A few days ago the fantastic Fritz from the Netherlands told me that my Hands On Web Audio slides had stopping working and there was no sound coming out from them in Firefox.

@supersole oh noes! I reopened your slides: https://t.co/SO35UfljMI and it doesn't work in @firefox anymore (works in chrome though.. )

— Boring Stranger (@fritzvd) January 11, 2016

Which is pretty disappointing for a slide deck that is built to teach you about Web Audio!

I noticed that the issue was only on the introductory slide which uses a modified version of Stuart Memo’s fantastic THX sound recreation-the rest of slides did play sound.

I built an isolated test case (source) that used a parameter-capable version of the THX sound code, just in case the issue depended on the number of oscillators, and submitted this funnily titled bug to the Web Audio component: Entirely Web Audio generated sound cuts out after a little while, or emits random tap tap tap sounds then silence.

I can happily confirm that the bug has been fixed in Nightly and the fix will hopefully be “uplifted” to DevEdition very soon, as it was due to a regression.

Paul Adenot (who works in Web Audio and is a Web Audio spec editor, amongst a couple tons of other cool things) was really excited about the bug, saying it was very edge-casey! Yay! And he also explained what did actually happen in lay terms: “you’d have to have a frequency that goes down very very slowly so that the FFT code could not keep up”, which is what the THX sound is doing with the filter frequency automation.

I want to thank both Fritz for spotting this out and letting me know and also Stuart for sharing his THX code. It’s amazing what happens when you put stuff on the net and lots of different people use it in different ways and configurations. Together we make everything more robust

Of course also sending thanks to Paul and Ben for identifying and fixing the issue so fast! It’s not been even a week! Woohoo!

Well done everyone!

Since the start of this year, Participation Infrastructure team has a renewed focus on making mozillians.org a modern community directory to meet Mozilla’s growing needs. This will not be an one-time effort. We need to invest technically and programmatically in order to deliver a first-class product that will be the foundation for identity management across the Mozilla ecosystem.

Mozillians.org is full of functionality as it is today, but is paying the debt of being developed by 5 different teams over the past 5 years. We started simple this time. Updated all core technology pieces, did privacy and security reviews, and started the process of consolidating and modernizing many of the things we do in the site.

Our first target was Profile Edit. We chose it due to relatively self-contained nature of it, and cause many people were not happy with the current UX. After research of existing tools and applying latest best practices, we designed, coded and deployed a new profile edit interface (which by the way is renamed to Settings now) that we are happy to deliver to all Mozillians.

Have a look for yourself and don’t miss the chance to update your profile while you do it!

Nikos (on the front-end), Tasos and Nemo (on the back-end) worked hard to deliver this in a speedy manner (as they are used to), and the end result is a testament to what is coming next on Mozillians.org.

Our next target? Groups. Currently it is obscure and unclear what all those settings in groups are, what is the functionality and how teams within Mozilla will be using it. We will be tackling this soon. After that, search and stats will be our attention, in an ongoing effort to fortify mozillians.org functionality. Stay tuned, and as always feel free to file bugs and contribute in the process.

Last year I joked…

Thinking about writing a blog post listing the blog posts I’ve been meaning to write… Maybe that will save some time

— Adam Lofting (@adamlofting) November 20, 2015

Now, it has come to this.

9 blog posts I’ve not been writing

• Working on working on the impact of impact
• Designing Games in my free time
• Moving Out (the board game)
• Mozilla Foundation 2016 KPIs
• Studying Network Science
• Learning Analytics plans for 2016
• Daily practice / you are what you do every day
• Several more A/B tests to write up from the fundraising campaign
• CRM Progress in 2015

But my most requested blog by far, is an update on the status of my shed / office that I was tagging on to the end my blog posts at this time last year. Many people at Mozfest wanted to know about the shed… so here it is.

This time last year:

Starting in the new office today. It will take time to make it *nice* but it works for now. pic.twitter.com/sWoC4kFNLc

— Adam Lofting (@adamlofting) January 28, 2015

Some pictures from this morning:

It’s a pretty nice place to work now and it doubles as useful workshop on the weekends. It needs a few finishing touches, but the law of diminishing returns means those finishing touches are lower priority than work that needs to be done elsewhere in the house and garden. So it’ll stay like this a while longer.

I wrote a long and probably dull chapter on closures and first-class and higher-order functions in Rust. It goes into some detail on the implementation and some of the subtleties like higher-ranked lifetime bounds.

I was going to post it here too, but it is really too long. Instead, pop over to the 'Rust for C++ programmers' repo and read it there.

I’m hacking on an assembly project, and wanted to document some of the tricks I was using for figuring out what was going on. This post might seem a little basic for folks who spend all day heads down in gdb or who do this stuff professionally, but I just wanted to share a quick intro to some tools that others may find useful. (oh god, I’m doing it)

If your coming from gdb to lldb, there’s a few differences in commands. LLDB has great documentation on some of the differences. Everything in this post about LLDB is pretty much there.

The bread and butter commands when working with gdb or lldb are:

• r (run the program)
• s (step in)
• n (step over)
• finish (step out)
• c (continue)
• q (quit the program)

You can hit enter if you want to run the last command again, which is really useful if you want to keep stepping over statements repeatedly.

I’ve been using LLDB on OSX. Let’s say I want to debug a program I can build, but is crashing or something:

1
            

$ sudo lldb ./asmttpd web_root
            

Setting a breakpoint on jump to label:

1
                2
            

(lldb) b sys_write
            Breakpoint 3: where = asmttpd`sys_write, address = 0x00000000000029ae
            

Running the program until breakpoint hit:

1
                2
                3
                4
                5
                6
                7
                8
                9
                10
            

(lldb) r
            Process 32236 launched: './asmttpd' (x86_64)
            Process 32236 stopped
            * thread #1: tid = 0xe69b9, 0x00000000000029ae asmttpd`sys_write, queue = 'com.apple.main-thread', stop reason = breakpoint 3.1
                frame #0: 0x00000000000029ae asmttpd`sys_write
            asmttpd`sys_write:
            ->  0x29ae <+0>: pushq  %rdi
                0x29af <+1>: pushq  %rsi
                0x29b0 <+2>: pushq  %rdx
                0x29b1 <+3>: pushq  %r10
            

Seeing more of the current stack frame:

1
                2
                3
                4
                5
                6
                7
                8
                9
                10
                11
                12
                13
                14
                15
                16
                17
                18
                19
                20
                21
                22
                23
                24
            

(lldb) d
            asmttpd`sys_write:
            ->  0x29ae <+0>:  pushq  %rdi
                0x29af <+1>:  pushq  %rsi
                0x29b0 <+2>:  pushq  %rdx
                0x29b1 <+3>:  pushq  %r10
                0x29b3 <+5>:  pushq  %r8
                0x29b5 <+7>:  pushq  %r9
                0x29b7 <+9>:  pushq  %rbx
                0x29b8 <+10>: pushq  %rcx
                0x29b9 <+11>: movq   %rsi, %rdx
                0x29bc <+14>: movq   %rdi, %rsi
                0x29bf <+17>: movq   $0x1, %rdi
                0x29c6 <+24>: movq   $0x2000004, %rax
                0x29cd <+31>: syscall
                0x29cf <+33>: popq   %rcx
                0x29d0 <+34>: popq   %rbx
                0x29d1 <+35>: popq   %r9
                0x29d3 <+37>: popq   %r8
                0x29 <+39>: popq   %r10
                0x29d7 <+41>: popq   %rdx
                0x29d8 <+42>: popq   %rsi
                0x29d9 <+43>: popq   %rdi
                0x29da <+44>: retq
            

Getting a back trace (call stack):

1
                2
                3
                4
                5
                6
                7
            

(lldb) bt
            * thread #1: tid = 0xe69b9, 0x00000000000029ae asmttpd`sys_write, queue = 'com.apple.main-thread', stop reason = breakpoint 3.1
              * frame #0: 0x00000000000029ae asmttpd`sys_write
                frame #1: 0x00000000000021b6 asmttpd`print_line + 16
                frame #2: 0x0000000000002ab3 asmttpd`start + 35
                frame #3: 0x00007fff9900c5ad libdyld.dylib`start + 1
                frame #4: 0x00007fff9900c5ad libdyld.dylib`start + 1
            

peeking at the upper stack frame:

1
                2
                3
                4
                5
                6
                7
            

(lldb) up
            frame #1: 0x00000000000021b6 asmttpd`print_line + 16
            asmttpd`print_line:
                0x21b6 <+16>: movabsq $0x30cb, %rdi
                0x21c0 <+26>: movq   $0x1, %rsi
                0x21c7 <+33>: callq  0x29ae                    ; sys_write
                0x21cc <+38>: popq   %rcx
            

back down to the breakpoint-halted stack frame:

1
                2
                3
                4
                5
                6
                7
            

(lldb) down
            frame #0: 0x00000000000029ae asmttpd`sys_write
            asmttpd`sys_write:
            ->  0x29ae <+0>: pushq  %rdi
                0x29af <+1>: pushq  %rsi
                0x29b0 <+2>: pushq  %rdx
                0x29b1 <+3>: pushq  %r10
            

dumping the values of registers:

1
                2
                3
                4
                5
                6
                7
                8
                9
                10
                11
                12
                13
                14
                15
                16
                17
                18
                19
                20
                21
                22
                23
            

(lldb) register read
            General Purpose Registers:
                   rax = 0x0000000000002a90  asmttpd`start
                   rbx = 0x0000000000000000
                   rcx = 0x00007fff5fbffaf8
                   rdx = 0x00007fff5fbffa40
                   rdi = 0x00000000000030cc  start_text
                   rsi = 0x000000000000000f
                   rbp = 0x00007fff5fbffa18
                   rsp = 0x00007fff5fbff9b8
                    r8 = 0x0000000000000000
                    r9 = 0x00007fff7b1670c8  atexit_mutex + 24
                   r10 = 0x00000000ffffffff
                   r11 = 0xffffffff00000000
                   r12 = 0x0000000000000000
                   r13 = 0x0000000000000000
                   r14 = 0x0000000000000000
                   r15 = 0x0000000000000000
                   rip = 0x00000000000029ae  asmttpd`sys_write
                rflags = 0x0000000000000246
                    cs = 0x000000000000002b
                    fs = 0x0000000000000000
                    gs = 0x0000000000000000
            

read just one register:

1
                2
            

(lldb) register read rdi
                 rdi = 0x00000000000030cc  start_text
            

When you’re trying to figure out what system calls are made by some C code, using dtruss is very helpful. dtruss is available on OSX and seems to be some kind of wrapper around DTrace.

1
                2
                3
                4
                5
                6
                7
                8
                9
                10
                11
                12
                13
                14
                15
                16
            

$ cat sleep.c
            #include <time.h>
            int main () {
              struct timespec rqtp = {
                2,
                0
              };
            
              nanosleep(&rqtp, NULL);
            }
            
            $ clang sleep.c
            
            $ sudo dtruss ./a.out
            ...all kinds of fun stuff
            __semwait_signal(0xB03, 0x0, 0x1)    = -1 Err#60
            

If you compile with -g to emit debug symbols, you can use lldb’s disassemble command to get the equivalent assembly:

1
                2
                3
                4
                5
                6
                7
                8
                9
                10
                11
                12
                13
                14
                15
                16
                17
                18
                19
                20
                21
                22
                23
                24
                25
                26
                27
                28
                29
                30
                31
                32
                33
                34
                35
                36
                37
            

$ clang sleep.c -g
            $ lldb a.out
            (lldb) target create "a.out"
            Current executable set to 'a.out' (x86_64).
            (lldb) b main
            Breakpoint 1: where = a.out`main + 16 at sleep.c:3, address = 0x0000000100000f40
            (lldb) r
            Process 33213 launched: '/Users/Nicholas/code/assembly/asmttpd/a.out' (x86_64)
            Process 33213 stopped
            * thread #1: tid = 0xeca04, 0x0000000100000f40 a.out`main + 16 at sleep.c:3, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
                frame #0: 0x0000000100000f40 a.out`main + 16 at sleep.c:3
               1    #include <time.h>
               2    int main () {
            -> 3      struct timespec rqtp = {
               4        2,
               5        0
               6      };
               7
            (lldb) disassemble
            a.out`main:
                0x100000f30 <+0>:  pushq  %rbp
                0x100000f31 <+1>:  movq   %rsp, %rbp
                0x100000f34 <+4>:  subq   $0x20, %rsp
                0x100000f38 <+8>:  leaq   -0x10(%rbp), %rdi
                0x100000f3c <+12>: xorl   %eax, %eax
                0x100000f3e <+14>: movl   %eax, %esi
            ->  0x100000f40 <+16>: movq   0x49(%rip), %rcx
                0x100000f47 <+23>: movq   %rcx, -0x10(%rbp)
                0x100000f4b <+27>: movq   0x46(%rip), %rcx
                0x100000f52 <+34>: movq   %rcx, -0x8(%rbp)
                0x100000f56 <+38>: callq  0x100000f68               ; symbol stub for: nanosleep
                0x100000f5b <+43>: xorl   %edx, %edx
                0x100000f5d <+45>: movl   %eax, -0x14(%rbp)
                0x100000f60 <+48>: movl   %edx, %eax
                0x100000f62 <+50>: addq   $0x20, %rsp
                0x100000f66 <+54>: popq   %rbp
                0x100000f67 <+55>: retq
            

Anyways, I’ve been learning some interesting things about OSX that I’ll be sharing soon. If you’d like to learn more about x86-64 assembly programming, you should read my other posts about writing x86-64 and a toy JIT for Brainfuck (the creator of Brainfuck liked it).

I should also do a post on Mozilla’s rr, because it can do amazing things like step backwards. Another day…

One of the advantages of listing an add-on or theme on addons.mozilla.org (AMO) is that you’ll get statistics on your add-on’s usage. These stats, which are covered by the Mozilla privacy policy, provide add-on developers with information such as the number of downloads and daily users, among other insights.

Currently, the data that generates these statistics can go back as far as 2007, as we haven’t had an archiving policy. As a result, statistics take up the vast majority of disk space in our database and require a significant amount of processing and operations time. Statistics over a year old are very rarely accessed, and the value of their generation is very low, while the costs are increasing.

To reduce our operating and development costs, and increase the site’s reliability for developers, we are introducing an archiving policy.

In the coming weeks, statistics data over one year old will no longer be stored in the AMO database, and reports generated from them will no longer be accessible through AMO’s add-on statistics pages. Instead, the data will be archived and maintained as plain text files, which developers can download. We will write a follow-up post when these archives become available.

If you’ve chosen to keep your add-on’s statistics private, they will remain private when stats are archived. You can check your privacy settings by going to your add-on in the Developer Hub, clicking on Edit Listing, and then Technical Details.

The total number of users and other cumulative counts on add-ons and themes will not be affected and these will continue to function.

If you have feedback or concerns, please head to our forum post on this topic.

One of the things the Firefox team has been doing recently is having onboarding sessions for new hires. This onboarding currently covers:

• 1st day setup
• Bugzilla
• Building Firefox
• Desktop Firefox Architecture / Product
• Communication and Community
• Javascript and the DOM
• C++ and Gecko
• Shipping Software
• Telemetry
• Org structure and career development

My first day consisted of some useful HR presentations and then I was given my laptop and a pointer to a wiki page on building Firefox. Needless to say, it took me a while to get started! It would have been super convenient to have an introduction to all the stuff above.

I’ve been asked to do the C++ and Gecko session three times. All of the sessions are open to whoever wants to come, not just the new hires, and I think yesterday’s session was easily the most well-attended yet: somewhere between 10 and 20 people showed up. Yesterday’s session was the first session where I made the slides available to attendees (should have been doing that from the start…) and it seemed equally useful to make the slides available to a broader audience as well. The Gecko and C++ Onboarding slides are up now!

This presentation is a “living” presentation; it will get updated for future sessions with feedback and as I think of things that should have been in the presentation or better ways to set things up (some diagrams would be nice…). If you have feedback (good, bad, or ugly) on particular things in the slides or you have suggestions on what other things should be covered, please contact me! Next time I do this I’ll try to record the presentation so folks can watch that if they prefer.

Brendan is back, and he has a plan to save the Web. Its a big and bold plan, and it may just work. I am pretty excited about this. If you have 5 minutes to read along I’ll explain why I think you should be as well.

The Web is broken

Lets face it, the Web today is a mess. Everywhere we go online we are constantly inundated with annoying ads. Often pages are more ads than content, and the more ads the industry throws at us, the more we ignore them, the more obnoxious ads get, trying to catch our attention. As Brendan explains in his blog post, the browser used to be on the user’s side—we call browsers the user agent for a reason. Part of the early success of Firefox was that it blocked popup ads. But somewhere over the last 10 years of modern Web browsers, browsers lost their way and stopped being the user’s agent alone. Why?

Browsers aren’t free

Making a modern Web browser is not free. It takes hundreds of engineers to make a competitive modern browser engine. Someone has to pay for that, and that someone needs to have a reason to pay for it. Google doesn’t make Chrome for the good of mankind. Google makes Chrome so you can consume more Web and along with it, more Google ads. Each time you click on one, Google makes more money. Chrome is a billion dollar business for Google. And the same is true for pretty much every other browser. Every major browser out there is funded through advertisement. No browser maker can escape this dilemma. Maybe now you understand why no major browser ships with a builtin enabled by default ad-blocker, even though ad-blockers are by far the most popular add-ons.

Our privacy is at stake

It’s not just the unregulated flood of advertisement that needs a solution. Every ad you see is often selected based on sensitive private information advertisement networks have extracted from your browsing behavior through tracking. Remember how the FBI used to track what books Americans read at the library, and it was a big scandal? Today the Googles and Facebooks of the world know almost every site you visit, everything you buy online, and they use this data to target you with advertisement. I am often puzzled why people are so afraid of the NSA spying on us but show so little concern about all the deeply personal data Google and Facebook are amassing about everyone.

Blocking alone doesn’t scale

I wish the solution was as easy as just blocking all ads. There is a lot of great Web content out there: news, entertainment, educational content. It’s not free to make all this content, but we have gotten used to consuming it “for free”. Banning all ads without an alternative mechanism would break the economic backbone of the Web. This dilemma has existed for many years, and the big browser vendors seem to have given up on it. It’s hard to blame them. How do you disrupt the status quo without sawing off the (ad revenue) branch you are sitting on?

It takes an newcomer to fix this mess

I think its unlikely that the incumbent browser vendors will make any bold moves to solve this mess. There is too much money at stake. I am excited to see a startup take a swipe at this problem, because they have little to lose (seed money aside). Brave is getting the user agent back into the game. Browsers have intentionally remained silent onlookers to the ad industry invading users’ privacy. With Brave, Brendan makes the user agent step up and fight for the user as it was always intended to do.

Brave basically consists of two parts: part one blocks third party ad content and tracking signals. Instead of these Brave inserts alternative ad content. Sites can sign up to get a fair share of any ads that Brave displays for them. The big change in comparison to the status quo is that the Brave user agent is in control and can regulate what you see. It’s like a speed limit for advertisement on the Web, with the goal to restore balance and give sites a fair way to monetize while giving the user control through the user agent.

Making money with a better Web

The ironic part of Brave is that its for-profit. Brave can make money by reducing obnoxious ads and protecting your privacy at the same time. If Brave succeeds, it’s going to drain money away from the crappy privacy-invasive obnoxious advertisement world we have today, and publishers and sites will start transacting in the new Brave world that is regulated by the user agent. Brave will take a cut of these transactions. And I think this is key. It aligns the incentives right. The current funding structure of major browsers encourages them to keep things as they are. Brave’s incentive is to bring down the whole diseased temple and usher in a better Web. Exciting.

Quick update: I had a chance to look over the Brave GitHub repo. It looks like the Brave Desktop browser is based on Chromium, not Gecko. Yes, you read that right. Brave is using Google’s rendering engine, not Mozilla’s. Much to write about this one, but it will definitely help Brave “hide” better in the large volume of Chrome users, making it harder for sites to identify and block Brave users. Brave for iOS seems to be a fork of Firefox for iOS, but it manages to block ads (Mozilla says they can’t).

the following changes have been pushed to bugzilla.mozilla.org:

• [1236161] when converting a BMP attachment to PNG fails a zero byte attachment is created
• [1231918] error handler doesn’t close multi-part responses

discuss these changes on mozilla.tools.bmo.

As an effort to reduce the APK size of Firefox for Android and to remove unnecessary code, I will be helping remove the Honeycomb code throughout the Fennec project. Honeycomb will not be supported since Firefox 46, so this code is not necessary.
Bug 1217675 will keep track of the progress.
Hopefully this will help reduce the APK size some and clean up the road for killing Gingerbread hopefully sometime in the near future.

I put the slides for my ManhattanJS talk, "PIEfection" up on GitHub the other day (sans images, but there are links in the source for all of those).

I completely neglected to talk about the Maillard reaction, which is responsible for food tasting good, and specifically for browning pie crusts. tl;dr: Amino acid (protein) + sugar + ~300°F (~150°C) = delicious. There are innumerable and poorly understood combinations of amino acids and sugars, but this class of reaction is responsible for everything from searing stakes to browning crusts to toasting marshmallows.

Above ~330°F, you get caramelization, which is also a delicious part of the pie and crust, but you don't want to overdo it. Starting around ~400°F, you get pyrolysis (burning, charring, carbonization) and below 285°F the reaction won't occur (at least not quickly) so you won't get the delicious compounds.

(All of these are, of course, temperatures measured in the material, not in the air of the oven.)

So, instead of an egg wash on your top crust, try whole milk, which has more sugar to react with the gluten in the crust.

I also didn't get a chance to mention a rolling technique I use, that I learned from a cousin of mine, in whose baking shadow I happily live.

When rolling out a crust after it's been in the fridge, first roll it out in a long stretch, then fold it in thirds; do it again; then start rolling it out into a round. Not only do you add more layer structure (mmm, flaky, delicious layers) but it'll fill in the cracks that often form if you try to roll it out directly, resulting in a stronger crust.

Those pepper flake shakers, filled with flour, are a great way to keep adding flour to the workspace without worrying about your buttery hands.

For transferring the crust to the pie plate, try rolling it up onto your rolling pin and unrolling it on the plate. Tapered (or "French") rolling pins (or wine bottle) are particularly good at this since they don't have moving parts.

Finally, thanks again to Jenn for helping me get pies from one island to another. It would not have been possible without her!

Four score and many moons ago, I decided to move this blog from Blogger to WordPress. The transition took longer than expected, but it’s finally done.

If you’ve been following along at the old address, https://mykzilla.blogspot.com/, now’s the time to update your address book! If you’ve been going to https://mykzilla.org/, however, or you read the blog on Planet Mozilla, then there’s nothing to do, as that’s the new address, and Planet Mozilla has been updated to syndicate posts from it.

Dieser Beitrag wurde zuerst im Blog auf https://blog.mozilla.org/community veröffentlicht. Herzlichen Dank an Aryx und Coce für die Übersetzung!

Auf der ganzen Welt arbeiten leidenschaftliche Mozillianer am Fortschritt für Mozillas Mission. Aber fragt man fünf verschiedene Mozillianer, was die Mission ist, erhält man womöglich sieben verschiedene Antworten.

Am Ende des letzten Jahres legte Mozillas CEO Chris Beard klare Vorstellungen über Mozillas Mission, Vision und Rolle dar und zeigte auf, wie unsere Produkte uns diesem Ziel in den nächsten fünf Jahren näher bringen. Das Ziel dieser strategischen Leitlinien besteht darin, für Mozilla insgesamt ein prägnantes, gemeinsames Verständnis unserer Ziele zu entwickeln, die uns als Individuen das Treffen von Entscheidungen und Erkennen von Möglichkeiten erleichtert, mit denen wir Mozilla voranbringen.

Mozillas Mission können wir nicht alleine erreichen. Die Tausenden von Mozillianern auf der ganzen Welt müssen dahinter stehen, damit wir zügig und mit lauterer Stimme als je zuvor Unglaubliches erreichen können.

Deswegen ist eine der sechs strategischen Initiativen des Participation Teams für die erste Jahreshälfte, möglichst viele Mozillianer über diese Leitlinien aufzuklären, damit wir 2016 den bisher wesentlichsten Einfluss erzielen können. Wir werden einen weiteren Beitrag veröffentlichen, der sich näher mit der Strategie des Participation Teams für das Jahr 2016 befassen wird.

Das Verstehen dieser Strategie wird unabdingbar sein für jeden, der bei Mozilla in diesem Jahr etwas bewirken möchte, denn sie wird bestimmen, wofür wir eintreten, wo wir unsere Ressourcen einsetzen und auf welche Projekte wir uns 2016 konzentrieren werden.

Zu Jahresbeginn werden wir näher auf diese Strategie eingehen und weitere Details dazu bekanntgeben, wie die diversen Teams und Projekte bei Mozilla auf diese Ziele hinarbeiten.

Der aktuelle Aufruf zum Handeln besteht darin, im Kontext Ihrer Arbeit über diese Ziele nachzudenken und darüber, wie Sie im kommenden Jahr bei Mozilla mitwirken möchten. Dies hilft, Ihre Innovationen, Ambitionen und Ihren Einfluss im Jahr 2016 zu gestalten.

Wir hoffen, dass Sie mitdiskutieren und Ihre Fragen, Kommentare und Pläne für das Vorantreiben der strategischen Leitlinien im Jahr 2016 hier auf Discourse teilen und Ihre Gedanken auf Twitter mit dem Hashtag #Mozilla2016Strategy mitteilen.

Mission, Vision & Strategie

Unsere Mission

Dafür zu sorgen, dass das Internet eine weltweite öffentliche Ressource ist, die allen zugänglich ist.

Unsere Vision

Ein Internet, für das Menschen tatsächlich an erster Stelle stehen. Ein Internet, in dem Menschen ihr eigenes Erlebnis gestalten können. Ein Internet, in dem die Menschen selbst entscheiden können sowie sicher und unabhängig sind.

Unsere Rolle

Mozilla setzt sich im wahrsten Sinne des Wortes in Ihrem Online-Leben für Sie ein. Wir setzen uns für Sie ein, sowohl in Ihrem Online-Erlebnis als auch für Ihre Interessen beim Zustand des Internets.

Unsere Arbeit

Unsere Säulen

1. Produkte: Wir entwickeln Produkte mit Menschen im Mittelpunkt sowie Bildungsprogramme, mit deren Hilfe Menschen online ihr gesamtes Potential ausschöpfen können.
2. Technologie: Wir entwickeln robuste technische Lösungen, die das Internet über verschiedene Plattformen hinweg zum Leben erwecken.
3. Menschen: Wir entwickeln Führungspersonen und Mitwirkende in der Gemeinschaft, die das Internet erfinden, gestalten und verteidigen.

Wir wir positive Veränderungen in Zukunft anpacken wollen

Die Arbeitsweise ist ebensowichtig wie das Ziel. Unsere Gesundheit und bleibender Einfluss hängen davon ab, wie sehr unsere Produkte und Aktivitäten:

1. Interoperabilität, Open Source und offene Standards fördern,
2. Gemeinschaften aufbauen und fördern,
3. Für politische Veränderungen und rechtlichen Schutz eintreten sowie
4. Netzbürger bilden und einbeziehen.

the following changes have been pushed to bugzilla.mozilla.org:

• [1238573] Change label of “New Bug” menu to “New/Clone Bug”
• [1239065] Project Kickoff Form: Adjustments needed to Mozilla Infosec review portion
• [1240157] Fix a typo in bug.rst
• [1236461] Mass update mozilla-reps group

discuss these changes on mozilla.tools.bmo.

Last week we ran an internal “hack day” here at the Mozilla space in London. It was just a bunch of software engineers looking at various hardware boards and things and learning about them

Here’s what we did!

Sole

I essentially kind of bricked my Arduino Duemilanove trying to get it working with Johnny Five, but it was fine–apparently there’s a way to recover it using another Arduino, and someone offered to help with that in the next NodeBots London, which I’m going to attend.

Francisco

Thinks he’s having issues with cables. It seems like the boards are not reset automatically by the Arduino IDE nowadays? He found the button in the board actually resets the board when pressed i.e. it’s the RESET button.

On the Raspberry Pi side of things, he was very happy to put all his old-school Linux skills in action configuring network interfaces without GUIs!

Guillaume

Played with mDNS advertising and listening to services on Raspberry Pi.

(He was very quiet)

(He also built a very nice LEGO case for the Raspberry Pi, but I do not have a picture, so just imagine it).

Wilson

Wilson: “I got my Raspberry Pi on the Wi-Fi”

Francisco: “Sorry?”

Wilson: “I mean, you got my Raspberry Pi on the network. And now I’m trying to build a web app on the Pi…”

Chris

Exploring the Pebble with Linux. There’s a libpebble, and he managed to connect…

(sorry, I had to leave early so I do not know what else did Chris do!)

Updated, 20 January: Chris told me he just managed to successfully connect to the Pebble watch using the bluetooth WebAPI. It requires two Gecko patches (one regression patch and one obvious logic error that he hasn’t filed yet). PROGRESS!

~~~

So as you can see we didn’t really get super far in just a day, and I even ended up with unusable hardware. BUT! we all learned something, and next time we know what NOT to do (or at least I DO KNOW what NOT to do!).

Back in December I got a desperate email from this person. A woman who said her Instagram had been hacked and since she found my contact info in the app she mailed me and asked for help. I of course replied and said that I have nothing to do with her being hacked but I also have nothing to do with Instagram other than that they use software I’ve written.

Today she writes back. Clearly not convinced I told the truth before, and now she strikes back with more “evidence” of my wrongdoings.

Dear Daniel,

I had emailed you a couple months ago about my “screen dumps” aka screenshots and asked for your help with restoring my Instagram account since it had been hacked, my photos changed, and your name was included in the coding. You claimed to have no involvement whatsoever in developing a third party app for Instagram and could not help me salvage my original Instagram photos, pre-hacked, despite Instagram serving as my Photography portfolio and my career is a Photographer.

Since you weren’t aware that your name was attached to Instagram related hacking code, I thought you might want to know, in case you weren’t already aware, that your name is also included in Spotify terms and conditions. I came across this information using my Spotify which has also been hacked into and would love your help hacking out of Spotify. Also, I have yet to figure out how to unhack the hackers from my Instagram so if you change your mind and want to restore my Instagram to its original form as well as help me secure my account from future privacy breaches, I’d be extremely grateful. As you know, changing my passwords did nothing to resolve the problem. Please keep in mind that Facebook owns Instagram and these are big companies that you likely don’t want to have a trail of evidence that you are a part of an Instagram and Spotify hacking ring. Also, Spotify is a major partner of Spotify so you are likely familiar with the coding for all of these illegally developed third party apps. I’d be grateful for your help fixing this error immediately.

Thank you,

[name redacted]

P.S. Please see attached screen dump for a screen shot of your contact info included in Spotify (or what more likely seems to be a hacked Spotify developed illegally by a third party).

Here’s the Instagram screenshot she sent me in a previous email:

I’ve tried to respond with calm and clear reasonable logic and technical details on why she’s seeing my name there. That clearly failed. What do I try next?

Howdy mozillians!

Last week – on Friday, January 15th – we held Aurora 45.0 Testday; and, of course, it was another outstanding event!

Thank you all – Mahmoudi Dris, Iryna Thompson, Chandrakant Dhutadmal, Preethi Dhinesh, Moin Shaikh, Ilse Macías, Hossain Al Ikram, Rezaul Huque Nayeem, Tahsan Chowdhury Akash, Kazi Nuzhat Tasnem, Fahmida Noor, Tazin Ahmed, Md. Ehsanul Hassan, Mohammad Maruf Islam, Kazi Sakib Ahmad, Khalid Syfullah Zaman, Asiful Kabir, Tabassum Mehnaz, Hasibul Hasan, Saddam Hossain, Mohammad Kamran Hossain, Amlan Biswas, Fazle Rabbi, Mohammed Jawad Ibne Ishaque, Asif Mahmud Shuvo, Nazir Ahmed Sabbir, Md. Raihan Ali, Md. Almas Hossain, Sadik Khan, Md. Faysal Alam Riyad, Faisal Mahmud, Md. Oliullah Sizan, Asif Mahmud Rony, Forhad Hossain and Tanvir Rahman – for the participation!

A big thank you to all our active moderators too!

Results:

• 15 issues were verified: 1235821, 1228518, 1165637, 1232647, 1235379, 842356, 1222971, 915962, 1180761, 1218455, 1222747, 1210752, 1198450, 1222820, 1225514
• 1 bug was triaged: 1230789
• some failures were mentioned for Search Refactoring feature in the etherpads (link 1 and link 2); please feel free to add the requested details in the etherpads or, even better, join us on #qa IRC channel and let’s figure them out

I strongly advise everyone of you to reach out to us, the moderators, via #qa during the events when you encountered any kind of failures. Keep up the great work! \o/

And keep an eye on QMO for upcoming events!

For the last three years I have had the opportunity to send out a reminder to Mozilla staff that Martin Luther King Jr. Day is coming up, and that U.S. employees get the day off. It has turned into my MLK Day eve ritual. I read his letters, listen to speeches, and then I compose a belabored paragraph about Dr. King with some choice quotes.

If you didn’t get a chance to celebrate Dr. King’s legacy and the movements he was a part of, you still have a chance:

• Watch Selma.
• Watch The Black Power Mixtape (it’s on Netflix).
• Read A Letter from a Birmingham Jail (it’s really really good).
• Listen to his speech Beyond Vietnam.
• Listen to his last speech I Have Been To The Mountaintop.

As I outlined in an earlier post, libmacro is a new crate designed to be used by procedural macro authors. It provides the basic API for procedural macros to interact with the compiler. I expect higher level functionality to be provided by library crates. In this post I'll go into a bit more detail about the API I think should be exposed here.

This is a lot of stuff. I've probably missed something. If you use syntax extensions today and do something with libsyntax that would not be possible with libmacro, please let me know!

I previously introduced MacroContext as one of the gateways to libmacro. All procedural macros will have access to a &mut MacroContext.

Tokens

I described the tokens module in the last post, I won't repeat that here.

There are a few more things I thought of. I mentioned a TokenStream which is a sequence of tokens. We should also have TokenSlice which is a borrowed slice of tokens (the slice to TokenStream's Vec). These should implement the standard methods for sequences, in particular they support iteration, so can be maped, etc.

In the earlier blog post, I talked about a token kind called Delimited which contains a delimited sequence of tokens. I would like to rename that to Sequence and add a None variant to the Delimiter enum. The None option is so that we can have blocks of tokens without using delimiters. It will be used for noting unsafety and other properties of tokens. Furthermore, it is useful for macro expansion (replacing the interpolated AST tokens currently present). Although None blocks do not affect scoping, they do affect precedence and parsing.

We should provide API for creating tokens. By default these have no hygiene information and come with a span which has no place in the source code, but shows the source of the token to be the procedural macro itself (see below for how this interacts with expansion of the current macro). I expect a make_ function for each kind of token. We should also have API for creating macros in a given scope (which do the same thing but with provided hygiene information). This could be considered an over-rich API, since the hygiene information could be set after construction. However, since hygiene is fiddly and annoying to get right, we should make it as easy as possible to work with.

There should also be a function for creating a token which is just a fresh name. This is useful for creating new identifiers. Although this can be done by interning a string and then creating a token around it, it is used frequently enough to deserve a helper function.

Emitting errors and warnings

Procedural macros should report errors, warnings, etc. via the MacroContext. They should avoid panicking as much as possible since this will crash the compiler (once catch_panic is available, we should use it to catch such panics and exit gracefully, however, they will certainly still meaning aborting compilation).

Libmacro will 're-export' DiagnosticBuilder from syntax::errors. I don't actually expect this to be a literal re-export. We will use libmacro's version of Span, for example.

impl MacroContext {
                pub fn struct_error(&self, &str) -> DiagnosticBuilder;
                pub fn error(&self, Option<Span>, &str);
                }

                pub mod errors {
                pub struct DiagnosticBuilder { ... }
                impl DiagnosticBuilder { ... }
                pub enum ErrorLevel { ... }
                }
            

There should be a macro try_emit!, which reduces a Result<T, ErrStruct> to a T or calls emit() and then calls unreachable!() (if the error is not fatal, then it should be upgraded to a fatal error).

Tokenising and quasi-quoting

The simplest function here is tokenize which takes a string (&str) and returns a Result<TokenStream, ErrStruct>. The string is treated like source text. The success option is the tokenised version of the string. I expect this function must take a MacroContext argument.

We will offer a quasi-quoting macro. This will return a TokenStream (in contrast to today's quasi-quoting which returns AST nodes), to be precise a Result<TokenStream, ErrStruct>. The string which is quoted may include metavariables ($x), and these are filled in with variables from the environment. The type of the variables should be either a TokenStream, a TokenTree, or a Result<TokenStream, ErrStruct> (in this last case, if the variable is an error, then it is just returned by the macro). For example,

fn foo(cx: &mut MacroContext, tokens: TokenStream) -> TokenStream {
                quote!(cx, fn foo() { $tokens }).unwrap()
                }
            

The quote! macro can also handle multiple tokens when the variable corresponding with the metavariable has type [TokenStream] (or is dereferencable to it). In this case, the same syntax as used in macros-by-example can be used. For example, if x: Vec<TokenStream> then quote!(cx, ($x),*) will produce a TokenStream of a comma-separated list of tokens from the elements of x.

Since the tokenize function is a degenerate case of quasi-quoting, an alternative would be to always use quote! and remove tokenize. I believe there is utility in the simple function, and it must be used internally in any case.

These functions and macros should create tokens with spans and hygiene information set as described above for making new tokens. We might also offer versions which takes a scope and uses that as the context for tokenising.

Parsing helper functions

There are some common patterns for tokens to follow in macros. In particular those used as arguments for attribute-like macros. We will offer some functions which attempt to parse tokens into these patterns. I expect there will be more of these in time; to start with:

pub mod parsing {
                // Expects `(foo = "bar"),*`
                pub fn parse_keyed_values(&TokenSlice, &mut MacroContext) -> Result<Vec<(InternedString, String)>, ErrStruct>;
                // Expects `"bar"`
                pub fn parse_string(&TokenSlice, &mut MacroContext) -> Result<String, ErrStruct>;
                }
            

To be honest, given the token design in the last post, I think parse_string is unnecessary, but I wanted to give more than one example of this kind of function. If parse_keyed_values is the only one we end up with, then that is fine.

Pattern matching

The goal with the pattern matching API is to allow procedural macros to operate on tokens in the same way as macros-by-example. The pattern language is thus the same as that for macros-by-example.

There is a single macro, which I propose calling matches. Its first argument is the name of a MacroContext. Its second argument is the input, which must be a TokenSlice (or dereferencable to one). The third argument is a pattern definition. The macro produces a Result<T, ErrStruct> where T is the type produced by the pattern arms. If the pattern has multiple arms, then each arm must have the same type. An error is produced if none of the arms in the pattern are matched.

The pattern language follows the language for defining macros-by-example (but is slightly stricter). There are two forms, a single pattern form and a multiple pattern form. If the first character is a { then the pattern is treated as a multiple pattern form, if it starts with ( then as a single pattern form, otherwise an error (causes a panic with a Bug error, as opposed to returning an Err).

The single pattern form is (pattern) => { code }. The multiple pattern form is {(pattern) => { code } (pattern) => { code } ... (pattern) => { code }}. code is any old Rust code which is executed when the corresponding pattern is matched. The pattern follows from macros-by-example - it is a series of characters treated as literals, meta-variables indicated with $, and the syntax for matching multiple variables. Any meta-variables are available as variables in the righthand side, e.g., $x becomes available as x. These variables have type TokenStream if they appear singly or Vec<TokenStream> if they appear multiply (or Vec<Vec<TokenStream>> and so forth).

Examples:

matches!(cx, input, (foo($x:expr) bar) => {quote(cx, foo_bar($x).unwrap()}).unwrap()

                matches!(cx, input, {
                () => {
                cx.err("No input?");
                }
                (foo($($x:ident),+ bar) => {
                println!("found {} idents", x.len());
                quote!(($x);*).unwrap()
                }
                }
                })
            

Note that since we match AST items here, our backwards compatibility story is a bit complicated (though hopefully not much more so than with current macros).

Hygiene

The intention of the design is that the actual hygiene algorithm applied is irrelevant. Procedural macros should be able to use the same API if the hygiene algorithm changes (of course the result of applying the API might change). To this end, all hygiene objects are opaque and cannot be directly manipulated by macros.

I propose one module (hygiene) and two types: Context and Scope.

A Context is attached to each token and contains all hygiene information about that token. If two tokens have the same Context, then they may be compared syntactically. The reverse is not true - two tokens can have different Contexts and still be equal. Contexts can only be created by applying the hygiene algorithm and cannot be manipulated, only moved and stored.

MacroContext has a method fresh_hygiene_context for creating a new, fresh Context (i.e., a Context not shared with any other tokens).

MacroContext has a method expansion_hygiene_context for getting the Context where the macro is defined. This is equivalent to .expansion_scope().direct_context(), but might be more efficient (and I expect it to be used a lot).

A Scope provides information about a position within an AST at a certain point during macro expansion. For example,

fn foo() {
                a
                {
                b
                c
                }
                }
            

a and b will have different Scopes. b and c will have the same Scopes, even if b was written in this position and c is due to macro expansion. However, a Scope may contain more information than just the syntactic scopes, for example, it may contain information about pending scopes yet to be applied by the hygiene algorithm (i.e., information about let expressions which are in scope).

Note that a Scope means a scope in the macro hygiene sense, not the commonly used sense of a scope declared with {}. In particular, each let statement starts a new scope and the items and statements in a function body are in different scopes.

The functions lookup_item_scope and lookup_statement_scope take a MacroContext and a path, represented as a TokenSlice, and return the Scope which that item defines or an error if the path does not refer to an item, or the item does not define a scope of the right kind.

The function lookup_scope_for is similar, but returns the Scope in which an item is declared.

MacroContext has a method expansion_scope for getting the scope in which the current macro is being expanded.

Scope has a method direct_context which returns a Context for items declared directly (c.f., via macro expansion) in that Scope.

Scope has a method nested which creates a fresh Scope nested within the receiver scope.

Scope has a static method empty for creating an empty scope, that is one with no scope information at all (note that this is different from a top-level scope).

I expect the exact API around Scopes and Contexts will need some work. Scope seems halfway between an intuitive, algorithm-neutral abstraction, and the scopes from the sets of scopes hygiene algorithm. I would prefer a Scope should be more abstract, on the other hand, macro authors may want fine-grained control over hygiene application.

Manipulating hygiene information on tokens,

pub mod hygiene {
                pub fn add(cx: &mut MacroContext, t: &Token, scope: &Scope) -> Token;
                // Maybe unnecessary if we have direct access to Tokens.
                pub fn set(t: &Token, cx: &Context) -> Token;
                // Maybe unnecessary - can use set with cx.expansion_hygiene_context().
                // Also, bad name.
                pub fn current(cx: &MacroContext, t: &Token) -> Token;
                }
            

add adds scope to any context already on t (Context should have a similar method). Note that the implementation is a bit complex - the nature of the Scope might mean we replace the old context completely, or add to it.

Applying hygiene when expanding the current macro

By default, the current macro will be expanded in the standard way, having hygiene applied as expected. Mechanically, hygiene information is added to tokens when the macro is expanded. Assuming the sets of scopes algorithm, scopes (for example, for the macro's definition, and for the introduction) are added to any scopes already present on the token. A token with no hygiene information will thus behave like a token in a macro-by-example macro. Hygiene due to nested scopes created by the macro do not need to be taken into account by the macro author, this is handled at expansion time.

Procedural macro authors may want to customise hygiene application (it is common in Racket), for example, to introduce items that can be referred to by code in the call-site scope.

We must provide an option to expand the current macro without applying hygiene; the macro author must then handle hygiene. For this to work, the macro must be able to access information about the scope in which it is applied (see MacroContext::expansion_scope, above) and to supply a Scope indicating scopes that should be added to tokens following the macro expansion.

pub mod hygiene {
                pub enum ExpansionMode {
                Automatic,
                Manual(Scope),
                }
                }

                impl MacroContext {
                pub fn set_hygienic_expansion(hygiene::ExpansionMode);
                }
            

We may wish to offer other modes for expansion which allow for tweaking hygiene application without requiring full manual application. One possible mode is where the author provides a Scope for the macro definition (rather than using the scope where the macro is actually defined), but hygiene is otherwise applied automatically. We might wish to give the author the option of applying scopes due to the macro definition, but not the introduction scopes.

On a related note, might we want to affect how spans are applied when the current macro is expanded? I can't think of a use case right now, but it seems like something that might be wanted.

Blocks of tokens (that is a Sequence token) may be marked (not sure how, exactly, perhaps using a distinguished context) such that it is expanded without any hygiene being applied or spans changed. There should be a function for creating such a Sequence from a TokenSlice in the tokens module. The primary motivation for this is to handle the tokens representing the body on which an annotation-like macro is present. For a 'decorator' macro, these tokens will be untouched (passed through by the macro), and since they are not touched by the macro, they should appear untouched by it (in terms of hygiene and spans).

Applying macros

We provide functionality to expand a provided macro or to lookup and expand a macro.

pub mod apply {
                pub fn expand_macro(cx: &mut MacroContext,
                expansion_scope: Scope,
                macro: &TokenSlice,
                macro_scope: Scope,
                input: &TokenSlice)
                -> Result<(TokenStream, Scope), ErrStruct>;
                pub fn lookup_and_expand_macro(cx: &mut MacroContext,
                expansion_scope: Scope,
                macro: &TokenSlice,
                input: &TokenSlice)
                -> Result<(TokenStream, Scope), ErrStruct>;
                }
            

These functions apply macro hygiene in the usual way, with expansion_scope dictating the scope into which the macro is expanded. Other spans and hygiene information is taken from the tokens. expand_macro takes pending scopes from macro_scope, lookup_and_expand_macro uses the proper pending scopes. In order to apply the hygiene algorithm, the result of the macro must be parsable. The returned scope will contain pending scopes that can be applied by the macro to subsequent tokens.

We could provide versions that don't take an expansion_scope and use cx.expansion_scope(). Probably unnecessary.

pub mod apply {
                pub fn expand_macro_unhygienic(cx: &mut MacroContext,
                macro: &TokenSlice,
                input: &TokenSlice)
                -> Result<TokenStream, ErrStruct>;
                pub fn lookup_and_expand_macro_unhygienic(cx: &mut MacroContext,
                macro: &TokenSlice,
                input: &TokenSlice)
                -> Result<TokenStream, ErrStruct>;
                }
            

The _unhygienic variants expand a macro as in the first functions, but do not apply the hygiene algorithm or change any hygiene information. Any hygiene information on tokens is preserved. I'm not sure if _unhygienic are the right names - using these is not necessarily unhygienic, just that we are automatically applying the hygiene algorithm.

Note that all these functions are doing an eager expansion of macros, or in Scheme terms they are local-expand functions.

Looking up items

The function lookup_item takes a MacroContext and a path represented as a TokenSlice and returns a TokenStream for the item referred to by the path, or an error if name resolution failed. I'm not sure where this function should live.

Interned strings

pub mod strings {
                pub struct InternedString;

                impl InternedString {
                pub fn get(&self) -> String;
                }

                pub fn intern(cx: &mut MacroContext, s: &str) -> Result<InternedString, ErrStruct>;
                pub fn find(cx: &mut MacroContext, s: &str) -> Result<InternedString, ErrStruct>;
                pub fn find_or_intern(cx: &mut MacroContext, s: &str) -> Result<InternedString, ErrStruct>;
                }
            

intern interns a string and returns a fresh InternedString. find tries to find an existing InternedString.

Spans

A span gives information about where in the source code a token is defined. It also gives information about where the token came from (how it was generated, if it was generated code).

There should be a spans module in libmacro, which will include a Span type which can be easily inter-converted with the Span defined in libsyntax. Libsyntax spans currently include information about stability, this will not be present in libmacro spans.

If the programmer does nothing special with spans, then they will be 'correct' by default. There are two important cases: tokens passed to the macro and tokens made fresh by the macro. The former will have the source span indicating where they were written and will include their history. The latter will have no source span and indicate they were created by the current macro. All tokens will have the history relating to expansion of the current macro added when the macro is expanded. At macro expansion, tokens with no source span will be given the macro use-site as their source.

Spans can be freely copied between tokens.

It will probably useful to make it easy to manipulate spans. For example, rather than point at the macro's defining function, point at a helper function where the token is made. Or to set the origin to the current macro when the token was produced by another which should an implementation detail. I'm not sure what such an interface should look like (and is probably not necessary in an initial library).

Feature gates

pub mod features {
                pub enum FeatureStatus {
                // The feature gate is allowed.
                Allowed,
                // The feature gate has not been enabled.
                Disallowed,
                // Use of the feature is forbidden by the compiler.
                Forbidden,
                }

                pub fn query_feature(cx: &MacroContext, feature: Token) -> Result<FeatureStatus, ErrStruct>;
                pub fn query_feature_by_str(cx: &MacroContext, feature: &str) -> Result<FeatureStatus, ErrStruct>;
                pub fn query_feature_unused(cx: &MacroContext, feature: Token) -> Result<FeatureStatus, ErrStruct>;
                pub fn query_feature_by_str_unused(cx: &MacroContext, feature: &str) -> Result<FeatureStatus, ErrStruct>;

                pub fn used_feature_gate(cx: &MacroContext, feature: Token) -> Result<(), ErrStruct>;
                pub fn used_feature_by_str(cx: &MacroContext, feature: &str) -> Result<(), ErrStruct>;

                pub fn allow_feature_gate(cx: &MacroContext, feature: Token) -> Result<(), ErrStruct>;
                pub fn allow_feature_by_str(cx: &MacroContext, feature: &str) -> Result<(), ErrStruct>;
                pub fn disallow_feature_gate(cx: &MacroContext, feature: Token) -> Result<(), ErrStruct>;
                pub fn disallow_feature_by_str(cx: &MacroContext, feature: &str) -> Result<(), ErrStruct>;
                }
            

The query_* functions query if a feature gate has been set. They return an error if the feature gate does not exist. The _unused variants do not mark the feature gate as used. The used_ functions mark a feature gate as used, or return an error if it does not exist.

The allow_ and disallow_ functions set a feature gate as allowed or disallowed for the current crate. These functions will only affect feature gates which take affect after parsing and expansion are complete. They do not affect feature gates which are checked during parsing or expansion.

Question: do we need the used_ functions? Could just call query_ and ignore the result.

Attributes

We need some mechanism for setting attributes as used. I don't actually know how the unused attribute checking in the compiler works, so I can't spec this area. But, I expect MacroContext to make available some interface for reading attributes on a macro use and marking them as used.

Over the last 3 weeks, based on feedback we proceeded fledging out the concepts and the code behind Skizze.
Neil Patel suggested the following:

So I've been thinking about the server API. I think we want to choose one thing and do it as well as possible, instead of having six ways to talk to the server. I think that helps to keep things sane and simple overall.

Thinking about usage, I can only really imagine Skizze in an environment like ours, which is high-throughput. I think that is it's 'home' and we should be optimising for that all day long.

Taking that into account, I believe we have two options:

1. We go the gRPC route, provide .proto files and let people use the existing gRPC tooling to build support for their favourite language. That means we can happily give Ruby/Node/C#/etc devs a real way to get started up with Skizze almost immediately, piggy-backing on the gRPC docs etc.

2. We absorb the Redis Protocol. It does everything we need, is very lean, and we can (mostly) easily adapt it for what we need to do. The downside is that to get support from other libs, there will have to be actual libraries for every language. This could slow adoption, or it might be easy enough if people can reuse existing REDIS code. It's hard to tell how that would end up.

gRPC is interesting because it's built already for distributed systems, across bad networks, and obviously is bi-directional etc. Without us having to spend time on the protocol, gRPC let's us easily add features that require streaming. Like, imagine a client being able to listen for changes in count/size and be notified instantly. That's something that gRPC is built for right now.

I think gRPC is a bit verbose, but I think it'll pay off for ease of third-party lib support and as things grow.

The CLI could easily be built to work with gRPC, including adding support for streaming stuff etc. Which could be pretty exciting.

That being said, we gave Skizze a new home, where based on feedback we developed .proto files and started rewriting big chunks of the code.

We added a new wrapper called "domain" which represents a stream. It wraps around Count-Min-Log, Bloom Filter, Top-K and HyperLogLog++, so when feeding it values it feeds all the sketches. Later we intend to allow attaching and detaching sketches from "domains" (We need a better name).

We also implemented a gRPC API which should allow easy wrapper creation in other languages.

Special thanks go to Martin Pinto for helping out with unit tests and Soren Macbeth for thorough feedback and ideas about the "domain" concept.
Take a look at our initial REPL work there:

click for GIF

Note: I don’t work for Mozilla any more, so (like Adele) these are my thoughts ‘from the outside’…

Introduction

Open Badges is no longer a Mozilla project. In fact, it hasn’t been for a while — the Badge Alliance was set up a couple of years ago to promote the specification on a both a technical and community basis. As I stated in a recent post, this is a good thing and means that the future is bright for Open Badges.

However, Mozilla is still involved with the Open Badges project: Mark Surman, Executive Director of the Mozilla Foundation, sits on the board of the Badge Alliance. Mozilla also pays for contractors to work on the Open Badges backpack and there were badges earned at the Mozilla Festival a few months ago.

Although it may seem strange for those used to corporates interested purely in profit, Mozilla creates what the open web needs at any given time. Like any organisation, sometimes it gets these wrong, either because the concept was flawed, or because the execution was poor. Other times, I’d argue, Mozilla doesn’t give ideas and concepts enough time to gain traction.

The end of Persona at Mozilla

Open Badges, at its very essence, is a technical specification. It allows credentials with metadata hard-coded into them to be issued, exchanged, and displayed. This is done in a secure, standardised manner.

For users to be able to access their ‘backpack’ (i.e. the place they store badges) they needed a secure login system.Back in 2011 at the start of the Open Badges project it made sense to make use of Mozilla’s nascent Persona project. This aimed to provide a way for users to easily sign into sites around the web without using their Facebook/Google logins. These ‘social’ sign-in methods mean that users are tracked around the web — something that Mozilla was obviously against.

By 2014, Persona wasn’t seen to be having the kind of ‘growth trajectory’ that Mozilla wanted. The project was transferred to community ownership and most of the team left Mozilla in 2015. It was announced that Persona would be shutting down as a Mozilla service in November 2016. While Persona will exist as an open source project, it won’t be hosted by Mozilla.

What this means for Open Badges

Although I’m not aware of an official announcement from the Badge Alliance, I think it’s worth making three points here.

1. You can still use Persona

If you’re a developer, you can still use Persona. It’s open source. It works.

2. Persona is not central to the Open Badges Infrastructure

The Open Badges backpack is one place where users can store their badges. There are others, including the Open Badge Passport and Open Badge Academy. MacArthur, who seed-funded the Open Badges ecosystem, have a new platform launching through LRNG.

It is up to the organisations behind these various solutions as to how they allow users to authenticate. They may choose to allow social logins. They may force users to create logins based on their email address. They may decide to use an open source version of Persona. It’s entirely up to them.

3. A post-Persona badges system has its advantages

The Persona authentication system runs off email addresses. This means that transitioning from Persona to another system is relatively straightforward. It has, however, meant that for the past few years we’ve had a recurrent problem: what do you do with people being issued badges to multiple email addresses?

Tying badges to emails seemed like the easiest and fastest way to get to a critical mass in terms of Open Badge adoption. Now that’s worked, we need to think in a more nuanced way about allowing users to tie multiple identities to a single badge.

Conclusion

Persona was always a slightly awkward fit for Open Badges. Although, for a time, it made sense to use Persona for authentication to the Open Badges backpack, we’re now in a post-Persona landscape. This brings with it certain advantages.

As Nate Otto wrote in his post Open Badges in 2016: A Look Ahead, the project is growing up. It’s time to move beyond what was expedient at the dawn of Open Badges and look to the future. I’m sad to see the decline of Persona, but I’m excited what the future holds!

Header image CC BY-NC-SA Barbara

The last Mozilla All-Hands was at one of the hotels in the Walt Disney World Resort in Florida. Every attendee was issued with one of these (although their use was optional):

It’s called a “Magic Band”. You register it online and connect it to your Disney account, and then it can be used for park entry, entry to pre-booked rides so you don’t have to queue (called “FastPass+”), payment, picking up photos, as your room key, and all sorts of other convenient features. Note that it has no UI whatsoever – no lights, no buttons. Not even a battery compartment. (It does contain a battery, but it’s not replaceable.) These are specific design decisions – the aim is for ultra-simple convenience.

One of the talks we had at the All Hands was from one of the Magic Band team. The audience reactions to some of the things he said was really interesting. He gave the example of Cinderella wishing you a Happy Birthday as you walk round the park. “Cinderella just knows”, he said. Of course, in fact, her costume’s tech prompts her when it silently reads your Magic Band from a distance. This got some initial impressed applause, but it was noticeable that after a few moments, it wavered – people were thinking “Cool… er, but creepy?”

The Magic Band also has range sufficient that Disney can track you around the park. This enables some features which are good for both customers and Disney – for example, they can use it for load balancing. If one area of the park seems to be getting overcrowded, have some characters pop up in a neighbouring area to try and draw people away. But it means that they always know where you are and where you’ve been.

My take-away from learning about the Magic Band is that it’s really hard to have a technical solution to this kind of requirement which allows all the Convenient features but not the Creepy features. Disney does offer an RFID-card-based solution for the privacy-conscious which does some of these things, but not all of them. And it’s easier to lose. It seems to me that the only way to distinguish the two types of feature, and get one and not the other, is policy – either the policy of the organization, or external restrictions on them (e.g. from a watchdog body’s code of conduct they sign up to, or from law). And it’s often not in the organization’s interest to limit themselves in this way.

Chances are, your guess is wrong!

Arrogance towards possible customers never pays out – as shown in “Pretty Woman”

There is nothing more frustrating than being capable of something and not getting a chance to do it. The same goes for being blocked out from something although you are capable of consuming it. Or you’re even willing to put some extra effort or even money in and you still don’t get to consume it.

For example, I’d happily pay $50 a month to get access to Netflix’s world-wide library from any country I’m in. But the companies Netflix get their content from won’t go for that. Movies and TV show are budgeted by predicted revenue in different geographical markets with month-long breaks in between the releases. A world-wide network capable of delivering content in real time? Preposterous — let’s shut that down.

On a less “let’s break a 100 year old monopoly” scale of annoyance, I tweeted yesterday something glib and apparently cruel:

“Sorry, but your browser does not support WebGL!” – sorry, you are a shit coder.

And I stand by this. I went to a web site that promised me some cute, pointless animation and technological demo. I was using Firefox Nightly — a WebGL capable browser. I also went there with Microsoft Edge — another WebGL capable browser. Finally, using Chrome, I was able to delight in seeing an animation.

I’m not saying the creators of that thing lack in development capabilities. The demo was slick, beautiful and well coded. They still do lack in two things developers of web products (and I count apps into that) should have: empathy for the end user and an understanding that they are not in control.

Now, I am a pretty capable technical person. When you tell me that I might be lacking WebGL, I know what you mean. I don’t lack WebGL. I was blocked out because the web site did browser sniffing instead of capability testing. But I know what could be the problem.

A normal user of the web has no idea what WebGL is and — if you’re lucky — will try to find it on an app store. If you’re not lucky all you did is confuse a person. A person who went through the effort to click a link, open a browser and wait for your thing to load. A person that feels stupid for using your product as they have no clue what WebGL is and won’t ask. Humans hate feeling stupid and we do anything not to appear it or show it.

This is what I mean by empathy for the end user. Our problems should never become theirs.

A cryptic error message telling the user that they lack some technology helps nobody and is sloppy development at best, sheer arrogance at worst.

The web is, sadly enough, littered with unhelpful error messages and assumptions that it is the user’s fault when they can’t consume the thing we built.

Here’s a reality check — this is what our users should have to do to consume the things we build:

That’s right. Nothing. This is the web. Everybody is invited to consume, contribute and create. This is what made it the success it is. This is what will make it outlive whatever other platform threatens it with shiny impressive interactions. Interactions at that time impossible to achieve with web technologies.

Whenever I mention this, the knee-jerk reaction is the same:

How can you expect us to build delightful experiences close to magic (and whatever other soundbites were in the last Apple keynote) if we keep having to support old browsers and users with terrible setups?

You don’t have to support old browsers and terrible setups. But you are not allowed to block them out. It is a simple matter of giving a usable interface to end users. A button that does nothing when you click it is not a good experience. Test if the functionality is available, then create or show the button. This is as simple as it is.

If you really have to rely on some technology then show people what they are missing out on and tell them how to upgrade. A screenshot or a video of a WebGL animation is still lovely to see. A message telling me I have no WebGL less so.

Even more on the black and white scale, what the discussion boils down to is in essence:

But it is 2016 — surely we can expect people to have JavaScript enabled — it is after all “the assembly language of the web”

Despite the cringe-worthy misquote of the assembly language thing, here is a harsh truth:

You can absolutely expect JavaScript to be available on your end users computers in 2016. At the same time it is painfully naive to expect it to work under all circumstances.

JavaScript is brittle. HTML and CSS both are fault tolerant. If something goes wrong in HTML, browsers either display the content of the element or try to fix minor issues like unclosed elements for you. CSS skips lines of code it can’t understand and merrily goes on its way to show the rest of it. JavaScript breaks on errors and tells you that something went wrong. It will not execute the rest of the script, but throws in the towel and tells you to get your house in order first.

There are many outside influences that will interfere with the execution of your JavaScript. That’s why a non-naive and non-arrogant — a dedicated and seasoned web developer — will never rely on it. Instead, you treat it as an enhancement and in an almost paranoid fashion test for the availability of everything before you access it.

Sorry (not sorry) — this will never go away. This is the nature of JavaScript. And it is a good thing. It means we can access new features of the language as they come along instead of getting stuck in a certain state. It means we have to think about using it every time instead of relying on libraries to do the work for us. It means that we need to keep evolving with the web — a living and constantly changing medium, and not a software platform. That’s just part of it.

This is why the whole discussion about JavaScript enabled or disabled is a massive waste of time. It is not the availability of JavaScript we need to worry about. It is our products breaking in perfectly capable environments because we rely on perfect execution instead of writing defensive code. A tumblr like Sigh, JavaScript is fun, but is pithy finger-pointing.

There is nothing wrong with using JavaScript to build things. Just be aware that the error handling is your responsibility.

Any message telling the user that they have to turn on JavaScript to use a certain product is a proof that you care more about your developer convenience than your users.

It is damn hard these days to turn off JavaScript – you are complaining about a almost non-existent issue and tell the confused user to do something they don’t know how to.

The chance that something in the JavaScript execution of any of your dozens of dependencies went wrong is much higher – and this is your job to fix. This is why advice like using noscript to provide alternative content is terrible. It means you double your workload instead of enhancing what works. Who knows? If you start with something not JavaScript dependent (or running it server side) you might find that you don’t need the complex solution you started with in the first place. Faster, smaller, easier. Sounds good, right?

So, please, stop sniffing my browser, you will fail and tell me lies. Stop pretending that working with a brittle technology is the user’s fault when something goes wrong.

As web developers we work in the service industry. We deliver products to people. And keeping these people happy and non-worried is our job. Nothing more, nothing less.

Without users, your product is nothing. Sure, we are better paid and well educated and we are not flipping burgers. But we have no right whatsoever to be arrogant and not understanding that our mistakes are not the fault of our end users.

Our demeanor when complaining about how stupid our end users and their terrible setups are reminds me of this Mitchell and Webb sketch.

Don’t be that person. Our job is to enable people to consume, participate and create the web. This is magic. This is beautiful. This is incredibly rewarding. The next markets we should care about are ready to be as excited about the web as we were when we first encountered it. Browsers are good these days. Use what they offer after testing for it and enjoy what you can achieve. Don’t tell the user when things go wrong – they can not fix what you messed up.

This is a brown paper bag release. It turns out I managed to break the upgrade
path only 10 commits before the release.

What’s new since 0.3.0?

• git cinnabar fsck doesn’t fail to upgrade metadata.
• The remote.$remote.cinnabar-draft config works again.
• Don’t fail to clone an empty repository.
• Allow to specify mercurial configuration items in a .git/hgrc file.

This post has been written about the Mozilla Foundation (MoFo) 2020 strategy.

The ideas developed in this post are in different levels: some are global, some focus on particular points of the proposed draft. But in my point of view, they all carry a transversal meaning: articulation (as piece connected to a structure allowing movement) with others and consistency with our mission.

Summary

On the way to radical participation, Mozilla should be radical ¹ user-centric. Mozilla should not go against the social understanding of the (tech and whole society) situation because it’s what is massively shared and what polarizes the prism of understanding of the society. We should built solutions for it and transform (develop and change) it on the way. Our responsibility is to build inclusivity (inclusion strengths) everywhere, to gather for multiplying our impact. We must build (progressive) victories instead of battles (of static positions and postures).
If we don’t do it, we go against users self-perceived need: use. We value our differences more than our commonalities and consider ethic more as an absolute objective than a concrete process: we divide, separate, compete. Our solutions get irrelevant, we get rejected and marginalized, we reject compromises that improve the current situation for the ideal, we loose influence and therefore impact on the definition of the present and future. We already done it for the good and the bad in the past (H.264+Daala, pocket integration, Hello login, no Firefox for iOS, Google fishing vs Disconnect, FxOS Notes app which sync is evernote only, …).
To get a consistent and impactful ability to integrate and transform the social understanding, there are four domains where we can take and articulate (connected structure allowing movement) action:

• People: identity is the key to grow consciousness, understanding, skills, voice, representation and to articulate global/local, personal/common. [Activate]
• Technology: universality is key for a platform (for resilience) with interfaces (for modularity) where services, features and front-ends can plug-in and communicate to provide (inter)active support ; Decouple conditions of fulfillment with execution (content/appearance/policy ; material/immaterial) to support remix (policy continuity, consistency thought providers, …). [Unlock]
• Product: persona and (current and emerging) use via user-agents are the keys. Be on all major platforms depending on use, ethical alignment and opportunities, emerging newness to provide continuity (task, device) to users and leading on new practices. Features should be about products parity and opening new possibilities carrying our values to the action at a massive scale. [Build]
• Organizations/institutions: sociological innovation for participation is the key. Research on historical (evolution) and sociological (human organizations, social institutions and social behaviors) analysis based on social networks (link as social interactions), in the perspective of producing commons. [Drive]

Our front has two sides: propose and protect. But each of them are connected and can have different strategic expressions, if our actions generate improving (progressive) curves:

• For the action taking: consciousness, understanding, symbolic actions, behavior change, behavior advocacy (evangelism)
• For the action mode: promotion (spreading the idea), incitement (giving a competitive advantage to people involved), collaboration (open interactions to make a win-win exchange; process-centric), contractualization (formalize domains where a win-win exchange is made; object-centric), coercion (giving a competitive disadvantage to people not involved).

Social history is a history of social values. The way we understand and tell the problem determine the solution we can create: we need, all the way long, a shared understanding. Tools and technologies are not tied, bound forever to their social value, which depends on people’s social representations that evolve over time.

• The social behavior is a first key. It is the narrative, and therefore its inclusion in the social history that we make, which converges the product with the values that it stands for. Here is the articulation of product with people and technology, of product with leadership network and advocacy engine (it could be less persistent and inclusive: marketing).
• The social organization is a second key. It is about how the process, the tools, the architecture, the governance and the opportunities/constraints have changed for Mozilla (org) and Mozillians (people). Here comes the question of being open. It is not enough because it is about availability (passive) and not inclusivity (active). The high level of automation coming is a challenge. We should level-up the meaning to differentiate from others: Mozilla should activate and unlock societal progress to build fair technical progress. Mozilla need to identify its resilient backbone (not only a technology, the web, but something that articulate people, technology and products) and make it more universal (through people and products). But our goals can’t be absolutely achieved because they have to be considered in a dynamic context. However, the brand engagement is persistent, if it’s included in the product, visible, and centered on easing the user’s action.
  Linked to the ‘being open’ question, the advocacy engine could be a thing to unlock societal progress. People are satisfied of narrow hills of choice until they understand it’s not socially neutral. It’s the case with technology: they accept things about technology to be build top-down. A successful advocacy, even one about technology, is always built bottom-up, as its function is to give back the voice to the people, to get them involved, not to make them fulfill our predefined aims. The top-down method is too organization centric and administrative content centric: it can’t massively drive people that are not already committed to the org. It’s usually named advertisement or propaganda. If we want to have an impact, we should listen to people needs, not tell them to listen to ours. People want (first) to be empowered, not to empower an org. We need to have content and user centric (not org and it’s process) tools/platform for advocates and leaders: let’s build the technology advocacy plan together. Yes it’s slower, but much more massive, inclusive and persistent. The impact will be higher because it will carry a meaning for people and it wont be too org centric. So it will be qualitatively better: not just an amount, accumulation is not our goal, but impact, that comes from articulation. Likewise we should be careful to not use best practice as absolute solutions, but as solutions in a context, if we want to transpose them massively: when we unify we should avoid to homogenize. On the narrative side, our preoccupation should be about building short, medium and long term narrative to get action.
• The social institutions are the third key. Here is the articulation of the leadership network with the advocacy engine. Leaders build new solutions (products) and Advocates new voices (rallying), they are both about personal development and empower commons. Leadership=learn+create and advocacy=teach+spread commons. Leaders are projects/orgs leaders, the ones that traduce DNA (values) in products (concrete ability and availability). Advocates are values advocates, the ones that traduce DNA (values) in actions (behavior). As they are both targeting commons, they both produce the same social organization (collaboration instead of competition). They are both involved in creating (different) representations (institutions) and organizations (foundation/firms) but with a different DNA (values) processing: from public good to personal benefit or from personal interest to public benefit. If Mozilla cares about public good resilience, the articulation of their domains of values is critical. So, on the social organization side, their articulation’s expression and the revision process must be said and clear: from hierarchy or contract or different autonomy levels (internal incubation and external advocacy), or … to criteria to start a revision. About the narrative, and hence about the social behavior side, leaders carry a lot of legitimacy and avoid the stay-experimental or non-massive (unique) thoughts. And we need legitimacy to get impact. But this legitimacy is already present if we make clear that our actions are about commons. We should name them creators (compositors or managers) to make it clear that the creative process is a collaboration, made by a team and that the public good do not have the same role in the process and outcome. Full circle.
• The social networks are the keystone. Let’s shortly take an example based on social networks (link as social interactions) with the perspective of producing people, technological and product commons. We need better tools for collaboration and participation: tools that merge discussion channels, capitalize on the discussion and preview the results to build a plan. From evolving the wiki discussion page to feature document production into peer-to-peer discussion.

An analysis of the creation process is another way to the articulation of product with people and technology.
Platforms move closer to strict ‘walled garden’ ecosystems. We need bridges from lab to home that carry different mix of customization and reliability to support the emancipation curve. We need to build pathways thought audiences and thought IT layers (content, software, hardware, distant service). We should find a convergence between customization (dev code patch to users add-ons) and reliability (self made to mass product), between first time experience, support and add-ons thought all our users’ persona by building bridges, pathways. Mozilla should find ways to integrate learning in its products, in-content, as we have code comment on code: on-boarding levels, progression from simple to high level techniques, reproducible/universal next task/skill building.

Detailed discussion content

Here are the developed ideas, with more reference to our allies and detractors’ products.

People, the sociological side

From focused to systemic action

First of all, I think the strategy move Mozilla is doing is the right one as it embraces more our real life. People are not defined by one characteristic, we are complex: ex. we can be pedestrian, car driver, biker, Public Transport user… we think and do simultaneously. So why Mozilla should restrict its strategy by targeting people on skills, through education, thought better material only (the Mozilla Academy program). Education, even popular education, can’t do everything for the people to build change. We need a plan that balance intellectual and practical (abstraction/action, think/do) integrating progressive paths to massively scale so we get an impact: build change.

Real life: Social history, individuals and institutions as an articulation founding the action.

Let’s start by some definitions based on my understanding of some Wikipedia articles. Sociology is the study of the evolution of societies: human organizations and social institutions. It is about the impact of the social dimension on humans representations (ways of thinking) and behaviors (ways of acting). It allows to study the conceptions of social relations according to fundamental criteria (structuralism, functionalism, conventionalism, etc.) and the hooks to reality (interactionism, institutionalism, regulationisme, actionism, etc.), to think and shape the modernity. Currently (and this is key for Mozilla’s positioning), the combination of models replace the models’ unity, which aims to assume the multidimensionality. There are three major sociological paradigms, including one emerging:

• The holistic paradigm: Society is a whole that is greater than the sum of its parts, it exists before the individual and individuals are governed by it. In this context, the Society includes the individual and the individual consciousness is seen only as a fragment of the collective consciousness. The emphasis is on the social fact, whose cause must be sought in earlier social facts. The social fact is part of a system of interlocking institutions that govern individuals. It is external to the individual and constraint it. Sociology is then the science of institutional invariants in which are the observable phenomenas.
• The atomistic paradigm: each individual is a social atom. The atoms act according to self motives, interests, emotions and are linked to other atoms. A system of constant interaction between atoms produces and reproduces Society. The emphasis is on the cause of social actions and the meaning given by individuals to their actions. A horizon of meanings serve as reference instead of the arrangements of institutions. The institution is there but it serves the motives and interests of agents. Sociology is then the study of the social action.
• The recent emergence of a sociological analysis based on social networks (which are a collection of individuals or organizations connected by regular social interactions) suggest lines of research beyond the opposition between the holistic and the atomistic approaches. The theory of social networks conceives social relationships in terms of nodes and links. The nodes are usually social actors in the network but can also represent institutions, and links are the relationships between these nodes. There may be several kinds of links between nodes and their analysis determines social capital of the social actors.

Consequently, Mozilla should build its strategy on historical (evolution) and sociological (human organizations, social institutions and social behaviors) analysis based on social networks (links as social interactions), in the perspective of producing commons. That is to say as an engine of transition from a model of value on its last leg (rarity capitalism) to the emerging one (new articulation of the individual and the collective: commons).
It is important and strategic to propose a sociological articulation supporting our mission and its purpose (commons) since the sociological concept (the paradigm) reveals an ideological characteristic: because it participates in societal movements made in the Society, it serves an ideal. The societal domain, what’s making society, a political object, should be a stake for Mozilla.

Build on a basement: current tech challenge articulated with current social meaning/perception

We should articulate ‘our real life’ with the nowadays tech challenge: how to get back control over our data at the time of IoT, cloud, big data, convergence (multi-devices/form factor)? From a user point of view, we have devices and want them convenient, easy and nice. The big moves in the tech industry (IoT, cloud, big data, convergence) free us for somethings and lock us for others. The lock key is that our devices don’t compute anymore our data that are in silos. From a developer point of view, the innovation is going very fast and it’s hard to have a complete open source toolbox that we can share, mostly because we don’t lead: Open has turn to be more open-releasing.
We should articulate our new strategy with the tech industry moves: for example, as a user, how can I get (email) encryption on all my devices? Should I follow (fragmented) different kind of howtos/tools/apps to achieve that? How do I know these are consistent together? How can I be sure it won’t brake my continuous workflow? (app silo? social silo? level of trust and reliability?)
Mozilla have the skills to answer this as we already faced and solved some of these issues on particular points: like how to ease the installation of Firefox for Android for Firefox desktop users, open and discoverable choice of search engines, synchronization across devices, …
Mozilla’s challenge is to not be marginalized by the change of practices. Having an impact is embracing the new practice and give it an alternative. Mozilla already made that move by saying « Firefox will go where users are« , by trying to balance the advertisement practice between adds companies and users, by integrating H.264 and developing Daala. But Mozilla never stated that clearly as a strategy.

A backbone to make our mission resilient in it expressions

If we think about the Facebook’s strategy, they first built a network of people whiling to share (no matter what they share) and then use this transversal backbone to power vertical business segments (search, donation, local market selling, …). Google with its search engine and its open source policy have a similar (in a way) strategy. The difference here is that the backbone is people’s data and control over digital formats. In both cases, the level of use (of the social network, search engine, mobile OS, …) is the key (with fast innovation) to have an impact. And that’s a major obstacle to build successful alternatives.
The proposed Mozilla’s strategy is built in the opposite way, and that’s questioning. We try to build people network depending on some shared matters. Then, is our strategy able to scale enough to compete against GAFAM, or are we trying to build a third way ?
For the products, the Mozilla’s strategy is still (and has always been) inclusive: everybody can use the product and then benefit of its open web values. A good product that answer people needs, plus giving people back/new power (allow new use) build a big community. For the network, should we build our global force of people based on concentric circles (of shared matters) or based on a (Mozilla own) transversal backbone (matter agnostic)? It seems to me the actual presentation of the strategy do not answer clearly enough this big question: which inclusivity (inclusion strengths) mechanism in the strategy?
And that call back to our product strategy: build a community that shares values, that is used to spread outcomes (product) OR build a community that shares a product, that is used to spread values. This is not a question on what matters more (product VS values) but on the strategy to get to a point, an objective (many web citizens). Shouldn’t we use our product to built a people network backbone ? Back to GAFAM: what can we learn from the Google try with Google+?
If our core is not enough transversal (the backbone), more new web/tech market there will be, more we will be marginalized, because focused on our circles center not taking in account that the war front (the context) have changed. Mozilla have to be resilient: mutability of the means, stability in the objectives.
The document is the MoFo strategy, and so it doesn’t say anything about ‘build Firefox’ (aka the product strategy) and so don’t articulate our main product (Firefox) with our main people network building effort and values sharing engine. We should do it: at a strategic scale and a particular scale (articulating the agenda-setting with main product features).

Brand engagement, a psychological backbone on the user side ?

It seems that our GAFAM challengers get big and have impact by not educating (that much) people, and that’s what makes them not involved in the web citizenship. Or only when they are pushed by their customers. At the opposite, making people aware about web citizenship at first, makes it hard to have that much people involved and so to have impact. However, there is an other prism that drive people: the brand perceived values. Google is seen as a tech pioneer innovator and doing the good because of its open policy, free model, fast innovation… Facebook is seen as really cool firm trying to help people by connecting them…
Is the increase of marketing of Mozilla doing good enough to gains back users ? Is this resilient compared to the next-tech-thing coming ?
Most of the time when I meet Goggle Chrome users and ask then why they use it and don’t switch to Firefox, they answer about use allowed (sync thought devices, apps everywhere that run only on GC, …). Sometimes, they argue that they make effort on other areas, and that they want to keep they digital life simple. They experience is not centered in a product/brand, but more on the person: on that Google Chrome with its Person (with one click ‘auto-login’ to all Google services) is far superior than Firefox.

User-agent or products ?

A user-agent is an intermediary acting on behalf of a supplier. As a representative, it is the contact point with customers; It’s role is to manage, to administer the affairs; it is entrusted with a mission by one or more persons; it both acts and produce an effect.
So, the user-agent can be describe with three criteria. It is: an intermediate (user/technology) ; a tool (used to manage and administrate depending on the user’s skills) ; a representative (mission bearer, values vector, for a group of people). It exceeds partly the contradiction between being active and passive.
A user-agent articulate personal-identity with technology-identity and give informations about available skills over these domains. It’s much more universal than a product that is about featuring a user-agent. If we target resilience, user-agent should be the target.

Social history, marketing: how we understand things to make choices

History of the social value

The way we look at the past and current facts shape our understanding and determine if we open new ways to solve the issues identified. That’s the way to understand the challenges that come on the way and to agree on an adaptation of the strategy instead of splitting things. The way we understand and tell the problem determine the solution we can create: we need, all the way long, a shared understanding.
Tools and technologies are not necessarily tied to their social value, which depends on social representations. The social value can be built upstream and evolve downstream. It also depends on the perspective in which we look at it, on the understanding of the action and therefore on past or current history. Example: the social value of a weapon can be a potential danger or defense, creative (liberating) or destructive. The nuclear bomb is a weapon of mass destruction (negative), whose social value was (ingeniously built as) freedom (positive).

Impact in our strategy: a missing root

To engage the public, before to « Focus on creative campaigns that use media + software to engage the public. » we need to step back, in our speeding world, for understanding together the big picture and the big movement.
Mozilla want to fuel a movement and propose a strong and consistent strategy. However, I think this plan miss a key point, a root point: build a common (hi)story. This should be an objective, not just an action.
Also, that’s maybe a missing root for the State of the web report: how do we understand what we want to evaluate? But it’s not only a missing root for an (annual?) report (a ‘Reporters without borders’ Press-Freedom like?), it’s a missing root for a new grow of our products’ market share.
For example, I do think that most users don’t know and understand that Mozilla is a foundation, Firefox build by a community as a product to keep the web healthy: they don’t imagine any meaning about technology, because they see it as a neutral tool at its root, so as a tool that should just fit they producing needs.
Firefox, its technologies and its features are not bound for ever. It is the narrative, and therefore their inclusion in the social history that we make, which converges Firefox with the values that it stand for. Stoping or changing the deep narrative means cutting the source of common understanding and making stronger other consistencies captured by other objects, turning as centrifugal forces for Firefox.
Marketing is a way to change what we socially say about things: that’s why Google Chrome marketing campaign (and consistent features maturity) has been the decreasing starting point of Firefox. Our message has been scrambled.

From participation to emancipation: values, people and org relationships

How to emancipate people in the digital world ?

Keeping the open open

Being open is not a thing we can achieve, it’s a constant process. « Mozilla needs to engage on both fronts, tackling the big problems but also fuelling the next wave of open. » Yes, but Mozilla should say too how the next wave of open can stay under people’s control and rally new people. Not only open code, but open participation, open governance, open organization. Being open is not a releasing policy about objects, it’s a mutation to participation process: a metamorphosis. It’s not reached by expanding, but by shifting. It’s not only about an amount, but about values: it’s qualitative.
Maybe open is not enough, because it doesn’t say enough about who control and how, about the governance, and says too much about availability (passive) and not enough about inclusivity (active ; inclusion strengths). It doesn’t say how the power is organized and articulated to the people (ex. think about how closed is the open Android). We may need to change the wording: indie web, the web that fuel autonomy, is a try, but it doesn’t say enough about inclusivity compared to openness & opportunity. Emancipation is the concept. It’s strategic because it says what is aligned to what, especially how to articulate values and uses. It’s important because it tells what are the sufficient conditions of realization to ‘open/indie’. That’s key to get ‘open/indie at small and large scales, from Internet people to Internet institutions, thought all ‘open/indie’ detractors in the always-current situation: a resilient ecosystem.
My intuition is that the leadership network and advocacy engine promoting open will be efficient if we clarify ‘open’ while keeping it universal. We can do it by looking back at the raw material that we have worked for years, our DNA in action. Because after all, we are experts about it and wish others to become experts too. It does not mean to essentialize it (opposing its nature and its culture), but to define its conditions of continuous achievement in our social context.

Starting point: exemplary projects that tell a lot about the evolution of our DNA in action

Clarifying the idea of ‘open’ is strategic to our action because it outlines the constitution of ‘open’, its high ‘rules’, like with laws in political regimes. It clarifies for all, if you are part of it or not, and it tells you what to change to get in. It can reinforce the brand by differentiating from the big players that are the GAFAM: it’s a way to drive, not to be driven by others lowering the meaning to catch the social impact. We should say that ‘open’ at Mozilla means more than ‘open’ at GAFAM. I wish Mozilla to speak about its openness, not as an ‘equal in opportunity’ but as an ‘equal in participation’, because it fits openness not only for a moment (on boarding) or for a person, but during the whole process of people’s interaction.
Rust and Servo or Firefox OS (since the Mozilla’s shift to radical participation) seem to be very good examples of projects with participation & impact centric rules, tools, process (RFC, new team and owners, …). Think about how Rust and Dart emerged and are evolving. Think about how stronger has been the locked-open Android with partnership than the open-locked FxOS. We should tell those stories, not as recipes that can be reproduced, but as process based on a Constitution (inclusive rules) that make a political regime (open) and define a mode of government (participation). That’s key to social understanding and therefore to transpose and advocate for it.
As projects compared to ‘original Mozilla’, Rust, Servo and FxOS could say a lot about how different they implemented learning/interaction/participation at the roots of the project. How the process, the tools, the architecture, the governance and the opportunities/constraints have changed for Mozilla and participants. This could definitely help to setup our curriculum resources, database and workshop at a personal (e.g., “How to teach / facilitate / organize / lead in the open like Mozilla.”) and orgs levels, with personal and orgs policies.

Spreading the high meanings in our strategy to consolidate it consistency

Clarifying the constitution of ‘open’ calls to clarify other related wordings.
I’m satisfied to read back (social) ‘movement’ instead of ‘community’, because it means that our goal can’t be achieve forever (is static), but we should protect it by acting. And it seems more inclusive, less ‘folds on itself’ and less ‘build the alternative beside’ than ‘community’: the alternative can be everywhere the actual system is. It can make a system. It can get global, convergent, continuous, … all at the same time. Because it’s roots are decentralized _and_ consistent, collaborating, …

About participation, we should think too (again) about engagement VS contribute VS participate: how much am I engaged ? Free about defining and receiving cost/gains? What is the impact of my actions ? … These different words carry different ideas about how we connect the ‘open’: spread is not enough because it diffuses, _be_ everywhere is more permanent. Applied to Mozilla’s own actions, funding open projects and leaders, is maybe not enough and there should be others areas where we can connect inside products, technology, people and organizations that build emancipation. So that say something about getting control (who, how, …).

IA: a challenge for ‘open’

IA is first developed to help us by improving our interactions. However, this seems to start to shift into taking decisions instead of us. This is problematic because these are indirect and direct ways for us to loose control, to be locked. And that can be as far as computers smarter than humans. The problem is that technical progress is made without any consideration of the societal progress it should made.
That’s an other point, why open is not enough: automation should be build-in with superior humanization. Mozilla should activate and unlock societal progress to build fair technical progress.

Digital integration & democracy

The digital (& virtual) world is gaining control over the physical world in many domains of our society (economy to finance, mail to email, automatic car, voting machine, …). It’s getting more and more integrated to our lives without getting back our (imperfect) democracy integrated into them. Public benefit and public good are turning ‘self benefit’ and ‘own sake’ because citizens don’t have control over private companies. We should build a digital democracy if we don’t want to loose at all the democratic governing of society. We must overcome the poses and postures battles about private and public. We need to build.

‘Leader’ & ‘Leadership’ need a clarification

Why a clarification?

At some level, I’m not the only one to ask this question:

How do CRM requirements for Leadership and Advocacy overlap / differ? What’s our email management / communications platform for Leadership?

Connect leaders to lead what ? How ? To whose benefit ? Do we want to connect leaders or initiatives (people or orgs) ? Will the leaders be emerging ones (building new networks) or established ones (use they influence to rally more people)? Are Leaders leaders of something part of Mozilla (like can be Reps) or outside of Mozilla (leaders of project, companies, newspaper: tech leaders, news leaders, …) ? This is especially important depending on what is the desire for the leaders to become in the future. The MoFo’s document should be more precise about this and go forward than « Mozilla must attract, develop, and support a global network of diverse leaders who use their expertise to collaboratively advance points-of-view, policies and practices that maintain the overall health of the Internet. »
We should do it because the confusion about the leadership impact the advocacy engine: « The shared themes also provide explicit opportunities for our Leadership and Advocacy efforts to work together. » Regarding Mozilla, is the leaders role to be advocacy leaders ? It seems as they share themes and key initiatives (even if not worded the same sometimes). Or in other words, who Drives the Advocacy engine?

Iterations with the actual definition: creators

Here are my iterations on the definition of ‘Leaders’:

• The Leaders could be the people platform (the community) and the advocacy engine the tool/themes/actions platform (the product).
• Leaders could build at the end new solutions (products) and Advocates new voices (rallying), that could be translated in a learning area divided like Leadership=learn+create and advocacy=teach+spread.
• Leadership: personal development to produce (turn into) new commons or add new facets to commons. Advocacy: personal development to protect established/identified commons.

With these definitions, then Leaders are maybe more a Lab, R&D place, incubation tool (if we think about start-up incubators, then it shows a tool-set that we will need to inspire for the future). But if we want to keep the emphasis on people, we could name them ‘creators’ (compositors or managers ; not commoners, because leaders and advocates are commoners ; yes, traditionally creators are craftspersons and intellectual designers). This make sens with the examples given in the MoFo 2020 strategy 0.8 document, where all persona are involved in a building-something-new process.

However, it’s interesting to understand why we choose at first ‘Leaders’. Leaders build new solutions (products) and Advocates new voices (rallying), they are both about personal development and empower commons. Leadership=learn+create and advocacy=teach+spread commons. Leaders are projects/orgs leaders, the ones that traduce DNA (values) in products (concrete ability and availability). Advocates are values advocates, the ones that traduce DNA (values) in actions (behavior). As they are both targeting commons, they both produce the same social organization (collaboration instead of competition). They are both involved to create (different) representation (institutions) and organization (foundation/firms) but with a different DNA (values) processing: from public good to personal interest or the opposite. If Mozilla cares about public good resilience, the articulation of they domains of values is critical. So their articulation’s expression and the revision process must be said and clear: from hierarchy vs contract vs different autonomy levels (internal incubation and external advocacy), vs … to criteria to start a revision.

The network effect

Another argument for the switch from Leader to Creator is that the Leader word it too much tight to a single-person-made innovation. Creator make more clear that the innovation is possible not because of one genius, but because of a team, a group, a collective: personS (where there could also be genius). The value is made by the collaboration of people (especially in an open project, especially in a network).
That’s important because that could impact how well we do the convening part: not self-promoting, not-advertising, but sharing skills and knowledge for people and catalysing projects.
The same for the wording ‘talent’: alone, a talent can do nothing that has an impact. At least, we need two talents, a team (plus some assistants at some point).

The cultural prism

Again, this seems to be an open question:

Define and articulate “leadership.” Hone our story, ethos and definition for what we mean by “leadership development” (including cultural / localization aspects).

In my culture, Leader carry positive (take action) and negative (dominate) meanings. That’s another reason why I prefer another naming.
I understand too that it carries a lot of legitimacy (ex. market leader) in our societies and it avoids the stay-experimental or non-massive (unique) thoughts. And we need legitimacy to get impact.
But the way Mozilla has an impact thought all cultures, its legitimacy, is by creating or expanding a common. To do this, depending on the maturity, Mozilla could follow the market proposing an alternative with superior usability OR opening a new market by adding a vertical segment.

Existing tool-set opportunities

If Leadership is « a year-round MozFest + Lab« , so it’s a social network + an incubation place. Then, we already have a social network for people involved with Mozilla: Which kind of link should have the leadership network with mozillians.org ? What can we learn from this project and other specialized social network projects (linkedin, viadeo, …) to build the leadership network ?

Advocacy engine: make it clear

What it is & how it works

Mozilla is doing a great effort to build its advocacy engine on collaboration (« Develop new partnerships and build on current partnerships« , « begin collaboration« , « build alliances with similar orgs« ) but at the same time affirms that Mozilla should be « Part of a broader movement, be the boldest, loudest and most effective advocates » that could be seen as too centralized, too exclusive.
While this can be consistent (or contradictory), the consistency has to be explained looking at orgs and people, global and local, abstract and real, with a complementarity/competitive grid.
First, the articulation with other orgs has to be explained. What about others orgs doing things global (EFF, FSF, …) and local (Quadrature du net, CCC, …) ? What about the value they give and that Mozilla doesn’t have (juridic expertise for example) ? What about other advocate engines (change.org, Avaaz…) ? That should not be at an administrative level only like « Develop an affiliate policy. Defining what MoFo does / does not offer to effectively govern relationships w. affiliated partners and networks (e.g., for issues like branding, fundraising, incentives, participation guidelines, in-kind resources.) »
Second, this is key for users to understand and articulate the global level of the brand engagement and their local preoccupations and engagement. How the engine will be used for local (non-US) battles ? In the past Mozilla totally involved against PIPA, SOPA by taking action, and hesitate a lot to take position and just published a blog post (and too late to gain traction and get impact) against French spying law for example.
Third, the articulation ‘action(own agenda)/reaction’ should be clarified in the objectives and functioning of the advocacy engine. Especially because other orgs, allies or detractors, try to to setup the social agenda. It’s important because it can change the social perception of our narrative (alternative promotion/issue fighting) and therefore people’s contributions.
People think the technology is socially neutral. People are satisfied of narrow hills of choice (not the meaning, the aim, but only the ability to show your favorite avatar). People don’t want to feel guilty or oppressed, they don’t want new constraints, they are looking for solution only: they want to use, not to do more, they want they things to be done. Part of the problem is about understanding (literacy, education), part of it is about the personal/common duality, part of it is about being hopeless about having an impact, part of it is about expressing change as a positive goal and a new possible way (alternative), not a fight against an issue. About the advocacy engine, I think our preoccupation should be people-centric and the aim to give them a short, medium and long term narrative to get action without being individuals-centric.

How we build it ?

How to build a social movement ? How it has been built in the past ? Is it the same today ? Can it be transposed to the digital domain from others social domains ? How strong are the cultural differences between nations? These are the main questions we should answer, and our pivot era gives us many examples in diverse domains (climate change advocates, Syriza & Podemos, NSA & surveillance services in Europe, empowered syndicates in Venezuela, Valve corp. internal organization…) to set a search terrain. However, I will go strait to my intuitive understanding below.
I’m kind of worried that it’s imagined to build the advocacy engine themes by a top-down method. I think a successful advocacy is always built bottom-up, as its function is to give back the voice to the people, to get them involved, not to make them fulfill our predefined aims. The top-down method is too organization centric: it can’t massively drive people that are not already committed to the org. It’s usually named advertisement or propaganda. If we want to have impact, we should listen to people needs, not tell them to listen to ours. People want (first) to be empowered, not to empower an org. So let’s organize the infrastructure, set the agenda and draw the horizon (strategic understanding) participative: make people fill them with content of their experience. It seems to me it is the only way, the only successful method, if we want to build a movement, and not just a shifting moment (that could be built by the top, with a good press campaign locally relayed for example ; that’s what happen in old style politics: the aim is short term, to cleave).
Isn’t the advocacy engine a new Drumbeat ? We shifted from Drumbeat to Webmaker+web literacy to Mozilla Academy and now to Leadership plus advocacy: it could be good to tell that story now that we are shifting again and learn from it.
Mozilla should support, behave as a platform, not define, not focus. Letting the people set the agenda makes them more involved and is a good way to build a network of shared aims with other orgs, that is not invasive or alienating, but a support relationship in a win-win move. The strength comes from the all agendas sewed. So at an org level, let’s on-board allies organizations as soon as plan building-time (now), to build it together. Yes it’s slower, but much more massive, inclusive and persistent.

How we evaluate it: cultural bias & qualitative analysis

First, about the agenda-setting KPI for 2016, should these KPI be an evaluation of the inclusion and rank in others strategic agendas, governance systems and productions (outcome/products) ? Others org could be from different domains: political, social, economy orgs.
Then, as a wide size audience KPI, Mozilla wants « celebration of our campaigns with ‘headline KPIs’ including number of actions, and number of advocates.« . While doing this could be the right thing to do for some cultures, it could be the worst for others. I think that these KPI don’t carry a meaning for people and are too org centric. In a way, they are to generic: it’s just an amount. Accumulation is not our goal: we want impact that is the grow of articulated actions made by diverse people toward the same aim. We need our massive KPI to be more qualitative, or at least find a way to present them in a more qualitative way: interactive map ? a global to local prism that engages people for the next step ?

Best practices & massive impact

Selecting best practices are an appealing method when we want to have a fast and strong impact in a wide area. However, when we unify we should avoid to homogenize. The gain in area by scaling-up is always at the cost of loosing local impact because it is not corresponding to local specificities, hence to local expectations. Federating instead of scaling-up is a way to solve this challenge. So we should be careful to not use best practice as absolute solutions, but as solutions in a context if we want to transpose them massively.

Tools & platform balanced between user-centric and org-centric outcomes

It’s good to hear that we will build a advocacy platform. As we ‘had’ bugzilla+svn then mercurial (hg)+… and are going to the integrated, pluggable and content-centric (but non-free; admin tools are closed source) github (targeting more coder than users, but with a lower entry price for users still), we need to be able to have the same kind of tool for advocates and leaders. Something inspired maybe at some levels by the remixing tools we built in Webmakers for web users.

From experiment to production: support (self made to mass product) + modularity (dev code patch to users add-ons).

We need pathways from lab to home that carry different mix of customization and reliability to support the emancipation curve.
Users want things to work, because they want to use it. Geeks want to be able to modify a lot and accept to put their hands in the engine to build growing reliability. Advanced users want to customize their experience and keep control and understanding on working status. They want to be able to fix the reliability at a medium/low technical cost. They are OK to gain more control at these prices. Users want to use things to do what they need and want to trust a reliability maintained for them. They are OK to gain control at a no technical cost. Depending on the matter we all have different skill levels, so we are all geeks, advanced users and users depending on our position or on the moment. And depending on our aspirations, we all want to be able to move from one category to an other. That’s what we need to build: we don’t just need to « better articulate the value to our audiences« , we need to build pathways thought audiences and thought IT layers (content, software, hardware, distant service). We should find a convergence between customization and reliability, between first time experience, support and add-ons thought all our users’ persona by building bridges, pathways. So, « better articulate the value to our audiences » should not be restrained in our minds to the Mozilla Leadership Network.
Part of this is being done in other projects outside of Mozilla in the commons movement. There are many, but let’s take just one example, the Fairphone project: modularity, howtos, … all this help to break the product-to-use walls and drive appropriation/emancipation. Products are less product and brand centric and more people/user centric.
Part of this has been done inside Mozilla, like integrating learning in our products, in-content, as we have code comment on code. I think the Spark project on Firefox OS is on a promising path, even if maybe immature: it maybe has not been released mainstream because it misses bridges/pathways (on-boarding levels, progression from simple to high level techniques, and no or not enough reproducible/universal next task/skill building).
So some solutions start to emerge, the direction is here, but has never been conceived and implemented that globally, as there isn’t integrated pathways with choice and opportunity and a strategy embracing all products and technologies (platform, tools, …).

Better tools for collaboration and participation: task-centric to process-centric (use) infrastructure

The open community should definitely improve the collaboration tools and infrastructure to ease participation.
Discourse ‘merged’ discussion channels: email+forum(+instant, messaging, … and others peer-to-peer discussion?). Stack exchange merged the questioning/solving process and added a vote mechanism to rank answers: it eased the collaboration on editing the statement and the results while staying synchronous with the discussion and keeping the discussion history. We need such kind of possibilities with discourse: capitalize on the discussion and preview the results to build a plan.
This exist in document oriented software (that added collaboration editing tools), but not that much in collaboration software (that don’t produce documents). For example, while discussing the future plan for Fx/FxOS be supported to keep track on a doc about the proposals plans + criteria & dependencies. In action, it is from this plus all the discussion taking place to that.
This is maybe something like integrating Discourse+Wiki, maybe with the need to have competing and ranked (both for content and underlaying meaning of content=strategy?) plan/page proposals. From evolving the wiki discussion page to featuring document production into peer-to-peer discussion.

A recovering strategy: from fail to win

There is maybe one thing that is in the shadow in this plan: what do we do when/if we (partially) fail ?
I think at least we should say that we document (keep research going on) to be able to outline and spread the outcomes of what we tried to fight against. So we still try to built consciousness to be ready for the next round.

If you see some contradiction in my thoughts, let’s say it’s my state of thinking right now: please voice them so we can go forward.
The same for thoughts that are voiced definitive (like users are): take it as a first attempt with my bias: let’s state these bias to go forward.

Nicolas https://repeer.org Reprenez le pouvoir ! 2016-01-16T00:46:46Z http://bluesock.org/%7Ewillkg/blog/pyvideo/status_20160115.html

What is pyvideo.org

pyvideo.org is an index of Python-related conference and user-group videos on the Internet. Saw a session you liked and want to share it? It's likely you can find it, watch it, and share it with pyvideo.org.

This is the latest status report for all things happening on the site.

It's also an announcement about the end.

Read more… (5 mins to read)

2016-01-15T23:30:00Z Will Kahn-Greene http://bluesock.org/%7Ewillkg/blog/ Will Kahn-Greene's blog of Python, Mozilla, GNU/Linux, random content, dennis, Input, SUMO, and other projects mixed in there ad hoc, half-baked and with a twist of lemon 2016-01-16T16:31:16Z http://coopcoopbware.tumblr.com/post/137371863755

One of releng’s big goals for Q1 is to deliver a beta via build promotion. It was great to have some tangible progress there this week with bouncer submission.

Lots of other stuff in-flight, more details below!

Modernize infrastructure:

Dustin worked with Armen and Joel Maher to run Firefox tests in TaskCluster on an older EC2 instance type where the tests seem to fail less often, perhaps because they are single-CPU or slower.

Improve CI pipeline:

We turned off automation for b2g 2.2 builds this week, which allowed us to remove some code, reduce some complexity, and regain some small amount of capacity. Thanks to Vlad and Alin on buildduty for helping to land those patches. (https://bugzil.la/1236835 and https://bugzil.la/1237985)

In a similar vein, Callek landed code to disable all b2g desktop builds and tests on all trees. Another win for increased capacity and reduced complexity! (https://bugzil.la/1236835)

Release:

Kim finished integrating bouncer submission with our release promotion project. That’s one more blocker out of the way! (https://bugzil.la/1215204)

Ben landed several enhancements to our update server: adding aliases to update rules (https://bugzil.la/1067402), and allowing fallbacks for rules with whitelists (https://bugzil.la/1235073).

Operational:

There was some excitement last Sunday when all the trees were closed due to timeouts connectivity issues between our SCL3 datacentre and AWS. (https://bugzil.la/238369)

Build config:

Mike released v0.7.4 of tup, and is working on generating the tup backend from moz.build. We hope to offer tup as an alternative build backend sometime soon.

See you all next week!

2016-01-15T22:44:13Z http://coopcoopbware.tumblr.com/ Chris Cooper 2016-01-22T21:00:12Z https://air.mozilla.org/webdev-beer-and-tell-january-2016/

Once a month web developers across the Mozilla community get together (in person and virtually) to share what cool stuff we've been working on in...

2016-01-15T22:00:00Z Air Mozilla https://air.mozilla.org/ Except where otherwise noted, content on this site is licensed under the Creative Commons Attribution Share-Alike License v3.0 or any later version. Air Mozilla is the Internet multimedia presence of Mozilla, with live and pre-recorded shows, interviews, news snippets, tutorial videos, and features about the Mozilla community. 2016-01-25T20:31:50Z http://blog.mozilla.org/sumo/?p=3665

Hello, SUMO Nation! The second post of the year is here. Have you had a good time in 2016 so far? Let us know in the comments! Now, let’s get going with the updates and activity summaries. It will be … Continue reading

Hello, SUMO Nation!

The second post of the year is here. Have you had a good time in 2016 so far? Let us know in the comments!

Now, let’s get going with the updates and activity summaries. It will be brief today, I promise.

Welcome, new contributors!

• Andy.Yang

After the massive influx over the last few weeks, we only had Andy introducing himself recently – the warmer the welcome for him!

If you just joined us, don’t hesitate – come over and say “hi” in the forums!

Contributors of the week

• All the people who joined us in the winter season so far!

We salute you!

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month!

Most recent SUMO Community meeting

• You can read the notes here and see the video on our YouTube channel and at AirMozilla.
  
• IMPORTANT: We are considering changing the way the meetings work. Help us figure out what’s best for you – join the discussion on the forums in this thread: (Monday) Community Meetings in 2016.

The next SUMO Community meeting…

• is happening on Monday the 18th – join us!
• Reminder: if you want to add a discussion topic to the upcoming meeting agenda:
  • Start a thread in the Community Forums, so that everyone in the community can see what will be discussed and voice their opinion here before Monday (this will make it easier to have an efficient meeting).
  • Please do so as soon as you can before the meeting, so that people have time to read, think, and reply (and also add it to the agenda).
  • If you can, please attend the meeting in person (or via IRC), so we can follow up on your discussion topic during the meeting with your feedback.

Developers

• The new version of the Ask A Question page is here!
• The 2.0 version of the KPI dashboard is in the works.
• You can see the current state of the backlog our developers are working on here.
• The latest SUMO Platform meeting notes can be found here.
• Interested in learning how Kitsune (the engine behind SUMO) works? Read more about it here and fork it on GitHub!

Community

• Our awesome Bangladesh SUMO Warriors are on the road again! Follow their adventures on Twitter under this tag: #sumotourctg
• Reminder: take a look at our Work Week Summary for Mozlando. We need your feedback for a few things there.
• Ongoing reminder: if you think you can benefit from getting a second-hand device to help you with contributing to SUMO, you know where to find us.

Support Forum

• Say hello to the new people on the forums!
  • Tomi55 (Hungarian)
  • jdc20181 (English)
  • andexi (Spanish)
  • Qantas94Heavy (English)
  • samuelms79 (Brazilian-PT)
  • jorgecomun (Spanish)

Knowledge Base

• Thanks to everyone who took part in the most recent KB Day!
• Version 44 updates should be live now.
• Ongoing reminder: learn more about upcoming English article updates by clicking here.
• Ongoing reminder #2: do you have ideas about improving the KB guidelines and training materials? Let us know in the forums!

Localization

• Thanks to everyone writing in with problems, ideas, reports of bugs – all your feedback matters!

Firefox

• for Android
  • Learn more about Firefox 43 for Android from the official thread with release notes / issues / discussions.
  • Reminder: Roland is sharing Firefox 44 for Android release notes / issues / discussions with everyone in the forum.

• for Desktop
  • The uploading issues reported by many users are being tracked here.
  • The “show passwords” button has been removed from the password manager for the Beta of Version 44. The developers are looking into last minute fixes for that in this bug.
  • Also in Version 44, the “ask me everytime” option for cookies will be removed from the privacy panel.

• for iOS
  • Firefox for iOS 1.4 primarily with features for China is here.
    
  • Firefox for iOS 2.0 is after 1.4 and hopefully sometime this quarter!

Not that many updates this week, since we’re coming out of our winter slumber (even though winter will be here for a while, still) and plotting an awesome 2016 with you and for you. Take it easy, have a great weekend and see you around SUMO.

2016-01-15T19:38:51Z Michał https://blog.mozilla.org/sumo SUpport MOzilla's official blog - rocking the helpful web since 2008! 2016-01-25T09:31:47Z https://air.mozilla.org/paris-firefox-os-hackathon-presentations/

As an introduction to this weekend's Firefox OS Hackathon in Paris we'll have two presentations: - Guillaume Marty will talk about the current state of...

2016-01-15T18:00:00Z Air Mozilla https://air.mozilla.org/ Except where otherwise noted, content on this site is licensed under the Creative Commons Attribution Share-Alike License v3.0 or any later version. Air Mozilla is the Internet multimedia presence of Mozilla, with live and pre-recorded shows, interviews, news snippets, tutorial videos, and features about the Mozilla community. 2016-01-25T20:31:49Z https://tacticalsecret.com/tag/mozilla/rss/db7fec0c-34d3-4633-9904-79b98aab34e7

All the first Let's Encrypt certs for my websites from the LE private beta began expiring last week, so it was time to work through the renewal tooling. I wanted a script that:

1. Would be okay to run daily, so there'd be plenty of retries if something went wrong,
2. Wouldn't

All the first Let's Encrypt certs for my websites from the LE private beta began expiring last week, so it was time to work through the renewal tooling. I wanted a script that:

1. Would be okay to run daily, so there'd be plenty of retries if something went wrong,
2. Wouldn't require extra config for me to forget about if I add a new site,
3. Would only renew certificates expiring in the next few weeks.

The official Let's Encrypt client team is hard at work producing a great renew tool to handle all this, but it's not released yet. Of course I could use Caddy Server that just handles all this, but I have a lot invested in Nginx here.

So I wrote a short script and put it up in a Gist.

The script is designed to run daily, with a random start between 00:00 and 02:00 to protect against load spikes at Let's Encrypt's infrastructure. It doesn't do any real reporting, though, except to maintain /var/log/letsencrypt/renew.log as the most-recent failure if one fails.

It's written to handle Nginx with Upstart's service command. It's pretty modular though; you could make this operate any webserver, or use the webroot method quite easily. Feel free to use the OpenSSL SubjectAlternativeName processing code for whatever purposes you have.

Happy renewing!

2016-01-15T16:01:19Z James 'J.C.' Jones https://tacticalsecret.com/ On a mission to solve information security issues for the whole Internet. That, and whatever else comes up. 2016-01-21T17:31:50Z http://firefoxmania.uci.cu/?p=15521

Comenzó un nuevo año y con él, te traemos nuevos e interesantes complementos para tu navegador preferido que mejoran con creces tu experiencia de navegación. Durante los próximos 6 meses estará trabajando nuevos miembros en el Add-ons Board Team, en la próxima selección desde Firefoxmanía te avisaremos.

Comenzó un nuevo año y con él, te traemos nuevos e interesantes complementos para tu navegador preferido que mejoran con creces tu experiencia de navegación. Durante los próximos 6 meses estará trabajando nuevos miembros en el Add-ons Board Team, en la próxima selección desde Firefoxmanía te avisaremos.

Elección del mes: uMatrix

uMatrix es muy parecido a un firewall y desde una ventana fácilmente podrás controlar todos los lugares a donde tu navegador tiene permitido conectarse, qué tipo de datos pueden descargarse y cual puede ejecutar.

Esta puede ser la extensión perfecta para el control avanzado de los usuarios.

Instalar uMatrix »

También te recomendamos

⇒ HTTPS Everywhere por EFF Technologists

Protege tus comunicaciones habilitando la encriptación HTTPS automáticamente en los sitios conocidos que la soportan, incluso cuando navegas mediante sitios que no incluyen el prefijo “https” en la URL.

⇒ Add to Search Bar por Dr. Evil

Hace posible que cualquier página con un formulario de búsqueda disponible pueda ser añadido fácilmente a la barra de búsqueda de Firefox.

Añadiendo la búsqueda de un sitio web a la barra de búsqueda

⇒ Duplicate Tabs Closer por Peuj

Detecta las pestañas duplicadas en tu navegador y automáticamente las cierra.

Nomina tus complementos favoritos

A nosotros nos encantaría que fueras parte del proceso de seleccionar los mejores complementos para Firefox y nos gustaría escucharte. ¿No sabes cómo? Sólo tienes que enviar un correo electrónico a la dirección amo-featured@mozilla.org con el nombre del complemento o el archivo de instalación y los miembros evaluarán tu recomendación.

Fuente: Mozilla Add-ons Blog

2016-01-15T15:10:26Z Yunier J http://firefoxmania.uci.cu Comunidad Mozilla Firefox de Cuba 2016-01-23T12:16:22Z https://timtaubert.de/blog/2016/01/build-your-own-signal-desktop

The Signal Private Messenger is great. Use it. It’s probably the best secure messenger on the market. When recently a desktop app was announced people were eager to join the beta and even happier when an invite finally showed up in their inbox. So was I, it’s a great app and works surprisingly well for an early version.

The only problem is that it’s a Chrome App. Apart from excluding folks with other browsers it’s also a shitty user experience. If you too want your messaging app not tied to a browser then let’s just build our own standalone variant of Signal Desktop.

NW.js beta with Chrome App support

Signal Desktop is a Chrome App, so the easiest way to turn it into a standalone app is to use NW.js. Conveniently, their next release v0.13 will ship with Chrome App support and is available for download as a beta version.

First, make sure you have git and npm installed. Then open a terminal and prepare a temporary build directory to which we can download a few things and where we can build the app:

$ mkdir signal-build
                $ cd signal-build
            

[OS X] Packaging Signal and NW.js

Download the latest beta of NW.js and unzip it. We’ll extract the application and use it as a template for our Signal clone. The NW.js project does unfortunately not seem to provide a secure source (or at least hashes) for their downloads.

$ wget http://dl.nwjs.io/v0.13.0-beta3/nwjs-sdk-v0.13.0-beta3-osx-x64.zip
                $ unzip nwjs-sdk-v0.13.0-beta3-osx-x64.zip
                $ cp -r nwjs-sdk-v0.13.0-beta3-osx-x64/nwjs.app SignalPrivateMessenger.app
            

Next, clone the Signal repository and use NPM to install the necessary modules. Run the grunt automation tool to build the application.

$ git clone https://github.com/WhisperSystems/Signal-Desktop.git
                $ cd Signal-Desktop/
                $ npm install
                $ node_modules/grunt-cli/bin/grunt
            

Finally, simply to copy the dist folder containing all the juicy Signal files into the application template we created a few moments ago.

$ cp -r dist ../SignalPrivateMessenger.app/Contents/Resources/app.nw
                $ open ..
            

The last command opens a Finder window. Move SignalPrivateMessenger.app to your Applications folder and launch it as usual. You should now see a welcome page!

[Linux] Packaging Signal and NW.js

The build instructions for Linux aren’t too different but I’ll write them down, if just for convenience. Start by cloning the Signal Desktop repository and build.

$ git clone https://github.com/WhisperSystems/Signal-Desktop.git
                $ cd Signal-Desktop/
                $ npm install
                $ node_modules/grunt-cli/bin/grunt
            

The dist folder contains the app, ready to be launched. zip it and place the resulting package somewhere handy.

$ cd dist
                $ zip -r ../../package.nw *
            

Back to the top. Download the NW.js binary, extract it, and change into the newly created directory. Move the package.nw file we created earlier next to the nw binary and we’re done. The nwjs-sdk-v0.13.0-beta3-linux-x64 folder does now contain the standalone Signal app.

$ cd ../..
                $ wget http://dl.nwjs.io/v0.13.0-beta3/nwjs-sdk-v0.13.0-beta3-linux-x64.tar.gz
                $ tar xfz nwjs-sdk-v0.13.0-beta3-linux-x64.tar.gz
                $ cd nwjs-sdk-v0.13.0-beta3-linux-x64
                $ mv ../package.nw .
            

Finally, launch NW.js. You should see a welcome page!

$ ./nw
            

If you see something, file something

Our standalone Signal clone mostly works, but it’s far from perfect. We’re pulling from master and that might bring breaking changes that weren’t sufficiently tested.

We don’t have the right icons. The app crashes when you click a media message. It opens a blank popup when you click a link. It’s quite big because also NW.js has bugs and so we have to use the SDK build for now. In the future it would be great to have automatic updates, and maybe even signed builds.

Remember, Signal Desktop is beta, and completely untested with NW.js. If you want to help file bugs, but only after checking that those affect the Chrome App too. If you want to fix a bug only occurring in the standalone version it’s probably best to file a pull request and cross fingers.

Is this secure?

Great question! I don’t know. I would love to get some more insights from people that know more about the NW.js security model and whether it comes with all the protections Chromium can offer. Another interesting question is whether bundling Signal Desktop with NW.js is in any way worse (from a security perspective) than installing it as a Chrome extension. If you happen to have an opinion about that, I would love to hear it.

Another important thing to keep in mind is that when building Signal on your own you will possibly miss automatic and signed security updates from the Chrome Web Store. Keep an eye on the repository and rebuild your app from time to time to not fall behind too much.

2016-01-15T14:00:00Z https://timtaubert.de/ Tim Taubert 2016-01-15T15:04:09Z http://glandium.org/blog/?p=3579

Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git. Get it on github. These release notes are also available on the git-cinnabar wiki. Development had been stalled for a few months, with many improvements in the next branch without any […]

Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

Get it on github.

These release notes are also available on the git-cinnabar wiki.

Development had been stalled for a few months, with many improvements in the
next branch without any new release. I used some time during the new year
break and after in order to straighten things up in order to create a new
release, delaying many of the originally planned changes to a future 0.4.0
release.

What’s new since 0.2.2?

• Speed and memory usage were improved when doing git push.
• Now works on Windows, at least to some extent. See details.
• Support for pre-0.1.0 git-cinnabar repositories was removed. You must first
  use a git-cinnabar version between 0.1.0 and 0.2.2 to upgrade its metadata.
• It is now possible to attach/graft git-cinnabar metadata to existing commits
  matching mercurial changesets. This allows to migrate from some other
  hg-to-git tool to git-cinnabar while preserving the existing git commits.
  See an example of how this works with the git clone of the Gecko mercurial
  repository
• Avoid mercurial printing its progress bar, messing up with git-cinnabar’s
  output.
• It is now possible to fetch from an incremental mercurial bundle (without
  a root changeset).
• It is now possible to push to a new mercurial repository without -f.
• By default, reject pushing a new root to a mercurial repository.
• Make the connection to a mercurial repository through ssh respect the
  GIT_SSH and GIT_SSH_COMMAND environment variables.
• git cinnabar now has a proper argument parser for all its subcommands.
• A new git cinnabar python command allows to run python scripts or open a
  python shell with the right sys.path to import the cinnabar module.
• All git-cinnabar metadata is now kept under a single ref (although for
  convenience, other refs are created, but they can be derived if necessary).
• Consequently, a new git cinnabar rollback command allows to roll back to
  previous metadata states.
• git-cinnabar metadata now tracks the manifests DAG.
• A new git cinnabar bundle command allows to create mercurial bundles,
  mostly for debugging purposes, without requiring to hit a mercurial server.
• Updated git to 2.7.0 for the native helper.

Development process changes

Up to before this release closing in, the master branch was dedicated to
releases, and development was happening on the next branch, until a new
release happens.

From now on, the release branch will take dot-release fixes and new
releases, while the master branch will receive all changes that are
validated through testing (currently semi-automatically tested with
out-of-tree tests based on four real-life mercurial repositories, with
some automated CI based on in-tree tests used in the future).

The next branch will receive changes to be tested in CI when things
will be hooked up, and may have rewritten history as a consequence of
wanting passing tests on every commit on master.

2016-01-15T08:56:40Z glandium http://glandium.org/blog glandium.org 2016-01-16T11:30:44Z https://air.mozilla.org/web-qa-weekly-meeting-20160114/

This is our weekly gathering of Mozilla'a Web QA team filled with discussion on our current and future projects, ideas, demos, and fun facts.

2016-01-14T17:00:00Z Air Mozilla https://air.mozilla.org/ Except where otherwise noted, content on this site is licensed under the Creative Commons Attribution Share-Alike License v3.0 or any later version. Air Mozilla is the Internet multimedia presence of Mozilla, with live and pre-recorded shows, interviews, news snippets, tutorial videos, and features about the Mozilla community. 2016-01-25T20:31:49Z https://air.mozilla.org/reps-weekly-20160114/

This is a weekly call with some of the Reps to discuss all matters about/affecting Reps and invite Reps to share their work with everyone.

2016-01-14T16:00:00Z Air Mozilla https://air.mozilla.org/ Except where otherwise noted, content on this site is licensed under the Creative Commons Attribution Share-Alike License v3.0 or any later version. Air Mozilla is the Internet multimedia presence of Mozilla, with live and pre-recorded shows, interviews, news snippets, tutorial videos, and features about the Mozilla community. 2016-01-25T20:31:50Z http://blog.mozilla.org/community/?p=2281

Written by Valentin Schmitt. Entering the CCH (Congress Center Hamburg) between Christmas and new year brings you somewhere else than Hamburg on Central European Time. Most people you’ll meet will say they are from Internet (or the Internets, if they … Continue reading

Written by Valentin Schmitt.

Entering the CCH (Congress Center Hamburg) between Christmas and new year brings you somewhere else than Hamburg on Central European Time.

Most people you’ll meet will say they are from Internet (or the Internets, if they are funny), and for a few days you’ll live in -what a friend of mine called- Chaos Time Zone: a blurry mix of everyone’s time difference. Days are pretty shorts anyway and you’ll probably spend a lot of time under artificial light, so it won’t help your internal clock keeping on track. The organizers will gently remind you the 6,2,1 rule: 6 hours of sleep, 2 meals and 1 shower per day, that should keep you safe. You’ll probably meet a lot of great people, and will often have a hard time to decide which talk or workshop to go to.
This is the 32nd Chaos Communication Congress. Welcome, and have fun!

32C3 Chaos Communication Congress – Photo: Mario Behling

FxOS is not dead.

I looked for a screen printer, or anything to do myself a t-shirt with the message “Firefox OS is not dead!” on it, but very surprisingly regarding the variety of machines there, I couldn’t find any on site. I really wanted to do that, because most of the people I talked to about
Firefox OS answered me “But isn’t Firefox OS dead?”. I bet it won’t come as a surprise for you, as there was a lot of feedback from the community regarding what some might call “a PR disaster”. It just made it very clear to me that we (still) have to communicate a lot on this topic, and very loudly, because the tech news websites will be less likely to spread the word this time.

Once this detail (*cough*) was clarified, almost everybody I had the chance to talk to showed a lot of interested for the project, the only ones who didn’t were the hardcore Free Software enthusiasts, whom have been disappointed by Mozilla recent policy choices (like the tiles with
advertisement, or the DRM support in Firefox desktop), or the people who care less about software freedom and prefer an iPhone to a free (as in freedom) mobile OS.

Mozilla and Firefox at 32C3 with friends – Photo: Mario Behling

“Well, it’s Mozilla.”

Mozilla has a pretty good image in the Free Software community, and the main reason why people never tried a Firefox OS device is only because they never had the chance to do so (not many devices marketed in Europe or the US, not many ports on mainstream phones). Fortunately enough, I had some foxfooding devices to hand out. The foxfooding program had a very positive reception, most people were happy to have the chance to try the OS, participate in sending data to Mozilla, file bugs, some were eager to develop apps, and try port the OS on their favorite phone or device (the RasPi got a bunch of them very excited).

More importantly, they really asked me how to flash a device, where to find the documentation to get started, how to file a bug. The people I handed a device to planned to show it to their colleagues, friends and fellow hacktivists, and were very excited to have phone with a hardware good enough to provide a responsive experience.

Questions?

“Is there a Signal app or any secure messaging app?”
“Can I use Tor?”
“Can I keep OSM maps in cache?”
“Is there an app for WhatsApp?”
These were the questions I was asked the most. It’s pretty expected that the hackers community is looking for reliable privacy tools, but I was a bit surprised by the last question that still came up several times.

Mozillians, assemble!

An assembly is the name the Chaos Communication Congress gives to the physical place (typically a bunch of tables with a power outlet) within the CCH where people can gather to hack, share ideas and have self organized-sessions on a particular topic, or around a particular project, there were 277 registered this year.

Assembling Under The Lights – Photo: Hong Phuc FOSSASIA

With the Mozilla Assembly, we had several sessions (directly at the Assembly or in dedicated rooms) over these 4 days:

• Several Nightly Firefox OS workshops, combining more than 50 participants;
• The Mozilla community meetup that gathered 20 participants;
• a Thunderbird session with 42 participants;
• an IoT and Firefox OS workshop, in a dedicated room that was packed with 90 participants;

On average, there were around 15 Mozillians at the Assembly and a continuous flow of people from different community.

Other projects where Mozilla is involved were represented, like Let’s Encrypt, with a talk so successful that the conference room was full, and New Palmyra, for which Mozillians organized a session for 25 participants.

The hackers and makers communities have a real ethical and practical interest in a mobile or embedded OS that’s trustworthy and hackable, we bear similar values and Firefox OS is a great opportunity to strengthen the ties between us.

2016-01-13T22:55:23Z Brian King http://blog.mozilla.org/community News and notes from and for the Mozilla community. 2016-01-25T16:31:43Z