification and I’d like to introduce in this posts the last one we made available for the Web Platform users. This is yet another contribution that came out the collaboration between Igalia and Bloomberg, which has been held for several years now and has produced many important new features for the Web, like CSS Grid Layout.

The feature

I guess everybody knows the white-space CSS property, which allows web authors to control two main aspects of the rendering of a text line: collapsing and wrapping. A new value break-spaces has been added to the ones available for this property, which allows web authors to emulate a terminal-like line breaking behavior. This new value operates basically like pre-wrap, but with two key differences:

  • any sequence of preserved white space characters takes up space, even at the end of the line.
  • a preserved white space sequence can be wrapped at any character, moving the rest of the sequence, intact, to the line bellow.

What does this new behavior actually mean ? I’ll try to explain it with a few examples. Lets start with a simple but quite illustrative demo which tries to emulate a meteorology monitoring system which shows relevant changes over time, where the gaps between subsequent changes must be preserved:



 #terminal {
  font: 20px/1 monospace;
  width: 340px;
  height: 5ch;
  background: black;
  color: green;
  overflow: hidden;
  white-space: break-spaces;
  word-break: break-all;
 }


    

Another interesting use case for this feature could be a logging system which should preserve the text formatting of the logged information, considering different window sizes. The following demo tries to describe this such scenario:



body { width: 1300px; }
#logging {
  font: 20px/1 monospace;
  background: black;
  color: green;

  animation: resize 7s infinite alternate;

  white-space: break-spaces;
  word-break: break-all;
}
@keyframes resize {
  0% { width: 25%; }
  100% { width: 100%; }
}

Hash: 5a2a3d23f88174970ed8 Version: webpack 3.12.0 Time: 22209ms Asset Size Chunks Chunk Names pages/widgets/index.51838abe9967a9e0b5ff.js 1.17 kB 10 [emitted] pages/widgets/index img/icomoon.7f1da5a.svg 5.38 kB [emitted] fonts/icomoon.2d429d6.ttf 2.41 kB [emitted] img/fontawesome-webfont.912ec66.svg 444 kB [emitted] [big] fonts/fontawesome-webfont.b06871f.ttf 166 kB [emitted] img/mobile.8891a7c.png 39.6 kB [emitted] img/play_button.6b15900.png 14.8 kB [emitted] img/keyword-back.f95e10a.jpg 43.4 kB [emitted] . . .

Use cases

In the demo shown before there are several cases that I think it’s worth to analyze in detail.

A breaking opportunity exists after any white space character

The main purpose of this feature is to preserve the white space sequences length even when it has to be wrapped into multiple lines. The following example tries to describe this basic use case:



.container {
  font: 20px/1 monospace;
  width: 5ch;
  white-space: break-spaces;
  border: 1px solid;
}

XX XX

The example above shows how the white space sequence with a length of 15 characters is preserved and wrapped along 3 different lines.

Single leading white space

Before the addition of the break-spaces value this scenario was only possible at the beginning of the line. In any other case, the trailing white spaces were either collapsed or hang, hence the next line couldn’t start with a sequence of white spaces. Lets consider the following example:



.container {
  font: 20px/1 monospace;
  width: 3ch;
  white-space: break-spaces;
  border: 1px solid;
}

XX XX

Like when using pre-wrap, the single leading space is preserved. Since break-spaces allows breaking opportunities after any white space character, we break after the first leading white space (” |XX XX”). The second line can be broken after the first preserved white space, creating another leading white space in the next line (” |XX | XX”).

However, lets consider now a case without such first single leading white space.



.container {
  font: 20px/1 monospace;
  width: 3ch;
  white-space: break-spaces;
  border: 1px solid;
}

XXX XX

Again, it s not allowed to break before the first space, but in this case there isn’t any previous breaking opportunity, so the first space after the word XX should overflow (“XXX | XX”); the next white space character will be moved down to the next line as preserved leading space.

Breaking before the first white space

I mentioned before that the spec states clearly that the break-space feature allows breaking opportunities only after white space characters. However, it’d be possible to break the line just before the first white space character after a word if the feature is used in combination with other line breaking CSS properties, like word-break or overflow-wrap (and other properties too).



.container {
  font: 20px/1 monospace;
  width: 4ch;
  white-space: break-spaces;
  overflow-wrap: break-word;
  border: 1px solid;
}

XXXX X

The two white spaces between the words are preserved due to the break-spaces feature, but the first space after the XXXX word would overflow. Hence, the overflow-wrap: break-word feature is applied to prevent the line to overflow and introduce an additional breaking opportunity just before the first space after the word. This behavior causes that the trailing spaces are moved down as a leading white space sequence in the next line.

We would get the same rendering if word-break: break-all is used instead overflow-wrap (or even in combination), but this is actualy an incorrect behavior, which has the corresponding bug reports in WebKit (197277) and Blink (952254) according to the discussion in the CSS WG (see issue #3701).

Consider previous breaking opportunities

In the previous example I described a combination of line breaking features that would allow breaking before the first space after a word. However, this should be avoided if there are previous breaking opportunities. The following example is one of the possible scenarios where this may happen:



.container {
  font: 20px/1 monospace;
  width: 4ch;
  white-space: break-spaces;
  overflow-wrap: break-word;
  border: 1px solid;
}

XX X X

In this case, we could break after the second word (“XX X| X”), since overflow-wrap: break-word would allow us to do that in order to avoid the line to overflow due to the following white space. However, white-space: break-spaces only allows breaking opportunities after a space character, hence, we shouldn’t break before if there are valid previous opportunities, like in this case in the space after the first word (“XX |X X”).

This preference for previous breaking opportunities before breaking the word, honoring the overflow-wrap property, is also part of the behavior defined for the white-space: pre-wrap feature; although in that case, there is no need to deal with the issue of breaking before the first space after a word since trailing space will just hang. The following example uses just the pre-wrap to show how previous opportunities are selected to avoid overflow or breaking a word (unless explicitly requested by word-break property).



.container {
  font: 20px/1 monospace;
  width: 2ch;
  white-space: pre-wrap;
  border: 1px solid;
}

XX
overflow-wrap:
break-word
word-break:
break-all

In this case, break-all enables breaking opportunities that are not available otherwise (we can break a word at any letter), which can be used to prevent the line to overflow; hence, the overflow-wrap property doesn’t take any effect. The existence of previous opportunities is not considered now, since break-all mandates to produce the longer line as possible.

This new white-space: break-spaces feature implies a different behavior when used in combination with break-all. Even though the preference of previous opportunities should be ignored if we use the word-break: break-all, this may not be the case for the breaking before the first space after a word scenario. Lets consider the same example but using now the word-break: break-all feature:



.container {
  font: 20px/1 monospace;
  width: 4ch;
  white-space: break-spaces;
  overflow-wrap: break-word;
  word-break: break-all;
  border: 1px solid;
}

XX X X

The example above shows that using word-break: break-all doesn’t produce any effect. It’s debatable whether the use of break-all should force the selection of the breaking opportunity that produces the longest line, like it happened in the pre-wrap case described before. However, the spec states clearly that break-spaces should only allow breaking opportunities after white space characters. Hence, I considered that breaking before the first space should only happen if there is no other choice.

As a matter of fact, specifying break-all we shouldn’t considering only previous white spaces, to avoid breaking before the first white space after a word; the break-all feature creates additional breaking opportunities, indeed, since it allows to break the word at any character. Since break-all is intended to produce the longest line as possible, this new breaking opportunity should be chosen over any previous white space. See the following test case to get a clearer idea of this scenario:



.container {
  font: 20px/1 monospace;
  width: 4ch;
  white-space: break-spaces;
  overflow-wrap: break-word;
  word-break: break-all;
  border: 1px solid;
}

X XX X

Bear in mind that the expected rendering in the above example may not be obtained if your browser’s version is still affected by the bugs 197277(Safari/WebKit) and 952254(Chrome/Blink). In this case, the word is broken despite the opportunity in the previous white space, and also avoiding breaking after the ‘XX’ word, just before the white space.

There is an exception to the rule of avoiding breaking before the first white space after a word if there are previous opportunities, and it’s precisely the behavior the line-break: anywhere feature would provide. As I said, all these assumptions were not, in my opinion, clearly defined in the current spec, so that’s why I filed an issue for the CSS WG so that we can clarify when it’s allowed to break before the first space.

Current status and support

The intent-to-ship request for Chrome has been approved recently, so I’m confident the feature will be enabled by default in Chrome 76. However, it’s possible to try the feature in older versions by enabling the Experimental Web Platform Features flag. More details in the corresponding Chrome Status entry. I want to highlight that I also implemented the feature for LayoutNG, the new layout engine that Chrome will eventually ship; this achievement is very important to ensure the stability of the feature in future versions of Chrome.

In the case of Safari, the patch with the implementation of the feature landed in the WebKit’s trunk in r244036, but since Apple doesn’t announce publicly when a new release of Safari will happen or which features it’ll ship, it’s hard to guess when the break-spaces feature will be available for the web authors using such browser. Meanwhile, It’s possible to try the feature in the Safari Technology Preview 80.

Finally, while I haven’t see any signal of active development in Firefox, some of the Mozilla developers working on this area of the Gecko engine have shown public support for the feature.

The following table summarizes the support of the break-spaces feature in the 3 main browsers:

Chrome Safari Firefox
Experimental M73 STP 80 Public support
Ship M76 Unknown Unknown

Web Platform Tests

At Igalia we believe that the Web Platform Tests project is a key piece to ensure the compatibility and interoperability of any development on the Web Platform. That’s why a substantial part of my work to implement this relatively small feature was the definition of enough tests to cover the new functionality and basic use cases of the feature.

white-space overflow-wrap word-break
pre-wrap-008
pre-wrap-015
pre-wrap-016
break-spaces-003
break-spaces-004
break-spaces-005
break-spaces-006
break-spaces-007
break-spaces-008
break-spaces-009
break-word-004
break-word-005
break-word-006
break-word-007
break-word-008
break-all-010
break-all-011
break-all-012
break-all-013
break-all-014
break-all-015

Implementation in several web engines

During the implementation of a browser feature, even a small one like this, it’s quite usual to find out bugs and interoperability issues. Even though this may slow down the implementation of the feature, it’s also a source of additional Web Platform tests and it may contribute to the robustness of the feature itself and the related CSS properties and values. That’s why I decided to implement the feature in parallel for WebKit (Safari) and Blink (Chrome) engines, which I think it helped to ensure interoperability and code maturity. This approach also helped to get a deeper understanding of the line breaking logic and its design and implementation in different web engines.

I think it’s worth mentioning some of these code architectural differences, to get a better understanding of the work and challenges this feature required until it reached web author’s browser.

Chrome/Blink engine

Lets start with Chrome/Blink, which was especially challenging due to the fact that Blink is implementing a new layout engine (LayoutNG). The implementation for the legacy layout engine was the first step, since it ensures the feature will arrive earlier, even behind an experimental runtime flag.

The legacy layout relies on the BreakingContext class to implement the line breaking logic for the inline layout operations. It has the main characteristic of handling the white space breaking opportunities by its own, instead of using the TextBreakIterator (based on ICU libraries), as it does for determining breaking opportunities between letters and/or symbols. This design implies too much complexity to do even small changes like this, especially because is very sensible in terms of performance impact. In the following diagram I try to show a simplified view of the classes involved and the interactions implemented by this line breaking logic.

The LayoutNG line breaking logic is based on a new concept of fragments, mainly handled by the NGLineBreaker class. This new design simplifies the line breaking logic considerably and it’s highly optimized and adapted to get the most of the TextBreakIterator classes and the ICU features. I tried to show a simplified view of this new design with the following diagram:

In order to describe the work done to implement the feature for this web engine, I’ll list the main bugs and patches landed during this time: CR#956465, CR#952254, CR#944063,CR#900727, CR#767634, CR#922437

Safari/WebKit engine

Although as time passes this is less probable, WebKit and Blink still share some of the layout logic from the ages prior to the fork. Although Blink engineers have applied important changes to the inline layout logic, both code refactoring and optimizations, there are common design patterns that made relatively easy porting to WebKit the patches that implemented the feature for the Blink’s legacy layout. In WebKit, the line breaking logic is also implemented by the BreakingContext class and it has a similar architecture, as it’s described, in a quite simplified way, in the class diagram above (it uses different class names for the render/layout objects, though) .

However, Safari supports for the mac and iOS platforms a different code path for the line breaking logic, implemented in the SimpleLineLayout class. This class provides a different design for the line breaking logic, and, similar to what Blink implements in LayoutNG, is based on a concept of text fragments. It also relies as much as possible into the TextBreakIterator, instead of implementing complex rules to handle white spaces and breaking opportunities. The following diagrams show this alternate design to implement the line breaking process.

This SimpleLineLayout code path in not supported by other WebKit ports (like WebKitGtk+ or WPE) and it’s not available either when using some CSS Text features or specific fonts. There are other limitations to use this SimpleLineLayout codepath, which may lead to render the text using the BreakingContext class.

Again, this is the list of bugs that were solved to implement the feature for the WebKit engine: WK#197277, WK#196169, WK#196353, WK#195361, WK#177327, WK#197278

Conclusion

I hope that at this point these 2 facts are clear now:

  • The white-space: break-spaces feature is a very simple but powerful feature that provides a new line breaking behavior, based on unix-terminal systems.
  • Although it’s a simple feature, on the paper (spec), it implies a considerable amount of work so that it reaches the browser and it’s available for web authors.

In this post I tried to explain in a simple way the main purpose of this new feature and also some interesting corner cases and combinations with other Line Breaking features. The demos I used shown 2 different use cases of this feature, but there are may more. I’m sure the creativity of web authors will push the feature to the limits; by then, I’ll be happy to answer doubts, about the spec or the implementation for the web engines, and of course fix the bugs that may appear once the feature is more used.

Igalia logo
Bloomberg logo

Igalia and Bloomberg working together to build a better web

Finally, I want to thank Bloomberg for supporting the work to implement this feature. It’s another example of how non-browser vendors can influence the Web Platform and contribute with actual features that will be eventually available for web authors. This is the kind of vision that we need if we want to keep a healthy, open and independent Web Platform.

Planet MozillaData Science is Hard: Validating Data for Glean

Glean is a new library for collecting data in Mozilla products. It’s been shipping in Firefox Preview for a little while and I’d like to take a minute to talk about how I validated that it sends what we think it’s sending.

Validating new data collections in an existing system like Firefox Desktop Telemetry is a game of comparing against things we already know. We know that some percentage of data we receive is just garbage: bad dates, malformed records, attempts at buffer overflows and SQL injection. If the amount of garbage in the new collection is within the same overall amount of garbage we see normally, we count it as “good enough” and move on.

With new data collection from a new system like Glean coming from new endpoints like the reference browser and Firefox Preview, we’re given an opportunity to compare against the ideal. Maybe the correct number of failures is 0?

But what is a failure? What is acceptable behaviour?

We have an “events” ping in Glean: can the amount of time covered by the events’ timestamps ever exceed the amount of time covered by the ping? I didn’t think so, but apparently it’s an expected outcome when the events were restored from a previous session.

So how do you validate something that has unknown error states?

I started with a list of things any client-based network-transmitted data collection system had to have:

  • How many pings (data transmissions) are there?
  • How many measurements are in those pings?
  • How many clients are sending these pings?
  • How often?
  • How long do they take to get to our servers?
  • How many poorly-structured pings are sent? By how many clients? How often?
  • How many pings with bad values are sent? By how many clients? How often?

From there we can dive into validating specifics about the data collections:

  • Do the events in the “events” ping have timestamps with reasonable separations? (What does reasonable mean here? Well, it could be anything, but if the span between two timestamps is measured in years, and the app has only been available for some number of weeks, it’s probably broken.)
  • Are the GUIDs in the pings actually globally unique? Are we seeing duplicates? (We are, but not many)
  • Are there other ping fields that should be unique, but aren’t? (For Glean no client should ever send the same ping type with the same sequence number. But that kind of duplicate appears, too)

Once we can establish confidence in the overall health of the data reporting mechanism we can start using it to report errors about itself:

  • Ping transmission should be quick (because they’re small). Assuming the ping transmission time is 0, how far away are the clients’ clocks from the server’s clock? (AKA “Clock skew”. Turns out that mobile clients’ clocks are more reliable than desktop clients’ clocks (at least in the prerelease population. We’ll see what happens when we start measuring non-beta users))
  • How many errors are reported by internal error-reporting metrics? How many send failures? How many times did the app try to record a string that was too long?
  • What measurements are in the ping? Are they only the ones we expect to see? Are they showing in reasonable proportions relative to each other and the number of clients and pings reporting them?

All these attempts to determine what is reasonable and what is correct depend on a strong foundation of documentation. I can read the code that collects the data and sends the pings… but that tells me what is correct relative to what is implemented, not what is correct relative to what is intended.

By validating to the documentation, to what is intended, we can not only find bugs in the code, we can find bugs in the docs. And a data collection system lives and dies on its documentation: it is in many ways a more important part of the “product” than the code.

At this point, aside from the “metrics” ping which is awaiting validation after some fixes reach saturation in the population, Glean has passed all of these criteria acceptably. It still has a bit of a duplicate ping problem, but its clock skew and latency are much lower than Firefox Desktop’s. There are some outrageous clients sending dozens of pings over a period that they should be sending a handful, but that might just be a test client whose values will disappear into the noise when the user population grows.

:chutten

Planet MozillaSUMO Platform Roadmap

Our support platform went through numerous changes and transitions during the last couple of years. With the SUMO team joining efforts with the Open Innovation group last year, we have started thinking about different approaches to our support platform strategy. Our support platform is complex and there are a lot of legacy items that need to be taken care of. Besides this we need to get ready for all the new things that are coming our way.

We want to ensure we’re providing a stable platform that will support Mozilla in the years to come as well as manage all the new products and changes expected in the following years.

During this first half of the year we have worked on setting up a roadmap that prioritizes the work and helps us be more intentional about the changes we want to make in order to provide the best support platform for our users. With this we have also worked on new processes that will hopefully simplify the way we work with the platform as well as the overall development process.

What’s new

Our current efforts are focused almost 100% on the integration of Firefox Accounts. In parallel we’ve also been working with the IT team to complete a migration of the infrastructure to a new instance of AWS (this has been completed on June 5th). Firefox Accounts implementation will follow shortly. After these major pieces of work are done our next big priorities are: Elastic search upgrades, ongoing UX experiments and a Responsive Design implementation that has become even more important as Google now indexes our site as mobile-first..

There will be more discussions about H2 and how we’re going to manage platform priorities in the second half of the year in July.

You can consult the current platform roadmap here.

This is a high-level overview on each project we’re working on and the expected timeline for completion. We’re going to review the roadmap items at the beginning of each month.

All the development work is being tracked in sprints and you can follow our current sprint here.

As mentioned before, the SUMO platform is a large complex platform with a lot of legacy issues that need to be dealt with. Currently we have around 700 bugs filed, many of them being more than 5 years old. As we don’t have enough resources to deal with this huge backlog we’ll need to change a few processes. We have designed a new triage and roadmap review process that you can read about here . Bugs that are not critical to the stability of the platform and are older than 6 months will be closed – this is a one time only event and we expect this to take care of most outdated bugs that will never be fixed. Feel free to open a new bug if you feel the issue is urgent or should be prioritized nonetheless.

Please note

We’re currently focusing on: Firefox Accounts implementation, the IT migration as well as any critical issues that break the site or block releases. Any other items are currently on hold. We can prioritize other issues as needed as per the process described in the document shared above.

SUMO staff team

Planet MozillaCheck out Hubs on Oculus Quest!

Check out Hubs on Oculus Quest!

We’re excited to share that Hubs is now available on Quest, the new standalone VR headset from Oculus. Because Hubs is web-based, there are no applications to install or limits on cross-platform compatibility. Simply invite people to join your rooms in VR, on a desktop, or with a phone at any time. Launch a browser on the Quest and go to hubs.mozilla.com to create a room, then invite people to join you by sending them the invite link or room code!

Standalone headsets like the Oculus Quest represent exciting new advancements in the systems that we have available for consumer VR technology. Untethered devices with tracking capabilities built into the headset allow for more freedom of movement around a space and more natural interactions within an environment.

At Mozilla, we're committed to supporting a rich, open ecosystem of online content that can be accessed by any device. This is one of the reasons that the immersive web is so powerful - like traditional websites, applications like Hubs can be accessed through browsers with a single URL on new devices without being limited to store requirements. By developing Hubs for the web, we’re able to iterate and deploy changes quickly, which allows us to get new features and bug fixes out quickly and often. It also means our users can be together in the same room on the Quest, PC, and smartphones as well.

Check out Hubs on Oculus Quest!

We're excited by the opportunities that are enabled by an immersive, creative web where anyone can launch mixed reality experiences. For virtual reality to succeed, applications and experiences need to be designed for everyone in mind, and not separate communities based on their hardware preferences. We think it’s important that Hubs exists as a social VR platform that works across the different device families that you use to communicate, regardless of the platform.

Check out Hubs on Oculus Quest!

There are a lot of misconceptions about what the immersive web is capable of, but it does a lot of important things really well. It keeps control of the experiences in the users’ hands and prioritizes accessibility over platform-exclusive features. It gives developers the ability to deliver their experiences across devices without the restrictions that come from publishing to app stores, and it’s born from a decades old community built around standards and openness, which we think is critical to the success of mixed reality.

If you’re a creator or developer interested in learning more about how we’re building virtual reality experiences for the web, join the Hubs Community meetup on Fridays at 11:30am PDT (UTC -7) to hear more from the team about the foundations of how (and why) we’re committed to bringing social VR to the browser. Jump into our Hubs discord server and keep an eye on the #meetup channel to participate!

Hubs is an open-source project by Mozilla to explore how social virtual worlds can be used for collaboration and communication. You can explore Hubs today at hubs.mozilla.com or view the source code at github.com/mozilla/hubs.

Planet MozillaQuick start: Profiling local builds of Firefox for Android and GeckoView_example

Getting building and profiling Firefox for Android or GeckoView_example is relatively easy if you know how, so here's my quickstart guide.

See also, the official GeckoView documentation.

First, ensure you run ./mach boostrap, and select "4. GeckoView/Firefox for Android".

Here's the mozconfig I'm using (Ubuntu 18.04):
ac_add_options --enable-optimize
ac_add_options --disable-debug
ac_add_options --enable-release
ac_add_options --disable-tests
mk_add_options AUTOCLOBBER=1
ac_add_options --enable-debug-symbols
# With the following compiler toolchain:
CC="/home/chris/.mozbuild/clang/bin/clang"
CXX="/home/chris/.mozbuild/clang/bin/clang++"
export CC="/home/chris/.mozbuild/clang/bin/clang -fcolor-diagnostics"
export CXX="/home/chris/.mozbuild/clang/bin/clang++ -fcolor-diagnostics"
ac_add_options --with-ccache=/usr/bin/ccache
mk_add_options 'export RUSTC_WRAPPER=sccache'
# Build GeckoView/Firefox for Android:
ac_add_options --enable-application=mobile/android
# Work around issues with mozbuild not finding the exact JDK that works.
# See also https://bugzilla.mozilla.org/show_bug.cgi?id=1451447#c7
ac_add_options --with-java-bin-path=/usr/lib/jvm/java-8-openjdk-amd64/bin
# With the following Android NDK:
ac_add_options --with-android-ndk="/home/chris/.mozbuild/android-ndk-r17b"
ac_add_options --with-android-min-sdk=16
ac_add_options --target=arm-linux-androideabi
A noteworthy item in there is "--with-java-bin-path". I've had trouble on Ubuntu with the system default Java not being the right version. This helps.

Note that if you're profiling, you really want to be doing a release build. The behaviour of release is different from an optimized build.

If you're debuging, you probably need --enable-debug. For details of how to debug, see GeckoView Debugging Native Code in Android Studio.

To build, package, and install Firefox for Android (Fennec) on your Android device, run:
./mach build && ./mach package && ./mach install 
Note that you need to do the package step after every build. Once you've installed, you can start Firefox on a given URL with:
./mach run --url https://www.youtube.com/watch?v=dQw4w9WgXcQ
For testing and profiling GeckoView, the easiest option is to run the GeckoView_example app. To build and install this, run:
./mach build && ./mach package && ./mach android build-geckoview_example && ./mach android install-geckoview_example
To run GeckoView_example, opening a URL:
adb shell am start -a android.intent.action.MAIN -c android.intent.category.LAUNCHER -n org.mozilla.geckoview_example/org.mozilla.geckoview_example.GeckoViewActivity -d 'https://www.youtube.com/watch?v=dQw4w9WgXcQ'
If you want to set environment variables, for example to turn on MOZ_LOGs, run like so:
adb shell am start -a android.intent.action.MAIN -c android.intent.category.LAUNCHER -n org.mozilla.geckoview_example/org.mozilla.geckoview_example.GeckoViewActivity -d 'https://www.youtube.com/watch?v=dQw4w9WgXcQ' --es env0 MOZ_LOG=MediaSource:5
Note if you want to create more than one environment variable, each one needs to be numberd, i.e. `--es env0 FOO=BAR env1 BAZ=FUZ`, and so on. Also note that you do not put quotes around environment variables here. That is, use `--es env0 FOO=BAR`, do not use `--es env0 FOO="BAR"`.

MOZ_LOGs go to adb logcat. To setup an output stream that reads specific MOZ_LOGs:
adb logcat | grep MediaSource
This stays open, printing logs until you terminate with CTRL+C. If you want to exit at the end of the logs buffered, pass -d. i.e.:
adb logcat -d > log_file.txt
Apparently you can pass a logtag filterspec to `adb logcat` to have it filter for you, but I never figured the syntax out.

To clear logcat's buffered logs:
adb logcat --clear
This is useful if you're prinf-debugging something via logcat, and want to clear the decks before each run.

Other useful commands...

To terminate a running GeckoView_example:
adb shell am force-stop org.mozilla.geckoview_example
To list all packages on your device related to Mozilla:
adb shell pm list packages mozilla
To uninstall a GeckoView_example:
adb uninstall org.mozilla.geckoview_example && adb uninstall org.mozilla.geckoview_example.test
Note that this also uninstalls the GeckoView test app. Sometimes you may find you need to uninstall both apps before you can re-install. I think this is related to different versions of adb interacting.

To get the Android version on your device:
adb shell getprop ro.build.version.release
To simulate typing text:
adb shell input text "your text"
To profile a GeckoView_example session, you need to download the latest Firefox Desktop Nightly build, and install the Firefox Profiler add-on. Note that the Firefox Profiler Documentation is pretty good, so I'll only cover the highlights.

Once you've got Firefox Desktop Nightly and the Firefox Profiler add-on installed, start up your GeckoView_example app and URL you want to profile, and in Firefox Nightly Desktop open about:debugging. Click "Connect" to attach to the device you want to profile on, and then click "Profile Performance".

If you're profiling media playback, you want to add "Media" to the custom thread names under the "Threads" settings.

Since you're profiling a local build, you want to open the "Local build" settings, and ensure you add the path to your object directory.

Once you're configured, press "Start recording", do the thing in GeckoView_example you're profiling, and then hit "Stop and grab the recording".

The profile will open in a new tab in the browser. Sometimes I've noticed that the profiler hangs at "Waiting for symbol tables for library libxul.so". Just reloading the page seems to resovle this normally.

I find the Firefox Profiler very straightforward to use. The Flame Graph view can be particularly enlightening to see where threads are spending time.

Unfortunately the Firefox profiler can't symbollocate Java call stacks. Java calls usually show up as hex addresses, sometimes on the far side of an AndroidBridge C++ call.

On Android >= P you can use Simpleperf to capture profiles with both native and JIT'd Java call stacks. Andrew Creskey has instructions on how to use Simpleperf with GeckoView_example.

Planet MozillaNext steps in privacy-preserving Telemetry with Prio

In late 2018 Mozilla conducted an experiment to collect browser Telemetry data with Prio, a privacy-preserving data collection system developed by Stanford Professor Dan Boneh and PhD candidate Henry Corrigan-Gibbs. That experiment was a success: it allowed us to validate that our Prio data collections were correct, efficient, and integrated well with our analysis pipeline. Today, we want to let you know about our next steps in testing data collection with Prio.

As part of Content Blocking, Firefox will soon include default protections against tracking. Our protections are built on top of a blocklist of known trackers. We expect trackers to react to our protections, and in some cases attempt to work around them. We can monitor how our blocklists are applied in Firefox to detect these workarounds.

However, directly monitoring how our blocklists are applied would require data that we feel is too sensitive to collect from release versions of Firefox. That’s why Prio is so important: it allows us to understand how our blocklists are applied across a large number of users, without giving us the ability to determine how they are applied in any individual user’s browser or on any individual page visit.

To support this we’ve developed Firefox Origin Telemetry, which is built on top of Prio. We will use Firefox Origin Telemetry to collect counts of the number of sites on which each blocklist rule was active, as well as counts of the number of sites on which the rules were inactive due to one of our compatibility exemptions. By monitoring these statistics over time, we can determine how trackers react to our new protections and discover abuse.

In the next phase of testing we need validate that Firefox Origin Telemetry works at scale. To provide effective privacy, Prio requires that two independent parties each process a separate portion of the data — a requirement that we will not satisfy during this test. As in our initial test, we will run both data collection servers ourselves to complete end-to-end testing prior to involving a second party. That’s why we are running this test only in our pre-release channels, which we know are used by a smaller audience that has chosen to help us test development versions of Firefox. We’ve ensured that the data we’re collecting falls within our data collection policies for pre-release versions of Firefox, and we’ve chosen to limit the collection to 1% of Firefox Nightly users, as this is all that’s necessary to validate the API.

We expect to start this test during our Nightly 69 development cycle. Collecting this data in a production environment will require an independent third party to run one of the servers. We will provide further updates once we have such a partner in place.

The post Next steps in privacy-preserving Telemetry with Prio appeared first on Mozilla Security Blog.

Planet WebKitWhat’s New in the Payment Request API for Apple Pay

Since announcing last April that WebKit supports the W3C Payment Request API for Apple Pay, we’ve been hard at work adding even more features to the API. From support for phonetic names in the Apple Pay payment method to new standard features like the paymentmethodchange event and PaymentResponse.retry(), WebKit’s Payment Request implementation is now more capable than ever. Anything you could’ve done in the Apple Pay JS API can now be done directly with the Payment Request API using the Apple Pay payment method.

Let’s take a closer look at some of the improvements we’ve made to Payment Request in the past year.

The paymentmethodchange event

When the user selects a card in the Apple Pay payment sheet, WebKit now dispatches the paymentmethodchange event to your PaymentRequest object. WebKit populates the event’s methodDetails attribute with an ApplePayPaymentMethod dictionary, which you can use to determine information about the card such as its type.

Listening for paymentmethodchange is optional, but if you do, be sure to call the event’s updateWith() method with a promise for updated payment details.

const request = new PaymentRequest(...);
request.onpaymentmethodchange = (event) => {
    // Compute new details based on event.methodDetails
    const detailsUpdatePromise = computeDetails(event.methodDetails);
    event.updateWith(detailsUpdatePromise);
};

Whether or not you listen for the paymentmethodchange event, WebKit continues to support payment details modifiers, a declarative way to vary payment details based on the user’s selected card. See last year’s blog post for more information about modifiers.

Requesting Phonetic Names

The Apple Pay payment method now supports requesting a phonetic spelling of your customer’s name as part of shipping and billing contact information. Here’s an Apple Pay payment method that requests a shipping contact containing a localized name, a phonetic name, and a postal address:

const applePayMethod = {
    supportedMethods: "https://apple.com/apple-pay",
    data: {
        ...,
        requiredShippingContactFields: ["name", "phoneticName", "postalAddress"],
    },
};

When your customer authorizes payment, WebKit provides the phonetic name as part of the ApplePayPayment dictionary that’s stored in the PaymentResponse‘s details attribute.

const request = new PaymentRequest([applePayMethod], ...);
request.show().then((response) => {
    const shippingContact = response.details.shippingContact;
    const phoneticFamilyName = shippingContact.phoneticFamilyName;
    const phoneticGivenName = shippingContact.phoneticGivenName;
});

Reporting Errors

When handling contact information, you might encounter an error that needs to be resolved by the customer before they can proceed with the transaction. Common examples include invalid addresses, unserviceable addresses, and missing contact information.

So that you can report these errors to your customers, WebKit now supports Payment Request’s fine-grained error reporting capabilities in the PaymentDetailsUpdate dictionary. You can specify shippingAddressErrors for errors with shipping address attributes, payerErrors for errors with names, email addresses, and phone numbers, and paymentMethodErrors for errors specific to the selected payment method. The Apple Pay payment method treats paymentMethodErrors as a sequence of ApplePayError objects.

Here’s how you might report an error for an invalid postal code:

const request = new PaymentRequest([applePayMethod], details, { requestShipping: true });
request.onshippingaddresschange = (event) => {
    // Compute new details based on shippingAddress
    const detailsUpdate = computeDetails(request.shippingAddress);

    // Check for an invalid postal code
    if (!isValid(request.shippingAddress.postalCode))
        detailsUpdate.shippingAddressErrors = { postalCode: "Invalid postal code" };

    event.updateWith(detailsUpdate);
};

When you report errors, WebKit displays them in the Apple Pay payment sheet and prompts your customer to make corrections — perhaps by editing their shipping address or selecting from a list of stored address. Here’s what the shipping address error we specified above looks like on an iPhone.

When your customer taps on the erroneous shipping address, the Apple Pay sheet displays your custom error message. If they decide to edit their address, the fields you flagged with errors (postalCode, in this case) are highlighted to help guide them through making corrections.

Once the user finishes making corrections, WebKit fires the shippingaddresschange event again. If you are satisfied with the corrections, you can proceed with the transaction by calling the updateWith() method again without specifying errors.

When handling errors in shippingaddresschange, keep in mind that WebKit redacts some parts of the shipping contact before payment authorization. The rules vary by country, but in general, WebKit reveals only the contact information necessary to calculate tax and shipping costs. Once the customer authorizes payment, WebKit reveals all the requested contact information.

Retrying Authorizations

While many errors can be detected when handling events like shippingaddresschange, the redaction rules mentioned above mean that some errors can only be detected once the user has authorized payment. For instance, you might require an email address to send a purchase confirmation, only to find after authorization that the customer did not provide a valid one.

To handle these cases, WebKit now implements PaymentResponse‘s retry() method, allowing you to ask the user to retry the payment after correcting for errors.

When you detect an error in a PaymentResponse, you can call retry() with a PaymentValidationErrors dictionary. Like in PaymentDetailsUpdate, you can specify shippingAddress errors, payer errors, and paymentMethod errors. When you call retry(), it returns a promise that resolves once the PaymentResponse is re-authorized.

Here’s how you might handle an invalid email address:

const handleResponse = (response) => {
    if (!isValid(response.payerEmail)) {
        response.retry({
            payer: { email: "Invalid email address" },
        }).then(() => { handleResponse(response) });
        return;
    }
    response.complete("success");
};

const request = new PaymentRequest([applePayMethod], ...);
request.show().then(response => handleResponse(response));

Keep in mind that retry() is for errors that can be corrected by the user. If you detect a fatal error — for example, the card was declined or an item is no longer in stock — call PaymentResponse‘s complete() method with a PaymentComplete value of 'fail'. The Apple Pay payment sheet will display an appropriate error to the user and then dismiss itself.

Availability

These new Payment Request features are available starting in Safari 12.1 on macOS, Safari on iOS 12.2, and Safari Technology Preview.

Feedback

We’ve received some great developer feedback so far, and we look forward to more of your bug reports and feature requests. If you find a Payment Request bug in WebKit, please report it at bugs.webkit.org. On Twitter, you can reach the WebKit team at @webkit, or our web technologies evangelist Jonathan Davis at @jonathandavis.

Planet WebKitCPU Timeline in Web Inspector

Web Inspector now includes a new CPU usage timeline that lets developers measure a page’s CPU usage, estimate its energy impact, and more easily investigate sources of script execution that may be contributing to poor energy utilization.

Energy Efficiency

Web applications for productivity and entertainment are commonplace. For many users, popular websites are often left open in the foreground of their browser or inactive in a background tab for extended periods of time. The activity on all of these pages may contribute to power drain. Many of the devices used to browse the web are battery powered. To all of those users, battery life matters!

Ensuring web applications make the best use of limited resources is a difficult problem. Having a powerful set of tools makes it easier for developers to investigate and identify performance issues. Many different variables affect energy use on web pages, but the most prominent is CPU activity. Monitoring CPU usage can provide an overall estimate of the energy efficiency of a web page and can highlight cause for concern if activity is too high.

CPU Timeline

The new CPU usage timeline is enabled by default. Open the Timelines tab of Web Inspector and you will see a new CPU timeline in the overview at the top. Select the timeline to show its detail view, which including a breakdown of the main thread activity, an energy impact rating, and more.

New CPU Usage Timeline New CPU Usage Timeline New CPU Usage Timeline New CPU Usage Timeline

The CPU timeline overview shows CPU usage samples taken every 500ms. You can use these samples to visualize activity spikes, and how they correlate with networking, layout and rendering, and JavaScript. To see a detailed overview of CPU usage in a specific section of a recording, click and drag to make a time range selection.

Main Thread Breakdown

The first section of the detail view is a breakdown of the work being performed on the main thread. While the total CPU usage across all threads is important, the work performed on the main thread is particularly important for web content.

CPU Timeline Main Thread Breakdown

Principal tasks such as evaluating script, painting, layout, and style resolution are performed on the main thread. The chart allows you to quickly see a comparison of where time is spent in each of these categories.

The main thread is primarily active in order to service user interaction events such as scrolling and clicking or tapping on a page. This means that the main thread may have periods of inactivity. The number inside the chart shows the approximate number of milliseconds the main thread was active. This number may be much smaller than the total selected time range in the overview.

Different interactions produce different main thread workloads. For example, scrolling the page will increase the time spent painting, resizing the window will cause additional layouts, and typing into a form may execute scripts.

Energy Impact

The Energy Impact section provides an estimate of the battery drain caused by the page. This is based off of the average CPU usage for the selected time range.

Extended periods of high CPU utilization will show “High” energy impact, since sustained high CPU usage will drain power and have a noticeable effect on battery life. When making use of this section there are two important scenarios to consider and measure:

  • Idle recordings – An idle page can be one sitting in the foreground not being interacted with by the user, or a background tab that is still alive. It is important that idle pages use as little energy and CPU as possible. Recordings of idle pages should strive for a “Low” rating (less than 3% average CPU usage).
     
  • Interactive recordings – Recordings that include interactivity such as navigating, scrolling, clicking, typing, etc. should expect higher CPU usage because the page is responding to the user. Periods of interactivity should strive to maintain a “Medium” rating (less than 30% average CPU usage) and avoid “High” if possible.

  • While WebKit does work to throttle timers and limit the impact of background tabs or obscured content, idle pages may still perform costly work. Likewise foreground pages that are constantly performing script, such as timers or excessive event handling, may drain battery without any obvious indication.

    It is important to select a sufficiently large time range so that a single spike in CPU activity doesn’t dominate the average. Page load for example will briefly use very high CPU activity as the initial cost to download and render the page is high. A short time range selection during page load, or during a period of user interaction with the page, may show a high Energy Impact but may not drain the battery if the usage is not sustained. Normal browsing scenarios have idle periods between loads while users read or more slowly interact with page content. A selection range of 15 seconds or more will produce a more realistic estimate of battery drain than a short selection.

    Per-Thread Details

    The center of the detail view includes a larger CPU usage graph broken down by thread. The legend shows the different colors for the main thread, worker threads, and other threads. Hover the graph and you get the exact values for the nearest sample. Below the graph is the Main Thread indicator strip. This shows each of the individual samples of main thread activity. Clicking on this strip will take you directly to the event happening at that time in the event’s associated timeline.

    For an even more detailed breakdown by individual threads and thread groups you can expand the lower Threads section. While the main thread and worker threads will be individually graphed, the remaining threads are grouped. WebKit threads include any threads performing work known to WebKit such as Garbage Collection, JIT compilation, bmalloc scavanger, and more. CPU usage on any remaining threads are put into an unclassified group.

    Statistics and Sources

    These sections provide more detailed insight into the activity that occurred on the page within the selected time range.

    The Statistics section enumerates different kinds of activities that occured on the page and their individual frequencies. Activity includes network requests and entry into script via timers, events, or observer callbacks. The values are sorted by frequency so you can immediately see the most commonly occurring activities which may warrant investigation.

    The Sources section pinpoints and aggregates the sources of entries into script. This includes timer installations, event handlers, and observer handlers. Values are again sorted by frequency so you can immediately see the hottest entry points. For timers, we include the function name where the timer was installed. This makes it easy to detect and investigate unexpected timer registrations.

    The two sections work together to make a powerful debugging tool. Categories of script entries can be selected from the Statistics section and the Sources section will filter to show the corresponding script entry points. For example, by selecting requestAnimationFrame the Sources list will immediately filter down to show only the animation timer installations. With one more click you can then jump to the associated code and place breakpoints for further debugging.

    Timeline Import & Export

    Web Inspector now supports importing and exporting timeline recordings. Now when you capture a recording of a performance issue you can export the recording to share with others, attach to a bug report, or just save for later analysis.

    Import and export works across all of the timelines. This makes it useful for all kinds of performance analysis, not just the new CPU timeline. If you captured a recording with an interesting JavaScript and Events profile or one with JavaScript Allocations heap snapshots showing a memory leak, export and import will work great in each of these cases.

    Feedback

    You can try out the new CPU Usage Timeline in the latest Safari Technology Preview. Let us know how it works for you. Stay tuned for upcoming blog posts on best practices for energy efficient web content. Send feedback on Twitter (@webkit, @JosephPecoraro) or by filing a bug.

    Planet MozillaCSS Grid Level 2 – subgrid is coming to Firefox

    The subgrid feature of the CSS Grid Specification is not yet shipping in any browser, but is now available for testing in Firefox Nightly. This is a feature that, if you have used CSS Grid for a layout of any complexity, you are likely to be pretty excited about. In this article I’m going to introduce the feature and some of the use cases it solves.

    So what is subgrid exactly? In terms of syntax, it is a new keyword value for the grid-template-columns and grid-template-rows properties. These properties normally accept a track listing, or to put it another way, a listing of sizes of the tracks you want in your grid. For example, the following CSS would create a three column track grid with a 200px column, a column sized as max-content, and a final 1fr column.

    grid-template-columns: 200px max-content 1fr;

    You can find out more about track sizing in general, and the basics of grid layout via the MDN Guide Basic concepts of Grid Layout.

    If we define a track as a subgrid, however, we replace the track listing with the keyword subgrid.

    grid-template-columns: subgrid;

    This instructs the grid-template-columns property to use the tracks defined on the parent as the track sizing and number used by this nested grid.

    In the example below I have an element which is a grid container. It contains three child elements — two <div> elements and a <ul>.

    <div class="wrapper">
      <div class="box1">A</div>
      <div class="box2">B</div>
      <ul class="box3">
        <li>List item 1</li>
        <li>List item 2</li>
        <li>List item 3</li>
      </ul>
    </div>

    I create a grid on .wrapper, and the direct children are laid out on the grid I have created, but the list items go back to displaying as list items.

    .wrapper {
      display: grid;
      grid-template-columns: 2.5fr 1fr 0.5fr;
      gap: 20px;
    }
    
    .box1 {
      grid-column: 1;
      grid-row: 1;
    }
    
    .box2 {
      grid-column: 2 / 4;
      grid-row: 1;
    }
    
    .box3 {
      grid-column: 1 / -1;
      grid-row: 2;
    }
    A layout of boxes, with list items displayed one below the other

    The list items do not participate in grid layout.

    If we make the <ul> with a class of box3 a grid, and set grid-template-columns to subgrid, the <ul> is now a three-column track grid. The list items are laid out using the tracks of the parent.

    .box3 {
      grid-column: 1 / -1;
      grid-row: 2;
      display: grid;
      grid-template-columns: subgrid;
    }
    A layout of boxes with aligned elements.

    The list items use the grid of the parent of the list.

    CodePen (needs Firefox Nightly)

    There are some additional nice features that make subgrid useful for patterns you might need to build. The *-gap properties are inherited by default into subgrids, however you can override this behavior by setting a gap, row-gap, or column-gap value on the subgrid itself.

    The lines in your subgrid will inherit the line names set on the parent grid. This means that you can position items in the subgrid with the line names on your main grid. You can however also add line names just for the subgrid and these will be added to any inherited names.

    Take a look at the guide to subgrid on MDN to read about all of these features and see example code.

    What will subgrid be useful for?

    In terms of new syntax, and new things to learn, this is a very small change for web developers who have learned grid layout. A grid defined as a subgrid is pretty much the same as a regular nested grid, albeit with its own track listings. However it makes a number of previously difficult patterns possible.

    For example, if you have a card layout, and the cards have headers and footers with uneven amounts of content, you might want the card headers and footers to align across the rows. However, with a standard nested grid this isn’t possible. The grid on each card is independent, therefore the track sizing in card A can’t respond to change of height inside card B.

    A grid of cards with headers and footers which do not align

    The card internal elements do not line up

    If we cause each card to span across three rows however, we can then change the value of grid-template-rows to subgrid.

    .card {
      grid-row: auto / span 3;
      display: grid;
      grid-template-rows: subgrid;
    }

    The card still spans three row tracks, but those rows are defined on the parent and therefore each footer is in the same row. If one footer gets taller, it makes the whole row taller.

    CodePen example.

    A grid of cards with aligned headers and footers.

    The card internal elements now line up.

    You might want to work to a standard 12-column layout. Without subgrid, components that are not direct children of the grid container can’t be laid out on that parent grid. Instead, you need to be careful with track sizing in the nested components in order to get the layout to work. With subgrid we can opt nested grids into that parent grid as far into the structure as is required.

    This means that in the below wireframe example, all elements are using the tracks defined on the main element — even things that are nested inside two grids such as the links inside a list inside a <nav> element. The screenshot below has the lines of that parent grid displayed using the Firefox Grid Inspector.

    A layout with grid lines overlaid

    The twelve column grid highlighted by the Grid Inspector

    CodePen example.

    A less obvious use case for subgrid is to help in the situation where you have an unknown amount of repeated content in your layout, and want to be able to place an item from the start to the end of the grid.

    We can target the end of an explicit grid with -1, so an item placed with grid-row: 1 / -1 will stretch from the first to the last row line. The below grid has two row tracks defined. The block on the left stretches over both as it is spanning from column line 1 to column line -1.

    A grid of boxes with the Firefox Grid Inspector showing the lines

    The explicit grid highlighted with the Grid Inspector

    CodePen example.

    However, if you are creating implicit row tracks, because you don’t know how many items there will be you can’t target the end of the implicit grid with -1. As we do not have explicit tracks after the first track (a grid always has one explicit track in each dimension) the blue item can’t span to the end line after all of the auto-placed items have been laid out.

    A arrangement of boxes, one blue box is top left.

    Without an explicit grid the item cannot stretch to the end line

    CodePen example.

    If you make the repeating section a subgrid for columns, with implicit rows, all of those rows fit into the same grid area of the parent, rather than creating more rows on the parent. This means that you can have a fully explicit parent grid and know exactly where the end line is no matter how many items are added in the subgridded part.

    The only compromise would be the addition of an extra wrapper if your markup didn’t have a container for these repeating elements, however a single wrapping <div> is not going to cause any problems and enables this pattern.

    An arrangement of boxes with a full height box on the left

    The sidebar stretches to the height of the content

    CodePen example.

    Firefox DevTools and subgrid

    The DevTools team have been working on adding features to DevTools that will make it easier to work with multiple grids, including subgrid.

    You can now highlight multiple grids with DevTools. This can be helpful to see how the grid lines up with each other. You can see this in action by highlighting multiple grids in the cards example above, letting you see how the lines of the rows on our cards align with the parent rows.

    A grid of cards with two grids of lines displayed overlaid

    Two grids are highlighted here, one on the parent and one on a child

    In the Grid Inspector subgrids have a little subgrid badge, and appear nested inside their parent. These things should help you to identify them better when working with complex arrangements of grids.

    The Firefox DevTools open to show the different ways that subgrids are highlighted.

    DevTools makes it easy to see your subgrids.

    The team are still working on features, including the ability to highlight a parent when a subgrid is selected.

    Status of the subgrid feature

    Subgrid is now available in Firefox Nightly, so you can test it out, and we would love you to do so. Firefox will have the first implementation of the specification, so feedback from web developers is vital both for the Firefox implementation, the DevTools, and for the CSS specification itself.

    More resources can be found in the MDN guide, and I have started to build some more examples at Grid by Example — my website of CSS Grid examples. In addition, read CSS Grid Level 2: Here Comes Subgrid — an article I wrote about the specification before we had any implementations.

    The post CSS Grid Level 2 – subgrid is coming to Firefox appeared first on Mozilla Hacks - the Web developer blog.

    Planet WebKitSafari Technology Preview 84, with Safari 13 Features, is Now Available

    Safari Technology Preview Release 84 is now available for download for macOS Mojave. With this release, Safari Technology Preview is now available for betas of macOS Catalina. If you already have Safari Technology Preview installed, you can update from the Software Update pane of System Preferences.

    This release covers the same revisions of WebKit from Safari Technology Preview 83, but includes new Safari and WebKit features that will be present in Safari 13. The following Safari 13 features are new to Safari Technology Preview 84:

    Refreshed Favorites Design. The Favorites page has been visually refreshed, and now includes Show More and Show Less actions.

    Switch to Tab from Smart Search Field. The Smart Search Field now offers switching to an already-open tab when a search query matches the title or URL of an open tab.

    Warnings for Weak Passwords. When signing into a website with a weak password, Safari will prompt you to visit the website in a new tab to upgrade the password to an Automatic Strong Password. Safari uses the well-known URL for changing passwords (/.well-known/change-password), allowing websites to take users directly to their change password pages. The password list in Safari Preferences has also been updated to flag weak passwords.

    Many more WebKit features in Safari 13 are present in this release of Safari Technology Preview and have been in past releases. You can read more about these changes in What’s New in Safari 13 Beta.

    Planet WebKitCreating Web Inspector Audits

    This post is a followup to the Audits in Web Inspector post, and explains the capabilities of and how to write an audit.

    Test Case Format

    The actual test that is run in the page is just a stringified JavaScript function. async functions are allowed, as well as non-async functions that return a Promise. The only requirement is that the return value of the function (or Promise) conforms to the following rules:

    • Returning true/false will translate to a Pass/Fail result with no additional data.
    • Returning a string value will translate to the corresponding result (e.g. "pass" is a Pass result) with no additional data.
    • Returning an object gives the most flexibility, as it allows for additional data other than the audit’s result to be displayed in the Audit tab. Result levels are first retrieved from the "level" value (if it exists), and are translated in the same way as if a string was returned (e.g. "pass" is a Pass result). Alternatively, using any result string as a key with a value of true will have the same effect (e.g. "pass": true).

    There are five result levels:

    • "pass" corresponds to a Pass result, which is where everything was as it should be.
    • "warning" corresponds to a Warning result, which is a “soft pass” in that there was nothing wrong, but there were things that should be changed.
    • "fail" corresponds to a Fail result, which is an indication that something is not as it should be.
    • "error" corresponds to an Error result, which occurs when the JavaScript being run threw an error.
    • "unsupported" corresponds to an Unsupported result, which is a special case that can be used to indicate when the data being tested isn’t supported by the current page (e.g. missing some API).

    There are also three additional pieces of data that can be returned within the result object and have a dedicated specialized interface:

    • domNodes, which is an array of DOM nodes that will be displayed in the Audit tab much the same as if they were logged to the console.
    • domAttributes, which is an array of strings, each of which will be highlighted if present on any DOM nodes within domNodes.
    • errors, which is an array of Error objects and can be used as a way of exposing errors encountered while running the audit.
      • If this array has any values, the result of the audit is automatically changed to Error.
      • If an error is thrown while running an audit, it will automatically be added to this list.

    For custom data, you can add it to the result object and it will display in the Audit tab, so long as it’s JSON serializable and doesn’t overlap with any of the items above.

    Container Structure

    Web Inspector Audits follow a simple and highly flexible structure in the form of JSON objects. These objects fall into two main categories: tests and groups.

    The format for a test is as follows:

    {
        "type": "test-case",
        "name": "...",
        "test": "<stringified JavaScript function>"
    }
    

    The format for a group is as follows:

    {
        "type": "test-group",
        "name": "...",
        "tests": [...]
    }
    

    In this case, the values inside tests can be both individual test cases, or additional groups.

    Both tests and groups also support a number of optional properties:

    • description is a basic string value that is displayed in the Audit tab as a way of providing more information about that specific audit, such as what it does or what it’s trying to test.
    • supports can be used as an alternative to feature-checking, in that it prevents the audit from even being run unless the number value matches Web Inspector’s Audit version number, which can be found at the bottom of the Web Inspector window when in edit mode in the Audit tab. At the time of writing this post, the current version is 3.
    • setup is similar to a test case’s test value, except that it only has an effect when supplied for a top-level audit. The idea behind this value is to be able to share code between all audits in a group, as it is executed before the first audit in a group.

    Specially Exposed Data

    Since audits are run from Web Inspector, it’s possible for additional information to be exposed to each test function being executed. Much of this data is already exposed to Web Inspector, but was never accessible via JavaScript in any way.

    The information is exposed via a WebInspectorAudit object that is passed to each test function. Note that this object is shared between all test under a given top-level audit, which is defined as an audit with no parent. As such, attaching data to this object to be shared between test is accepted and encouraged.

    Version

    Accessing Web Inspector’s Audit version number from within a test is as simple as getting the value of WebInspectorAudit.Version.

    Resources

    The following all relate to dealing with resources loaded by the page, and are held by WebInspectorAudit.Resources.

    • getResources() will return a list of objects, each corresponding to a specific resource loaded by the inspected page, identified by a string url, string mimeType, and audit-specific id.
    • getResourceContent(id) will return an object with the string data and boolean base64Encoded contents of the resource with the given audit-specific id.

    DOM

    The following all relate to dealing with the DOM tree, and are held by WebInspectorAudit.Resources.

    • hasEventListeners(node[, type]) returns true/false depending on whether the given DOM node has any event listeners, or has an event listener for the given type (if specified).

    Accessibility

    The following all relate to dealing with the accessibility tree, and are held by WebInspectorAudit.Accessibility. Further information can be found in the WAI-ARIA specification.

    • getElementsByComputedRole(role[, container]) returns an array of DOM nodes that match the given role that are children of the container DOM node (if specified) or the main document.
    • getActiveDescendant(node) returns the active descendant of the given DOM node.
    • getMouseEventNode(node) returns the DOM node that would handle mouse events which is or is a child of the given DOM node.
    • getParentNode(node) returns the parent DOM node of the given DOM node in the accessibility tree.
    • getChildNodes(node) returns an array of DOM nodes that are children of the given DOM node in the accessibility tree.
    • getSelectedChildNodes(node) returns an array of currently selected DOM nodes that are children of the given DOM node in the accessibility tree.
    • getControlledNodes(node) returns an array of DOM nodes that are controlled by the given DOM node.
    • getFlowedNodes(node) returns an array of DOM nodes that are flowed to from the given DOM node.
    • getOwnedNodes(node) returns an array of DOM nodes that are owned by the given DOM node.
    • getComputedProperties(node) returns an object that contains various accessibility properties for the given DOM node. Since HTML allows for “incorrect” values in markup (e.g. an invalid value for an attribute), the following properties use the computed value determined by WebKit:
      • busy is a boolean related to the aria-busy attribute.
      • checked is a string related to the aria-checked attribute.
      • currentState is a string related to the aria-current attribute.
      • disabled is a boolean related to the aria-disabled attribute.
      • expanded is a boolean related to the aria-expanded attribute.
      • focused is a boolean that indicates whether the given node is focused.
      • headingLevel is a number related to the aria-level attribute and the various HTML heading elements.
      • hidden is a boolean related to the aria-hidden attribute.
      • hierarchicalLevel is a number related to the aria-level attribute.
      • ignored is a boolean that indicates whether the given node is currently being ignored in the accessibility tree.
      • ignoredByDefault is a boolean that indicates whether the given node is always ignored by the accessibility tree.
      • invaludStatus is a string related to the aria-invalid attribute.
      • isPopUpButton is a boolean related to the aria-haspopup attribute.
      • label is a string related to the aria-label attribute
      • liveRegionAtomic is a boolean related to the aria-atomic attribute.
      • liveRegionRelevant is an array of strings related to the aria-relevant attribute.
      • liveRegionStatus is a string related to the aria-live attribute.
      • pressed is a boolean related to the aria-pressed attribute.
      • readonly is a boolean related to the aria-readonly attribute.
      • required is a boolean related to the aria-required attribute.
      • role is a string related to the role attribute.
      • selected is a boolean related to the aria-selected attribute.

    Getting Started

    As mentioned in the Audits in Web Inspector post, the Demo Audit and Accessibility audits that are included as part of Web Inspector can be used as good starter templates for the formatting and structure of a Web Inspector audit.

    Alternatively, the eslint.json audit, which runs ESLint against every *.js resource that was loaded from the main origin of the inspected page, can serve as a more complex example of an async audit that makes use of some of the above specially exposed data.

    Feedback

    The Audit tab was added in Safari Technology Preview 75. Is there a workflow that isn’t supported, or a piece of data that isn’t exposed, that you’d like to use when writing/running audits? Do you have an idea for a default audit that should be included in Web Inspector? Let us know! Please feel free to send us feedback on Twitter (@dcrousso or @jonathandavis) or by filing a bug.

    Planet WebKitAudits in Web Inspector

    Often when creating web pages, there are particular rules or guidelines that are set by the site author, or by an included library/framework. In those cases, it can be tedious to find any cases where those rules/guidelines may be broken, assuming one even has the inclination to do so. As a simple example, remembering to set a title or alt on <img> is often forgotten, but it’s important to include them as it makes it easier for accessibility tools to understand and/or navigate the page.

    For those repeated cases, where one wants to check if the page conforms to an expectation, we’ve created a new tool, which we call Web Inspector Audits, that can help simplify that process.

    Audit Tab

    Web Inspector Audits can be found in the new Audit tab, represented as a tree of audits, each of which can be run against the inspected page. An audit can be either a group of other audits (e.g. a test group), or an individual test case.

    Each audit can have one of five different result levels, each denoted by a different icon.

    • Passed represents a result where everything was as it should be.
    • Warning is a “soft pass” in that there was nothing wrong, but there were things that should be changed.
    • Failed is an indication that something is not as it should be.
    • An Error result occurs when the JavaScript being run threw an error.
    • Unsupported is a special case that can be used to indicate when the data being tested isn’t supported by the current page (e.g. missing some API).

    Audits are also able to be disabled, to allow for more control as to what is actually run. This is done by clicking the Edit button at the bottom of the navigation sidebar.

    Default Audits

    Web Inspector itself also provides a few audits that are included by default and cannot be deleted (only disabled).

    Demo Audit is a basic exposé of the functionality/interface of audits, and can be used as a starter template for writing your own audits.

    Accessibility includes a handful of test cases that check for DOM accessibility best practices on the inspected page, such as the example mentioned at the beginning of this post, in accordance with the WAI-ARIA specification. The Accessibility audit serves as a great starting point for making sure that your page is accessible.

    Import and Export

    When we first began thinking about the concept of audits, one thing that was forefront in our minds was that both the audit and its result should be portable. This was the primary reason that we chose to use JSON as the format for audits, as well as their results.

    All audits are able to be imported and exported from any Web Inspector, regardless of whether that particular audit is able to be run on the current page (see the Unsupported explanation above). Any imported audits are persistent across Web Inspector sessions, meaning you can import an audit while inspecting one page, open Web Inspector on another page, and be able to run that same audit on the new page without having to re-import. This makes it easy for you to share audits you’ve used (or even written) with other developers out in the world.

    Audit results are similarly importable/exportable, but they are not preserved across sessions. This way, if you run an audit and encounter any non-Passed result, you can export it and share the data with those around you, possibly helping you find the right way to act on it.

    Demo

    The simplest way to see how Web Inspector Audits work is to simply run them on any page.

    As a demonstration of a more advanced usage, eslint.json is an audit that runs ESLint against every *.js resource that was loaded from the main origin of the inspected page. If you’re interested in editing this audit, or even writing your own, please see the upcoming post about creating Web Inspector Audits.

    Feedback

    The Audit tab was added in Safari Technology Preview 75. Is there a workflow that isn’t supported, or a piece of data that isn’t exposed, that you’d like to use when writing/running audits? Do you have an idea for a default audit that should be included in Web Inspector? Let us know! Please feel free to send us feedback on Twitter (@dcrousso or @jonathandavis) or by filing a bug.

    Planet Mozilla7.65.1 patched up and ready to go

    (download it from curl.haxx.se of course!)

    Whatever we do and whatever we try, no matter how hard we try to test, debug, review and do CI builds it does not change the eternal truth:

    Nothing gets tested properly until released.

    We worked hard on fixing bugs in the weeks before we shipped curl 7.65.0. We really did. Yet, several annoying glitches managed to creep in, remain unnoticed and cause problems to users when they first eagerly tried out the new release. Those were glitches that none in the development team had experienced or discovered but only took a few hours for users to detect and report.

    The initial bad sign was that it didn’t even take a full hour from the release announcement until the first bug on 7.65.0 was reported. And it didn’t stop with that issue. We obviously had a whole handful of small bugs that caused friction to users who just wanted to get the latest curl to play with. The bugs were significant and notable enough that I quickly decided we should patch them up and release an update that has them fixed: 7.65.1. So here it is!

    This patch release even got delayed. Just the day before the release we started seeing weird crashes in one of the CI builds on macOS and they still remained on the morning of the release. That made me take the unusual call to postpone the release until we better understood what was going on. That’s the reason why this comes 14 days after 7.65.0 instead of a mere 7 days.

    Numbers

    the 182nd release
    0 changes
    14 days (total: 7,747)

    35 bug fixes (total: 5,183)
    61 commits (total: 24,387)
    0 new public libcurl function (total: 80)
    0 new curl_easy_setopt() option (total: 267)

    0 new curl command line option (total: 221)
    27 contributors, 12 new (total: 1,965)
    16 authors, 6 new (total: 687)
    0 security fixes (total: 89)
    0 USD paid in Bug Bounties

    Bug-fixes

    Let me highlight some of the fixes that went this during this very brief release cycle.

    build correctly with OpenSSL without MD4

    This was the initial bug report, reported within an hour from the release announcement of 7.65.0. If you built and installed OpenSSL with MD4 support disabled, building curl with that library failed. This was a regression since curl already supported this and due to us not having this build combination in our CI builds we missed it… Now it should work again!

    CURLOPT_LOW_SPEED_* repaired

    In my work that introduces more ways to disable specific features in curl so that tiny-curl would be as small as possible, I accidentally broke this feature (two libcurl options that allow a user to stop a transfer that goes below a certain transfer speed threshold during a given time). I had added a way to disable the internal progress meter functionality, but obviously not done a good enough job!

    The breakage proved we don’t have proper tests for this functionality. I reverted the commit immediately to bring back the feature, and when now I go back to fix this and land a better fix soon, I now also know that I need to add tests to verify.

    multi: track users of a socket better

    Not too long ago I found and fixed a pretty serious flaw in curl’s HTTP/2 code which made it deal with multiplexed transfers over the same single connection in a manner that was far from ideal. When fixed, it made curl do HTTP/2 better in some circumstances.

    This improvement ended up proving itself to have a few flaws. Especially when the connection is closed when multiple streams are done over it. This bug-fix now makes curl closing down such transfers in a better and cleaner way with fewer “loose ends”.

    parse_proxy: use the IPv6 zone id if given

    One more zone id fix that I didn’t get around to land in 7.65.0 has now landed: specifying a proxy with a URL that includes an IPv6 numerical address and a zone id – now works.

    connection “bundles” on same host but different ports

    Internally, libcurl collects connections to a host + port combination in a “bundle” (that’s just a term used for this concept internally). It does this to count number of connections to this combination and enforce limits etc. It is only used a bit for controlling when multiplexing can be done or not on this host.

    Due to a regression, probably added already back in 7.62.0, this logic always used the default port for the protocol instead of the actual port number used in the given URL! An application that for example did parallel HTTP transfers to the hostname “example.org” on both port 80 and port 81, and used HTTP/1 on one of the ports and HTTP/2 on the other would be totally mixed up by curl and cause transfer failures.

    But not anymore!

    Coming up

    This patch release was not planned. We will give this release a few days to stew and evaluate the situation. If we keep getting small or big bugs reported, we might not open the feature window at all in this release cycle and instead just fix bugs.

    Ideally however, we’ve now fixed the most pressing ones and we can now move on and follow our regular development process. Even if we have, the feature window for next release will be open during a shorter period than normal.

    Planet MozillaNew Council members – 2019 Spring elections

    We are very happy to announce that our 5 new Council members are are fully on-boarded and already working moving the Mozilla Reps program forward.

    In more detail here are the subjects that they will work on:

    Of course we would like to thank our outgoing Reps council members Daniele, Manel and Oarabile for all their contributions during their last year in the program.

    The Mozilla Reps Council is the governing body of the Mozilla Reps Program. It provides the general vision of the program and oversees day-to-day operations globally. Currently, 7 volunteers and 2 paid staff sit on the council. Find out more on the Reps wiki.

     

    Planet Mozillacurl user survey 2019 analysis

    The annual curl user survey 2019 ran for 14 days and ended a while ago. I’ve spent a good deal of time summing up the data, making graphs, tables and creating a document out of what I’ve learned.

    Some quick insights:

    • HTTPS is now the most used protocol
    • Linux is the most used platform
    • Most of the users (who answered) are in Europe
    • Windows 10 grows as the dominant Windows version used for curl
    • 55% of users use HTTP/2 while 4.1% of users use HTTP/0.9

    For all this and much much more. See the full report.

    <figure class="wp-block-image"></figure>

    Planet MozillaIndicating focus to improve accessibility

    It’s a common, but fairly easy-to-fix accessibility issue: lack of indicating focus. In this post I will explain what we mean by focus and show you how focus outlines make your site easier to use.

    What is focus?

    Focus indicators make the difference between day and night for people who rely on them. Let’s first look at what they are, and which people find them useful.

    Focus is something that happens between the interactive elements on a page. That’s the first thing you should know. (See the focusable elements compatibility table for a more detailed and nuanced definition.) Interactive elements are elements like links, buttons and form fields: things that users can interact with.
    menu links; one is outlined, the outline moves between the links

    On a page, at any given time, there is one element that has focus. If you’ve just loaded a page, it is probably the document, but once you start to click or tab, it will be one of the aforementioned interactive elements. The currently focused element can be found with document.activeElement.

    By default, browsers convey which element currently has focus by drawing an outline around that element. The defaults vary between browsers and platform. With CSS, you can override these defaults, which we’ll get to in a bit.

    Who benefits

    Focus outlines help users figure out where they are on a page. They show which form field is currently filled in, or which button is about to be pressed. People who use a mouse, might use their cursor for this, but not everyone uses a mouse. For instance, there are many keyboard users: a person with a baby on one arm, people with chronic diseases that prevent the use of a mouse, and of course… developers and other power users. Beyond keyboards, there are other tools and input devices that rely on clearly indicated focus, like switches.

    It is not just keyboard users that benefit, though. Focus indication also helps people who have limited attention spans or issues with short term memory, for example if they are filling out a lengthy form.

    If the idea of indicating the current element in a website seems weird, consider TV interfaces. Most people use them with a remote control or game controller, and therefore rely on the interface to convey what’s currently selected.

    Never remove them

    Not everyone likes how focus outlines look, some find them ugly. But then that’s the case with street lights, too. They are unlikely to win design awards, but if you have to walk home in the dark, you are glad they help you see where you are.

    Removing focus styles, as some websites do, is as detrimental for keyboard users as removing the mouse cursor would be for mouse users.

    Nobody would override the browser’s default cursor, effectively removing the cursor altogether:

    body {
    cursor: none; /* you wouldn't do this */
    }
    

    So we shouldn’t do this either, which removes the browser’s default outline:

    :focus {
    outline: none; /* so, please don't do this */
    }
    

    Or, as Laura Carvajal put it at Fronteers 2018:

    Laura Carvajal with slide: You wouldn’t steal their cursor

    Even if you provide an alternative with something like box-shadow, best set outline to solid transparent, because box-shadow does not play well with high contrast modes.

    Good focus indicators

    One way to indicate focus is to rely on browser defaults. It works, but I would recommend designing your own focus outlines. This gives you maximum control over how easy they are to see, and lets you integrate them with brand colours or the style of your site. Usually, thicker outlines (from 2px onwards) are better, as they are simply easier to see.

    The :focus pseudo class takes CSS rules like any other selector, so you could style it however you like. In some cases a background color or underline could indicate that something is active.

    Examples

    Below are focus outlines as seen on Schiphol.nl and the City of The Hague websites. They make it easy to distinguish in a list of links which one is currently active.

    two sets of links, on the left one link is outlined with thick purple outline, on the right a thin outline and yellow background

    Transitions

    Focus outlines do not have to be boring. The outline property can be transitioned with CSS, so why not add a subtle animation? Make it pop!

    Contrast

    In WCAG 2.1, focus indicators are bound to the same contrast rules as other parts of the content, as per 1.4.11: Non-text contrast. This means a contrast of 3:1 between the outlines and their background is required.

    On websites that have both light and dark parts, it is quite common to have a dark and a light focus style. For example, if your focus outline is blue for parts with a white background (for instance, the main content area), you could make it white for parts with a black background (for instance, the footer).

    Special cases

    Focusing non-interactive elements

    As mentioned earlier, focus works on interactive elements. In special cases, it makes sense to focus a non-interactive element, like a &lt;div&gt;, if that element is a piece of expanded content or a modal overlay that was just opened.

    Any element can be added to focus order with the tabindex attribute in HTML. Best use it with 0 or -1:

    • tabindex="0": element can be focused with keyboard and through JavaScript
    • tabindex="-1": element can be focused through JavaScript, but cannot be tabbed to

    A tabindex with a number larger than 0 is best avoided, as this sets a preference of where the element goes in the tab order. If you set it for one element, you will have to set and maintain (!) a tabindex value on all interactive elements on the page. See also: It rarely pays to be positive by Scott O’Hara.

    Only for keyboard users

    If you are a developer and the design team is unwilling to apply bold focus styles, you could propose to show them to users who need them, for instance only to keyboard users.

    There are two caveats to this notion of “users who need them”:

    • Not all people who rely on focus styles use a keyboard. We mentioned switches earlier, but that’s only one use case. As a general rule, keep in mind that you can’t predict all the ways your visitors choose to browse the web.
    • Making focus styles keyboard-only takes away an affordance for mouse users too, as focus also indicates that something is interactive.

    For these reasons, we should be careful making decisions about when and how to show focus styles. Luckily, there is a CSS property invented to help us out here: focus-visible. According to the spec, it lets us:

    provide clearly identifiable focus styles which are visible when a user is likely to need to understand where focus is, and not visible in other cases

    In other words: it aims to let you indicate focus only for people that need it. This is supported in Firefox (with prefix), but not yet in Chromium (they intend to implement), so it would be best to use the official focus-visible polyfill. It is preferable to avoid such heuristics and convey focus rings to everybody, but if you have to, focus-visible is ideal. Especially if the alternative is nothing at all.

    Focus styles as keyboard accessibility

    A focused element that isn’t highlighted has a big impact on usability for keyboard users. You could make keyboard checks part of your development workflow to ensure that you don’t forget focus indicators. For instance, you could include “Can be used with a keyboard” in your definition of done. This is a check that most people in the team should be able to do before a new feature goes live. As we’ve seen above, focus styles don’t just benefit keyboard users, but keyboard operability is a good way to test them.

    When testing, you might find that not all browsers and platforms let you tab through interactive elements by default. Here are some of the most common settings across platforms and browsers:

    • macOS: under System Preferences > Keyboard > Shortcuts set ‘Full keyboard access’ to ‘All controls’
    • Safari, macOS: in `Safari > Preferences`, under ‘Advanced’, check ‘Press Tab to highlight each item on a webpage’
    • Chrome: in chrome://settings, under ‘Web content’, check ‘Pressing Tab on a webpage highlights links, as well as form fields’

    Summing up

    Hopefully this post inspires you to try out your (client’s) site with just a keyboard. Maybe it is a pleasure to use already. If not, perhaps this post convinces you or your team to address the problem and design some on-brand focus indicators. Together we make the web more friendly to users of keyboards, sticks and switches. Together we make the web work for everyone.

    Focus outlines are one of many ways to design for accessibility. For more tips on design with accessibility in mind, see Accessibility Information for UI designers on MDN and Tips for designing with accessibility at the W3C.

    The post Indicating focus to improve accessibility appeared first on Mozilla Hacks - the Web developer blog.

    Planet MozillaThe web the world needs can be ours again, if we want it

    People everywhere are demanding basic consumer protections. We want our food to be healthy to eat, our water to be clean to drink, and our air to be safe to breathe.

    This year people have started to demand more of the internet as well, however, there persists an expectation that on the internet people are responsible for protecting themselves.

    You should not have to worry about trading privacy and control in order to enjoy the technology you love. Tech companies have put the onus on people to read through their opaque terms and conditions tied to your data and privacy to use their services. The average privacy policy from a tech company is thousands of words and written at a level that often requires legal training to interpret. As such the vast majority of people don’t bother to read, and just click through these agreements trusting that the companies have their interests at heart.

    This isn’t right, and it’s not where we stand. We aspire to put people back in control of their connected lives. To better equip people to navigate the internet today, we’ve built the latest version of our flagship Firefox browser with Enhanced Tracking Protection on by default. These protections work in the background, blocking third-parties from tracking your online activity while increasing the speed of the browser.

    We’re offering privacy protections by default as you navigate the web because the business model of the web is broken, with more and more intrusive personal surveillance becoming the norm. While we hope that people’s digital rights and freedoms will ultimately be guaranteed, we’re here to help in the interim.

    In a world where tech companies expect you to cobble together different tools to protect your privacy putting the burden on you, we are providing an easy-to-use solution with just one Firefox login to get the full benefit of all of the protections and capabilities we’ve built into our products and services.

    By creating a Firefox account you can increase convenience while decreasing your exposure to some harmful parts of the web. An account unlocks the full potential of tools like Lockwise, which securely manages passwords, and Monitor, a service that notifies you when your email has been part of a known data breach.

    We’re deepening our relationship with you because we know you can’t go it alone anymore. With Firefox you have a partner who knows the ins and outs of the tech industry, but who is beholden to serving you, not shareholders. We’re optimistic that together we can take back power over our online lives.

    We choose to lead, not follow. Join us.  

    You know what we stand for and what we’ve been about for over a decade thanks to our Manifesto and our Data Privacy Principles. Today we’re making it even more clear what you get when you sign up with us by announcing the Firefox Personal Data Promise — our commitment to handle your personal information with integrity and decency — and best practices for others to follow when it comes to protecting consumers privacy and rights online.

    We’re taking these steps and we’re offering new tools to increase your protection and control, but it’s only the first step in our new relationship with you. We will continue to push back against collect-it-all business models that are set up to monetize people in seemingly every possible way. In addition to the tools and services we offer, we champion efforts like the fight for net neutrality, combat surveillance tactics and push for standards and practices that promote privacy and competition.

    I hope you can see we’re different, and that we work hard every day to earn your trust. I believe that the internet can be a tool to make the world a better place where everyone is welcome. And safe. And respected. It can be a place that enables a free exchange of ideas. I know it can be because it once was.

    The web the world needs can be ours again, if we want it. Please join me and millions of Firefox users in choosing a safer, more connected world.

    The post The web the world needs can be ours again, if we want it appeared first on The Mozilla Blog.

    Planet MozillaWhen it comes to privacy, default settings matter!

    What if I told you that on nearly every single website you visit, data about you was transmitted to dozens or even hundreds of companies, all so that the website could earn an additional $0.00008 per ad! This is a key finding from a new study on behaviorally targeted advertisements from Carnegie Mellon University and it should be a wake-up call to all of us. The status quo of pervasive data collection in service of ad targeting is untenable. That is why we’re announcing some key changes to Firefox.

    Today marks an important milestone in the history of Firefox and the web. As of today, for new users who download and install Firefox for the first time, Enhanced Tracking Protection will automatically be set on by default, protecting our users from the pervasive tracking and collection of personal data by ad networks and tech companies.

    It seems that each week a new tech company decides to decree that privacy is a human right. They tout how their products provide people with “choices” to change the settings if they wish to opt into a greater level of privacy protection to exemplify how they are putting privacy first. That begs the question — do people really want more complex settings to understand and fiddle with or do they simply want products that respect their privacy and align with their expectations to begin with?

    Privacy shouldn’t be relegated to optional settings

    When thinking about consumer privacy online, I’m reminded of the behavioral economics studies which led to 401K plans (US retirement savings plans) moving from voluntary enrollment to auto-enrollment. Not too long ago most defined contribution retirement savings plans in the US required employees to sign-up and volunteer to start participating. Participation rates were very low. Why was that? Was it because people didn’t care about saving for retirement? Not at all! There were simply too many barriers to aligning with people’s expectations and desires and the benefits of saving for retirement aren’t felt immediately.

    We are in a similar position with respect to software privacy settings. Pervasive tracking is too opaque and potential privacy harms are never felt immediately. The general argument from tech companies is that consumers can always decide to dive into their browser settings and modify the defaults. The reality is that most people will never do that. Yet, we know that people are broadly opposed to the status quo of pervasive cross-site tracking and data collection, particularly when they learn the details on how tracking actually works.

    We also know that traditional privacy features such as Chrome’s Incognito mode are failing to live up to consumer expectations. The feature might keep your spouse from knowing what you’re thinking about getting them for your anniversary by erasing your history, but it does not prevent third-party tracking. Our research shows that Firefox users are seeking out privacy protection, particularly through the use of Firefox’s Private Browsing mode. In fact, nearly 25% of web page loads in Firefox take place in a Private Browsing window. The good news for these users is that Firefox’s Private Browsing mode has long put users first by blocking tracking. The bad news is that this generally isn’t true for many popular browsers, which allow tracking even in private browsing/incognito mode. A recent study found that users don’t understand this and think their data is being protected, when it is actually not.

    As was the case with retirement savings plans, what this shows us is that the burden needs to shift from the consumers to the companies whereby the complexity of privacy settings shouldn’t be placed on users to figure out. The product defaults should simply align with consumer expectations. That is the approach we are taking in Firefox.

    Enhanced Tracking Protection by Default

    As stated above, new Firefox users will have strong privacy protection from the moment they install. We also expect to deliver the same functionality to existing users over the coming months. Because we are modifying the fundamental way in which cookies and browser storage operate, we’ve been very rigorous in our testing and roll-out plans to ensure our users are not experiencing unforeseen usability issues. If you’re already using Firefox and can’t wait, you can turn this feature on by clicking on the menu icon marked by three horizontal lines at the top right of your browser, then Content Blocking. Go to your privacy preferences and click on the Custom option on the right side. Mark the Cookies checkbox and make sure that “Third-party trackers” is selected. To learn more about our privacy and security settings and get more detail on what each section — Standard, Strict, and Custom — includes, visit here.

    For existing users, go to your privacy preferences and click on the Custom option, ark the Cookies checkbox

    If you are new to Firefox, we’d love for you to give it a try. Download the latest version here.

    When it comes to privacy, default settings matter! We hope that the actions we are taking can ultimately compel change in the industry. Afterall, consumers deserve better.

     

    The post When it comes to privacy, default settings matter! appeared first on The Mozilla Blog.

    Planet MozillaFive ways joining Firefox can keep you safer and smarter online

    The word “privacy” gets thrown around a lot these days, but every tech company defines privacy differently. Respecting your privacy has been at our core from day one, with the … Read more

    The post Five ways joining Firefox can keep you safer and smarter online appeared first on The Firefox Frontier.

    Planet MozillaFirefox Now Available with Enhanced Tracking Protection by Default Plus Updates to Facebook Container, Firefox Monitor and Lockwise

    It’s been several weeks since I was promoted to Senior Vice President of Firefox, responsible for overall Firefox product and web platform development. As a long-time employee with 10+ years, I’ve seen a lot of things within the tech industry from data breaches, net neutrality and the rise and fall of tech companies. I believe that Firefox has and will continue to make a big impact in building the necessary protections to keep people safe online.

    This past year, we’ve seen tech companies talk a big game about privacy as they’re realizing that, after several global scandals, people feel increasingly vulnerable. It’s unfortunate that this shift had to happen in order for tech companies to take notice. At Firefox, we’re doing more than that. We believe that in order to truly protect people, we need to establish a new standard that puts people’s privacy first. At Firefox, we have been working on setting this standard by offering privacy-related features, like Tracking Protection in Private Browsing, long before these issues were brought to light. With this new, increased awareness for privacy, we feel that the time is right for the next step in stronger online protections for everyone.

    Last year, we announced our new approach to anti-tracking, and our commitment to help people stay safe whenever they used Firefox. One of those initiatives outlined was to block cookies from known third party trackers in Firefox. Today, Firefox will be rolling out this feature, Enhanced Tracking Protection, to all new users on by default, to make it harder for over a thousand companies to track their every move. Additionally, we’re updating our privacy-focused features including an upgraded Facebook Container extension, a Firefox desktop extension for Lockwise, a way to keep their passwords safe across all platforms, and Firefox Monitor’s new dashboard to manage multiple email addresses.

    Enhanced Tracking Protection blocks sites from tracking you

    For new users who install and download Firefox for the first time, Enhanced Tracking Protection will automatically be set on by default as part of the ‘Standard’ setting in the browser and will block known “third-party tracking cookies” according to the Disconnect list. We talk more about tracking cookies here. Enhanced Tracking Protection will be practically invisible to you and you’ll only notice that it’s operating when you visit a site and see a shield icon in the address bar next to the URL address and the small “i” icon. When you see the shield icon, you should feel safe that Firefox is blocking thousands of companies from your online activity.

    For those who want to see which companies we block, you can click on the shield icon, go to the Content Blocking section, then Cookies. It should read Blocking Tracking Cookies. Then, click on the arrow on the right hand side, and you’ll see the companies listed as third party cookies and trackers that Firefox has blocked. If you want to turn off blocking for a specific site, click on the Turn off Blocking for this Site button.

    For existing users, we’ll be rolling out Enhanced Tracking Protection by default in the coming months without you having to change a thing. If you can’t wait, you can turn this feature on by clicking on the menu icon marked by three horizontal lines at the top right of your browser, then under Content Blocking. Go to your privacy preferences and click on the Custom gear on the right side. Mark the Cookies checkbox and make sure that “Third-party trackers” is selected. To learn more about our privacy and security settings and get more detail on what each section – Standard, Strict, and Custom – includes, visit here.

    For existing users, go to your privacy preferences, click on the Custom gear and mark the Cookies checkbox

    Latest Facebook Container blocks tracking from other sites

    Earlier this year, Mozilla was honored as one of the World’s Most Innovative Companies by Fast Company. Notably our Facebook Container extension played a big role in getting us selected. With more than two million downloads since it launched, our Facebook Container is an add-on/web extension that helps you take control and isolate your web activity from Facebook (i.e. following and tracking you across the web). Today, we’re releasing the latest update for Facebook Container which prevents Facebook from tracking you on other sites that have embedded Facebook capabilities such as the Share and Like buttons on their site.

    For example, when you are on a news site and reading an article, you often see Facebook Like and Share buttons. Our Facebook Container will block these buttons and all connections to Facebook’s servers, so that Facebook isn’t able to track your visits to these sites. This blocking makes it much harder for Facebook to build shadow profiles of non-Facebook users. You will know the blocking is in effect when you see the Facebook Container purple fence badge.

    Facebook Container will block these buttons and all connections to Facebook’s servers

    To add the latest Facebook Container Add-On, visit here.

    Meet Firefox Lockwise: Manage Your Passwords Safely and Take them Everywhere

    Last Summer, we brought you Firefox Lockbox for iOS, and in March of this year we announced both Firefox Lockbox for Android and an iPad-optimized version to expand the ecosystem. One of the top most requested features from users was to find a way to manage their passwords. Today, we are rolling out a Firefox desktop extension that offers this feature and completes this product family we are now calling Firefox Lockwise.

    As part of the Firefox Lockwise product suite, formerly known as Firefox Lockbox, the desktop extension will give you more control over your stored passwords with shared access from every device. With the new desktop extension, Firefox Lockwise will provide an additional touchpoint to store, edit and access your passwords. The extension provides an enhanced experience for your saved logins, which will allow you to more easily manage and interact with your stored passwords in Firefox. You will notice a seamless integrated experience in Firefox when you move from desktop to mobile, with a similar layout of key features for easy navigation and access, and easy access to your logins and passwords.

    The new Firefox Lockwise desktop extension includes:

    • Manage your saved list of passwords – The new dashboard interface makes it simple to update and manage your saved list. If you’re no longer frequenting a site, you can easily delete your saved password. And for the sites you access frequently, you can quickly reference and edit what is being stored, thus giving you an easy way to take control of your online privacy.
    • Access your passwords anywhere – Whether you’re shopping for shoes on your desktop or purchasing them on-the-go from your favorite site, Firefox Lockwise has you covered. Both the mobile app and desktop extension can help you quickly retrieve your password to access your site account, no matter which device you’re on to take advantage of member discounts or free shipping.

    Whether you are a loyal user or you are ready to take control of your passwords, try Firefox Lockwise, available on iOS, Android, and now a Firefox add-on for Desktop.

    Firefox Monitor adds dashboard to manage multiple email addresses

    Since the launch of Firefox Monitor, a free service that notifies you when your email has been part of a data breach, more than 635,000 people have signed up for alerts. Users have been checking multiple personal email addresses on Monitor since launch, and the ability to easily manage multiple accounts has been a top, frequently requested feature. Today we’re launching a central dashboard to help you track and manage multiple email addresses, whether it’s your personal email accounts or ones for professional use.

    Through the breach dashboard, you’ll receive a quick summary of updates for all registered email accounts. You’ll be able to easily identify which emails are being monitored, how many known data breaches may have exposed your information, and specifically, if any passwords have been leaked across those breaches. Adding a new email address to your existing Firefox Monitor account is simple, and whether you’re managing one – or multiple – new email accounts, you will be able to select a primary email address to serve as the hub for all notifications and alerts. We added a safety measure to ensure that all email addresses are verified by email before they are activated.

    Identify which emails are being monitored, how many known data breaches may have exposed your information, and if any passwords have been leaked across those breaches

    Being part of a data breach is not fun, but keeping track of and knowing where your private information may have been made public is one of the first steps in taking control of your online privacy.

    We invite you to check out the new breach dashboard on Firefox Monitor!

     

    The post Firefox Now Available with Enhanced Tracking Protection by Default Plus Updates to Facebook Container, Firefox Monitor and Lockwise appeared first on The Mozilla Blog.

    Planet MozillaTechnology with respect and honesty. Here’s how we do it.

    Tech companies are using the word “privacy” a lot these days. What do they mean when they say it? To one company, privacy means keeping your information between you and … Read more

    The post Technology with respect and honesty. Here’s how we do it. appeared first on The Firefox Frontier.

    Planet MozillaFirefox 68 Beta 6 Testday Results

     

    Hello Mozillians!

    As you may already know, last Friday May 31st – we held a new Testday event, for Firefox 68 Beta 6.

    Thank you all for helping us make Mozilla a better place: Rockstarprem007, Mohamed Bawas, Aishwarya Narasimhan and Aishu, noelonassis!

    Result: Several test cases were executed for: Activity Stream and  Pin Firefox shortcut to taskbar for Windows 10.

    Thanks for another awesome testday, we appreciate your contribution! 🙂

    We hope to see you all in our next events, keep an eye on QMO.
    We will make announcements as soon as something shows up!

    Planet MozillaMake Cheese Grating Great Again

    The Mac Pro, like New Coke, is back. In a miniature cheese grater you could make a mean quesadilla with. A million Power Mac G5s and O.G. Mac Pros are singing out, "we told you so! We told you so!"

    But if you're going to buy one of these things (starting at $6000), you don't get to complain how much a Talos II costs.

    Planet MozillaThis Week in Rust 289

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

    This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.

    Updates from Rust Community

    News & Blog Posts

    Crate of the Week

    This week's crate is emu, a Rust-based language for programming GPUs. Thanks to Caleb Winston for the suggestion!

    Submit your suggestions and votes for next week!

    Call for Participation

    Always wanted to contribute to open-source projects but didn't know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

    Some of these tasks may also have mentors available, visit the task page for more information.

    If you are a Rust project owner and are looking for contributors, please submit tasks here.

    Updates from Rust Core

    283 pull requests were merged in the last week

    Approved RFCs

    Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

    Final Comment Period

    Every week the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.

    RFCs

    No RFCs are currently in final comment period.

    Tracking Issues & PRs

    New RFCs

    Upcoming Events

    Asia Pacific
    Europe
    North America

    If you are running a Rust event please add it to the calendar to get it mentioned here. Please remember to add a link to the event too. Email the Rust Community Team for access.

    Rust Jobs

    Tweet us at @ThisWeekInRust to get your job offers listed here!

    Quote of the Week

    apparently I wrote Building Git to explain a complex problem to rust devs who could then help me build it in rust

    /dev/horse @ jsconf eu (mountain_ghosts) on twitter

    Thanks to Dos Moonen for the suggestion!

    Please submit quotes and vote for next week!

    This Week in Rust is edited by: nasa42, llogiq, and Flavsditz.

    Discuss on r/rust.

    Planet MozillaPathfinder: a first look at the best fonts and vector graphics on VR/AR

    Pathfinder: a first look at the best fonts and vector graphics on VR/AR

    Second only to watching video, most of the time people spend on computing devices today involves reading text and looking at vector graphics in the toolbars and user interfaces of programs. Over the last 20 years, a great deal of focus has gone into improving the quality of those fonts and graphics: subpixel anti-aliasing, cached font maps, etc.

    Unfortunately, as you can see in the left image below, that work results in grainy and jagged text in modern AR headsets. Ideally, we would render text smoothly at all angles, as shown in the image on the right.

    Pathfinder: a first look at the best fonts and vector graphics on VR/AR Document in built-in browser
    Pathfinder: a first look at the best fonts and vector graphics on VR/AR Document in Pathfinder

    The key limitation today is that most vector graphics or font rendering libraries assume that the images are viewed head on at a fixed resolution, rather than having a user walk around the content viewing it from many different angles and distances. Fortunately, Pathfinder fundamentally reimagines this rasterization process, and can render complex images and documents in real time.

    The following movie provides a demonstration of both Pathfinder's font and vector graphics rendering.

    Pathfinder running on the Magic Leap augmented reality headset

    The main innovation in Pathfinder is to move rendering of curved shapes from the CPU to the GPU, and to support the transforms required for viewing from any angle. Since many modern devices have very powerful GPUs compared to their CPU, this results in a massive performance gain in 3D rendering, allowing graphics and text to be rendered on every frame, rather than rendered once at a fixed resolution. This is done by breaking down complex images into much smaller tiles, many of which are just flat colour, and writing GPU shader code to handle the tiles that are more complicated. (For more details, see A Look at Pathfinder by Nicolas Silva.)

    Pathfinder: a first look at the best fonts and vector graphics on VR/ARPathfinder: a first look at the best fonts and vector graphics on VR/AR
    How Pathfinder renders the GhostScript Tiger (from A Look at Pathfinder)

    Today, we are providing demos of the technology, available for daydream VR and Magic Leap here! These are provided to give an early glimpse of what Pathfinder is capable of, and not for deploying in production yet! We are working to enable Pathfinder inside of WebRender, which will allow it to be used directly in our new browsers for AR headsets based on Servo and potentially in all Firefox Gecko-based browsers in the future. And we'd like to make it available for use in Unity projects and as a WASM package, which will not have full integration with the operating system but still provide a dramatic improvement in rasterization quality. Please drop by the Github repository to check it out for your own projects and contribute to ensure that our new computing platforms have the best possible readability.

    Planet MozillaThis Week In Servo 130

    In the past month, we merged 208 PRs in the Servo organization’s repositories.

    Windows nightlies are temporarily broken.

    Planning and Status

    Our roadmap is available online, including the team’s plans for 2019.

    This week’s status updates are here.

    Exciting works in progress

    <figure> <figcaption>An early success rendering a website in the HoloLens emulator.</figcaption> </figure>

    Notable Additions

    • Manish added foundations of automated testing of WebXR.
    • Eijebong implemented type-safe DOM APIs that interact with JS Promises.
    • jdm and paulrouget upgraded glutin to 0.21.
    • maharsh312 implemented most of the missing OffscreenCanvas APIs.
    • ferjm added support for simultaneous playback of audio and video streams.
    • Darkspirit updated various network security data files (HSTS, PSL, CAs).
    • jdm added support for running Servo on Windows via ANGLE.
    • Manishearth made receiving streams through WebRTC possible.
    • pylbrecht implemented resource timing for synchronous network requests.
    • jdm fixed a problem preventing transitioning into Daydream VR.
    • jdm improved the ergonomics of testing Magic Leap builds.
    • codehag implemented support for using a remote web console from Firefox with Servo’s content.
    • PurpleHairEngineer implemented the StereoPannerNode WebAudio API.
    • jdm upgraded the JavaScript engine.
    • tdelacour improved the type-safety of text input code that switches between UTF-8 and UTF-16 strings.
    • ceyusa created an API for providing hardware-accelerated GL video playback.
    • mmatyas implemented support for compressed textures in WebGL.
    • jdm upgraded the NDK in use for Android builds.

    New Contributors

    Interested in helping build a web browser? Take a look at our curated list of issues that are good for new contributors!

    Planet MozillaThe Governance WG is going public

    Hey all! Today we're happy to announce the Governance Working Group is going public. We've been spending the last couple weeks finding our bearings and structuring the working group.

    You can find our charter outlining our main goals and priorities in our work repository. We are using the Github issues, milestones and projects to organise and track our progress. The readme in the repository explains our working process a bit more in detail. It also states how you can talk to us (hint, via discord) and get involved.

    If you're interested in the governance working group, you may also be interested in the Lang Team Meta WG, which is exploring solutions specific to the lang team.

    Planet Mozillahappy bmo push day: now with added contrast

    happy bmo push day: now with added contrast

    release tag

    the following changes have been pushed to bugzilla.mozilla.org:

    • [1225902] Show only flags with requestee in the “Flags You Have Requested” section
    • [1552720] Linkify bug summaries on My Dashboard query table
    • [1542554] Add bug type icons to dependency trees
    • [1514000] Suppress duplicated changes in bug history made at the same time mainly due to mid-air collisions
    • [1523536] New bug’s…

    View On WordPress

    Planet Mozillahappy bmo push day (May 16th)

    happy bmo push day (May 16th)

    release tag

    the following changes have been pushed to bugzilla.mozilla.org:

    • [1546502] Miscellaneous tweaks and fixes for 2019 week 16
    • [1345750] “Depends on” and “Blocks” bug lists should still show list of bug links in edit mode
    • [1544059] Cloning a bug as a blocker doesn’t copy the ‘component’ field
    • [1543741] Blocklist requests getting filed as ‘defect’ instead of ‘task’ because of custom form
    • [1…

    View On WordPress

    Planet MozillaThe @W3C Needs You: Please Vote For Change In The @W3CAB Election

    <time datetime="2019-05-30T23:59-04:00">Tonight, 23:59 Eastern Time</time> (as is customary for W3C), is the deadline for voting.

    Please Vote in the 2019 W3C Advisory Board Election (W3C Member-only link, only Advisory Committee members can vote).

    My fellow Advisory Board (AB) candidates and additional members of the W3C Community have shared their thoughts on the AB election, some on their blogs, and some on W3C Member only list(s).

    It is very important that you explicitly rank candidates according to what is most important to you due to the way the current W3C STV mechanism is interpreted and implemented by the W3C Team. Past STV elections have shown that a Ranked 1 vote is crucial to candidates, Ranked 2 may have some impact, and the likelihood of effect drops off precipitously from there (though you should still rank at least a few more, ideally all candidates, just in case).

    I’ve previously stated why I think W3C is facing several existential crises, how I will do my best to help W3C during this crucial time of transition, and thus ask for your Ranked 1 vote:

    The AB has seven open spots in this election, so I will recommend six others for your consideration of a Ranked 1 vote.

    Each of these candidates has many strengths, I am highlighting just one or two, depending on what may be most important to help steer the W3C in the next two years. Each of these candidates has many more strengths. Ordered by those with their own posts/blogs first (then by full name).

    If web developer perspective is most important to you, choose Aaron Gustafson as Ranked 1

    Aaron has worked as a profession web developer, written several well regarded books on web development, and spoken with & taught numerous web developers. Of all candidates he brings the most modern and most aware perspective of what matters to web developers today on the web, and what standards the W3C must prioritize in order to better serve today and tomorrow’s web development community, the community that builds the web you and I depend on day-to-day. Read his blog post for more

    If experience is most important to you, choose Chris Wilson as Ranked 1

    Chris Wilson has been working on the web for over 25 years, more than any other candidate. He has written code in web browsers, written specifications, chaired working groups, and served for five years on the Advisory Board. He has more experience, and a broader perspective, across more companies essential to the evolution of the web, than any other canidate. See his post for more

    If bold directness & standing up to W3C Management is most important to you, choose Elika Etemad as Ranked 1

    I have had the good fortune of working with Elika (AKA fantasai) for numerous years in the CSS Working Group, have seen her contribute to invited W3C Advisory Board discussions, and Advisory Committee meetings as well. She always brings a well considered, often bold, and always direct perspective. She brings a strength of commitment that is inspiring and I believe necessary to represent the needs of the web community especially when such needs require standing up to W3C Management. This will be an essential skill during W3C’s upcoming transitions. Read her blog post for more

    If accessibility is most important to you, choose Léonie Watson as Ranked 1

    I have had the good fortune to work with Léonie Watson during my past tenure on the Advisory Board. She has consistently brought a diverse and inclusive perspective in all our matters, especially making sure the AB was aware of accessibility implications of any number of policy decisions. Read her blog for more

    If consensus building is most important to you, choose Alan Stearns as Ranked 1

    I have also had the good fortune of working with Alan Stearns for many years. He has been an extremely effective chair of the CSS Working Group, a very large and diverse set of individuals with a variety of backgrounds, interests, and priorities, that is also extremely prolific. He has demonstrated time & time again that when there is conflict, he is able to mediate a dialog to find common ground, find fair ways to resolve differences, or often get parties to defer when progress can be made regardless.

    If Chinese standards efforts representation is most important to you, choose Judy (Hongru) Zhu as Ranked 1

    While I was on the Advisory Board, I got to know Judy and very much appreciate her participation. She brought key insights with regards to the interactions of global standards efforts, especially with standards efforts in China. I believe these insights have helped the governance of W3C, and W3C’s goals of producing truly global standards.

    Thank you Natasha and Mike

    Huge thanks to Advisory Board incumbents Natasha and Mike for their service. I am glad I got a chance to work with Natasha and Mike on the AB. Natasha provided a refreshing perspective and I hope she considers running for the AB in the future. Mike has served on the AB for a very long time, and demonstrated the ability to actively evolve the AB, the W3C, and forge a productive relationship with the WHATWG (as noted in the recenty announced MoU). Both Mike and Natasha set good examples for whoever is next elected to the AB.

    Please vote!

    Go Vote in the 2019 W3C Advisory Board Election (W3C Member-only link, only Advisory Committee members can vote).

    If you have already voted, thank you for voting. If you have not, please take the few minutes to do so. In either case please consider the above candidates for their strengths and consider (re)ranking accordingly. Thank you for your consideration.

    Planet Mozillacurl: 3K forks

    It’s just another meaningless number, but today there are 3,000 forks done of the curl GitHub repository.

    This pops up just a little over three years since we reached our first 1,000 forks. Also, 10,000 stars no too long ago.

    <figure class="wp-block-image"></figure>

    Why fork?

    <figure class="alignright"></figure>

    A typical reason why people fork a project on GitHub, is so that they can make a change in their own copy of the source code and then suggest that change to the project in the form of a pull-request.

    The curl project has almost 700 individual commit authors, which makes at least 2,300 forks done who still haven’t had their pull-requests accepted! Of course those are 700 contributors who actually managed to work all the way through to inclusion. We can imagine that there is a huge number of people who only ever thought about doing a change, some who only ever just started to do it, many who ditched the idea before it was completed, some who didn’t actually manage to implement it properly, some who got their idea and suggestion shut down by the project and of course, lots of people still have their half-finished change sitting there waiting for inspiration.

    Then there are people who just never had the intention of sending any change back. Maybe they just wanted to tinker with the code and have fun. Some want to do private changes they don’t want to offer or perhaps they already know the upstream project won’t accept.

    We just can’t tell.

    Many?

    Is 3,000 forks a lot or a little? Both. It is certainly more forks than we’ve ever had before in this project. But compared to some of the most popular projects on GitHub, even comparing to some other C projects (on GitHub the most popular projects are never written in C) our numbers are dwarfed by the really popular ones. You can probably guess which ones they are.

    In the end, this number is next to totally meaningless as it doesn’t say anything about the project nor about what contributions we get or will get in the future. It tells us we have (or had) the attention of a lot of users and that’s about it.

    I will continue to try to make sure we’re worth the attention, both now and going forward!

    (Picture from pixabay.)

    Planet MozillaFixing adb device unauthorized in VirtualBox hosted linux

    Getting either no devices listed or just unauthorized from adb devices when running adb in a virtual machine? My setup is VirtualBox running Ubuntu 18.04 LTS hosted in Windows 10 machine. Connecting one of my Android devices with Lineage 16 and running adb in the VM doesn’t make the device ask for debugging authorization. When connecting with adb from the host machine, it does.

    The solution is inspired by this stackoverflow post, with few modifications.

    Prerequisites:

    On both the host and the virtual machine make sure the version of adb is exactly the same. Otherwise the client will ask the server to restart and unexpectedly fail, when using the below provided solution.

    For instance, Firefox for Android build uses internally adb version 1.0.41. But the system wide adb (up to date) in Ubuntu is 1.0.39. To download platform-tools for Windows, in my case, with that version you have to hack the URL bar a bit as there are no download links on the android site for older versions. Trial and error got me this link to get the tools with adb version 1.0.39 for Windows.

    On the host machine:

    • Connect the device with USB debugging enabled, as usually
    • Don’t connect it in the running VirtualBox VM
    • Run adb devices to check the host machine sees the devices, check the server has started on port 5037

    On the virtual machine:

    • Make sure the adb server is not running with adb kill-server
    • Check nothing listens on the 5037 port with netstat -nao | grep :5037
    • Run socat tcp-listen:5037,fork tcp:10.0.2.2:5037 where 10.0.2.2 should be the host address as seen from the VirtualBox VM
    • Run adb devices
    • You should see the same result as on the host machine and be able to work with the device now

    The trick is to simply forward the TCP traffic between the two machines and pretend a server in the VM. It can work well the other way around with any kind of direct TCP relay in Windows, any kind of port and any IP address of choice.

    I wrote this more for myself to not forget till next time, but maybe it will help someone.

    The post Fixing adb device unauthorized in VirtualBox hosted linux appeared first on mayhemer's blog.

    Planet WebKitRelease Notes for Safari Technology Preview 83

    Safari Technology Preview Release 83 is now available for download for macOS Mojave and macOS High Sierra. If you already have Safari Technology Preview installed, you can update in the Software Update pane of System Preferences on macOS Mojave and from the Mac App Store’s Updates tab on macOS High Sierra. After updating to macOS Mojave, you may have to reinstall Safari Technology Preview.

    This release covers WebKit revisions 245007-245618.

    Web Authentication

    • Enabled WebAuthN by default on macOS (r245589)
    • Changed to cancel the pending request when a new request is made (r245043)
    • Changed to return InvalidStateError to sites whenever authenticators return such error (r245262)

    Pointer Events

    • Fixed isPrimary property of pointercancel events to match previous events for that pointer (r245020)
    • Fixed calling preventDefault() on pointerdown to prevent “compatibility” mouse events (r245585)

    Storage Access API

    • Changed to only consume the user gesture when the user explicitly denies access and made document.hasStorageAccess() return true when the feature is off (r245025)

    Rendering

    • Implemented backing-sharing in compositing layers, allowing overlap layers to paint into the backing store of another layer (r245170)
    • Changed layers painting into shared backing to contribute to overlap (r245502)
    • Changed to repaint when the set of backing-sharing layers changes (r245220)
    • Fixed rendering of backing-sharing layers with transforms (r245205)
    • Fixed layer bounds for sharing layers that paint with transforms (r245208)
    • Fixed layer-related flashing with composited overflow: scroll (r245602)
    • Fixed overflow: scroll that becomes non-scrollable to stop being composited (r245212)
    • Fixed content disappearing when the scroller hosting a shared layer becomes non-scrollable (r245206)
    • Fixed rendering issues when layer contents become non-opaque (r245207)

    Service Workers

    • Changed to terminate a service worker instance when its SWServer is destroyed (r245200)
    • Changed a service worker process to app nap when all of its clients app nap (r245299)

    CSS

    • Implemented line-break: anywhere (r245275)
    • Implemented a modern “clearfix” with display: flow-root (r245494)
    • Implemented page-break-* and -webkit-column-break-* as legacy-shorthands. (r245276)
    • Fixed font-optical-sizing applying the wrong variation value (r245598)
    • Updated CSS grid when changing auto repeat type (r245295)
    • Updated to use max size to compute auto repeat CSS grid tracks (r245279)

    WebRTC

    • Defined a media buffering policy (r245039)
    • Allowed sequential playback of media files when initial playback started with a user gesture (r245467)
    • Fixed video stream freezing when the front camera orientation changes (r245033)

    WebDriver

    • Fixed the in-view center point for elements larger than the viewport (r245320)

    Web API

    • Changed to preserve DOM selection after clicking a button that hides itself on mousedown (r245238)
    • Limited the number of prefetches of a given page (r245171)

    Web Inspector

    • Changed the user gesture toggle to also force a user interaction flag (r245366)
    • Fixed the colors in the network table waterfall container for Dark Mode (r245484)
    • Fixed context menu items in the DOM tree when not clicking directly on the node representation in the Elements tab (r245495)
    • Fixed Storage tab crashes when adding new local storage or session storage entries (r245535)
    • Fixed the CPU timeline and Memory timeline bars sometimes incorrectly drawing and jumping around while scrolling (r245498)
    • Made it easier to switch to a DOM node in the Elements tab from a returned DOM node in the Audit tab (r245497)

    Planet Mozilla“We believe the internet can be better,” Mozilla to the International Grand Committee

    Alan Davidson, Vice President of Global Policy, Trust and Security testified today on behalf of Mozilla before the International Grand Committee on Big Data, Privacy and Democracy. The International Grand Committee, composed of representatives from numerous governments around the world, has gathered in Ottawa, Canada for its second meeting, hosted by the House of Commons of Canada.

    “We believe the internet can be better. And to build an internet that is both innovative and worthy of people’s trust, we will need better technology and better policy,” said Alan. In his testimony Alan focused on the need for better product design to protect privacy; getting privacy policy and regulation right; and the complexities of content policy issues. Against the backdrop of tech’s numerous missteps over the last year, our mission-driven work is a clear alternative to much of what is wrong with the web today.

    For more, check out the replay of the hearing or read Alan’s prepared statement for the Committee.

     

    The post “We believe the internet can be better,” Mozilla to the International Grand Committee appeared first on The Mozilla Blog.

    Planet MozillaJavaScript and evidence-based language design

    Author’s note: Hi, I’m an engineer at Mozilla working on the Firefox DevTools server. I’m also a TC39 representative. This post focuses on some of the experiments I am trying out at the TC39, the standards body that manages the JavaScript specification. A follow up post will follow…


    In what ways can empirical evidence be used in the design of a language like JavaScript? What kind of impact would a more direct connection to developers give us? As stewards of the JavaScript specification, how do we answer questions about the design of JavaScript and help make it accessible to the thousands of new coders who join the industry each year? To answer this we need to experiment, and I need your help.

    Enter stage left: a survey

    I know, it isn’t so exciting. It’s a survey. We are testing whether or not the methods used in this survey provide useful information about specific parts of a proposal. In other words, we are testing how we can identify different factors related to code: Cognitive load, error proneness, readability, and learn-ability.

    The goal is to see what we can learn from the data you share. Whether it will be useful remains to be seen. This is the first attempt to do this, so it will not be perfect.

    This is also why I need everyone’s help. Whatever your background, your responses will be very much appreciated. You might be learning JavaScript as your first language, coming to JavaScript from another language, or working in the language professionally.

    Well, I hope I have gotten everyone excited to take a survey. I am certainly excited. It is estimated to be 15 minutes, I hope it is enjoyable!

    Here is the survey link again.

    The post JavaScript and evidence-based language design appeared first on Mozilla Hacks - the Web developer blog.

    Planet MozillaI Am Running For The @W3C Advisory Board (@W3CAB)

    I am running for the W3C Advisory Board (AB). If you work on or care about open web standards, I am asking you, and in particular your W3C Advisory Committee representative, to vote me for as their #1 vote (due to the way the current W3C STV mechanism is interpreted and implemented by the W3C Team).

    The web community depends on W3C as a key venue for open web standards development. We are in a period of transition and existential risks for W3C (detailed in my official Advisory Board nomination statement). I bring both the experience (served on the AB for five years, 20+ years of first-hand standards work at W3C), and the boldness (created and drove numerous open reforms) necessary to work with an Advisory Board committed to modernizing W3C into a form that continues to support pragmatic & responsive open standards development.

    There are many highly qualified candidates running for the W3C Advisory Board in this election, with a variety of strengths and abilities.

    I believe the most important issue for this election is the active modernization of W3C to both avoid its existential risks and hopefully refocus on its best qualities, providing an even better venue for modern open web standards development.

    Now more than ever we need an active Advisory Board composed of individuals who have demonstrated that they are bold web-doers that can actively drive change at the W3C. This means they must both have experience with editing & shipping broadly applicable specifications at W3C (ideally also experience with W3C processes), and have shown the initiative to teach themselves to pragmatically first-hand use the technologies of the web itself to express their work, i.e. using their own websites.

    There are (currently) four additional AB candidates that have such experience and actively use the web itself to do their work. I encourage you to read their blog posts (or blogs in general) and vote for them as well:

    1. Chris Wilson (Google)
    2. Aaron Gustafson (Microsoft)
    3. Elika Etemad (AKA fantasai, W3C Invited Expert)
    4. Léonie Watson (TetraLogical)

    The deadline for votes is <time datetime="2019-05-30T23:59-04:00">23:59 Eastern (Daylight) Time, 30 May 2019</time>.

    Please Vote in the 2019 W3C Advisory Board Election (W3C Member-only link, only Advisory Committee members can vote) for myself (preferably as "Ranked 1"), and at least the other abovementioned candidates (Ranked 2 through Ranked 5) in an order according to who you think has the experience, capabilities, and will to actively collaborate and drive positive changes at the W3C. Thank you for your consideration.

    Planet MozillaFinally, a bit of love for Intel Tiger

    Again, a polite reminder that Intel Macs aren't supported, but that doesn't mean people don't want to run TenFourFox on them. Thanks to new builder Hayley, Tiger-compatible versions of FPR14 and the MP4 Enabler are available for Intel. Previous versions have had issues on Tiger due to issue 209, so watch for that if you choose to run these, but initial testing at least looks very promising.

    I've also given Ken direct access to that folder so that he can coordinate and upload Intel builds on a semi-regular basis without me as the rate limiting step. Remember, the Intel build is unsupported and issues posted to Tenderapp about it will be closed. There are no guarantees that it works, and there are no guarantees that builds will continue.

    Meanwhile, I'm working on what may be a fruitless effort to add async/await support and am about halfway done with the merge. It will probably build but no guarantees that it will work, and there's probably some additional fixes needed to get it up to reasonable standards compliance. I'm trying to keep it all in one easily managed commit which is why there hasn't been much activity on Github for FPR15; this may be the only major new feature in order to reduce regression risk. More later.

    Planet MozillaA glimpse of what’s to come.

    Today we’re presenting new brand marks for Firefox Monitor and Firefox Lockwise. Lockwise? Yes, that’s the official name for the service we’d nicknamed “Lockbox” during its product development phase. The new icons are meant to signal the functions these apps perform. Firefox Monitor, which helps you discover if your email address has been part of a data breach and can alert you about further breaches, is represented by a magnifying glass. Firefox Lockwise, which provides an easy way to store your Firefox passwords and protect your data, suggests both a lock and a profile. The marks reinforce that all of our Firefox products and services help you keep your personal life private.

     

    If you’ve been wondering whatever happened to the Firefox brand identity work we shared in this space last year, and whether System 1 or System 2 prevailed, these new icons offer a clue.  They are not the whole story. We’ll be unveiling an evolved Firefox brand the week of June 10th, so please stay tuned. We look forward to hearing what you think.

    The post A glimpse of what’s to come. appeared first on Mozilla Open Design.

    Planet MozillaFriend of Add-ons: Martin Giger

    Our newest Friend of Add-ons is Martin Giger! Martin is a leader and member of the Mozilla Switzerland community, an extension developer, and a frequent contributor to Mozilla’s community forums, where he helps people find answers to their questions about extension development. If you have ever visited our forums or joined one of our channels on IRC, there’s a good chance you’ve seen Martin kindly and patiently helping people resolve their issues. (He has also written a great blog post about how to effectively ask for help when you get stuck on a problem.)

    Martin began contributing to Mozilla in the early 2010s when he began localizing a Thunderbird extension into German and building his first Firefox extension. He also became involved with the Nightingle Media Player project, an open-source audio player and web browser based on the Mozilla XULRunner.

    Since then, Martin has contributed to a number of add-on projects, including the Add-on SDK, the add-ons linter, the site addons.mozilla.org, and the WebExtensions API. Always interested in finding creative technical solutions to solve problems he encounters in everyday life, he has recently been tinkering with Mozilla’s Web of Things platform, rewriting a Twitter tool used by the Mozilla Switzerland community, and managing web-related activities for the concert band he plays in.

    In addition to spending time with Mozillians online, Martin also enjoys socializing in person with members of his local community. “Doing things with local contributors is meaningful,” he remarks. “No matter what they contributed to, meeting up with people and talking about things you’re passionate about makes Mozilla something you can grasp (and not just something you spend time in front of a computer on).”

    Martin, the entire add-ons team extends their gratitude and appreciation to you for your kindness, willingness to help others, and sound judgement. Thank you for all of your contributions to our ecosystem!

    If you are interested in getting involved with the add-ons community, please take a look at our wiki for some opportunities to contribute to the project.

    The post Friend of Add-ons: Martin Giger appeared first on Mozilla Add-ons Blog.

    Planet MozillaThis Week in Rust 288

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

    This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.

    Updates from Rust Community

    News & Blog Posts

    Crate of the Week

    This week's crate is mockiato, a strict yet friendly mocking library for Rust 2018. Thanks to Ruben Schmidmeister for the suggestion!

    Submit your suggestions and votes for next week!

    Call for Participation

    Always wanted to contribute to open-source projects but didn't know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

    Some of these tasks may also have mentors available, visit the task page for more information.

    No issues were proposed for CfP.

    If you are a Rust project owner and are looking for contributors, please submit tasks here.

    Updates from Rust Core

    286 pull requests were merged in the last week

    Approved RFCs

    Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

    No RFCs were approved this week.

    Final Comment Period

    Every week the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.

    RFCs

    No RFCs are currently in final comment period.

    Tracking Issues & PRs

    New RFCs

    Upcoming Events

    Africa
    Asia Pacific
    Europe
    North America
    South America

    If you are running a Rust event please add it to the calendar to get it mentioned here. Please remember to add a link to the event too. Email the Rust Community Team for access.

    Rust Jobs

    Tweet us at @ThisWeekInRust to get your job offers listed here!

    Quote of the Week

    I used to think of programs as execution flowing and think about what the CPU is doing. As I moved to rust I started thinking a lot more about memory: how the data was laid out in memory, and how ownership of different parts of memory is given to different parts of the program at run time.

    Oliver Gould on "The Open Source Show: All About Rust

    Thanks to infogulch for the suggestion!

    Please submit quotes and vote for next week!

    This Week in Rust is edited by: nasa42, llogiq, and Flavsditz.

    Discuss on r/rust.

    Planet MozillaFirefox 68 Beta 6 Testday, May 31st

    Hello Mozillians,

    We are happy to let you know that Friday, May 31st  we are organizing Firefox 68 Beta 6 Testday. We’ll be focusing our testing on: Activity Stream and Pin Firefox shortcut to taskbar for Windows 10.

    Check out the detailed instructions via this etherpad.

    No previous testing experience is required, so feel free to join us on #qa IRC channel where our moderators will offer you guidance and answer your questions.

    Join us and help us make Firefox better!

    See you on Friday! 🙂

    Planet MozillaThe illusions of privacy (What about intimacy?)

    We have read in the news that big platforms are willing to tackle head on privacy. The word "privacy" became an act of marketing, a way to sell a brand, to grow market shares, to renew or increase trust. This became an object of commerce. We even see debates on who could provide the best solution for a privacy oriented platform or that privacy is a hype.

    For a long time, we know that the amount of data collections by any platforms is humongous.

    In the same time, another topic of concerns has increased, security with different angles:

    • being safe online for individual people
    • stopping massive data hacking
    • protecting knowledge and speech with regards to the surge of fake news

    All of these mostly resonate around the one-to-many/many-to-one issues.

    But one thing is certain. The big platforms will redefine the word "privacy". It will be a space where you communicate with your friends protected from the mass. Privacy will be redefined as small group communications. Don't be fooled. There is still one entity which will be recording everything, studying patterns of communications, making money on understanding your behavorial patterns.

    Worse… with the illusion of privacy given by this smaller spaces of communications, the people using them will feel more secure, comfortable, more at home. They will stop thinking twice about sharing something, while the entity is still listening.

    Intimacy is something we share with others in small groups indeed. It has a lot of variations, levels of opacity, adjusted for contexts. Big platforms will never be able to provide a true space of privacy or intimacy, while their core business is about listening on what we express. Smaller communication groups are indeed sometimes the solution, but they need to exist outside of any listening/recording apparatus created by a third party. Communications are a contract in between the people who choose to have them. Any third party listening, recording, analyzing to sell the value extracted from these communications challenges right away the notion of privacy. The forest is not dark, when someone is listening.

    Otsukare!

    Planet WebKitMichael Catanzaro: Dear Ubuntu: Please Stop Packaging Epiphany If You Won’t Do It Properly

    Dear Ubuntu,

    When users try Epiphany on Ubuntu, they receive a sub-par, broken browser. If you’re not willing to do this right, please just remove Epiphany from your repositories. We’d all be happier this way. You are the  most popular distributor of Epiphany by far, and your poor packaging is making the browser look bad.

    Epiphany 3.28.1 Is Stupid Old

    Currently you’ve packaged Epiphany 3.28.1 for Ubuntu 18.04, your current LTS release. 3.28.1 is a seriously broken version with an overaggressive adblock filters subscription that blocks legitimate resources on a wide variety of websites, resulting in broken page rendering. We obviously don’t want users to ever use 3.28.1. There is a 3.28.2, released on May 22, 2018, which fixes this problem, but after one year you have still not yet updated. Ideally you would update to 3.28.5, which has been available since September 21, 2018. It’s not like I’m expecting you to upgrade to 3.30 or to 3.32 (the current stable series). I’d be happy to release a 3.28.6, except I know that it’s pointless: you would not upgrade to it if I did.

    In Ubuntu 19.04, you have packaged Epiphany 3.32.0. The current version is 3.32.2. There are a lot of bugs fixed in between. (Update: Exam has pointed out that your snap package takes precedence over the Debian package in GNOME Software, so most users will actually receive the snap instead. The snap is still using 3.30.4, because Epiphany 3.32 depends on GTK 3.24, and that is not available in snaps yet. All app menu items are unavailable because Ubuntu’s GNOME Shell 3.32 does not display Epiphany 3.30’s app menu, so there’s no way to edit preferences, view history, import/export bookmarks, etc. This is not good.)

    Because Epiphany is in your universe repository, rather than main, I understand that Canonical does not provide updates. But this is really not OK. Do I really need to add an xscreensaver-style time bomb to protect the reputation of Epiphany?

    You’ve Disabled the JPEG 2000 Support

    WebKitGTK is in main and you have been updating it regularly and in a timely manner, which is good. Thanks for this!

    But we also need WebKitGTK to be built with OpenJPEG support, so that it can display JPEG 2000 images. Because you build WebKitGTK without OpenJPEG support, lots of popular websites are broken, including all websites using Akamai Image Manager. Because we have “Safari” but not “Chromium” in our user agent, these websites send us lots of JPEG 2000 images, and we need to be prepared to handle them properly to avoid broken websites. (Changing our user agent to avoid receiving JPEG 2000 images is, unfortunately, not practical.)

    Here we have a really difficult issue, because you admittedly have a good reason for disabling OpenJPEG use. OpenJPEG has failed your security review for inclusion in main. Seth Arnold from the Ubuntu Security Team has reported 24 issues in OpenJPEG, of which 21 still remain unfixed. (It’s probably too much to ask, but if any readers want to help tackle a couple of these, that would be really great.) WebKitGTK is only as secure as its least-secure image decoder, and it seems likely that that would be OpenJPEG. Exposing the low-quality OpenJPEG library to the entire web is risky.

    And yet, a web browser that doesn’t display websites properly is simply not worth delivering to users. We need this image decoder for web compatibility. WebKitGTK 2.26 will (hopefully) ship with a sandbox to mitigate security risks. Perhaps future versions of Epiphany should refuse to start if OpenJPEG support is unavailable?

    Planet MozillaFirefox brings you smooth video playback with the world’s fastest AV1 decoder

    Tuesday’s release of Firefox 67 brought a number of performance enhancing features that make this our fastest browser ever.  Among these is the high performance, royalty free AV1 video decoder dav1d, now enabled by default on all desktop platforms (Windows, OSX and Linux) for both 32-bit and 64-bit systems.

    With files more than 30% smaller than today’s most popular web codec VP9 [1], and nearly 50% smaller than its widely deployed predecessor H.264 [2], AV1 allows high-quality video experiences with a lot less network usage, and has the potential to transform how and where we watch video on the Internet. However, because AV1 is brand new and more sophisticated, some experts had predicted that market adoption would wait until 2020 when high-performance hardware decoders are expected.  Dav1d in the browser upends these predictions.

    Sponsored by the Alliance for Open Media, dav1d is a joint effort between the French non-profit VideoLAN and the greater FFmpeg open source audio/video community.  Some of the leading minds in open source multimedia joined forces to release the first version of dav1d last fall, already 2x to 5x faster than libaom, the reference decoder published by AOMedia as part of the AV1 standards effort.

    Since then the dav1d developers have squeezed out even more performance by profiling and rewriting critical sections in highly-parallelized SIMD assembly. And this shows in the benchmarks:

    Higher performance and greater efficiency means smooth playback of AV1 video in the browser with significantly less CPU utilization.

    AV1 already seeing adoption on the web

    Landing dav1d in Firefox could not have happened at a better time.  In just the past few months we’ve seen remarkable growth in the use of AV1, with our latest figures showing that 11.8% of video playback in Firefox Beta used AV1, up from 3% in March and 0.85% in February.

    Now that desktop Firefox contains dav1d, we expect even more websites will take advantage of this next-generation, royalty-free video codec AV1.

    Mozilla investing in the AV1 future

    State-of-the-art decoders like dav1d are great for video playback, but best-in-class, free and open source software encoders are equally important to a healthy AV1 community.  The AOMedia reference encoder was developed with the goal of creating the AV1 standard, not a production encoder.  Thus, Mozilla and Xiph.Org are jointly developing a clean-room encoder named rav1e (the Rust AV1 Encoder) to increase encoding gains over the reference encoder and allow software encoding fast enough for real-time applications like WebRTC.

    Good encoders make heavy use of psychovisual models to allocate bits for what humans perceive as good visual quality (not PSNR).  With rav1e we are applying the perceptual analysis expertise from our earlier Daala and Theora codec development efforts to add activity masking, better color balancing, improved rate control and perceptual distortion metrics like CDEF that bring new, improved quality to AV1 encoding.

    We’re also investing considerable research to improve encoder speed, optimizing new techniques that appear for the first time in AV1.  It’s not enough to rewrite existing code from the initial reference encoder in SIMD assembly and make it four times faster. Rav1e is developing ways to make AV1 encoding tools 1000x faster by finding new algorithms rather than simply optimizing existing code.

    Rav1e is getting better all the time.  Active development continues at a rapid pace, landing major new improvements weekly.

    Join the conversation

    Do you find video compression and related technologies fascinating?  Then join us in New York on June 26 for the Big Apple Video 2019 conference co-hosted by Mozilla and Vimeo.  This full day event focuses on cutting edge video technologies and the user experiences they enable.  With speakers from Twitch, Cisco, NGCodec, Intel, Wikimedia and other well known companies, this conference is designed for video technology enthusiasts like you!

    We’d love to have you with us in New York, but if not you can register to attend remotely and watch our on-line video stream.  What else would you expect from a conference on video and related technologies?

    References

    1. AV1 beats x264 and libvpx-vp9 in practical use case – https://code.fb.com/
    2. MSU Codec Comparison 2018 – http://www.compression.ru/

    The post Firefox brings you smooth video playback with the world’s fastest AV1 decoder appeared first on Mozilla Hacks - the Web developer blog.

    Planet MozillaWebRender newsletter #45

    Hi there! I first published this newsletter episode on May 21st and hitting the publish button at the same time as Jessie who wrote an excellent announcement post about WebRender on the stable channel. We decided to unpublish the newsletter for a couple of days to avoid shadowing the other post.

    WebRender is a GPU based 2D rendering engine for web written in Rust, currently powering Mozilla’s research web browser servo and on its way to becoming Firefox‘s rendering engine.

    🎉 WebRender enabled by default for a subset of users on stable 🎉

    Firefox users on the stable channel are starting to use WebRender without opting into it manually.
    This is a huge milestone for everyone involved! The initial target configuration is Windows 10 with nvidia desktop GPUs and recent enough drivers. A very specific and small set of users for sure, and this is so that we can progressively roll out this massive change to Firefox’s graphics engine and appropriately react to the bugs that went unnoticed during all these months of testing and polish (and I am sure there will be). On the nightly channel, we’ve already started enabling WebRender by default on some AMD and Intel configurations on Windows and Linux.

    Congratulations and big thanks to everyone who helped pushing WebRender forward, mozilla staff and volunteers alike. In particular, I would like to highlight the tremendous amount help provided by volunteer contributors Darkspirit and Alice0775 White in filing, reproducing and triaging bugs.

    Bug triage is an often underapreciated, yet absolutely vital part of the process of making Firefox. Without it developers would not know about important bugs that need fixing. It is crucial to our ability to see and react to problems in the wild and impacts priorities and other decision making. Bug Triage is time consuming and requires a lot of knowledge about the project. So once again, many thanks to Alice0775 White, Darkspirit and many other volunteers who’s help and impact on the project is really appreciated.

    What’s new in WebRender

    • Glenn landed a number of changes towards generating separate batches per dirty region. The goal is to improve the performance of incremental updates.
    • Glenn fixed external scroll offsets for perspective elements.
    • Kvark fixed a backfrace-visibility issue.
    • Kvark fixed a texture cache reallocation crash.
    • Kvark fixed a transform flattening bug.
    • Kvark added support for using the KHR_blend_equation_advanced GL extension for mix-blend modes.
    • Kats added support for WebRender’s builtin debugging and profiling features on Android.
    • Doug fixed a number of document splitting bugs.
    • Nical finished turning the render task tree into a more powerful render task graph, and integrated the debug visualization into frame captures.
    • On top of this Nical started implementing render graph optimizations for items with many shadows.
    • Nical increased the amount of blob tiles that are rendered asynchronously.
    • Gankro landed the refactoring to how we represent webrender display items, reducing the size of lots of items, eliminating lots of meaningless states, and making it easier to read webrender captures.
    • Gankro got cbindgen to work with rust 2018 extern crate idioms, unlocking the ability for us to bump webrender and other gecko crates to Rust 2018.
    • Andrew improved pixel snapping.
    • Andrew fixed a crash caused by primitives with empty clips in some situations.
    • Jamie is improving glyph zooming on Android.
    • Jamie fixed a border rendering bug.
    • Jeff fixed a number of bugs with “clipped drawtargets”, a way to better represent the work for tiled blob images and deduplicate work.
    • Jeff and Nical reduced memory allocation overhead in during blob image rasterization.
    • Sotaro landed a lot of improvements to the texture sharing code.
    • Sotaro enabled the shader cache on android.
    • Lee reduced lock contention when rendering text on Windows.
    • Lee improved dual-source blending.
    • Miko landed many improvements to displaylist building performance.

    Enabling WebRender manually

    In about:config, enable the pref gfx.webrender.all and restart the browser.

    Reporting bugs

    The best place to report bugs related to WebRender in Firefox is the Graphics :: WebRender component in bugzilla.

    Note that it is possible to log in with a github account.

    Using WebRender in a Rust project

    WebRender is available as a standalone crate on crates.io (documentation)

    Planet MozillaL10n report: May edition

    Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.

    Welcome!

    New localizers

    Are you a locale leader and want us to include new members in our upcoming reports? Contact us!

    New community/locales added

    • Bashkirs (ba), a Turkic language mostly spoken in Russia

    New content and projects

    What’s new or coming up in Firefox desktop

    Firefox 68 has officially entered Beta. The deadline to ship localization updates into this version is June 25. It’s important to remember that 68 is going to be an ESR version too: if your localization is incomplete on Jun 26, or contains errors, it won’t be possible to fix them later on for ESR.

    A lot of content has landed in Firefox 68 towards the end of the cycle. In particular, make sure to test the new stub installer in the coming weeks, and the redesigned about:welcome experience. Detailed instructions are available in this thread on dev-l10n. You should also check out this post on how to localize the new “Join Firefox” message.

    Partially related to Firefox Desktop: Facebook Container is quickly approaching version 2.0, adding several informative panels to the initial bare UI.

    What’s new or coming up in mobile

    As promised, more new and exciting things are happening in mobile land since our last report.

    In fact, we have recently enabled two new projects in Pontoon, since we are opening up localization of a new password management product for both Android and iOS: Lockwise for Android (strings are located inside the locale folders, with a path starting by mozilla-mobile/lockwise-android/) and Lockwise for iOS – both formerly known as “Lockbox”. Ideal deadline for localizing and testing these projects is May 27th. As for previously enabled mobile projects, we are only exposing these strings to a subset of locales for now. We’ll add more locales as we get a handle on this first batch.

    For Fenix and android-components strings, the current deadline for localizing and testing is still June 13th.

    What’s new or coming up in web projects

    Version 2 of the Firefox Monitor website is launching in the coming days. It’s a complete redesign, that will allow users to sign up with their Firefox Account, and monitor multiple emails easily.

    Firefox Accounts: many strings were added in the recent feature updates. Please check Pontoon for the deadline. There might be more strings to be added before the weekend. The team will push codes more regularly to include as much localized content as possible on production before the launch of the new feature.

    Mozilla.org added and updated four files in the past week: firefox/accounts-2019.lang, firefox/new/trailhead.lang, firefox/whatsnew_67.0.5.lang, and mozorg/newsletters.lang. Follow the deadline and prioritize against other requests.

    Events

    • The Thai community meetup took place in Bangkok on 18-19 of May. This was the first localization meetup of the year led by the l10n-drivers. Community manager Vee summarized well through this blog.
    • Want to showcase an event coming up that your community is participating in? Reach out to any l10n-driver and we’ll include that (see links to emails at the bottom of this report)

    Friends of the Lion

    Image by Elio Qoshi

    Know someone in your l10n community who’s been doing a great job and should appear here? Contact on of the l10n-drivers and we’ll make sure they get a shout-out (see list at the bottom)!

    Useful Links

    Questions? Want to get involved?

    Did you enjoy reading this report? Let us know how we can improve by reaching out to any one of the l10n-drivers listed above.

    Planet MozillaAnnouncing Rust 1.35.0

    The Rust team is happy to announce a new version of Rust, 1.35.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

    If you have a previous version of Rust installed via rustup, getting Rust 1.35.0 is as easy as:

    $ rustup update stable
    

    If you don't have it already, you can get rustup from the appropriate page on our website, and check out the detailed release notes for 1.35.0 on GitHub.

    What's in 1.35.0 stable

    The highlight of this release is the implementation of the FnOnce, FnMut, and Fn closure traits for Box<dyn FnOnce>, Box<dyn FnMut>, and Box<dyn Fn> respectively. Additionally, closures may now be coerced to unsafe function pointers. The dbg! macro introduced in Rust 1.32.0 can now also be called without arguments. Moreover, there were a number of standard library stabilizations. Read on for a few highlights, or see the detailed release notes for additional information.

    Fn* closure traits implemented for Box<dyn Fn*>

    In Rust 1.35.0, the FnOnce, FnMut, and the Fn traits are now implemented for Box<dyn FnOnce>, Box<dyn FnMut>, and Box<dyn Fn> respectively.

    Previously, if you wanted to call the function stored in a boxed closure, you had to use FnBox. This was because instances of Box<dyn FnOnce> and friends did not implement the respective Fn* traits. This also meant that it was not possible to pass boxed functions to code expecting an implementor of a Fn trait, and you had to create temporary closures to pass them down.

    This was ultimately due to a limitation in the compiler's ability to reason about such implementations, which has since been fixed with the introduction of unsized locals.

    With this release, you can now use boxed functions in places that expect items implementing a function trait.

    The following code now works:

    fn foo(x: Box<dyn Fn(u8) -> u8>) -> Vec<u8> {
        vec![1, 2, 3, 4].into_iter().map(x).collect()
    }
    

    Furthermore, you can now directly call Box<dyn FnOnce> objects:

    fn foo(x: Box<dyn FnOnce()>) {
        x()
    }
    

    Coercing closures to unsafe fn pointers

    Since Rust 1.19.0, it has been possible to coerce closures that do not capture from their environment into function pointers. For example, you may write:

    fn twice(x: u8, f: fn(u8) -> u8) -> u8 {
        f(f(x))
    }
    
    fn main() {
        assert_eq!(42, twice(0, |x| x + 21));
    }
    

    This has however not extended to unsafe function pointers. With this release of Rust, you may now do so. For example:

    /// The safety invariants are those of the `unsafe fn` pointer passed.
    unsafe fn call_unsafe_fn_ptr(f: unsafe fn()) {
        f()
    }
    
    fn main() {
        // SAFETY: There are no invariants.
        // The closure is statically prevented from doing unsafe things.
        unsafe {
            call_unsafe_fn_ptr(|| {
                dbg!();
            });
        }
    }
    

    Calling dbg!() with no argument

    For the benefit of all the occasional and frequent "print debuggers" out there, Rust 1.32.0 saw the release of the dbg! macro. To recap, the macro allows you to quickly inspect the value of some expression with context. For example, when running:

    fn main() {
        let mut x = 0;
    
        if dbg!(x == 1) {
            x += 1;
        }
    
        dbg!(x);
    }
    

    ...you would see:

    [src/main.rs:4] x == 1 = false
    [src/main.rs:8] x = 0
    

    As seen in the previous section, where the higher order function call_unsafe_fn_ptr is called, you may now also call dbg! without passing any arguments. This is useful when tracing what branches your application takes. For example, with:

    fn main() {
        let condition = true;
    
        if condition {
            dbg!();
        }
    }
    

    ...you would see:

    [src/main.rs:5]
    

    Library stabilizations

    In 1.35.0, a number of APIs have become stable.

    In addition, some implementations were added and other changes occured as well. See the detailed release notes for more details.

    Copy the sign of a floating point number onto another

    With this release, new methods copysign have been added to the floating point primitive types f32 and f64:

    As the name suggests, you can use these to copy the sign of one number onto another. For example:

    fn main() {
        assert_eq!(3.5_f32.copysign(-0.42), -3.5);
    }
    
    Check whether a Range contains a value

    Rust 1.35.0 contains a few freshly minted methods on the Range types:

    With these, you can easily check whether a given value exists in a range. For example, you may write:

    fn main() {
        if (0..=10).contains(&5) {
            println!("Five is included in zero to ten.");
        }
    }
    
    Map and split a borrowed RefCell value in two

    With Rust 1.35.0, you can now map and split the borrowed value of a RefCell into multiple borrows for different components of the borrowed data:

    Replace the value of a RefCell through a closure

    This release introduces a convenience method replace_with on RefCell:

    With it, you can more ergonomically map and replace the current value of the cell and get back the old value as a result.

    Hash a pointer or reference by address, not value

    In this release, we have introduced:

    This function takes a raw pointer and hashes it. Using ptr::hash, you can avoid hashing the pointed-to value of a reference and instead hash the address.

    Copy the contents of an Option<&T>

    From the very beginning with Rust 1.0.0, the methods Option::cloned for Option<&T> and Option<&mut T> have allowed you to clone the contents in case of Some(_). However, cloning can sometimes be an expensive operation and the methods opt.cloned() provided no hints to that effect.

    With this release of Rust, we introduced:

    The functionality of opt.copied() is the same as for opt.cloned(). However, calling the method requires that T: Copy. Using this method, you can make sure that code stops compiling should T no longer implements Copy.

    Changes in Clippy

    In this release of Rust, Clippy (a collection of lints to catch common mistakes and improve your Rust code) added a new lint drop_bounds. This lint triggers when you add a bound T: Drop to a generic function. For example:

    fn foo<T: Drop>(x: T) {}
    

    Having a bound T: Drop is almost always a mistake as it excludes types, such as u8, which have trivial drop-glues. Moreover, T: Drop does not account for types like String not having interesting destructor behavior directly but rather as a result of embedding types, such as Vec<u8>, that do.

    In addition to drop_bounds, this release of Clippy split the lintredundant_closure into redundant_closure and redundant_closure_for_method_calls.

    See the detailed release notes for Clippy for more details.

    Changes in Cargo

    See the detailed release notes for Cargo for more details.

    Contributors to 1.35.0

    Many people came together to create Rust 1.35.0. We couldn't have done it without all of you. Thanks!

    Footnotes

    Updated: .  Michael(tm) Smith <mike@w3.org>