Hi All,
This week we'll be rolling FxA train-39 to production with the following changes: On the Frontend: * Users can now opt-in to engagement emails during account signup, and manage their opt-in via a "Communication Preferences" screen. * Users now see the "change avatar picture" UI if they had previously set an avatar, even if it's not normally visible for them. * The option to use a Gravatar as profile picture has been temporarily removed, pending additional UX work. * The permission prompt now ensures that third-party reliers do not get scopes that weren't included in the prompt UI. * HTML files are now compressed during the build process. * Fixed form autofill for Firefox, and pasting on iOS. * A variety of test improvements. On the Backend: * Strict config validation is now enabled across all servers, and it detected a few config smells (although no outright bugs). * The profile image endpoint now provides an ETag to improve cachability of the response. * The auth server now logs account activity events for metrics purposes. * Submitting a well-formed-but-invalid assertion to the OAuth server will now produce a 401 status code, not a 400. * The /destroy OAuth endpoint no longer includes internal implementation details in its JSON response. As always, you can dig into the details through the CHANGELOG files in each individual repo: https://github.com/mozilla/fxa-auth-server/blob/master/CHANGELOG https://github.com/mozilla/fxa-oauth-server/blob/master/CHANGELOG.md https://github.com/mozilla/fxa-profile-server/blob/master/CHANGELOG.md https://github.com/mozilla/fxa-content-server/blob/master/CHANGELOG.md Cheers, Ryan _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
