mozilla / addons Goto Github PK
View Code? Open in Web Editor NEW☂ Umbrella repository for Mozilla Addons ✨
License: Other
☂ Umbrella repository for Mozilla Addons ✨
License: Other
The logs are full of this:
Type: <type 'exceptions.UnicodeDecodeError'>, 'utf8' codec can't decode byte 0xae in position 19: invalid start byte. Data: :./services/utils.py:143#012Traceback (most recent call last):#012 File "./services/theme_update.py", line 219, in application#012 output = update.get_json()#012 File "./services/theme_update.py", line 160, in get_json#012 return json.dumps(data)#012 File "/usr/lib64/python2.7/json/__init__.py", line 243, in dumps#012 return _default_encoder.encode(obj)#012 File "/usr/lib64/python2.7/json/encoder.py", line 207, in encode#012 chunks = self.iterencode(o, _one_shot=True)#012 File "/usr/lib64/python2.7/json/encoder.py", line 270, in iterencode#012 return _iterencode(o, 0)#012UnicodeDecodeError: 'utf8' codec can't decode byte 0xae in position 19: invalid start byte
from z.receipt.
The same way we have icons for restartless or jetpack add-ons.
This will need https://bugzilla.mozilla.org/show_bug.cgi?id=1219772 first (which depends on #1602)
Might be worth mentioning this in README.rst, similar to how
https://github.com/mozilla/addon-sdk/blob/master/README
makes it clear they want bugzilla issues.
Yesterday AMO experienced outages and poor load times.
A blog post was made to acknowledge this, but it was observed that a very small number of those affected probably saw this.
We need a site-wide method to notify users should something similar happen again. A simple colored bar with text across the top of the site would probably work well.
Signing is currently failing for me because of:
sort-tabs-by-url jpm sign --api-key=user:5520425:594 --api-secret=... --api-url-prefix=http://amo.dev/api/v3
JPM [info] Starting jpm sign on sort-tabs-by-url
Creating XPI
JPM [info] XPI created at /Users/andy/sandboxes/sort-tabs-by-url/[email protected] (55ms)
Created XPI at /Users/andy/sandboxes/sort-tabs-by-url/[email protected]
Successfully created xpi at /Users/andy/sandboxes/sort-tabs-by-url/[email protected]
Potentially unhandled rejection [2] Error: Received bad response from the server while signing; status: 302; response:
at /Users/andy/sandboxes/jpm/lib/amo-client.js:80:13
at tryCatchReject (/Users/andy/sandboxes/jpm/node_modules/when/lib/makePromise.js:845:30)
at runContinuation1 (/Users/andy/sandboxes/jpm/node_modules/when/lib/makePromise.js:804:4)
at Fulfilled.when (/Users/andy/sandboxes/jpm/node_modules/when/lib/makePromise.js:592:4)
at Pending.run (/Users/andy/sandboxes/jpm/node_modules/when/lib/makePromise.js:483:13)
at Scheduler._drain (/Users/andy/sandboxes/jpm/node_modules/when/lib/Scheduler.js:62:19)
at Scheduler.drain (/Users/andy/sandboxes/jpm/node_modules/when/lib/Scheduler.js:27:9)
at process._tickCallback (node.js:355:11)
I think this because the server is returning a 302:
Location: http://amo.dev/en-US/firefox/api/v3/addons/jid0-asd%40jetpack/versions/0.3.2/
If a request comes into something on the API its asking for json, don't return HTML on an error. Example:
>>> res = requests.get('https://addons-dev.allizom.org/en-US/firefox/api/v3/does-not-exist', headers={'Accept': 'application/json'})
send: 'GET /en-US/firefox/api/v3/does-not-exist HTTP/1.1\r\nHost: addons-dev.allizom.org\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: application/json\r\nUser-Agent: python-requests/2.5.3 CPython/2.7.10 Darwin/14.5.0\r\n\r\n'
reply: 'HTTP/1.1 404 NOT FOUND\r\n'
header: Content-Encoding: gzip
header: Content-Security-Policy-Report-Only: script-src 'self' https://www.google.com https://www.paypalobjects.com https://ssl.google-analytics.com https://addons-dev-cdn.allizom.org/user-media; default-src * data:; style-src * 'unsafe-inline'; frame-src https://ssl.google-analytics.com https://sandbox.paypal.com; object-src 'none'; report-uri /services/csp/report
header: Content-Type: text/xml; charset=utf-8
header: Date: Sun, 01 Nov 2015 17:41:53 GMT
header: Server: nginx
header: Strict-Transport-Security: max-age=31536000
header: Vary: Accept-Encoding
header: Vary: X-Mobile, User-Agent
header: X-Frame-Options: DENY
header: Content-Length: 90
header: Connection: keep-alive
>>> res.content
'<?xml version="1.0" encoding="utf-8" ?>\n <error>Not Found</error>\n '
I'm requesting JSON and get back XML.
We should collect some stats:
We should have a mechanism for a logged in user to convert their old account to an FxA account. This will likely involve logging into the old username/password account and then logging into FxA. This should allow for the user to change the email address stored in olympia.
We should discuss with UX the logistics of this. Should we require a user to log in to their old account to convert it?
Prerequisites:
Build identifier: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Steps to reproduce:
1.Perform any action which should add a visual modification on AMO prod (ie. add many reviews to an app, follow\unfollow a collection, add a new addon to a collection)
2.Refresh the page to see the changes
Expected results:
AMO is instantly updated
Actual results:
Strange behaviors are seen after refresh (ie. reviews disappear , followed collections are still seen as unfollowed , addons are not added to collections, etc... )
I added two screencast with these issues:
http://screencast.com/t/orqXjzTZ
http://screencast.com/t/yC3T21BF82
Prerequisites:
Build identifier: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
Steps to reproduce:
1.Submit a new theme
2.Go to theme edit listing page and try to transfer ownership
Expected results:
You can transfer ownership without problems
Actual results:
You cant transfer ownership(Button is greyed out)
Please see screencast for this bug : http://screencast.com/t/OQSPJX88wC
https://github.com/mozilla/olympia/blob/master/apps/translations/forms.py#L56
def as_ul(self):
etc
Initial investigation result is that this is dead/uncalled code.
My concern is that if it gets returned to something else and modified, it will not be mark_safe anymore.
Looks like this for me:
https://www.dropbox.com/s/0um3guzzh7l8h8b/Screenshot%202015-11-12%2015.42.50.png?dl=0
But the new-key-email.ltxt
file seems to be nicely formatted with fancy new lines and all.
https://github.com/mozilla/olympia/blob/master/apps/addons/models.py#L458 sends emails when an add-on is being deleted. The property atype
is being localized. We don't want that as it makes it very hard to search in those emails.
I'd give a shot a this myself, but I don't know why l10n happens in the first place. Any hints are appreciated.
Example:
The following ΘΈΜΑ was deleted.
addons-server part to mozilla/addons-linter#62
Implement an extensivle wrapper around calling the addons-validator binary and passing arguments. This should basically just call subprocess.Popen
and sorts.
Proper logging and exception handling.
Steps to reproduce:
Expected results:
The add-on status from its review history page is “Disable by Mozilla”. The add-on is no longer available in AMO Public Pages.
Actual results:
The add-on status is still “Fully reviewed” and is also available in public pages.
Notes/Issues:
An add-on can be rejected if this is the first action made.
Verified on FF42(Win 7). Issue is reproducing on AMO-stage.
Screencast for this issue: http://screencast.com/t/OUUsnnLD
We will need to setup a new app in the FxA Stable OAuth Console and provide the client_id
, state
and redirect_url
to the frontend.
This will be similar to the fxa_auth_info helper in zamboni.
Steps to reproduce:
Expected results:
There are 5 review buttons Request More Info, Flag, Duplicate, Reject, Approve Theme.
Actual Results:
Flag button is missing.
Notes/Issues:
Verified in FF43(Win7) Issue can be reproduced in addons.allizom.org
Would be a pretty quick win to add a link to the footer to https://status.mozilla.org. so our users know to look there for status info.
This isn't done in zamboni so we have no reference but it is considered a best practice to include some state that is also stored in the user's session in the state parameter passed to FxA. This way we can verify that the authentication request was generated by the app and not a third party. We should include some signing of the state parameter as well.
Olympia part to mozilla/addons-linter#62
This is the olympia part to mozilla/addons-linter#62
Add in metrics so that we get an idea of how fast the addons-linter
is.
There is the devhub.validator
namespace we're using in statsd to track amo-validator
times and stats, given that I think devhub.addons_linter
might be a good namespace.
Add a new login endpoint that will accept an FxA authentication token and return an API key to the client. This should also log the user into the django session based authentication system to maintain backwards compatibility.
This will be similar to zamboni's FxALoginView
however it should again be much simpler since we only have one authentication method.
Go to any add-on click, write a review, complete form and write a review. Click submit.
I am consistently getting: [HTTP/1.1 502 Bad Gateway 32678ms] back.
According to @jasonthomas "it seems like update_denorm is taking a while to run on stage".
files.FileValidation
, this needs to be extended somehow so that we can compare results of both validators in a later step.Maybe also think about simply storing the js-results in the same row as the original results so that we don't need to implement new filters everywhere.
Olympia part to mozilla/addons-linter#62
Steps to reproduce:
Expected results:
The message "Successfully verified" is listed in AMO page. After entering the new created email and password the user is logged in.
Actual result:
User cannot log in. An error message is displayed.
Notes/Issues:
Verified on FF42(Win 7). Issue is reproducing on AMO-prod.
Please see the screencast: http://screencast.com/t/nSBAQt540UJ
This is the olympia part to mozilla/addons-linter#62
implement a view that compares the results between python and js validator. It appears we might be able to leverage some code from devhub.utils:ValidationComperator
.
The delete add-on form currently requires you to enter your password. In a world where passwords are all stored on FxA, that's not going to work, we'll have to come up with something different. We could force FxA authentication or just require something else typed in like the add-on GUID or something.
https://www.dropbox.com/s/97n8gnxodackle1/Screenshot%202015-11-13%2011.22.22.png?dl=0
If an email address that we don't have an account for is logging in with FxA using the API created in #1588 then that account should be created with some basic info and the client should be notified that this was a new account in the response.
Because we aren't quite sure what we need to validate or look at in WebExtensions, it was suggested that instead we just WebExtensions off for manual review on AMO.
I just found out about http://pytest-benchmark.readthedocs.org/en/stable/ and given the fact that we're planning on doing lots of refactoring and updates I was wondering if it would make sense to get this integrated somehow to see how we're doing.
I doubt it'll be easy to integrate with CI but at least with a small shell script and git we should be able to get reliable performance graphs.
Any ideas on that? @andymckay @magopian
Example: http://pytest-benchmark.readthedocs.org/en/stable/comparing.html
Because this matters to me: http://mckay.pub/2015-01-07-allowed/
This is the olympia part to mozilla/addons-linter#62
Ensure that view pages, api etc return the correct validation, making the js-validator hidden from normal view.
Provide some UX mocks and flow chart for a FxA "email funnel" flow. That we'll then break down into bugs. If this could be done as a pull request against this repository into the docs/ux folder, that would be awesome.
Steps to reproduce:
Expected results:
There are no display or layout issues.
Actual results:
The numbers/special_chars are not aligned with the rest of the name.
Notes/Issues:
Verified on FF42(Win 7). Issue is reproducing on AMO-stage, dev and prod.
Prerequisites:
Build identifier: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
Steps to reproduce:
1.Load AMO prod
Expected results:
AMO prod is correctly loaded
Actual results:
Sometimes, AMO prod is not loading and it is returning a 503 or 502 Bad Gateway
Screencast : http://screencast.com/t/m0Foplvl39QJ
Lets use Firefox Accounts on AMO, instead of AMOs home grown authentication system and gently migrate our users over to the new system.
This is a tracking bug for all the things we are about to do on this.
Yesterday there were site outages and I was presented with a plain page that said "Error 503" and that was about it. No formatting or explanation.
We should have gentler pages for our users.
Most larger sites have some sort of custom pages in these instances which are less harsh and more informative. Let's try and make ours more approachable and informative too.
We have multiple APIs, a v1.5, a v2, mostly used by clients like Firefox for searching.
We are creating a new API for addons.mozilla.org which will be less XML, more JSON, faster and better in every way. Maybe. Assuming that's the case, we need to deal with legacy clients that use the old API. That means providing an API to move to, a migration plan and a deprecation strategy.
We should wrap the old registration process in a waffle so that it can be turned off once #1594 is completed to allow registration with FxA.
If a user's login with FxA resulted in a new account being created then the account details form should be shown to allow the user to complete the registration process.
We may want to delay creating the account initially until this data is collected however that could result in the FxA token expiring. There will be weird edge cases here if the user navigates away or leave and signs in with this account again without completing the process.
I think the ability to submit add-ons as a WebExtension should be behind a flag, so that we can have it off in prod until we think through all the requirements.
Supports https://bugzilla.mozilla.org/show_bug.cgi?id=1210037
This is the GitHub tracking issue for https://bugzilla.mozilla.org/show_bug.cgi?id=1164477
TODOS:
Other cleanup stuff I noticed:
General updates, things to notice:
tower
has been replaced by puente (https://github.com/mozilla/puente)Verify the following dependency updates to exist in wheelhouse:
Most are so this is mostly for documentation reasons.
Steps to reproduce:
Expected results:
The date when the theme was deleted coincide with the value from “Date Deleted” column.
Actual results:
The date when a theme was created is listed in the “Date Deleted” column.
Notes/Issues:
Verified on FF42(Win 7). Issue is reproducing on AMO-stage and AMO-dev.
Screencast for this issue: http://screencast.com/t/G0qtdC4QM1gY
Once FxA returns the user's authentication token pass that to the API created in #1588 to log the user in.
This should be similar to fireplace's handle_fxa_login
.
Use the config provided by #1585 to begin the authentication flow to FxA. I think opening a popup will be easiest however there is an iframe version that might provide a nicer flow.
This will be similar to startLogin
from marketplace-core-modules however that code handles several different FxA authentication methods (native, iframed native and web) and we will just support web.
Go to about:addons, click "watch the video" or "Learn more about add-ons".
A couple of things:
If we want to keep this video around, I bet we can find replacements for those add-ons and just update that.
Due to the slowness on AMO or unstability of my network connection, my forms gets submitted more than once. This results in duplicate review actions or messages.
Could you add something to prevent double-submit? If possible, check whether someone else has already posted an update before accepting the form (e.g. show "This add-on review has been updated. Please check whether your comment/review/approval/rejection is still relevant." when another message has been added since the last post).
This check could be at the Python backend, or part of the front-end (perform an (ugh) synchronous AJAX request upon submit, and only confirm the request if the last message hasn't changed; this only works if the server immediately replies, but I've noticed that AMO suffers from an aggressive cache, so this idea does not work...).
The API that we've got should probably have a "beta" or "experiemental" flag on it in olympia. The best place to put this is on the key creation page.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.