mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla-gemeenschap

Thunderbird Blog: New Thunderbird Releases and New Thunderbird Staff

Thunderbird - di, 19/12/2017 - 18:14
Thunderbird is going strong at version 52 (ESR) and 57, 58 beta

In April 2017 Thunderbird released its successful Extended Service Release (ESR) version 52. This release has just seen it’s fifth “dot update” 52.5.0, where fixes, stability and minor functionality improvements were shipped.

Thunder 57 “Photon” Visual Refresh

Thunder 57 “Photon” Visual Refresh

Thunderbird 57 beta was also very successful. While Thunderbird 58 is equally stable and offers further cutting-edge improvements to Thunderbird users, the user community is starting to feel the impact of Mozilla platform changes which are phasing out so-called legacy add-ons. The Thunderbird technical leadership is working closely with add-on authors who face the challenge of updating their add-ons to work with the Mozilla interface changes. With a few usually simple changes most add-ons can be made to work in Thunderbird 58 beta. https://wiki.mozilla.org/Thunderbird/Add-ons_Guide_57 explains what needs to be done, and Thunderbird developers are happy to lend a hand to add-on authors. 

There has been some discussion about the modernisation of Thunderbird’s user interface. Thunderbird 57 is now following Mozilla’s Photon design, and there is also a new theme available based on the design by the Monterail team.

You can download the current Thunderbird beta here.

New Staff at Thunderbird

Since November 2016 the Thunderbird project has contracted the services of long-time Thunderbird volunteer contributor Jörg Knobloch. Since Jörg moved from being a volunteer to being a contractor, his focus has changed from chasing his favourite pet-hate bugs to taking on responsibility for the product. As the continuous integration engineer, he guarantees that Thunderbird Daily is always in sync with Mozilla core changes to keep Daily in a working order. Jörg manages all code for releases (beta and ESR) and monitors regressions as reported at BMO. As a Thunderbird and Mailnews peer he reviews the work of others and is part of the Engineering Steering Committee which is in charge of the code base.

In March 2017 Andrei Hajdukewycz joined the project. Andrei is the project’s infrastructure engineer. He’s been working on transitioning the project from using Mozilla infrastructure to procuring its own. He administers all the websites used by the project. There are many: Thunderbird.net*), the ISPDB, websites for telemetry, updates and release notes. And last not least: Add-ons. Soon Thunderbird add-ons will transition to Thunderbird’s own add-ons site. Watch this space!

In June 2017 Tom Prince joined the project as a build and release engineer. He makes sure that we can always build Daily, beta and ESR in en-US English and all localisations. He also helps out when diagnosing test and other miscellaneous failures. Most recently Tom has been migrating the Thunderbird build system from Buildbot to TaskCluster to future-proof this aspect of the project.

The project’s last hire in December 2017 has been Ryan Sipes (the guy posting this) as Community Manager. His task is to organise the community of voluntary contributors including add-on authors, spread the good news about Thunderbird, engage with donors to guarantee a solid income stream and be in touch with Thunderbird users.

These four staff members are just the beginning. The project is currently in the process of hiring developers to address some technical debt, fix some sore points in the software and transition the codebase from a mix of C++, JavaScript, XUL and XPCOM to be increasingly based on web technologies.

The Thunderbird project has taken control of the Thunderbird.net domain, of which the project will make increasing use. The www.thunderbird.net domain is being updated to be more helpful to users and eventually become Thunderbird’s home on the web. The in-product Thunderbird start page has already been served via this domain for several months. And, the members of the Thunderbird Council have received email accounts @ thunderbird.net, powered by FastMail, a gift that we are very grateful for.

Categorieën: Mozilla-nl planet

Mozilla Addons Blog: Q&A with Developer Stefan Van Damme

Mozilla planet - do, 09/11/2017 - 02:47

This is a guest post from Mozilla technical writer Judy DeMocker. She recently chatted with Stefan Van Damme about his extension Turn Off the Lights, and his experience porting it from its original Google Chrome version. Take it away, Judy…

Stefan Van Damme had a small problem—but it happened all the time. He liked to watch videos online, but video players on sites like YouTube don’t eliminate the other content on the screen—and that makes it hard to focus on the show. So Stefan, who lives in Antwerp, Belgium, built his first browser add-on to dim the lights on distracting content. And since so many people love movies, he built it for seven different browsers for users around the world.

Stefan’s extension, Turn Off the Lights, has been downloaded more than 3 million times. With that many users, it’s critical for him to be able to update it quickly and easily, without spending days or weeks on maintenance. So he’s excited about the new WebExtensions API, which makes it easy for him to port his extensions to Google Chrome, Mozilla Firefox, and Microsoft Edge using a universal code base.

Turn Off the Lights in action.

 

Porting to Firefox

What browser did you first create your extension for?
Google Chrome

Why was it important for you to write your extension for Firefox?
It is important to me that everyone can have the Turn Off the Lights experience in their favorite web browser. And Firefox is still one of the most popular web browsers out there today.

Did you migrate your add-on from the legacy Firefox platform, XUL? How difficult was that?
In the first version of Turn Off the Lights, I used the XUL technology. If I had to migrate to the new version, it would be difficult. However, I already had the Chrome extension, so migrating that code to Firefox was very easy. There was only one file I had to change, the manifest file. All the other files, I had to do nothing.

How difficult was it to learn and write to the WebExtensions API? (1 = easiest; 10 = hardest)
Since Firefox now supports the WebExtensions API, it was very easy to take code that runs on Chrome or Edge and put it on Firefox. I can use the same code base and just change the settings to work with each browser. If I continue with Chrome extensions, then it’s just a “1,” very easy.

Did you find all the functionality of your XUL add-on in the WebExtensions API? Or did you have to learn a new way to write the same features?
At the time I wrote the XUL add-on from my Chrome extension code, it was difficult, but I got all the functions inside. Today WebExtensions have more APIs, even those that extend outside the website content. For example, the extension can now dim the toolbar of Firefox thanks to the browser.theme API. And that is very unique and also cool.

What problems, if any, did you experience developing for Firefox?
Mostly I had trouble with the performance of the browser. If I click on my gray lamp button, it goes very slowly to that capacity level. On other browsers, it’s one click and done. I understand Mozilla is working hard to improve this.

What do you think of the new Quantum version of Firefox?
I see some good improvement in the Firefox Quantum web browser. That is what I like, and it can also be good for my users.

Tools & Resources

How has the technology changed since 2009?
At first, I used Notepad ++ on Windows to write my code. Now I use a Mac and Microsoft Visual Studio. Visual Studio is a better experience for both platforms. I can use it on Mac and Windows (using Boot Camp). I can switch to a Windows PC and use the same developer kit to write code and test it also.

How long does it take to publish a Firefox extension?
It’s very quick to publish an update to an add-on. Normally I just zip it and click on “Publish” and it’s done. Yesterday, I updated my Date Today add-on, and it took 10 to 15 minutes.

How is adoption of your new extension?
It’s good. Turn Off the Lights has been downloaded more than 3,000,000 times. I’’ve set up my website to detect a visitor’s browser and send them to the correct hyperlink, so they can download the version that works for them.

How long does it take up update your different extensions?
So in browsers like Chrome, Firefox, and Opera, it takes about two hours to update my add-on. I do one or two major updates for Turn Off the Lights a year, for instance moving from version 3.3 to 3.4. Those take more time. But it’s worth it. I get user feedback from my users that those updates provides better harmony in the current web experience.

What resources helped you learn about the WebExtensions API?
The MDN website was helpful. I was working with the Chrome documentation, but their site only shows information for the Chrome platform. That’s a minus for the Google team. They didn’t have a browser compatibility table that could show me if a feature is available on another web browser.

What help, if any, did you get from Mozilla?
I didn’t talk to anybody at Mozilla. But I do report bugs and performance issues. It’s important to get a great experience on all web browsers.

What advice would you give other developers who are thinking of creating extensions for Firefox?
Just do it. And, listen to your users’ feedback. They are the experts on how you can improve your Firefox extension.

Related content

Q&A with Grammarly’s Sergey Yavnyi

Why I Switched from Chrome to Firefox Quantum

Porting a Google Chrome Extension

Cross-browser extensions, available now in Firefox

Remaking Lightbeam as a Browser Extension

The post Q&A with Developer Stefan Van Damme appeared first on Mozilla Add-ons Blog.

Categorieën: Mozilla-nl planet

Andy McKay: My third Gran Fondo

Mozilla planet - zo, 10/09/2017 - 09:00

Yesterday was my third Gran Frondo, the last was in 2016.

Last year was a bit of an odd year, I knew what to face, yet I struggled. I was planning on correcting that this year.

The most important part of the Fondo is the months and months of training before hand. This year that went well. Up to this point I've been on the bike for 243 hours, 5,050km over 198 bike rides. I only ended up doing Mt Seymour 3 times. But rides with Steed around some North and West Vancouver gave me some extra hill practice.

I managed to lose 20lbs over the training, but have gained a lot of muscle mass especially in my legs. I also did the challenge route of the Ride to Conquer Cancer with some awesome Mozilla friends. The weekend before I did the same route 3 times, on the last day I hit a pile of personal records.

Two equipment changes also helped. I had a computer to tell me how fast I was going (yeah, should have had one earlier) and I moved from Mountain Bike pedals over to Shimano road pedals.

So know what I was facing I had a slightly different plan, focusing on my nemesis, the last hour of the ride. To do that I focused on:

  • Drafting on the flats where I can
  • Taking energy gels every hour to replenish electrolytes
  • Not charging up every hill
  • Going for a faster cadence in a lower gear
  • Saving the energy for the last half (same as last year)

As the day arrived a new challenge appeared. It was raining. Pretty much the entire bloody way.

The first part felt good, I knew what time I would have to arrive each rest stop to beat the last time. I made it to the first stop 13 mins ahead of schedule. But then made it to the next stop about 10 mins ahead of schedule. Then the sticky peice of plastic with the times on flew off.

At this point I was getting anxious, I seemed to be slowing down. All I could remember was the time I needed to be at the last rest stop. Then came the hills.

The difference's here were: the rain was keeping me cool so I wasn't dehydrating (also energy gels helped), I knew my pace and I had energy in my legs. Over the last 20 km I floored it (well comparatively for me) where as, in previous years I just fell apart. The whole second half of the race were personal records.

The result? I ended up crossing at 4h 44m. That's 17 minutes faster than a younger version me.

Today, my knees, wrists and other parts of my body all hurt and I skipped the Steed ride. But other than that I'm feeling not too bad.

Also, I signed up for the Fondo next year. I'm going to get below 4hr 30min next year.

Categorieën: Mozilla-nl planet

Mike Conley: Photon Engineering Newsletter #14

Thunderbird - do, 24/08/2017 - 19:04

Just like jaws did last week, I’m taking over for dolske this week to talk about stuff going on with Photon Engineering. So sit back, strap in, and absorb Photon Engineering Newsletter #14!

If you’ve got the release calendar at hand, you’ll note that Nightly 57 merges to Beta on September 20th. Given that there’s usually a soft-freeze before the merge, this means that there are less than 4 weeks remaining for Photon development. That’s right – in less than a month’s time, folks on the Beta channel who might not be following Nightly development are going to get their first Photon experience. That’ll be pretty exciting!

So with the clock winding down, the Photon team has started to shift more towards polish and bug-fixing. At this point, all of the major changes should have landed, and now we need to buff the code to a sparkling sheen.

The first thing you may have noticed is that, after a solid run of dogefox, the icon has shifted again:

The new Nightly icon

We now return you to your regularly scheduled programming

The second big change are our new 60fps1 loading throbbers in the tabs, coming straight to you from the Photon Animations team!

The new loading throbber in Nightly

I think it’s fair to say that Photon Animations are giving Firefox a turbo boost!

Other recent changes Menus and structure Animations
  • Did we mention the new tab loading throbber?
Preferences
  • All MVP work is completed! The team is now fixing polish bugs. Outstanding!
Visual redesign Onboarding Performance
  1. The screen capturing software I used here is only capturing at 30fps, so it’s really not doing it justice. This tweet might capture it better. 

Categorieën: Mozilla-nl planet

Mozilla Future Releases Blog: Update on Multi-Process Firefox

Mozilla planet - wo, 21/12/2016 - 13:05

About four months ago, we launched multi-process Firefox to a small group of Firefox 48 users. Shortly after the carefully measured roll-out, we increased to approximately 50% of our user base. That included almost every Firefox user not using extensions. Those users have been enjoying the 400% increase in responsiveness and a 700% improvement when web pages are loading.

With Firefox 49 we deployed multi-process Firefox to users with a select set of well tested extensions. Our measurements and user feedback were all positive and so with Firefox 50 we deployed multi-process Firefox to users with a broader set of extensions, those whose authors have marked them as multi-process compatible.

Beyond Firefox 50, we have more work to do to enable multi-process Firefox for users with as yet unsupported extensions. In Firefox 51, if all testing goes according to plan, we’ll be enabling multi-process Firefox for users with extensions that are not explicitly marked as incompatible with multi-process Firefox.

In parallel to work enabling multi-process for more people using Firefox, we’re also working on additional longer term multi-process features that will further improve responsiveness and bring significant security benefits.

The first of those longer term multi-process features is to go from one content process to multiple content processes. The goal is to bring out the most from the multi process architecture, gain performance where it’s possible and minimize the impact of content process crashes. The first step is turning on a second content process in our Nightly channel. That gives us the opportunity to discover and squash bugs as we evaluate the right number of process to ultimately enable. That testing on Nightly is happening now.

The second long term multi-process feature is security sandboxing. Security Sandboxing makes use of child processes as a security boundary. Sandboxing work begins in Firefox 50 with the introduction of our first Windows sandbox. This is an early, laying the groundwork sandbox and is not yet hardened. Over the next few releases, the sandbox will be added to Mac and Linux and will become more restrictive and protective.

Multi-process Firefox has been a big undertaking but it’s already bringing positive results to our users in terms of responsiveness, stability, and security. Stay tuned to this channel for further updates as new multi-process capabilities are developed, tested, and deployed to Firefox users the world over.

The post Update on Multi-Process Firefox appeared first on Future Releases.

Categorieën: Mozilla-nl planet

Calendar: GSoC 2016: Where Things Stand

Thunderbird - do, 25/08/2016 - 22:22

The clock has run out on Google Summer of Code 2016.  In this post I’ll summarize the feedback we received on the new UI design and the work I’ve been doing since my last post.

Feedback on the New UI Design

A number of people shared their feedback on the new UI design by posting comments on the previous blog post.  The response was generally positive.  Here’s a brief summary:

  • One commenter advocated for keeping the current date/time picker design, while another just wanted to be sure to keep quick and easy text entry.
  • A question about how attendees availability would be shown (same as it is currently).
  • A request to consider following Google Calendar’s reminders UI.
  • A question about preserving the vertical scroll position across different tabs (this should not be a problem).
  • A concern about how the design would scale for very large numbers (say hundreds) of attendees, categories, reminders, etc.  (See my reply.)

Thanks to everyone who took the time to share their thoughts.  It is helpful to hear different views and get user input.  If you have not weighed in yet, feel free to do so, as more feedback is always welcome.  See the previous blog post for more details.

Coding the Summer Away

A lot has happened over the last couple months.  The big news is that I finished porting the current UI from the window dialog to a tab.  Here’s a screenshot of this XUL-based implementation of the UI in a tab (click to enlarge):

xul-ui-in-tab

Getting this working in a really polished way took more time than I anticipated, largely because the code had to be refactored so that the majority of the UI lives inside an iframe.  This entailed using asynchronous message passing for communication between the iframe’s contents and its outer parent context (e.g. toolbars, menus, statusbar, etc.), whether that context is a tab or a dialog window.  While this is not a visible change, it was necessary to prepare the way for the new HTML-based design, where an HTML file will be loaded in the iframe instead of a XUL file.

Along with the iframe refactoring, there are also just a lot of details that go into providing an ideal user experience, all the little things we tend to take for granted when using software.  Here’s a list of some of these things that I worked on over the last months for the XUL implementation:

  • when switching tabs, update the toolbar and statusbar to reflect the current tab
  • persist open tabs across application restarts (which requires serializing the tab state)
  • ask the user about saving changes before closing a tab, before closing the application window, and before quitting the application
  • allow customizing toolbars with the new iframe setup
  • provide a default window dialog height and width with the new iframe setup
  • display icons for tabs and related CSS/style work
  • get the relevant ‘Events and Tasks’ menu items to work for a task in a tab
  • allow hiding and showing the toolbar from the view > toolbars menu
  • if the user has customized their toolbar for the window dialog, migrate those settings to the tab toolbar on upgrade
  • fix existing mozmill tests so they work with the new iframe setup
  • test for regressions in SeaMonkey

In the next two posts I’ll describe how to try out this new feature in a development version of Thunderbird, discuss the HTML implementation of the new UI design, and share some thoughts on using React for the HTML implementation.

— Paul Morris

Categorieën: Mozilla-nl planet

Calendar: GSoC 2016: Getting Oriented

Thunderbird - ma, 23/05/2016 - 22:07

Today is the first day of the “coding period” for Google Summer of Code 2016 and I’m excited to be working on the “Event in a Tab” project for Mozilla Calendar. The past month of the “community bonding period” has flown by as I made various preparations for the summer ahead. This post covers what I’ve been up to and my experience so far.

After the exciting news of my acceptance for GSoC I knew it was time to retire my venerable 2008 Apple laptop which had gotten somewhat slow and “long in the tooth.” Soon, with a newly refurbished 2014 laptop via Ebay in hand, I made the switch to GNU/Linux, dual-booting the latest Ubuntu 16.04. Having contributed to LilyPond before it felt familiar to fire up a terminal, follow the instructions for setting up my development environment, and build Thunderbird/Lightning. (I was even able to make a few improvements to the documentation – removed some obsolete info, fixed a typo, etc.) One difference from what I’m used to is using mercurial instead of git, although the two seem fairly similar. When I was preparing my application for GSoC my build succeeded but I only got a blank white window when opening Thunderbird. This time, thanks to some guidance from my mentor Philipp about selecting the revision to build, everything worked without any problems.

One of the highlights of the bonding period was meeting my mentors Philipp Kewisch (primary mentor) and MakeMyDay (secondary mentor). We had a video chat meeting to discuss the project and get me up to speed. They have been really supportive and helpful and I feel confident about the months ahead knowing that they “have my back.” That same day I also listened in on the Thunderbird meeting with Simon Phipps answering questions about his report on potential future legal homes for Thunderbird, which was an interesting discussion.

At this point I am feeling pretty well integrated into the Mozilla infrastructure after setting up a number of accounts – for Bugzilla, MDN, the Mozilla wiki, an LDAP account for making blog posts and later for commit access, etc. I got my feet wet with IRC (nick: pmorris), introduced myself on the Calendar dev team’s mailing list, and created a tracker bug and a wiki page for the project.

Following the Mozilla way of working in the open, the wiki page provides a public place to document the high-level details related to design, implementation, and the overall project plan. If you want to learn more about this “Event in a Tab” project, check out the wiki page.  It contains the mockup design that I made when applying for GSoC and my notes on the thinking behind it. I shared these with Richard Marti who is the resident expert on UI/UX for Thunderbird/Calendar and he gave me some good feedback and suggestions. I made a number of additional mockups for another round of feedback as we iterate towards the final design. One thing I have learned is that this kind of UI/UX design work is harder than it looks!

Additionally, I have been getting oriented with the code base and figuring out the first steps for the coding period, reading through XUL documentation and learning about Web Components and React, which are two options for an HTML implementation. It turns out there is a student team working on a new version of Thunderbird’s address book and they are also interested in using React, so there will be a larger conversation with the Thunderbird and Calendar dev teams about this. (Apparently React is already being used by the Developer Tools team and the Firefox Hello team.)

I think that about covers it for now. I’m excited for the coding period to get underway and grateful for the opportunity to work on this project. I’ll be posting updates to this blog under the “gsoc” tag, so you can follow my progress here.

— Paul Morris

Categorieën: Mozilla-nl planet

Frédéric Wang: MathML at the Web Engines Hackfest 2015

Mozilla planet - zo, 20/12/2015 - 00:00
Hackfest

Two weeks ago, I travelled to Spain to participate to the second Web Engines Hackfest which was sponsored by Igalia and Collabora. Such an event has been organized by Igalia since 2009 and used to be focused on WebkitGTK+. It is great to see that it has now been extended to any Web engines & platforms and that a large percentage of non-igalian developers has been involved this year. If you did not get the opportunity to attend this event or if you are curious about what happened there, take a look at the wiki page or flickr album.

Last day of the hackfest
Photo from @webengineshackfest licensed under Creative Commons Attribution-ShareAlike

I really like this kind of hacking-oriented and participant-driven event where developers can meet face to face, organize themselves in small collaboration groups to efficiently make progress on a task or give passionate talk about what they have recently been working on. The only small bemol I have is that it is still mainly focused on WebKit/Blink developments. Probably, the lack of Mozilla/Microsoft participants is probably due to Mozilla Coincidental Work Weeks happening at the same period and to the proprietary nature of EdgeHTML (although this is changing?). However, I am confident that Igalia will try and address this issue and I am looking forward to coming back next year!

MathML developments

This year, Igalia developer Alejandro G. Castro wanted to work with me on WebKit’s MathML layout code and more specifically on his MathML refactoring branch. Indeed, as many people (including Google developers) who have tried to work on WebKit’s code in the past, he arrived to the conclusion that the WebKit’s MathML layout code has many design issues that make it a burden for the rest of the layout team and too complex to allow future improvements. I was quite excited about the work he has done with Javier Fernández to try and move to a simple box model closer to what exists in Gecko and thus I actually extended my stay to work one whole week with them. We already submitted our proposal to the webkit-dev mailing list and received positive feedback, so we will now start merging what is ready. At the end of the week, we were quite satisfied about the new approach and confident it will facilitate future maintenance and developements :-)

Main room
Photo from @webengineshackfest licensed under Creative Commons Attribution-ShareAlike

While reading a recent thread on the Math WG mailing list, I realized that many MathML people have only vague understanding of why Google (or to be more accurate, the 3 or 4 engineers who really spent some time reviewing and testing the WebKit code) considered the implementation to be unsafe and not ready for release. Even worse, Michael Kholhase pointed out that for someone totally ignorant of the technical implementation details, the communication made some years ago around the “flexbox-based approach” gave the impression that it was “the right way” (indeed, it somewhat did improve the initial implementation) and the rationale to change that approach was not obvious. So let’s just try and give a quick overview of the main problems, even if I doubt someone can have good understanding of the situation without diving into the C++ code:

  1. WebKit’s code to stretch operator was not efficient at all and was limited to some basic fences buildable via Unicode characters.
  2. WebKit’s MathML code violated many layout invariants, making the code unreliable.
  3. WebKit’s MathML code relied heavily on the C++ renderer classes for flexboxes and has to manage too many anonymous renderers.

The main security concerns were addressed a long time ago by Martin Robinson and me. Glyph assembly for stretchy operators are now drawn using low-level font painting primitive instead of creating one renderer object for each piece and the preferred width for them no longer depends on vertical metrics (although we still need some work to obtain Gecko’s good operator spacing). Also, during my crowdfunding project, I implemented partial support for the OpenType MATH table in WebKit and more specifically the MathVariant subtable, which allows to directly use construction of stretchy operators specified by the font designer and not only the few Unicode constructions.

However, the MathML layout code still modifies the renderer tree to force the presence of anonymous renderers and still applies specific CSS rules to them. It is also spending too much time trying to adapt the parent flexbox renderer class which has at the same time too much features for what is needed for MathML (essentially automatic box alignment) and not enough to get exact placement and measuring needed for high-quality rendering (the TeXBook rules are more complex, taking into account various parameters for box shifts, drops, gaps etc).

During the hackfest, we started to rewrite a clean implementation of some MathML renderer classes similar to Gecko’s one and based on the MathML in HTML5 implementation note. The code now becomes very simple and understandable. It can be summarized into four main functions. For instance, to draw a fraction we need:

  • computePreferredLogicalWidths which sets the preferred width of the fraction during the first layout pass, by considering the widest between numerator and denominator.
  • layoutBlock and firstLineBaseline which calculate the final width/height/ascent of the fraction element and position the numerator and denominator.
  • paint which draws the fraction bar.

Perhaps, the best example to illustrate how the complexity has been reduced is the case of the renderer of mmultiscripts/msub/msup/msubsup elements (attaching an arbitrary number of subscripts and superscripts before or after a base). In the current WebKit implementation, we have to create three anonymous wrappers (a first one for the base, a second one for prescripts and a third one for postscripts) and an anonymous wrapper for each subscript/superscript pair, add alignment styles for these wrappers and spend a lot of time maintaining the integrity of the renderer tree when dynamic changes happen. With the new code, we just need to do arithmetic calculations to position the base and script boxes. This is somewhat more complex than the fraction example above but still, it remains arithmetic calculations and we can not reduce any further if we wish quality comparable to TeXBook / MATH rules. We actually take into account many parameters from the OpenType MATH table to get much better placement of scripts. We were able to fix bug 130325 in about twenty minutes instead of fighting with a CSS “negative margin” hack on anonymous renderers.

MathML dicussions

The first day of the hackfest we also had an interesting “breakout session” to define the tasks to work on during the hackfest. Alejandro briefly presented the status of his refactoring branch and his plan for the hackfest. As said in the previous section, we have been quite successful in following this plan: Although it is not fully complete yet, we expect to merge the current changes soon. Dominik Röttsches who works on Blink’s font and layout modules was present at the MathML session and it was a good opportunity to discuss the future of MathML in Chrome. I gave him some references regarding the OpenType MATH table, math fonts and the MathML in HTML5 implementation note. Dominik said he will forward the references to his colleagues working on layout so that we can have deeper technical dicussion about MathML in Blink in the long term. Also, I mentioned noto-fonts issue 330, which will be important for math rendering in Android and actually does not depend on the MathML issue, so that’s certainly something we could focus on in the short term.

Álex and Fred during the MathML breakout session
Photo from @webengineshackfest licensed under Creative Commons Attribution-ShareAlike

Alejandro also proposed to me to prepare a talk about MathML in Web Engines and exciting stuff happening with the MathML Association. I thus gave a brief overview of MathML and presented some demos of native support in Gecko. I also explained how we are trying to start a constructive approach to solve miscommunication between users, spec authors and implementers ; and gather technical and financial resources to obtain a proper solution. In a slightly more technical part, I presented Microsoft’s OpenType MATH table and how it can be used for math rendering (and MathML in particular). Finally, I proposed my personal roadmap for MathML in Web engines. Although I do not believe I am a really great speaker, I received positive feedback from attendees. One of the thing I realized is that I do not know anything about the status and plan in EdgeHTML and so overlooked to mention it in my presentation. Its proprietary nature makes hard for external people to contribute to a MathML implementation and the fact that Microsoft is moving away from ActiveX de facto excludes third-party plugin for good and fast math rendering in the future. After I went back to Paris, I thus wrote to Microsoft employee Christian Heilmann (previously working for Mozilla), mentioning at least the MathML in HTML5 Implementation Note and its test suite as a starting point. MathML is currently on the first page of the most voted feature requested for Microsoft Edge and given the new direction taken with Microsoft Edge, I hope we could start a discussion on MathML in EdgeHTML…

Conclusion

This was a great hackfest and I’d like to thank again all the participants and sponsors for making it possible! As Alejandro wrote to me, “I think we have started a very interesting work regarding MathML and web engines in the future.”. The short term plan is now to land the WebKit MathML refactoring started during the hackfest and to finish the work. I hope people now understand the importance of fonts with an OpenType MATH table for good mathematical rendering and we will continue to encourage browser vendors and font designers to make such fonts wide spread.

The new approach for WebKit MathML support gives good reason to be optmimistic in the long term and we hope we will be able to get high-quality rendering. The fact that the new approach addresses all the issues formulated by Google and that we started a dialogue on math rendering, gives several options for MathML in Blink. It remains to get Microsoft involved in implementing its own OpenType table in EdgeHTML. Overall, I believe that we can now have a very constructive discussion with the individuals/companies who really want native math support, with the Math WG members willing to have their specification implemented in browsers and with the browser vendors who want a math implementation which is good, clean and compatible with the rest of their code base. Hopefully, the MathML Association will be instrumental in achieving that. If everybody get involved, 2016 will definitely be an exciting year for native MathML in Web engines!

Categorieën: Mozilla-nl planet

Thunderbird Blog: Thunderbird Active Daily Inquiries Surpass 10 Million!

Thunderbird - wo, 09/12/2015 - 00:49

We are pleased to report that Thunderbird usage, as reported though the standard Mozilla metric of Active Daily Inquiries (ADI), has surpassed 10 million users per day on Monday November 30 2015 for the first time ever.

Thunderbird Active Daily Inquiries graph, showing new record of 10,000,000

ADI is a raw measurement of active users, and is taken by counting the daily requests from Thunderbird users for updates to the plugin blocklist. This measure under-counts active users for a variety of reasons (such as firewalls, or users that do not use Thunderbird everyday). Based on more detailed studies with other applications, a typical multiplier applied to ADI to estimate total active users is 2.5. So the best estimate of current active users is 25,000,000.

Thunderbird Celebrates its 11 Birthday

Eleven years ago, on December 7 2004, Mozilla announced in a blog post the birth of Thunderbird. Happy Birthday, Thunderbird!

String-freeze for Thunderbird 45 on December 14

The Thunderbird development team is working hard on the next major release of Thunderbird, version 45, which is due for release in March of 2016. String freeze for new features is this weekend. Over 1000 code commits have been done to the main Thunderbird code repository in preparation for this release (in addition to the tens of thousands of commits to the Mozilla platform repository that Thunderbird uses as its base).

Mozilla Foundation as (Temporary) Thunderbird Home

Coincidentally on the same date as the new ADI record, in a post to a public Mozilla discussion forum, Mozilla Chairperson Mitchell Baker outlined some upcoming changes in the relationship of Mozilla to Thunderbird.

In the administrative part of that post, Mitchell announced that the Mozilla Foundation under Mark Surman has been working with Thunderbird to provide at least a temporary legal and financial home for the Thunderbird project (which we have been sorely lacking for several years). At the same time, a formal process will be undertaken to determine what is the best long-term home for Thunderbird, which might be Mozilla or might be some other entity.

Practically what this means is that in 2016, Thunderbird will finally be able to accept donations from users directed toward the update and maintenance of Thunderbird. In the long run, Thunderbird needs to rely on our users for support, and not expect to be subsidized by revenue from Firefox. We welcome this help from the Mozilla Foundation in moving toward our goal of developing independent sources of income for Thunderbird.

In the technical part of that post, Mitchell reiterated that Mozilla needs to be laser-focused on Firefox, and that the burden this places on Thunderbird (as well as the burden that Thunderbird places on Firefox) is leading to unacceptable outcomes for both projects. The most immediate need is for the Thunderbird release infrastructure to be independent of that used by Firefox, and Mozilla has offered to help. In the long-term, there will be additional technical separation between Firefox and Thunderbird as a continuation of a process that has been ongoing for the last three years.

 

Categorieën: Mozilla-nl planet

Meeting Notes: Thunderbird: 2015-12-01

Thunderbird - wo, 02/12/2015 - 05:00

Thunderbird notes 2015-12-01. NOON PT (Pacific). For meeting time, previous notes and call-in details see https://wiki.mozilla.org/Thunderbird/StatusMeetings

Attendees
  • jorgk, fallen, ba, wsmwk, mkmelin,MakeMyDay, rkent, marcoagpinto, roker
MAIN FOCUS OF MEETING
  • version 45
  • governance, futures
  • builds
Action items from last meetings
  • Thunderbird Council reorganization: we’ll discuss this in the Council directly and do some reorganization. This is not a forever governance plan, but we need to be practical given the many demands of the moment.
Current status / Announcements Current Release Critical Issues

Leave critical bugs here until confirmed fixed. If confirmed, then remove.

blocking

  • 38.3.1 bug 1211160 calendar 4.0.3.1 is a workaround for 38.3.0 — Thunderbird Version 38.3 Buttons not working menu items // bug 1211291 – Folders are visible, but messages are not. (?related to bug 1211358 lightning chrome.manifest not updated in 38.3.0 ?)
  • nightly (3 bugs blocking builds, all are assigned) – bug 1195442 – Mac builds broken ~1 month on nightly
  • rkent is working on it – bug 1183490 – (dataloss) New emails do not adhere to sort by order received
    • Plan is to understand issues in converting completely to nextKey = ++lastKey for non-IMAP, then plan how much to implement for 38.3.0 A simple fix of the dataloss is probable. I have a try patch that does the nextKey = ++lastKey that works, now I need to think about patch for 38 (bug 1202105 needs to go to trunk and 38)
    • update 2015-10-20, patches have been posted but waiting for reviews for 2 weeks (aceman will look at those)
    • update 2015-11-17, review done 11-14, need to update and land.

important (but not top critical)

  • status TBD – bug 1182629 – update to 38.1.0 from 38.0.1 re-enables disabled Lightning
  • status TBD – bug 1176399 – Multiple master password when GMail OAuth2 is enabled
  • status TBD – bug 1176748 – fix main thread proxies to the migration code (jorgk and m_kato have done such fixes in the past)
  • filelink, proxy,
  • topcrash bug 1149287 is ** 31% of our crashes** – see below
Version 45
  • tracking-tb45 flags: unfixed ?/+ – http://mzl.la/1PMzNiK
  • Items that may need to be checked and tested: gtk3, windows 10, windows 64bit?
  • hardware acceleration – not looking promising (no changes / no testing in recent months)
  • jsaccount should come in aurora
Releases
  • Past
    • 38.0.1 nominally shipped 2015-06-12, 38.1.0 shipped 2015-07-10, 31.8.0 shipped 2015-07-17, 40.0beta shipped 2015-07-27 (skipping 39.0b), 38.2.0 shipped 2015-08-14, 41.0b1 2015-09-08 build2 (missed ~2015-08-10)
    • 41.0b2 (with uplifts for 38.3.0)
    • 38.3.0 ~2015-09-25 (throttled on 2015-10-06)
    • 42.0b2 2015-10-13 (42.0b1 abandoned)
    • 42.0b3 ~2015-09-23 (skipped)
    • 38.4.0 2015-11-25 (quite late) – many release notes issues
  • Upcoming – https://wiki.mozilla.org/RapidRelease/Calendar#Future_branch_dates
Lightning

Past releases:

Upcoming releases:

Round Table Jorg K
  • Landed six patches
    • bug 1219928 – M-C spell checker problem
    • bug 586587 + one more – M-C drag and drop onto editor window
    • ((bug|1226537}} – C-C spell check in subject problem
    • bug 1214377 – M-C editor problem, copy/paste – “white-space: pre;”
    • bug 1225864 – M-C CJK route cause of problem in the serialiser
  • Awaiting review:
    • bug 769604 – C-C font size toolbar button and change increase/decrease size function.
    • bug 1225904 – C-C CJK e-mail with long lines gets corrupted
    • bug 653342 – C-C CJK fix serializer flags, support delsp=yes, tie all CJK issues altogether. Automatically fixes bug 26734
  • (Attended Mozilla Berlin “Tech Meeting”: Firefox OS, Telemetry, Servo/Rust)
aceman

Assisting Thomas D. to drive the patches to fix determining the send format (plain/HTML) of outgoing messages:

wsmwk rkent
  • I was away for a full week for Thanksgiving, just back today, and have a ear infection as well, so has not been a good week. Responding to the pEp proposals, and Mitchell’s post, are my main priorities at the moment.
Friends of the tree Action Items Help Wanted Retrieved from “https://wiki.mozilla.org/index.php?title=Thunderbird/StatusMeetings/2015-12-01&oldid=1108006

Categorieën: Mozilla-nl planet

Meeting Notes: Thunderbird: 2015-11-17

Thunderbird - wo, 18/11/2015 - 05:00

Thunderbird notes 2015-11-17. NOON PT (Pacific). For meeting time, previous notes and call-in details see https://wiki.mozilla.org/Thunderbird/StatusMeetings

Attendees
  • jorgk, Pegasus, ba, wsmwk, mkmelin,MakeMyDay, rkent
FOCUS OF MEETING

(to be covered in sections below)

  • version 45
  • governance, futures
  • builds
Action items from last meetings
  • Thunderbird Council reorganization: we’ll discuss this in the Council directly and do some reorganization. This is not a forever governance plan, but we need to be practical given the many demands of the moment.
Current status / Announcements
  • Need to release 38.4 and 43.0b1
    • Please help green up the tree – including not only c-c but also esr38, beta, and aurora
      • We must be aggressive so checkins when patches become available. Thoughts: if you file a bug, please consider fixing it, or pass it off to someone rather than rely on “the fates”. If it breaks build or tests, please make severity=blocker
  • Thunderbird 45: string freeze per schedule, interface freeze later (that’s me demanding a concession like last year).
Critical Issues

Leave critical bugs here until confirmed fixed. If confirmed, then remove.

blocking

  • 38.3.1 bug 1211160 calendar 4.0.3.1 is a workaround for 38.3.0 — Thunderbird Version 38.3 Buttons not working menu items // bug 1211291 – Folders are visible, but messages are not. (?related to bug 1211358 lightning chrome.manifest not updated in 38.3.0 ?)
  • nightly (3 bugs blocking builds, all are assigned) – bug 1195442 – Mac builds broken ~1 month on nightly
  • rkent is working on it – bug 1183490 – (dataloss) New emails do not adhere to sort by order received
    • Plan is to understand issues in converting completely to nextKey = ++lastKey for non-IMAP, then plan how much to implement for 38.3.0 A simple fix of the dataloss is probable. I have a try patch that does the nextKey = ++lastKey that works, now I need to think about patch for 38 (bug 1202105 needs to go to trunk and 38)
    • update 2015-10-20, patches have been posted but waiting for reviews for 2 weeks (aceman will look at those)
    • update 2015-11-17, review done 11-14, need to update and land.

important (but not top critical)

  • status TBD – bug 1182629 – update to 38.1.0 from 38.0.1 re-enables disabled Lightning
  • status TBD – bug 1176399 – Multiple master password when GMail OAuth2 is enabled
  • status TBD – bug 1176748 – fix main thread proxies to the migration code (jorgk and m_kato have done such fixes in the past)
  • filelink, proxy,
  • topcrash bug 1149287 is ** 31% of our crashes** – see below
Releases
  • Past
    • 38.0.1 nominally shipped 2015-06-12, 38.1.0 shipped 2015-07-10, 31.8.0 shipped 2015-07-17, 40.0beta shipped 2015-07-27 (skipping 39.0b), 38.2.0 shipped 2015-08-14, 41.0b1 2015-09-08 build2 (missed ~2015-08-10)
    • 41.0b2 (with uplifts for 38.3.0)
    • 38.3.0 ~2015-09-25 (throttled on 2015-10-06)
    • 42.0b2 2015-10-13 (42.0b1 abandoned)
  • Upcoming
Lightning

Past releases:

Upcoming releases:

Round Table Jorg K
  • bug 1174452 – M-C editor problem, copy/paste – “white-space: pre;” – patch preposed in bug 1214377 ; landed and sadly got reopened, awaiting review again.
  • bug 586587 – M-C drag and drop onto editor window – awaiting review.
  • bug 769604 – C-C font size toolbar button and change increase/decrease size function – awaiting review.
  • bug 1219928 – M-C spell checker problem – awaiting review.
  • Started looking as CJK problems in flowed plaintext messages: bug 26734, bug 653342.
  • Got hit by bug 1224840 – Assertion failure: IsOuterWindow(), fixed one occurrence.
rkent
  • Thunderbird’s future plans
    • Pending letter from Mitchell on Thunderbird and MoCo
    • Big issues for Thunderbird future: 1) cost of transition 2) sources of income
      • 1) Volker Birk & another senior architect will work with you to estimate the cost of transition in man days and $ as they have lots of experince in setting up and migrating complex systems.
      • 2) We have been talking to DigitalCourage about setting up a donation based system and we as the p≡p Foundation will fund Thunderbird until the donation levels are sufficient for a sustained future.
    • Even bigger issues for the future: articulating a vision, collecting partners: p≡p, Postbox, Chinese fork, Gaia email, TDF/Collabora, MoFo, ???
      • We see these points as elements that need to be worked out in the six months’ period that we have agreed with MoFo. As for collecting partners, we consider this as an outcome of the Business Strategy that will be defined in the next 6 months. We, the p≡p Foundation will start discussions with TDF. In my opinion, ‘Collecting Partners’could require quite large time committment and it should hence be very well planned.
    • Status of MoFo-Thunderbird and Thunderbird-p≡p discussions
      • p≡p Foundation is waiting for MoFo to come back with final comments. In the meantime, I’ll be wait for Kent’s input to align
    • My concern for developing capacity of Thunderbird to be self-managed and focused.
    • Planning a Europe meetup in January, focused on a business plan for January – June 2016
      • We are happy to set it up here in Europe.
Question Time
  • new account provisioner: Are there currently any providers other than Gandi? Would it be worth trying to find some more?
  • We need a plan for the build system fairly urgently, given the apparent “no” to the c-c/m-c merge
Help Wanted Retrieved from “https://wiki.mozilla.org/index.php?title=Thunderbird/StatusMeetings/2015-11-17&oldid=1106129

Categorieën: Mozilla-nl planet

Mike Conley: A printing story and a PSA: outparams over the IPC layer might not behave like you’d expect

Thunderbird - vr, 30/10/2015 - 16:37

Here’s a story about a printing bug on OS X, and a lesson about how our IPC layer works.

Last week, :ehsan came up to my desk and said “Mike… printing is broken on OS X with e10s enabled. Did you know this?”

It was sad to hear. Nobody, as far as I knew, had been touching printing code (besides bobowen, but he hadn’t landed his patches yet), which meant that some mystery change had landed and it was my responsibility (as the one who had implemented printing on OS X for e10s) to fix it.

The first step was to confirm it. Yep, it looked like I couldn’t print on my Nightly. Crap1. So we get the bug filed, and then I fired up my local build and lldb, and tried to trace out where the problem was occurring.

Drilling down to the regressing changeset

The problem was that my local build printed just fine. Eyebrow raised, I tried using my default profile with my local build to see if something about my profile was causing printing to break. Printing continued to work with my local build2.

Scratching my head, I used mozregression to bisect the problem down to a single changeset.

Here’s the bug it spat out:

Bug 1209930 – Update Mac clang to match the version in use everywhere else

The hair stood up on the back of my neck. Printing got broken by a compiler upgrade? This had bad news written all over it.

Many try builds

So that, I guess, explained why I couldn’t reproduce the problem locally. I needed to build with a particular compiler in order to experience the bug.

The bad news was that I found out that the version of clang that we’d upgraded to didn’t work on my version of OS X (10.10.5). It was supposed to work on machines running OS X 10.7, but I didn’t have access to any3.

I was able to get debug builds off of try, but I had no luck convincing lldb to let me step through it, despite having the symbols and the right revision checked out4.

So this meant a lot of try builds. The good news is that I was able to add a bunch of logging to try, and just kinda walk away while it built. A few hours later, I’d have my build, and I’d get my results. I wasn’t blocked waiting on it to build, so I could work on other things.

What did the logging reveal?

Our printing code sometimes shows this progress dialog when printing starts. It’s put up so that while we’re laying out the page for printing, the user knows that stuff is happening. We show this progress dialog on Linux and Windows, but not on OS X (I guess OS X users don’t expect such a progress window… this was a decision made way back in the day).

The printing engine in the content process sends up a message to the parent saying, “I’m all set to print, let’s show the progress dialog!”. On OS X, the parent responds, “Uh, nope” (which is a return code of NS_ERROR_NOT_IMPLEMENTED), and the child is supposed to go, “Oh okay, I’ll just print right away”.

But here’s the kicker – along with message to show the progress dialog, the child sends an outparam5. That outparam is sent because for some platforms that show the progress dialog, we want to wait until the dialog closes before starting the actual print. On other platforms, we may just want to start printing right away when laying out the page finishes without waiting for the dialog to close.

That outparam is a bool initialized to a value of false in the print engine, and in the non-e10s case where we return “Sorry, no progress dialog” with NS_ERROR_NOT_IMPLEMENTED, that bool stays false, and when it stays false, it means that we start printing right away.

My logging showed that for some reason, that value was getting flipped to true despite not being touched by (seemingly) anything in the IPC sender / receiver nor the print progress dialog backend (which still just returns NS_ERROR_NOT_IMPLEMENTED when asked to open the printing dialog).

What the hell?

Here’s the PSA

Ehsan helped me dig into what was going on, and we figured it out. Here’s the big lesson / PSA here:

outparams over IPC, when untouched on the receiver side, get filled with values from uninitialized memory when returned to the sender.

I’ll give you an example. Here’s some sorta-pseudocode:

#include <stdio.h> void someFunc(bool* aOutParam) { } int main(int argc, char** argv) { bool myBool = false; someFunc(&myBool); if (myBool) { printf("Wait, WHAT?"); return 1; } return 0; }

We should never enter that “Wait, WHAT?” conditional block because myBool remains false throughout. It’s initialized to false, and even though we pass a pointer to it to someFunc, someFunc never touches it, so it stays false, and so we skip the conditional and return 0 as expected.

If, however, you did the same thing, but over IPC… well, now you’re in for a fun treat.

On the receiver side of the IPC message, here’s a chunk of the generated code that calls into RecvShowPrintProgress on the parent side:

bool notifyOnOpen; bool success; int32_t id__ = mId; if \((!(RecvShowProgress(mozilla::Move(browser), mozilla::Move(printProgressDialog), mozilla::Move(isForPrinting), (&(notifyOnOpen)), (&(success)))))) { mozilla::ipc::ProtocolErrorBreakpoint("Handler for ShowProgress returned error code"); return MsgProcessingError; } reply__ = new PPrinting::Reply_ShowProgress(id__); Write(notifyOnOpen, reply__); Write(success, reply__); (reply__)->set_sync(); (reply__)->set_reply();

That notifyOnOpen bool is the one that is the outparam in the child. Notice that it’s not being initialized to any value! That means its current value could be, well, anything. When we call into RecvShowProgress, we pass a pointer to that anything value. If RecvShowProgress doesn’t do anything with that pointer (like in the OS X case), well… that random value is what gets written to the IPC message that gets sent back to the child.

And somehow a clang upgrade made it far more likely that this value would evaluate to TRUE as a boolean instead of FALSE.

And so the child assumed that it’d have to wait for a dialog to close before starting to print – a dialog that would never open, because we don’t show it on OS X.

So the patch I eventually wrote initializes the outparam to false before calling into the OS X widget code that just returns NS_ERROR_NOT_IMPLEMENTED, and that fixed the bug.

It’s a small patch, but in my mind, it’s a big lesson, at least for me. I had assumed that outparams would work the same over IPC as they do in the same process, and that’s simply not the case.

I’ve filed bug 1220168 to try to make this sort of thing easier to spot in the future.

  1. Our automated testing story for printing is pretty bad. We test some of the built-in UI for printing, but as for actually sending stuff to printer drivers… zero automated tests, which explains why this had gone uncaught for so long. 

  2. If you’re wondering, I wasn’t printing out reams of paper to test this. XCode comes with a Printer Simulator, which is like a PDF printer, except that I can get a better sense of the communications being sent to the printer 

  3. Okay, there’s one in the office, but apparently trying to build on it is a slow nightmare 

  4. Happy to hear and share how to do this if someone will show me 

  5. Read this about passing multiple values back from a method call if you’re curious about what outparams are 

Categorieën: Mozilla-nl planet

Mike Conley: The Joy of Coding – Ep’s 23 – 29

Thunderbird - zo, 04/10/2015 - 18:43

Wow! I’ve been a way from this blog for too long. I also haven’t posted any new episodes for The Joy of Coding. I also haven’t been keeping up with my Things I’ve Learned posts.

Time to get back in the saddle. First thing’s first, here are 6 episodes of The Joy of Coding that have aired. Unfortunately, I haven’t put together summaries for any of them, but I’ve put their agendas near the videos so that might give some clues.

Here we go!

Episode 23

Agenda

Episode 24

Agenda

Episode 25

Agenda

Episode 26

Agenda

Episode 27

Agenda

Episode 28

Agenda

Episode 29

Agenda

Categorieën: Mozilla-nl planet

Rumbling Edge - Thunderbird: 2015-09-27 Calendar builds

Thunderbird - zo, 27/09/2015 - 22:19

Common (excluding Website bugs)-specific: (41)

  • Fixed: 357012 – Week number support in multiweek/month view
  • Fixed: 388926 – Use If-Modified-Since when checking for updates in ICS calendars
  • Fixed: 412202 – Long text strings in reminder should use line breaks and not scroll horizontally
  • Fixed: 533265 – Show differences when receiving an event update via email
  • Fixed: 1048035 – Remove occurences of deprecated parseHeadersWithArray from calendar code
  • Fixed: 1110183 – Displayed reminders can be improperly snoozed or duplicated when the calendar is refreshed
  • Fixed: 1151472 – Remove use of expression closures in calendar/
  • Fixed: 1169062 – Lightning extremely slow/unresponsive with Google Birthday calendar
  • Fixed: 1170271 – Provider does not sync single occurrences deleted occurrences
  • Fixed: 1180413 – Attendee list in event dialog should not be comma separated
  • Fixed: 1180416 – Tracking bug for Lightning 4.0.2
  • Fixed: 1184704 – ReferenceError: gs is not defined
  • Fixed: 1184714 – Fix some more strict warnings
  • Fixed: 1186579 – TypeError: aEvent.target is undefined when calling openUILink(kSupportUri, {});
  • Fixed: 1186828 – Support gtk3 builds
  • Fixed: 1187072 – Cache support gets reset disabled for network calendars in calendar property dialog
  • Fixed: 1187574 – calendar.context.togglevisible.accesskey is used for multiple strings
  • Fixed: 1187670 – AUDIO alarms without attachments are rejected although valid
  • Fixed: 1187675 – Icons to add an event or task are hard to distinguish
  • Fixed: 1187728 – There are still calendar-windows css files referenced
  • Fixed: 1187741 – VTODO only calendar disables “add as task” button
  • Fixed: 1188070 – Closebuttons are looking weird on hover
  • Fixed: 1188111 – Failed to read ‘hs’ and ‘ds’ errors in add to calendar button’s drop down list
  • Fixed: 1189109 – Errors in import of .ics file: “Component does not have requested interface [calIOperationListener.onOperationComplete]” nsresult: “0x80004002 (NS_NOINTERFACE)”
  • Fixed: 1192600 – create deterministic header list ical.h
  • Fixed: 1192883 – Fix timezone definition test
  • Fixed: 1193482 – Make gdataRequest backwards compatible again
  • Fixed: 1194997 – Tracking bug for Lightning 4.0.2.1
  • Fixed: 1195974 – Lightning 4.0.2 switches caldav calendards off and read-only when offline
  • Fixed: 1197320 – Free/Busy information of CalDAV calendar is no longer displayed after latest Lightning Calendar’s update (v4.0.2)
  • Fixed: 1198412 – Use Array.includes in calendar
  • Fixed: 1199942 – Event approval dialog does not filter calendars anymore
  • Fixed: 1200039 – VS2015 build fails in calendar/libical: fatal error C1189: Macro definition of snprintf conflicts with Standard Library function declaration
  • Fixed: 1200861 – Lightning repacks get fooled by interfaces.manifest generated from make export
  • Fixed: 1201169 – TEST-UNEXPECTED-FAIL | xpcshell-libical.ini:calendar/test/unit/test_gdata_provider.js | xpcshell return code: 0
  • Fixed: 1201838 – Printing tasks is broken [Error: TypeError: aItem[cal.calGetStartDateProp(…)] is null]
  • Fixed: 1202268 – App menu (Hamburger button) in calendar and task tab doesn’t work anymore
  • Fixed: 1202901 – Earlybird 42a2 email text from Outlook hidden by Lightning 4.4a2
  • Fixed: 1203539 – make[1]: *** [upload-en-US] Error 1 | make: *** [upload] Error 2
  • Fixed: 1204255 – Replies to email invitations which have been sent by Lightning 4.0.2 may have email attendees with and without mailto prefix for the same email address
  • Fixed: 1205050 – TEST-UNEXPECTED-FAIL | xpcshell-icaljs.ini:calendar/test/unit/test_bug1199942.js | xpcshell return code: 0

Sunbird will no longer be actively developed by the Calendar team.

Windows builds Official Windows

Linux builds Official Linux (i686), Official Linux (x86_64)

Mac builds Official Mac (2015-08-12 build only, due to bug 1195442)

Categorieën: Mozilla-nl planet

Rumbling Edge - Thunderbird: 2015-09-27 Thunderbird comm-central builds

Thunderbird - zo, 27/09/2015 - 22:18

Thunderbird-specific: (89)

  • Fixed: 256628 – change wording of Recheck Page button in spell checker
  • Fixed: 267663 – Strange behaviour of “read” check for group header
  • Fixed: 267673 – indicate that a closed group has any unread messages, should not be bold if all are read (usability issue)
  • Fixed: 273110 – Thread pane context menu (group): disabled item becomes enabled on hover
  • Fixed: 323391 – Opens only items from one group when the “group-by”-bar is included in selection
  • Fixed: 368915 – Selection of spell check dictionaries disabled in subject line
  • Fixed: 368920 – Darken the background for Message Grouping (Group by Sort) headers
  • Fixed: 376610 – “load” event on Messenger Window fired twice (Mac OS X only)
  • Fixed: 478863 – Messages with future dates (>= tomorrow) badly break “Group by sort”, missing group header string for “Future Dates”
  • Fixed: 496045 – Disable “View message source” as a group action
  • Fixed: 500610 – Dummy headers (groupby view) should have context menus disabled
  • Fixed: 531285 – Use OpenStreetmap for maps (even allow the user to choose from list of map services)
  • Fixed: 532084 – (Message Header) Missing context menu to copy Subject line when mail opened in new window
  • Fixed: 655653 – When Message view is “Grouped by sort”, double-clicking anywhere but the expand/collapse arrow (eg in group heading) does not expand or collapse group
  • Fixed: 876165 – Threaded/Grouped View: not working if there’s only one unread message in a group
  • Fixed: 890332 – Hamburger menu button doesn’t open the menu on mouse down on first use
  • Fixed: 904812 – Make resources ‘testing-common’ and ‘testing’ available in Mozmill tests
  • Fixed: 998312 – Contacts sidebar: Implement Alt+Enter keyboard shortcut to edit the properties of selected AND focused contact (ux-consistency with TB address book and Windows/Linux default shortcut for “Properties”)
  • Fixed: 1037404 – drag’n’dropped reply mails should have “Re: ” in the filename
  • Fixed: 1043146 – Port to GTK3 for Thunderbird
  • Fixed: 1082551 – wrong call in log4moz.js ( “this._fos().XXX(…)” should be “this._fos.XXX(…)” )
  • Fixed: 1127580 – TEST-UNEXPECTED-FAIL | /builds/slave/test/build/mozmill/content-policy/test-general-content-policy.js | test-general-content-policy.js::test_generalContentPolicy
  • Fixed: 1131879 – Default to disable hardware acceleration (HWA) for Thunderbird
  • Fixed: 1138063 – Replace manual install rules (e.g. tests, FINAL_TARGET files) with moz.build equivalents
  • Fixed: 1148790 – Font indicator doesn’t update when cursor is placed into text with unsupported font in message composer
  • Fixed: 1152743 – Saved Files tab (about:downloads): Re-Implement “Search” field and “Clear List” button
  • Fixed: 1155655 – TEST-UNEXPECTED-FAIL | /builds/slave/test/build/tests/mozmill/quick-filter-bar/test-display-issues.js | test-display-issues.js::test_buttons_collapse_and_expand (The collapsy bar should not be shrunk!)
  • Fixed: 1171218 – Build symbols not working correctly in Thunderbird 38
  • Fixed: 1176216 – TEST-UNEXPECTED-FAIL | toolkit/components/search/tests/xpcshell/test_async_distribution.js | search_initialized – [search_initialized : 29] “bug645970” == “override”
  • Fixed: 1176716 – “Spelling” button should not be disabled when contacts side bar has focus
  • Fixed: 1178093 – Use darker toolbar icons on Windows 10
  • Fixed: 1180360 – Can’t compose a message to a newsgroup from the header
  • Fixed: 1180462 – Let Account Central show HTML tooltips
  • Fixed: 1180472 – Port bug 1173730 to TB [Use solid tab separator image on Windows 10]
  • Fixed: 1180475 – Remove aero from the tree. Part 1
  • Fixed: 1180478 – Remove aero from the tree. Part 2 (chat)
  • Fixed: 1180481 – Remove aero from the tree. Part 3 (messenger)
  • Fixed: 1180487 – Remove aero from the tree. Part 4 (tabmail)
  • Fixed: 1180588 – Spinner size is wrong on retina computer (when manually entering details for new account)
  • Fixed: 1182831 – typo in autosync.js
  • Fixed: 1185268 – [yosemite][Thunderbird] Simplified Chinese shows up in Traditional Chinese mode when saving an image (attachment)
  • Fixed: 1185540 – Support YouCompleteMe vim plugin in comm-central
  • Fixed: 1187158 – Direct users to the Notification Center settings to disable badge of Dock Icon
  • Fixed: 1187519 – Take Bug 1152517 “Recipient autocomplete wrongly considers last mouse-hovered contact …” and Bug 1130858 “Recipient autocomplete suggestion overrides ANY manual address …” into TB 38.x
  • Fixed: 1188306 – Import of address book in CSV format fails if data contains accented/international characters
  • Fixed: 1188778 – Windows 10 closing tb with X not possible (minimize, maximize and close not working)
  • Fixed: 1189365 – “anti-virus” typo US/GB
  • Fixed: 1190080 – [Windows 10] Jumplist icon almost not visible
  • Fixed: 1190092 – Zoom button cut off after startup if facet date view is unhidden
  • Fixed: 1190124 – run_tooltool process cannot find gtk3.tar.xz
  • Fixed: 1191941 – Disable addon signing via comm-central mozconfigs
  • Fixed: 1192494 – Remove aero from the tree. Part 5 (tagColors)
  • Fixed: 1192495 – Remove aero from the tree. Part 6 (quickFilterBar)
  • Fixed: 1192496 – Remove aero from the tree. Part 7 (mailWindow1)
  • Fixed: 1192497 – Remove aero from the tree. Part 8 (messageHeaders)
  • Fixed: 1192951 – Remove aero from the tree. Part 9 (primaryToolbar)
  • Fixed: 1192952 – Remove aero from the tree. Part 10 (addressbook)
  • Fixed: 1192953 – Remove aero from the tree. Part 11 (composer)
  • Fixed: 1192954 – Remove aero from the tree. Part 12 (tree removal)
  • Fixed: 1192969 – Unneeded preprocessing of messengerLWTheme.css
  • Fixed: 1192972 – Remove the tag definitions from searchDialog.css
  • Fixed: 1193143 – RuntimeError: File “mail/messengerLWTheme.css” not found in mail\themes\windows, mail\themes\windows
  • Fixed: 1193601 – Consider a different titlebar color for Windows 10
  • Fixed: 1193679 – Port bug 1173738 and following bugs to TB (Update URL and search bar borders on Windows 10)
  • Fixed: 1193682 – I’s hard to see the hovered treeitems in the sidebars on Windows 10
  • Fixed: 1193690 – Use the global close icon for Tabs
  • Fixed: 1193716 – Port Bug 1187286 to TB [prevent the ‘No account configured yet’ message from flashing when the account manager window opens]
  • Fixed: 1193721 – Window controls overlay the switch to tabs icons in Windows 10
  • Fixed: 1195143 – Use MOZ_ENABLE_SIGNMAR in confvars.sh instead of mozconfig
  • Fixed: 1195337 – ReferenceError: smtp is not defined when opening Troubleshooting Information, causing whole page to have no data
  • Fixed: 1195462 – Remove release-l10n mozconfigs as they are no longer use
  • Fixed: 1196662 – Thunderbird not checking for mails and becomes unresponsive after hibernation (problem is caused by upgrade to Thunderbird 38.2.0)
  • Fixed: 1197714 – Should not create more than one “Saved Files” download manager tab (about:downloads)
  • Fixed: 1198314 – A starred/marked message does not display the star icon
  • Fixed: 1198709 – crash in NS_strlen(wchar_t const*), TB 38.1.0, Irish (ga-IE) locale
  • Fixed: 1198729 – Attachments tab in Options has no icon
  • Fixed: 1199668 – Contact status and icon not shown for search result conversations
  • Fixed: 1200549 – imtooltip.xml, line 230: NS_ERROR_UNEXPECTED: Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIPrefBranch.getCharPref]
  • Fixed: 1202168 – Multiple TEST-UNEXPECTED-FAIL | toolkit/components/search/*
  • Fixed: 1202756 – Error during |make-package| because of missing libdbusservice.so
  • Fixed: 1203244 – Huge context menu after right click in message [ReferenceError: GetThreadTree is not defined] in mailContextMenus.js
  • Fixed: 1204206 – Close icon in Contacts sidebar mispositioned
  • Fixed: 1204901 – Remove filter to exclude some plugin strings
  • Fixed: 1205666 – blue bar as background of Options panes list
  • Fixed: 1206595 – Port relevant changes from | bug 885982 – Move MozTCPSocket and MozTCPServerSocket to WebIDL | to Thunderbird
  • Fixed: 1207267 – No horizontal border between toolbar and folder pane and message pane
  • Fixed: 1207363 – Use Array.includes in mail/ instead of indexOf != / == -1
  • Fixed: 1207707 – Port Bug 1189212 to TB [Pinned tab separators are sometimes too thick]
  • Fixed: 1207716 – Port Bug 1188194 to TB [Top border for lightweight theme in Windows 8 is too dark]

MailNews Core-specific: (35)

  • Fixed: 114607 – Newsgroups: Dialog for ‘download max number of headers’ will not appear for following subscribed NG if once set to “0”
  • Fixed: 209189 – Undo delete of message in local Trash folder causes corruption of Mail summary file with blank subject and body and crazy message date 1964/1969
  • Fixed: 301131 – junklog.html dates are taken from the message rather than system time
  • Fixed: 582170 – Need warning for destructive retention settings for POP (Disk Space) and IMAP (Synchronization & Storage) accounts
  • Fixed: 764323 – client.py needs to pass the revision argument to hgtool.py
  • Fixed: 764987 – Allow extensions to add exposed protocols in nsMsgContentPolicy
  • Fixed: 766495 – Draft composition shows wrong in-line images from other draft, if other draft mail is placed at original offset of editing draft mail by Compact. So, if mail is sent without draft save after Compact, wrong image is silently sent by Tb.
  • Fixed: 797710 – Crash on message nsMsgFilterAfterTheFact::ApplyFilter, because of double free?
  • Fixed: 799450 – Thunderbird adds the text of an email in the Drafts folder to an email I send (Confidential data in other/irrelevant draft mail is silently exposed to unexpected recipients by Tb as data of image part)
  • Fixed: 817245 – If Offset of replied-mail/forwarded-Inline-mail/previous-draft-mail is altered by Compact while composing mail, Send/Save can’t find image data in the original mail then Tb spins with “Attaching…”, when the original mail is HTML mail with embed image.
  • Fixed: 843320 – Add number/list of folders chosen in the saved search (virtual folder) creation/edit dialog
  • Fixed: 1032302 – 8BITMIME keyword ignored in EHLO greeting, BODY=8BITMIME absent in MAIL request for 8-bit transfers
  • Fixed: 1100801 – Share duplicated functions from mail/components/addrbook/content/abCommon.js and mailnews/addrbook/src/nsAbAutoCompleteSearch.js
  • Fixed: 1131122 – You have to click “Recheck Page” twice to get it to spell check again
  • Fixed: 1143812 – Always allow creating new contacts and lists, eg after opening addressbook window, when ‘All Address Books’ is selected, or when search field has focus (eg Ctrl+N fails on all of these)
  • Fixed: 1144999 – If MailDirStore, ignore Quarantine option for POP3(mailnews.downloadToTempFile=true), because no need to do it
  • Fixed: 1158179 – Add missing entities of neterror page introduced to m-c in bug 1147212
  • Fixed: 1159255 – Build error: MSVC_ENABLE_PGO = True is not permitted to be used in mailnews/intl/moz.build
  • Fixed: 1174832 – In Grouped View, by Subject is special cased to lack a root header row, inconsistent with all other categories
  • Fixed: 1175242 – whole Inbox deleted at every start – maildir
  • Fixed: 1179442 – imap maildir folder has false excess unread message count in folder pane
  • Fixed: 1186141 – Still Outlook import crash via Tools | Import in Thunderbird 38.1.0, after bug 1175055
  • Fixed: 1186782 – nsMailComps.o: In function `DirectoryProvider’: mail/components/build/../shell/DirectoryProvider.h:35: undefined reference to `vtable for mozilla::mail::DirectoryProvider’
  • Fixed: 1189528 – mailnews/local/src/nsMailboxService.cpp:29:22: fatal error: nsRefPtr.h: No such file or directory
  • Fixed: 1189619 – Port bug Bug 1188745 [Rename nsTArray::SizeOfExcludingThis() as ShallowSizeOfExcludingThis() ] to comm-central
  • Fixed: 1189736 – Port Bug 1189156 [Don’t use enumeration style in hash table SizeOf*() functions ] to comm-central
  • Fixed: 1190489 – Port Bug 830801 – Add -DNOMINMAX to the default OS_CXXFLAGS on Windows
  • Fixed: 1192061 – SVG images attachments do not display inline
  • Fixed: 1192696 – Enable custom columns to be Grouped By Sort – backend
  • Fixed: 1195480 – Enable custom columns for secondary sort, persist and restore all column primary and secondary sort states
  • Fixed: 1196422 – error LNK2001: unresolved external symbol GetAsciiHostPort(class nsACString_internal &)
  • Fixed: 1197686 – jsmime fails on long references header and e-mail gets sent and stored in Sent without headers. “Error: Cannot encode … due to length.”
  • Fixed: 1203042 – Port bug 1201224 – stop unifying test package during mac universal builds
  • Fixed: 1205183 – Update comm-central for PLDHashTable changes in bug 1121760
  • Fixed: 1205762 – Port Bug 1201135 to mailnews [Rename pldhash.{h,cpp} to PLDHashTable.{h,cpp}]

Windows builds Official Windows, Official Windows installer

Linux builds Official Linux (i686), Official Linux (x86_64)

Mac builds Official Mac (2015-08-12 build only, due to bug 1195442)

Categorieën: Mozilla-nl planet

Meeting Notes: Thunderbird: 2015-08-25

Thunderbird - wo, 26/08/2015 - 05:00

Thunderbird meeting notes 2015-08-25. NOON PT (Pacific). For meeting time, previous notes and call-in details see https://wiki.mozilla.org/Thunderbird/StatusMeetings

Attendees
  • wsmwk, aceman, fallen, makemyday, jorgk, rkent, mkmelin, clokep
Action items from last meetings
  • Get release documentation into wiki
Current status and discussions Critical Issues

Leave critical bugs here until confirmed fixed. If confirmed, then remove.

  • needs assignee after solution identified – bug 1196662 not checking mails after hibernation, caused by core bug 1178890 (and we may be seeing other issues from 1178890, like hangs)
  • aceman is assignee – bug 1183490 – (dataloss) New emails do not adhere to sort by order received
  • status TBD – bug 1182629 – update to 38.1.0 from 38.0.1 re-enables disabled Lightning
  • status TBD – bug 1176399 – Multiple master password when GMail OAuth2 is enabled
  • status ??? – bug 1176748 – Someone needs to add additional main thread proxies to the migration code (jorgk and m_kato have in previous years been the major drivers of fixes)
  • topcrash bug 1149287 is ** 31% of our crashes** – see below

removing from critical list/fixed:

Critical for TB42 and beyond:
bug 1193200 – Blocker: Permissions manager/Remote content exceptions

Releases
  • Past
    • 38.0.1 nominally shipped 2015-06-12
    • 38.1.0 shipped 2015-07-10
    • 31.8.0 shipped 2015-07-17
    • 40.0beta shipped 2015-07-27 (skipping 39.0b)
    • 38.2.0 shipped 2015-08-14
  • Upcoming
    • 38.3.0 ~2015-09-23
    • 41.0beta ~2015-08-10
    • 42.0beta ~2015-09-26
Lightning

Past releases:

Upcoming releases:

Updates:

  • Still need help rewriting SUMO help articles on Lightning
  • Need to fix bug 1194997 for calendars disabling themselves
Round Table Jorg K
  • bug 772796bug 1174452 – M-C Editor problems to do with pre and “white-space: pre;” currently stalled.
  • bug 368915 – change language in subject (language button), ready to land.
  • bug 1197687 – Font menu again, waiting for Neil.
  • bug 1020181 – Set spell check language for recipient (published add-on as quick fix).
wsmwk
  • developers need to be thinking about landing stuff now, and in the next 2 months, for version 45 moves to aurora dec 14
  • HWA – collected more data and filed bug 1195947 Track HWA issues
  • crashes
    • 38.2.0 crash rate ~0.35, dramatically reduced from ~.5 for 38.1.0 https://crash-stats.mozilla.com/daily?p=Thunderbird likely mostly due to disabling HWA. Only ~6 GPU crash signatures in top 200 and the highest rank is 80 (vs several in top 20 for 38.2.0), so most GPU driver crashes seem to be gone (but not all of the crash rate reduction will have been just from disabling HWA)
    • topcrash bug 1149287 is **31% of crashes (1)** and needs much work because it’s got multiple causes. Some reports implicate McAfee, some are not “shutdown” because user is hung or waiting on some prompt or protocol issue (only then does user try to close and crashes). (speculating) Are some caused by timer issues from bug 1178890? See the comments http://tinyurl.com/nzwkgaq (1) https://crash-stats.mozilla.com/topcrasher/products/Thunderbird/versions/38.2.0
    • lacking time to follow up on other signatures in the “new” topcrash rankings (but that’s OK because we’re very well off compared to 38.1.0)
  • following progress of Thunderbird web pages moving to bedrock – they are close to being done
  • beware – ishikawa in the next several weeks will be landing big changes from many (>12?) bugs, both core and Thunderbird, for IO performance and error checking, eg bug 1116055
Fallen
  • Patched a lot of build issues, together with aleth
rkent

Code:

  • I think we have made progress on maildir issues, I hope to get two critical issues fixed before the next release.

I’m finally starting to turn more of my attention to management issues rather than urgent TB 38 problems. In the long run, those are very important, but the urgent easily crowds out the important. Kudos to those trying to get the tree usable again!

We could talk about:

  • Our thoughts on the announced changes to addons (Including not only
    • require signed vs unsigned?
      • no upside? i.e. we have no identified exploits
      • need to wait for enterprise impacts to be resolved
      • concerned that because the “unsigned process” will be no longer used by AMO, it may impact ability to push out unsigned THunderbird addons using the script they used to mass sign Firefox’s unsigned addons
    • XPCOM/XUL deprecation
      • need to make sure we are involved in the conversation and decisions so that developers have what they need in the “new environment”
  • Patrick is happy to do Enigmail integration into Thunderbird, I think we should agree. comments?
  • Joshua, Suyash, and I are working on the SkinkGlue (now JsAccount) integration, which will be the basis of both JMAP and CARDDAV support. –> consider using https://github.com/gaye/dav for carddav support
  • Volker Birk of Pretty Easy Privacy is *very* serious about heavily engaging his Foundation with Thunderbird. Concerns? http://pep-project.org/
  • Then there is the legal and financial home issue …
    • Expect a full-court press on MoFo by me soon, if you have contacts there please advise. One thing that is clear to me after talking to people is how critical Thunderbird is in the greater software world. We DO have a place at the table! How to get MoFo to see that?
    • We have submitted a formal application to Software Freedom Conservancy to affiliate with them, now we wait for their evaluation queue.
    • Very interesting talks with The Document Foundation(TDF)/LibreOffice. #1 concern: All of our energy goes into keeping up with Mozilla to allow us to optimize some future code development that we never actually have time for. Their funding model is very interesting, would be worth discussing.
    • hoping to meet with postbox in a few weeks
  • It would be really great if someone could lead efforts to prototype a fund-raising drive web page in-product. (hoping to target Oct/Nov)
aceman
  • looking at bug 1183490 (the order received regression), 2 options:
    1. back out bug 854798. Should be safe. I recommend this.
    2. finally drop msgkey=offset in mbox and just increment by 1. May be risky but there is already a precedent that msgs moved by filters already get key+1 so code expecting key==offset should have already been uncovered. However, there are still some unsure places, fixing which means basically bug 793865 (the 64bit envelope and msgkey!=offset cleanup). I would not recommend this for ESR.
  • finally looking to finish some feature patches (compose font selector, saved files tab, show map widget)
Question Time Other
  • PLEASE PUT THE NEXT MEETING IN YOUR (LIGHTNING) CALENDAR
  • Note – meeting notes must be copied from etherpad to wiki before 5AM CET next day so that they will go public in the meeting notes blog.
Help Wanted Retrieved from “https://wiki.mozilla.org/index.php?title=Thunderbird/StatusMeetings/2015-08-25&oldid=1091989

Categorieën: Mozilla-nl planet

Thunderbird Blog: Thunderbird and end-to-end email encryption – should this be a priority?

Thunderbird - di, 25/08/2015 - 11:27

In the last few weeks, I’ve had several interesting conversations concerning email encryption. I’m also trying to develop some concept of what areas Thunderbird should view as our special emphases as we look forward. The question is, with our limited resources, should we strive to make better support of end-to-end email encryption a vital Thunderbird priority? I’d appreciate comments on that question, either on this Thunderbird blog posting or the email list tb-planning@mozilla.org.

"I took an oath to defend the constitution, and I felt the Constitution was being violated on a massive scale" SnowdenIn one conversation, at the “Open Messaging Day” at OSCON 2015, I brought up the issue of whether, in a post-Snowden world, support for end-to-end encryption was important for emerging open messaging protocols such as JMAP. The overwhelming consensus was that this is a non-issue. “Anyone who can access your files using interception technology can more easily just grab your computer from your house. The loss of functionality in encryption (such as online search of your webmail, or loss of email content if certificates are lost) will give an unacceptable user experience to the vast majority of users” was the sense of the majority.

Woman In HandcuffsIn a second conversation, I was having dinner with a friend who works as a lawyer for a state agency involved in white-collar crime prosecution. This friend also thought the whole Snowden/NSA/metadata thing had been blown out of proportion, but for a very different reason. Paraphrasing my friend’s comments, “Our agency has enormous powers to subpoena all kinds of records – bank statements,  emails – and most organizations will silently hand them over to me without you ever knowing about it. We can always get metadata from email accounts and phones, e.g. e-mail addresses of people corresponded with, calls made, dates and times, etc. There is alot that other government employees (non NSA) have access to just by asking for it, so some of the outrage about the NSA’s power and specifically the lack of judicial oversight is misplaced and out of proportion precisely because the public is mostly ignorant about the scope of what is already available to the government.”

So in summary, the problem is much bigger than the average person realizes, and other email vendors don’t care about it.

There are several projects out there trying to make encryption a more realistic option. In order to change internet communications to make end-to-end encryption ubiquitous, any protocol proposal needs wide adoption by key players in the email world, particularly by client apps (as opposed to webmail solutions where the encryption problem is virtually intractable.) As Thunderbird is currently the dominant multi-platform open-source email client, we are sometimes approached by people in the privacy movement to cooperate with them in making email encryption simple and ubiquitous. Most recently, I’ve had some interesting conversations with Volker Birk of Pretty Easy Privacy about working with them.

Should this be a focus for Thunderbird development?

Categorieën: Mozilla-nl planet

Geoff Lankow: Can you imagine…

Mozilla planet - di, 18/08/2015 - 13:28

… an imaginary menagerie manager imagining managing an imaginary menagerie?

Just over two years ago, I posted about localizing Mozilla extensions. I'd made a website for translators, which automatically created GitHub pull requests. Well, I'm not here to say it's been an overwhelming success, but I think it did achieve my aim of simplifying the translation process.

Over the past month or so, I've rebuilt the website from scratch, to be much simpler, and much less fragile. Instead of having a Git clone on the webserver, and a working copy for every translation (which caused big headaches when it came time to update the clone), the website now stores translation data in a database, and when ready, creates files, commits, branches, and pull requests directly on GitHub. It also updates itself every time the original repo updates, by watching a particular branch. From a translator's point-of-view, not much has changed, although if they use GitHub to register, pull requests will be made using their account for better communication.

For reasons even I'm not really sure of, I called the original "Zoo". Now in a perfect storm of inspiration and originality, I've called this new website "Zoo2". Genius.

It's a little rough-around-the-edges, but it's ready to go. I'm looking for people to translate my extensions, obviously, but now I'm also looking for other extension writers willing to try things out. I have a few criteria, mostly around things I've yet to implement, but if your extension is on GitHub, open an issue and we'll talk. I'm also often in #developers on Mozilla IRC in the US evening/Asian day/European morning.

Edit: I'm hosting this thing on a free Heroku account, which means it must sleep for 6 hours a day (I'd get so much more done if I slept that little) and today's seen a lot of activity so it might be sleeping. I guess you get what you pay for, and I haven't paid anything yet.

Categorieën: Mozilla-nl planet

Rumbling Edge - Thunderbird: Use funfuzz to find new, unique security bugs in Mozilla for bounty rewards

Thunderbird - ma, 17/08/2015 - 23:27

Do you have spare computer cycles, and would like to help find security bugs in Mozilla products? If you discover new and unique security issues, you may be able to earn bounties within guidelines!

Recently, the Mozilla Platform Fuzzing team released funfuzz (fuzzers & fuzzing harness) and lithium (an updated version of a line-based reducer) on GitHub:

  1. funfuzz
    1. https://github.com/MozillaSecurity/funfuzz
    2. Repository of fuzzers and harness scripts to run them
    3. Jesse Ruderman wrote an excellent blogpost
    4. Components of funfuzz:
      1. jsfunfuzz – js fuzzer
      2. domfuzz – DOM fuzzer
      3. compareJIT – runs with different runtime flags and compares output
      4. randorderfuzz – adds in random tests from repository to jsfunfuzz
      5. compileShell – compiles js shells
      6. autoBisect – bisects Mercurial repositories to find regressors
  2. lithium

We have in-tree documentation to help you get started on your way to find new, unique security bugs.

Quick-start guide:

  1. Ensure you have build prerequisites installed
  2. Clone both repositories side-by-side (adjacent to each other)
    • e.g. into ~/lithium and ~/funfuzz
  3. Clone the Mercurial mozilla-central repository.
    • e.g. into ~/trees/mozilla-central
  4. Start the loopBot script!
    1. Example command:
      • python -u funfuzz/loopBot.py -b "--random" -t "js" --target-time 28800 | tee ~/log-loopBotPy.txt
    2. Use `-t “js”` to test SpiderMonkey shells only, `-t “dom”` for only Firefox DOM
    3. More documentation here.

Notes:

  1. The harness should work with most common platforms, e.g. Windows, Linux and Macs as well as on EC2.
  2. When fuzzing, the computer will use a large amount of computer resources. It is recommended not to use the computer heavily when it is fuzzing.
  3. Until FuzzManager integration arrives, the list of known bugs are in:
    1. assertion failures
    2. crashes
  4. For SpiderMonkey `-t “js”` mode, if you find an unknown crash or assertion failure, there are several files to look for, in the wtmp1 subfolder:
    1. *-reduced.js files usually contain a partially-reduced testcase
    2. *-orig.js files are the original unreduced testcase
    3. *-summary.txt shows the runtime flags needed to trigger the bug
    4. *-crash.txt files contain the crash stacktrace
    5. *-err.txt files contain stderr output
    6. *-out.txt files contain stdout output
    7. *-autobisect.txt files contain bisection information
    8. build-source.txt files contain the information on shell build type
    9. Follow the guidelines as listed in the “Claiming a bug bounty” section of the bug bounty document
  5. In case things go wrong, kill all the relevant Python processes.
    • Example command that kills all running Pythons on machine:
      1. $ killall python # Linux
      2. $ killall Python # Mac

Where you can help:

  1. Run funfuzz with dynamic analysis tools
    • ASan
      • Works on Mac
      • May have issues on Linux, especially EC2 VMs
    • Valgrind
    • TSan, LSan, UBSan not integrated yet
      • Volunteers welcome!
  2. Add to our fuzzers
  3. Improve our fuzzing harness
    • File an issue if something does not work
    • Send us a pull request for improvements!
  4. Help out in other Mozilla Security projects

Note that the final bounty reward amounts are up to the discretion of the bounty committee. Help us help everyone fuzz our way to a safer Gecko for everyone!

(This is part of a new category of posts related to fuzzing. Fuzzing is used extensively to find bugs, regressions and security issues in Gecko, which Firefox, Firefox OS and Thunderbird are based on)

Edit: Tweaked wordings throughout.

Categorieën: Mozilla-nl planet

Matt Harris: LogJam and Thunderbird.

Thunderbird - wo, 29/07/2015 - 12:02
Recently the Firefox core developers patched the LogJam vulnerability in Firefox.  As Thunderbird shares code with Firefox at a low level,  Thunderbird inherited the patch and it made it's largely unannounced debut in Thunderbird 38.1.

Are you affected?  The easiest way to check is look in the Error console Ctrl+Shift+J

The error message is quite distinctive and will take the form shown below;



What this means is that any server using SSL/TLS and 512bit encryption keys is not going to work with the updated Thunderbird.  These keys have a long history.  Introduced in the 1990's to meet US export restrictions on Cyphers.  By the year 2000 these restrictions were lifted.  But by that time the use of the so called Export Cypher suites was well entrenched.

Now 15 years on, when it was assumed basically no one would be using these obsolete suites, up pops a security vulnerability in them and we find that the "if it ain't broke don't fix it" approach to things is alive and well on the Internet. Here on the bleeding edge of technology,  many large organisation, such as the NSA, are still using these obsolete and inherently insecure cypher suites.

There is a short term workaround for those using Thunderbird, by installing the add-on Disable DHE. This add-on is listed in the add-on site as for Firefox,  but it will install in Thunderbird if you download it and drag it over the add-ons entries in the add-on tab.  This is not a long term solution.  You are still at risk of a man in the middle attack using it.  But it gives breathing time to actually make arrangements for new key pairs to be generated for the server. You should contact the server administrator or your mail provider to make these arrangements.

I can not say it better than the team that found the vulnerability, so the following is extracted from their web site
____________________________________________  What should I do? 
If you run a server… 
If you have a web or mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.
If you use a browser… 
Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.
If you’re a sysadmin or developer …
Make sure any TLS libraries you use are up-to-date, that servers you maintain use 2048-bit or larger primes, and that clients you maintain reject Diffie-Hellman primes smaller than 1024-bit.
____________________________________________  .
Categorieën: Mozilla-nl planet

Pagina's