We now copy all existing enrollments to the NimbusEnrollments table
during a migration after the ExperimentStore is initialized but before
we initialize the `ExperimentManager` (i.e., call `onStartup()`). This
migration has to happen at this very specific point because calling
`ExperimentManager.onStartup()` will process any existing enrollments
and may cause unenrollments. This patch does not add support for
updating enrollments in the database (see the next patch in this
series), but for that to happen, the enrollments must already exist in
the database.
`NimbusTestUtils.factories.recipe()` now returns more realistic recipes
(with properties being `null` instead of missing). This surfaced a
minor bug in the `EnrollmentsContext` validation flow when validation
was disabled and the recipe had localizations, but this should never
have been a problem in reality because validation is always enabled in
practice.
Because Nimbus is used in so many xpcshell tests and it is currently
cumbersome to enable the ProfileDatastoreService in every one of those
tests, writing to the new database is controlled by the
`nimbus.profiledatastoreservice.enabled` pref, which is true by default
but false in xpcshell tests.
Original Revision: https://phabricator.services.mozilla.com/D249467
Differential Revision: https://phabricator.services.mozilla.com/D251910
This reverts commit 53b0e55e9e.
Revert "Bug 1956080 - Write enrollment updates to the NimbusEnrollments table r=jhirsch,nimbus-reviewers,relud,nalexander"
This reverts commit 128370986e.
Revert "Bug 1956080 - Add a migration to copy existing enrollments to the NimbusEnrollments table r=jhirsch,nimbus-reviewers,relud,Gijs"
This reverts commit 0bbb1c3d7a.
We now copy all existing enrollments to the NimbusEnrollments table
during a migration after the ExperimentStore is initialized but before
we initialize the `ExperimentManager` (i.e., call `onStartup()`). This
migration has to happen at this very specific point because calling
`ExperimentManager.onStartup()` will process any existing enrollments
and may cause unenrollments. This patch does not add support for
updating enrollments in the database (see the next patch in this
series), but for that to happen, the enrollments must already exist in
the database.
`NimbusTestUtils.factories.recipe()` now returns more realistic recipes
(with properties being `null` instead of missing). This surfaced a
minor bug in the `EnrollmentsContext` validation flow when validation
was disabled and the recipe had localizations, but this should never
have been a problem in reality because validation is always enabled in
practice.
Because Nimbus is used in so many xpcshell tests and it is currently
cumbersome to enable the ProfileDatastoreService in every one of those
tests, writing to the new database is controlled by the
`nimbus.profiledatastoreservice.enabled` pref, which is true by default
but false in xpcshell tests.
Differential Revision: https://phabricator.services.mozilla.com/D249467
Reorganised sponsored settings on `about:settings#home` to be nested under "Support Firefox" checkbox for an experiment instead of under their respective preferences for top sites and recommended stories.
Differential Revision: https://phabricator.services.mozilla.com/D249767
See the previous commit, about content sandbox level 6, for details;
this is basically the same (except with one more ioctl allowlisted, and
controlled by a different pref).
This patch also adds some plumbing to get the socket sandbox level into
the code that constructs the policy, modeled on how it works for content
processes. (Previously the only levels of the socket process sandbox
were "on" and "off" so that wasn't necessary until now.)
Differential Revision: https://phabricator.services.mozilla.com/D249018
The sandbox already limits `ioctl` attack surface by restricting what
files can be opened (you can't call a device's `ioctl` handler if you
can't get a fd for that device), but it's always good to have defense in
depth, especially when it can be implemented this simply.
The new policy is default-deny, allowing only a couple ioctls that
are really fcntls; others may be added as needed.
The old, default-allow policy (which blocked only tty ioctls) is still
available by lowering the pref `security.sandbox.content.level` to 5,
and for now that is also the case in safe mode. (The safe mode sandbox
lowering may be removed in the future once this is better tested.)
Differential Revision: https://phabricator.services.mozilla.com/D249017
This was a separate pref because it also side-effects the graphics stack
by setting `MOZ_HEADLESS` for content processes. But, it makes more
sense to have it be part of the ordered sequence of sandbox levels (for
example, the upcoming ioctl lockdown will also break graphics drivers),
and in general it's better if the sandbox policy can be understood by
looking at only one pref instead of several.
There is *no* pref migration for older profiles. If anyone had
`security.sandbox.content.headless` set to false: if the reason was to
also turn off `webgl.out-of-process`, try resetting that pref and see if
everything still works. If that's not the case, or if there are still
bugs with default settings, please report them, and the sandbox level
can be lowered to 4 as a workaround.
Differential Revision: https://phabricator.services.mozilla.com/D249016
- static skeleton animation
- start download / inference only after opt-in
- update model-optin to allow placing icon on either right or left depending on iconAtEnd
- update background-color of optin-wrapper
- add new prefs browser.ml.linkPreview.optin and browser.ml.linkPreview.collapse
- use css order attribute for placement of icon
- update to final text for opt-in modal
- don't generate key points if collapsed is true
- add optin test suite in browser_link_preview_optin.js
- add telemetry to link review optin
- remove learn more link
- refactor updateCardProperty
Differential Revision: https://phabricator.services.mozilla.com/D249104
Rather than introducing a new pref, keep using the existing one. The
idea is that semantic history search will be part of the normal history
search functionality, so it doesn't need a separate pref.
Also add some checks to avoid unnecessary work in unrelated search modes.
Differential Revision: https://phabricator.services.mozilla.com/D248925
Rather than introducing a new pref, keep using the existing one. The
idea is that semantic history search will be part of the normal history
search functionality, so it doesn't need a separate pref.
Also add some checks to avoid unnecessary work in unrelated search modes.
Differential Revision: https://phabricator.services.mozilla.com/D248925
- Updated New Tab wallpaper code to only use `browser.newtabpage.activity-stream.newtabWallpapers.enabled` pref for turning the wallpapers on and off.
- Removed usage of `browser.newtabpage.activity-stream.newtabWallpapers.v2.enabled` everywhere except for Marionette setup so that testing older versions of Firefox is not affected.
Differential Revision: https://phabricator.services.mozilla.com/D248376
