Henri Sivonen wrote:
> I think for release builds, we should have the following:
> 1) Rust panic!() causes a crash that's MOZ_CRASH()-compatible for
> crash-reporting purposes. (See
> https://mxr.mozilla.org/mozilla-central/source/mfbt/Assertions.h#269
> and particularly
> https://mxr.mozilla.or
On Tue, Mar 22, 2016 at 3:03 AM, Henri Sivonen wrote:
> It seems that the Rust MP4 parser is run a new Rust-created thread in
> order to catch panics.
>
Is the Rust MP4 parser using panics for flow control (like is common in JS
and Java with exceptions), or only for "should be impossible" situat
Henri Sivonen wrote:
> An example of this *not* being the case: I expect to have to import
> https://github.com/gz/rust-cpuid into Gecko in order to cater to the
> Mozilla-side policy sadness of having to support Windows XP users
> whose computers don't have SSE2.
With my Rust programmer hat on
Henri Sivonen wrote:
> On Wed, Jan 6, 2016 at 9:27 PM, Brian Smith wrote:
> > Henri Sivonen wrote:
> >>
> >> On Thu, Oct 1, 2015 at 9:58 PM, Jonathan Watt wrote:
> >> > For those who are interested in this, there's a bug to consider
> >>
Henri Sivonen wrote:
> On Thu, Oct 1, 2015 at 9:58 PM, Jonathan Watt wrote:
> > For those who are interested in this, there's a bug to consider
> integrating
> > the Guidelines Support Library (GSL) into the tree:
> >
> > https://bugzilla.mozilla.org/show_bug.cgi?id=1208262
>
> This bug appears
On Mon, Oct 26, 2015 at 1:45 PM, Joshua Cranmer 🐧
wrote:
> FWIW, when Brian Smith made his comments on mozilla.dev.security.policy, I
> did try to find a bug detailing what he was talking about... and I couldn't
> find what he was talking about, which means that our security tea
wrote:
> Also, from what I can tell of the C++ features that gcc-4.8 enables (from
> [1]), none of them are available until MSVC 2015.
> It seems likely that we'll be supporting MSVC 2013 until the next ESR, so I
> don't see that moving to 4.8 gives us any immediate benefits.
>
> [1] https://dev
Ryan VanderMeulen wrote:
>> (2) The trychooser tool should be extended to make it possible to
>> build with GCC 4.7 on any platforms where it is supported, and
>> bootstrap.py be updated to install GCC 4.7 alongside the
>> currently-installed compiler.
>
> All Android and B2G JB/KK emulator builds
Mike Hommey wrote:
> Brian Smith wrote:
>> It is very inconvenient to have a minimum supported compiler version
>> that we cannot even do test builds with using tryserver.
>
> Why this sudden requirement when our *current* minimum "supported"
> version is 4.6 a
wrote:
> In summary: Officially make gcc-4.7 our minimum supported version. Fx38 and
> 39 don't compile with 4.6 and none of the GNU/Linux package maintainers I
> have contacted have any major concerns over dropping it.
I propose that either:
(1) GCC 4.8 be made the minimum supported version i
wrote:
> Target release: FF 38 or 39 (feedback requested)
> Currently hidden behind: dom.fetch.enabled.
> Bug to enable by default: https://bugzilla.mozilla.org/show_bug.cgi?id=1133861
Great work!
Is there a test that verifies that fetch is correctly handled by
nsIContentPolicy (for extensions l
or WASWG to discuss it.
Yes, I agree I was mistaken. You can read more about COWL at
http://cowl.ws/. Note, in particular, that the prototype is a
modification of Firefox. Also note this acknowledgement from the
second COWL paper: "We thank Bobby Holley, Blake Kaplan, Ian Melven,
Garret
On Mon, Feb 9, 2015 at 8:03 AM, Benjamin Smedberg wrote:
> On 2/7/2015 4:38 AM, Jet Villegas wrote:
> I'm skeptical of the immediate value. We need to focus on Flash hangs and
> also the security issues surrounding Flash 0-days especially as distributed
> by ad networks. Power saving is not our im
L. David Baron wrote:
> Is the argument you're making that if the site can serve the ads
> from the same hostname rather than having to use a different
> hostname to get same-origin protection, then ad-blocking (or
> tracking-blocking) tools will no longer be able to block the ads?
Yes.
Anyway,
L. David Baron wrote:
> The W3C is proposing a revised charter for:
>
> Web Application Security Working Group
> http://www.w3.org/2014/12/webappsec-charter-2015.html
> https://lists.w3.org/Archives/Public/public-new-work/2014Dec/0008.html
>
> Mozilla has the opportunity to send comments, ob
Ehsan Akhgari wrote:
> On 2015-01-02 2:03 PM, Brian Smith wrote:
>> In this case, the problem is that I wrote a patch to explicitly delete
>> ("= delete") some members of classes in mozilla::pkix. mozilla::pkix
>> cannot depend on MFBT for licensing and build inde
Ehsan wrote:
> Note that MSVC 2012 is "supported" in the sense that we'd accept
> patches that help fix it, and we won't check in patches that require
> compiler features that 2012 does not support.
In this case, the problem is that I wrote a patch to explicitly delete
("= delete") some members of
-- Forwarded message --
From: Brian Smith
Date: Fri, Aug 1, 2014 at 9:24 AM
Subject: David Keeler is now the module owner of PSM
To: mozilla-governa...@lists.mozilla.org, mozilla's crypto code
discussion list , David Keeler
Hi,
Amogst other things, PSM is the part of
On Mon, Jul 7, 2014 at 11:11 AM, Jonathan Griffin
wrote:
> I guess a related question is, if we could run this periodically on TBPL,
> what would be the right frequency?
>
> We could potentially create a job in buidlbot that would handle the
> downloading/post-processing, which might be a bit fas
On Sun, Jul 6, 2014 at 10:02 PM, Joshua Cranmer 🐧
wrote:
> Effectively, only xpcshell tests, and the M, M-e10s, and R groups are
> represented in the output data. M-e10s is slightly borked: only M-e10s(1)
> [I think] is shown, because, well, treeherder didn't distinguish between
> the five of the
On Tue, Jun 10, 2014 at 4:19 PM, Botond Ballo wrote:
> > Why put this into core C++? Why not leave it to libraries?
>
> The standard library is a library :)
>
> One of the biggest criticisms C++ faces is that its standard library is
> very narrow in scope compared to other languages like Java or
On Tue, Jun 3, 2014 at 11:37 AM, Chris Peterson
wrote:
> http://blog.chromium.org/2014/06/try-out-new-64-bit-windows-
> canary-and.html
>
> What is the status of Firefox builds for Win64? When Mozilla releases
> Win64 builds (again), we'll be seen as reacting to Google when we've
> actually been
On Thu, May 29, 2014 at 2:03 PM, Andrew Sutherland <
asutherl...@asutherland.org> wrote:
> This is a good proposal, thank you. To restate my understanding, I think
> the key points of this versus the proposal I've made here or the variant in
> the https://bugzil.la/874346#c11 ISPDB proposal are:
On Wed, May 28, 2014 at 5:13 PM, Andrew Sutherland <
asutherl...@asutherland.org> wrote:
> On 05/28/2014 07:16 PM, David Keeler wrote:
>
>> * there is only a single certificate store on the device and therefore
>>> that all exceptions are device-wide
>>>
>> This is an implementation detail - it wo
On Mon, May 12, 2014 at 9:36 AM, Kyle Huey wrote:
> We should get rid of RefPtr, just like we did the MFBT refcounting classes.
>
> The main thing stopping a mechanical search and replace is that the
> two smart pointers have different semantics around
> already_AddRefed/TemporaryRef :(
Nit: Ar
On Thu, Apr 24, 2014 at 4:23 PM, Mike Hommey wrote:
> On Thu, Apr 24, 2014 at 04:15:45PM -0700, Brian Smith wrote:
> > On Thu, Apr 24, 2014 at 4:03 PM, Ehsan Akhgari >wrote:
> >
> > > * Are there obvious places that people should inspect for code that's
>
On Thu, Apr 24, 2014 at 4:03 PM, Ehsan Akhgari wrote:
> * Are there obvious places that people should inspect for code that's
>
>> being built but not used? Some libs that got imported for WebRTC
>> maybe?
>>
>
> Nothing big comes to my mind. Perhaps hunspell on b2g?
>
https://bugzilla.mozilla
On Sat, Feb 22, 2014 at 5:06 PM, Neil wrote:
> Joshua Cranmer wrote:
>> Being serious here, early-return and RTTI (to handle the cleanup prior to
>> exit) would have eliminated the need for gotos in the first place.
>
> I assume you mean RAII. Unfortunately that requires C++. (I was fooled too;
>
On Fri, Feb 21, 2014 at 1:38 PM, Nicholas Nethercote
wrote:
> Optimizations that wouldn't have been worthwhile in the desktop-only
> days are now worthwhile. For example, an optimization that saves 100
> KiB of memory per process is pretty worthwhile for Firefox OS.
Do you mean 100KiB per child p
On Sun, Feb 9, 2014 at 2:54 PM, Robert O'Callahan wrote:
> On Mon, Feb 10, 2014 at 11:49 AM, Brian Smith wrote:
>> It seems likely that if something like Moz2D became the standard API then
>> we'd be able to optimize it more easily than we'd be able to optim
On Sun, Feb 9, 2014 at 2:38 PM, Robert O'Callahan wrote:
> I've already given my feedback on the cairo mailing list. Summary: Moz2D is
> the right thing for us, and probably for other application frameworks, but
> for applications that just want to draw their stuff on the screen or to
> print, cai
On Fri, Feb 7, 2014 at 11:13 AM, David Keeler wrote:
> On 02/07/14 10:31, ISHIKAWA, Chiaki wrote:
>> Message:
>> [10549] WARNING: Security network blocking I/O on Main Thread: file
>> /REF-COMM-CENTRAL/comm-central/mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp,
>> line 422
David's explanati
On Sun, Feb 2, 2014 at 5:01 PM, Anthony Jones wrote:
> On 31/01/14 13:25, Nicholas Nethercote wrote:
>> indentation, obviously we should fix any other style problems at the
>> same time.)
>
> In order to make this happen I've run clang-format on XPConnect and
> uploaded it to bug 966840.
I was cu
On Sun, Jan 5, 2014 at 6:34 PM, Nicholas Nethercote
wrote:
> - There is an semi-official policy that the owner of a module can dictate its
> style. Examples: SpiderMonkey, Storage, MFBT.
AFAICT, there are not many rules that module owners are bound by. The
reason module owners can dictate style
On Thu, Dec 19, 2013 at 6:13 PM, Ehsan Akhgari wrote:
> But to address the main point of this paragraph, what's wrong with having
> *one* style that *everybody* follows? I can't tell if you have something
> against that, or if you just care about a small subset of the tree and are
> happy with th
On Thu, Dec 5, 2013 at 9:46 PM, Robert O'Callahan wrote:
> bug 924253
I think we should also be careful that, when we have multiple
processes (which is always, because of e10s-based about:newtab
fetching), that those multiple processes are not clobbering each
other's output, when NSPR_LOG_FILE is
On Tue, Dec 3, 2013 at 8:53 AM, Ted Mielczarek wrote:
> On 12/2/2013 11:39 PM, Mike Hommey wrote:
>> Current setup (16):
>> real11m7.986s
>> user63m48.075s
>> sys 3m24.677s
>> Size of the objdir: 3.4GiB
>> Size of libxul.so: 455MB
>>
> Just out of curiosity, did you try with
Hi all,
Please join me in welcoming David Keeler as a PSM peer! Amongst many
other things, David implemented the HSTS preload list, integrated OCSP
stapling into Firefox, and is current implementing the OCSP
Must-Staple feature, which is a key part of our goal of making
certificate status checking
On Wed, Nov 20, 2013 at 5:40 AM, Benjamin Smedberg
wrote:
> I'm pretty sure that WebCrypto will have a way so sign a document with a
> certificate. It's not clear to me whether WebCrypto as currently specced
> also has a way to prompt the user to access personal certificates.
> bsmith/ekr, do you
On Fri, Nov 8, 2013 at 1:33 AM, fma spew wrote:
> We have a npapi-npruntime plug-in that access the Windows certificate store
> via CAPI to provide the end-user with its personal certificates to perform
> different operations.
We can and should switch from using NSS to using the CAPI personal
cer
On Thu, Oct 17, 2013 at 3:46 AM, Axel Hecht wrote:
> We have issues with disk space, currently. We're already in the situation
> where all our keyboard data doesn't fit on quite a few of the devices out
> there.
Where can one read more about this? This ICU data is not *that* huge.
If we can't aff
On Wed, Oct 16, 2013 at 1:39 PM, wrote:
>> In general, if I understand correctly, it's hard to use native subpixel AA
>> in layers that use hardware accelerated compositing. So in some cases we
>> might need to choose between speed and subpixel rendering. (I'm not at all
>> an expert in this are
On Tue, Oct 15, 2013 at 10:50 AM, Anne van Kesteren wrote:
> On Tue, Oct 15, 2013 at 6:45 PM, Benjamin Smedberg
> wrote:
>> On 10/15/2013 1:18 PM, Brian Smith wrote:
>>> My understanding is that web content should not be able to tell which
>>> locale the browser is
On Tue, Oct 15, 2013 at 9:06 AM, Benjamin Smedberg
wrote:
> Do we need this data for any language other than the language Firefox ships
> in? Can we just include the relevant language data in each localized build
> of Firefox, and allow users to get other language data via downloadable
> language
On Thu, Oct 10, 2013 at 3:43 AM, Till Schneidereit
wrote:
> On Thu, Oct 10, 2013 at 12:00 PM, Gabriele Svelto wrote:
>> On 10/10/2013 02:36, Zack Weinberg wrote:
>>>
>>> In that vein, I think we should take a hard look at the image decoders.
>>> Not only is that a significant chunk of attack surf
On Wed, Oct 9, 2013 at 9:01 AM, Gervase Markham wrote:
> Attack surface reduction works:
> http://blog.gerv.net/2013/10/attack-surface-reduction-works/
>
> In the spirit of learning from this, what's next on the chopping block?
Master password. The UI is prone to phishing, it causes all sorts of
On Wed, Oct 9, 2013 at 9:01 AM, Gervase Markham wrote:
> * Windows integrated auth
I would love to kill Windows integrated auth. It seems like doing so
would mean almost the same thing as saying "we don't care about
intranets" though. That's something I would be very interested in
hearing about f
On Wed, Oct 2, 2013 at 12:33 PM, Erik Rose wrote:
> What features do you most use in MXR and DXR?
Blame. I wish blame mode was the default (only?) view.
> What keeps you off DXR? (What are the MXR things you use constantly? Or the
> things which are seldom-used but vital?)
* Linking to a speci
On Mon, Sep 23, 2013 at 3:40 PM, Chris Peterson wrote:
> On 9/23/13 2:41 PM, Benjamin Smedberg wrote:
> Even if Firefox supported the Pepper API, we would still need a Pepper
> version of Flash. And Adobe doesn't have one; Google does.
>
> When I was an engineer on Adobe's Flash Player team, Googl
On Mon, Sep 23, 2013 at 2:41 PM, Benjamin Smedberg wrote:
> On 9/23/2013 4:59 PM, Brian Smith wrote:
>
>> Given that Pepper presents little benefit to users,
>>>
>>
>> Pepper presents a huge benefit to users because it allows the browser to
>> sandbox the pl
On Mon, Sep 23, 2013 at 1:46 PM, Benjamin Smedberg wrote:
> On 9/23/2013 4:29 PM, Hubert Figuière wrote:
>
>> Hi all,
>>
>> Today Google said they'd drop NPAPI for good.
>>
> We also intend to someday drop NPAPI for good. I don't think that "by the
> end of 2014" is a realistic timeline for either
On Mon, Sep 23, 2013 at 1:46 PM, Benjamin Smedberg wrote:
> The costs of Pepper are huge: it is not a well-specified API; we'd be
> reverse-engineering large bits of chromium code in order to support it, and
> it's clear that we want to focus effort on the web not Pepper.
I asked some Chromium g
On Sun, Sep 22, 2013 at 6:20 PM, Mark Hammond wrote:
> [I also see a clobber build spend > 5 minutes in various configure runs,
> which frustrates me every time I see it - so I minimize the shell ;]
>
Yep, and the amazing thing is that we basically don't even need to run most
of that junk on Wind
On Mon, Sep 16, 2013 at 5:06 PM, Adam Kowalczyk wrote:
> For what it's worth, I find xml:base very useful in my extension. It is a
> feed reader and it displays content from many third-party sources on a
> single page, so there's a need for multiple base URIs in order to resolve
> relative URIs co
On Tue, Aug 27, 2013 at 10:30 AM, Gregory Szorc wrote:
> On 8/27/13 9:13 AM, Benjamin Smedberg wrote:
>
>> On 8/26/2013 5:59 PM, Brian Smith wrote:
>>
>>> Immediate rebuild (no-op) was 10:13.05. A second no-op rebuild was
>>> 10:32.36. It looks like every sha
I talked to gps today and told him I would let him know my numbers on my
machine. I will share them with everybody:
My Win32 debug clobber build (mach build after mach clobber) was 39:54.84
today, up from ~33:00 a few months ago. Not sure if it is my system.
Immediate rebuild (no-op) was 10:13.05.
On Fri, Aug 16, 2013 at 4:27 AM, Mike Hommey wrote:
> > - Remove all conditional feature configuration from configure.
> > WebRTC et al are always on. Features should be disabled dynamically
> > (prefs), if at all.
> > - Reduce configure settings to choice of OS and release or developer.
>
> With
On Fri, Aug 16, 2013 at 2:43 AM, Andreas Gal wrote:
> I would like to propose the opposite approach:
>
> - Remove all conditional feature configuration from configure. WebRTC et
> al are always on. Features should be disabled dynamically (prefs), if at
> all.
> - Reduce configure settings to choi
On Thu, Aug 8, 2013 at 3:57 PM, Ehsan Akhgari wrote:
> On 2013-08-08 11:34 AM, Brian Smith wrote:
>
>> My position is that we should fix STLPort's implementation
>> for GCC 4.4 ARM Linux (maybe just backport a fixed version) and use
>> std::type_traits everywhere.
If you have comments about this proposal, please reply on the
dev-tech-crypto mailing list:
https://lists.mozilla.org/listinfo/dev-tech-crypto.
-- Forwarded message --
From: Brian Smith
Date: Thu, Aug 8, 2013 at 7:30 PM
Subject: Proposal to Change the Default TLS Ciphersuites
On Wed, Aug 7, 2013 at 6:47 PM, Ehsan Akhgari wrote:
> But for whatever it's worth, I think that in general, for the std
> replacement code living in MFBT, it's best for us to try really hard to
> match the C++ standard where it makes sense. We sometimes go through a
> crazy amount of pain to do
On Wed, Aug 7, 2013 at 6:47 PM, Ehsan Akhgari wrote:
> (Sorry for the late reply, please blame it on Canadian statutory holidays,
> and my birthday date!)
>
Happy birthday!
On Fri, Aug 2, 2013 at 11:09 PM, Brian Smith wrote:
>
>> 1. It avoids a phase of mass rewrites s/mo
On Wed, Jul 31, 2013 at 1:10 AM, Gavin Sharp wrote:
> Bug 870100 enabled use of the background thumbnail service in Firefox
> desktop, which uses a to do thumbnailing of pages in
> the background.
>
> That means that desktop Firefox now makes use of E10S content processes.
> They have a short li
On Sat, Aug 3, 2013 at 12:47 AM, Ehsan Akhgari wrote:
> On 2013-08-02 5:21 PM, Brian Smith wrote:
>
>> 3. How should we handle bridge support for standardized features not yet
>>> universally-implemented?
>>>
>>>
>> Generally, I would much rat
On Sat, Aug 3, 2013 at 12:50 AM, Ehsan Akhgari wrote:
> On 2013-08-02 4:49 PM, Brian Smith wrote:
>
>> That sounds reasonable to me. So, based on that then, let's get back to my
>> original question that motivated the discussion of the policy: If we add
>> std
On Sat, Aug 3, 2013 at 1:32 AM, Robert O'Callahan wrote:
> On Sat, Aug 3, 2013 at 9:13 AM, Gregory Szorc wrote:
>
> > Many of the complaints I've heard have been from overhearing hallway
> > conversations, noticing non-directed complaints on IRC, having 3rd
> parties
> > report anecdotes, etc. *P
On Sat, Aug 3, 2013 at 12:51 AM, Ehsan Akhgari wrote:
> This adds too much risk of security patches failing to backport from
>
>> mozilla-central to ESR 24. Remember that one of the design goals of ESR
>> is to minimize the amount of effort we put into it so that ESR doesn't
>> slow down real Fire
On Wed, Jul 31, 2013 at 7:41 PM, Joshua Cranmer 🐧 wrote:
> implementation, libc++, libstdc++, and stlport. Since most nice charts of
> C++11 compatibility focus on what the compiler needs to do, I've put
> together a high-level overview of the major additions to the standard
> library [3]:
> * std
On Fri, Aug 2, 2013 at 1:36 AM, Joshua Cranmer 🐧 wrote:
> On 8/1/2013 5:46 PM, Brian Smith wrote:
>
>> FWIW, I talked about this issue with a group of ~10 Mozillians here in
>> Berlin and all of them (AFAICT) were in favor of requiring that the latest
>> versions of GCC b
On Fri, Aug 2, 2013 at 2:58 PM, Mike Hommey wrote:
> > Upgrading minimum compiler requirements doesn't imply backporting those
> > requirements to Aurora where ESR24 is right now. Are you opposed to
> > updating our minimum supported gcc to 4.7 on trunk when Firefox OS is
> ready
> > to switch?
On Wed, Jul 31, 2013 at 8:09 PM, Joshua Cranmer 🐧 wrote:
>
> More generally, nobody should be reasonably expected to write code that
>> builds with any combination that isn't used on mozilla-central's TBPL. So,
>> (clang, MSVC) is not really something to consider, for example.
>>
>
> clang + MSVC
On Wed, Jul 31, 2013 at 2:19 PM, Mike Hommey wrote:
> On Wed, Jul 31, 2013 at 01:06:27PM +0200, Brian Smith wrote:
> > On Wed, Jul 31, 2013 at 12:34 PM, Mike Hommey wrote:
> >
> > > I strongly oppose to any requirement that would make ESR+2 (ESR31)
> > > not b
On Wed, Jul 31, 2013 at 12:34 PM, Mike Hommey wrote:
> I strongly oppose to any requirement that would make ESR+2 (ESR31) not
> build on the current Debian stable (gcc 4.7) and make ESR+1 (ESR24) not
> build on the old Debian stable (gcc 4.4). We're not going to change the
> requirements for the
On Wed, Jul 31, 2013 at 6:53 AM, Joshua Cranmer 🐧 wrote:
> On 7/30/2013 10:39 PM, Brian Smith wrote:
>
>> Yes: Then we can use std::unique_ptr in parts of Gecko that are intended
>> to
>> be buildable without MFBT (see below).
>>
>
> One thing I want to point
On Wed, Jul 31, 2013 at 4:50 AM, Ehsan Akhgari wrote:
> On Tue, Jul 30, 2013 at 7:40 PM, Brian Smith wrote:
>
>> But, shouldn't we just name these std::move and std::forward and use these
>> implementations only when we're using STLPort? I know we're not suppo
On Fri, Jul 19, 2013 at 4:46 AM, Mike Hommey wrote:
> Note that STL is another story. We're not using libstdc++ that comes
> with the compiler on android and b2g. We use STLport instead, and STLport
> has, afaik, no support for C++11 STL types. So, while we can now fix
> nsAutoPtr to use move sem
On Fri, Jul 26, 2013 at 9:36 PM, Brad Lassey wrote:
> On 7/26/13 9:30 AM, Ehsan Akhgari wrote:
>
>> I've written up the review policy at [1] and filed bug 898089 [2] to
>>> enforce/communicate this policy via Mercurial hooks.
>>>
>>>
>> While I supported the review policy change here, I'm fairly
Andrew Overholt wrote:
> On 25/06/13 10:11 AM, Brian Smith wrote:
> > In the document, instead of creating a blacklist of web technologies to
> > which the new policy would not apply (CSS, WebGL, WebRTC, etc.), please
> > list the modules to which the policy would apply.
>
Henri Sivonen wrote:
> On Tue, Jun 25, 2013 at 6:08 AM, Brian Smith wrote:
> > At the same time, I doubt such a policy is necessary or helpful for the
> > modules that I am owner/peer of (PSM/Necko), at least at this time.
> > In fact, though I haven't thought about it
Robert O'Callahan wrote:
> On Tue, Jun 25, 2013 at 3:08 PM, Brian Smith wrote:
>
> > At the same time, I doubt such a policy is necessary or helpful for the
> > modules that I am owner/peer of (PSM/Necko), at least at this time. In
> > fact, though I haven't th
Andrew Overholt wrote:
> Back in November, Henri Sivonen started a thread here entitled
> "Proposal: Not shipping prefixed APIs on the release channel" [1]. The
> policy of not shipping moz-prefixed APIs in releases was accepted AFAICT.
>
> I've incorporated that policy into a broader one regardi
Drew Willcoxon wrote:
> The desktop Firefox team is building a new Toolkit module that
> captures thumbnails of off-screen web pages. Critically, we want to
> avoid capturing any data in these thumbnails that could identify the
> user. More generally, we're looking for a way to visit pages in a
> s
Ehsan Akhgari wrote:
> On 2013-05-15 5:18 PM, Vladan Djeric wrote:
> > I'd like to know if these use-cases are sufficiently rare that we
> > should just add new shutdown events when needed (e.g. we added
> > "profile-before-change2" for Telemetry in bug 844331), or if we
> > should come up with a g
Benoit Jacob wrote:
> Can we focus on the other conversation now: should the Web have a
> math-specific markup format at all? I claim it shouldn't; I mostly
> mentioned TeX as a "if we really wanted one" side note and let it go
> out of hand.
>
> How many specific domains will want to have their o
L. David Baron wrote:
> On Saturday 2013-04-27 08:26 +1000, Nicholas Nethercote wrote:
> > If I have a patch ready to land when inbound closes, what would be
> > the sequence of steps that I need to do to land it on inbound2?
> > Would I need to have an up-to-date inbound2 clone and transplant
> >
In addition to this change from CVS to Mercurial, the following changes will be
made in mozilla-central the next time we update NSS:
dbm/ will be moved security/nss/lib/dbm/
security/coreconf/ will be moved to security/nss/coreconf/
This should reduce some confusion about what parts of the tree
bernhardr...@gmail.com wrote:
> i'm willing to fix
> https://bugzilla.mozilla.org/show_bug.cgi?id=836602
>
> Summary: The rest api should not send cookies and thus now uses the
> LOAD_ANONYMOUS flag. But this flag also denies (client side)
> authentication like my custom firefox sync requires.
> t
- Original Message -
> From: "Matthew Gertner"
> To: dev-platform@lists.mozilla.org
> Sent: Friday, February 22, 2013 7:02:40 AM
> Subject: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content
>
> I have an extension that loads an HTML file into a hidden
> and runs script in th
Kyle Huey wrote:
> Brian Smith < bsm...@mozilla.com > wrote:
>
> At what point during XPCOM shutdown are workers destroyed?
>
> xpcom-shutdown-threads
NSS gets shut down way before then, because it can write to the profile. Same
with
Kyle Huey wrote:
>1. Dealing with the different ownership model on worker threads
>(no cycle collector, all owning references go through JS).
>2. Dealing with things that are not available off the main thread
>(no necko, no gfx APIs, etc).
FWIW, I think the networking team has a go
Jean-Marc Desperrier wrote:
> The start of the discussion is that PGO for 32-bit builds will be
> really hard to maintain soon. If doing 64-bit PGO builds is costly and
> impairs the ability to deliver efficient 32-bits non-PGO builds then
> it's not compelling.
The assumption here seems to be tha
Ehsan Akhgari wrote:
> On 2013-02-04 11:44 AM, Ehsan Akhgari wrote:
> > 3. What is the performance difference between Visual Studio
> > 2012 PGO builds and Visual Studio 2010 builds? IMO, before
> > we decide whether to disable PGO on Windows, we need to get
> > good benchmark resul
Ehsan Akhgari wrote:
> Brian Smith wrote:
> > 2. AFAICT, we did not seriously investigate the possibility of
> > splitting things out of libxul more. So far we've tried cutting
> > things off the top of the dependency tree. Maybe now we need to try
> > cutt
Ehsan Akhgari wrote:
> Given the above, I'd like to propose the following long-term
> solutions:
1. Did we try escalating a support request to Microsoft regarding this issue? I
know it is kind of an odd thing, but it seems like if you are insistent enough
and/or pay enough money, Microsoft engin
Benjamin Smedberg wrote:
> On 1/28/2013 6:39 PM, Brian Smith wrote:
> > This will greatly simplify lots of code--not just code in
> > security/manager, but also code in WebRTC, DOM (DOMCrypt), Toolkit
> > (toolkit/identity), and Necko (netwerk/). We already have a
> >
[+taras]
Kyle Huey wrote:
>> 2. Because NSS reads and writes to files in the profile directory,
>> the profile directory must be readable and writable up until process
>> exit. The current rules for XPCOM shutdown say that services must
>> stop doing disk I/O well before then; we would need to cha
Hi all,
After seeing many, many bugs about difficulty of writing code that properly
handles NSS shutdown during XPCOM profile teardown, I think the only reasonable
way forward is to simply make it so that NSS never shuts down--including in
debug builds.
This will greatly simplify lots of code-
Ehsan Akhgari wrote:
> I have started an effort to gather some information on what options
> we have with regard to using PGO on Windows in the longer term[.]
> If you have ideas
> which are not covered by the bugs on file, please do let me know.
Minimizing startup time is one of the biggest reas
Joshua Cranmer wrote:
> On 1/27/2013 11:48 PM, Brian Smith wrote:
> > FWIW, in cases like this, I would rather we just use the C++11 API
> > directly even if it means dropping support for common but
> > out-of-date compilers like gcc 4.4 and VS2010.
>
> I personally pr
Joshua Cranmer wrote:
> In bug 732043, I want to add a mozilla::Atomic class
> that lets us use C++11 atomics where available and fallback to
> compiler intrinsics where C++11 atomics are not implemented
> (which amounts to gcc 4.4 and Visual Studio 2010 or earlier).
How far are we from Visual Stu
1 - 100 of 109 matches
Mail list logo
