Hi All,
This week we will be shipping FxA train-74 to production, with
the following highlights:
* We can now avoid asking users to confirm their sign-in if
they're using the same IP address as a previous sign-in.
The initial version uses a 1-day history of IP addresses
but we may consider increasing that based on ongoing user
metrics.
* Much tigher validation of metrics context data; it turns out
that automated security scans just love to insert SQL
injection attempts into our metric data.
* Some fixes and additional metrics the for sign-in unblock
feature, which has already proven to be of significant
benefit for users who get caught up in our rate-limiting.
* A huuuge refactor of the auth-server test suite, to use mocha
rater than node-tap as the test runner. This is already paying
handsome dividends in developer productivity and happiness.
* Fix several UX bugs in the devices view, including more accurate
identification of tablet devices, and improved default names
for iOS devices.
* We're continuing the trend of fixing flaky functional tests.
* When users sign up to the Mozilla newsletter during account
creation, we now send along the source_url and its various
utm_* metrics parameters. This should help improve tracking
of the effectiveness of newsletter campaigns.
* The Android and iOS app store buttons are now localized
appropriately. Previously they would occur in English
regardless of the language used for the rest of the page.
* The "email preferences" link now opens in a new tab, since
it takes you to a different website.
* The devices view will now include OAuth reliers who have
active access tokens to your account.
* When viewing the account verification page in iOS, we now
show an "app banner" to help the user open it in Firefox.
* The profile-server is now running on docker in production,
the first of our services to do so.
Special thanks go to the following community contributors,
who have code shipping in this train:
* Divya Biyani, who helped with a refactor of the control logic
in our authentication brokers.
* Sai Prashanth Chandramouli, who changed the "Show Password"
button so that it would only appear once you've actually
entered some text to show.
* Ramya Praneetha, who fixed the styling of the app download
badges on the verification page.
Thanks all!
As always, you can find more details in the changelogs for each repo:
https://github.com/mozilla/fxa-auth-server/blob/v1.74.1/CHANGELOG.md
https://github.com/mozilla/fxa-content-server/blob/v0.74.1/CHANGELOG.md
https://github.com/mozilla/fxa-profile-server/blob/v0.74.0/CHANGELOG.md
There are also detailed PR metrics included below if you're interested.
Cheers,
Ryan
------------
This train we are shipping work on the following features:
* FxA-106: signin unblock: 2 PRs (now 31 / 34 = 91% complete)
* FxA-107: ip profile logins: 2 PRs (now 13 / 14 = 93% complete)
* FxA-15: connected apps: 1 PRs (now 8 / 10 = 80% complete)
* FxA-41: signin funnel metrics: 3 PRs (now 43 / 55 = 78% complete)
As well as 23 general quality improvements.
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct
