fxa-content-server/CHANGELOG.md

466 KiB
Исходник Ответственный История

1.128.1 (2019-01-11)

Bug Fixes

  • metrics: ensure deviceId falls back to none if not set (73485ab)
  • npm: use npm ci (842d991)

1.128.0 (2019-01-08)

Bug Fixes

  • icons: add screenshots svg (78e3360)
  • metrics: make sure to track oauth screen views in amplitude (4934527), closes #6742
  • nsp: add advistory 745 (ec376ce)
  • recovery: use recovery key length of 32 (5025c28)
  • reset-password: No more error on /confirm_reset_password w/o initiating flow. (5985b77), closes #6724
  • secondary-emails: Handle long emails in the secondary email panel (1744530), closes #6751
  • styles: address the radius mismatch on the send button (344be8e), closes #6566
  • tests: remove extra click in email test (79b4530)

chore

  • docs: Clarify the action query param documentation. (9ff4474)
  • emails: ignore this too. (17b8903)
  • emails: Look away now! (1581c89)
  • modules: Convert several password related modules to es6 module format. (02da0e5), closes #6859
  • recovery-key: Remove all recovery key experiment code. (6d64c59)

Features

  • metrics: add country and region to flow events (ec3b88b)
  • npm: update to latest npmshrink (6e9da39)

1.127.0 (2018-12-11)

Bug Fixes

  • reset: remove confusing account recovery password reset messaging (2b17fe4)

chore

  • code: enable token code for 25% of all lockbox ios users (d8522f3)
  • verify: remove server side verification (5485d45)

Features

  • coppa: Put COPPA behind a feature flag. (fe877db), closes #6736
  • metrics: add deviceId to the resume token (c10d699)
  • sms: remove SMS padlock (3f249be), closes #6653

1.126.0 (2018-11-28)

Bug Fixes

  • l10n: Use an inline t function to ensure l10n works as expected. (881efbc), closes #6725
  • recovery: update recovery save options (2c042a2)
  • reset: remove confusing password reset messaging (fe18437)
  • styles: adjust icon style (2747d0d)
  • styles: fix icon for Firefox Add-ons (11938ff)
  • test: Fix the OAuth email-first functional test that used a common password. (2dd05c2), closes #6723
  • tests: install node-uuid when running tests/teamcity/run-server.sh (a59a9de)
  • tests: update from sinon reset to resetHistory (34377d4), closes #6331
  • tests: use stronger password in functional tests (289b745)
  • validation: accept emails containing an apostrophe on the front-end (0737107)

chore

  • config: Add the new Send redirect_uris to the Send scopedKeys list. (4ff4dff)
  • modules: Convert the complete_reset_password code to ES6 modules (b313ac9), closes #6706
  • oauth: Add tests for signing in w/ an expired Sync sessionToken. (d8b94f9)
  • test: Use selectors module in the cached signin tests. (ddfc810)

Features

  • pw-strength: Add pw-strength meter to password reset (509ea89), closes #6572
  • signin: Add Use different account option in security/recovery code page (6bd2f17)

Refactor

1.125.0 (2018-11-14)

Bug Fixes

  • deps: Update fxa-geodb to get rid of the audit warning (7dec3ec)
  • metrics: generate an amplitude deviceId in GET /metrics-flow (2ddfd63)
  • recovery: remove recovery key control group (e993f88)
  • tests: reinstate accidentally-disabled server tests (0eb6ae3)

chore

  • config: Add reference-browser to allowlist for oldsync scope. (3e28be9)
  • deps: update deps (79d7a69)
  • deps: update mailcheck (bd94a19)
  • deps: Use speed-trap from npm (d848d04)

Refactor

1.124.0 (2018-10-30)

Bug Fixes

  • ci: Remove sync-exec from CI dep installation (edbadeb), closes #6672
  • ci: update travis to use oauth server in auth server repo (cc158a2)
  • codes: Dont allow wantsTwoStepAuthentication to bypass the password prompt. (60ef335)
  • codes: support requesting totp verification on sign-in (5d64f6d)
  • deps: add filtered npm audit (81c86ca), closes mozilla/fxa#303
  • deps: Fix the npm audit warning for sync-exec (eb8afc1), closes #6595
  • deps: Fix the npm audit warnings in jsxgettext-recursive (6d6e3ae), closes #6595
  • deps: rewrap deps, add exceptions for convict, grunt-z-schema, grunt-usemin (b5f50d5)
  • pairing: Expect the channelId to be a base64url string. (c292281), closes #6667
  • totp: pr updates (2e45a26)
  • totp: Remove en-US from the TOTP SUMO link. (d771fd2), closes #6666

Features

  • connect-device: allow showSuccessMessage search param (30406e9)
  • metrics: map totp flow events to amplitude events (99ecef1)
  • metrics: No longer send events to Google Analytics (e27f79e), closes #6650
  • pairing: The channel server for the pairing flow. (d1264af), closes #6613

Refactor

  • creds: remove support for email=blank, disabling of cached creds (318f879), closes #6053

1.123.2 (2018-10-26)

Bug Fixes

  • ci: update travis to use oauth server in auth server repo (5f9d879)
  • metrics: fix get-metrics-flow to use correct view event (610a85e)

1.123.1 (2018-10-19)

Features

  • Lockbox: Add Lockbox for Android scopes to configuration (4aa3510), closes #6643

1.123.0 (2018-10-16)

Bug Fixes

  • checkbox: adds some margin to checkboxes (7a52a69)
  • force_auth: mention service name in force_auth (cabfc06), closes #4928
  • metrics: stop sending metrics context to deprecated endpoints (f5e30d0)
  • test: Upgrade intern to 4.3.1 so tests run in fx 63 (b555105), closes #6542
  • totp: call proto afterCompleteSignInWithCode after entering valid totp code (f8c5a32)

Features

  • routes: add support for .well-known/change-password (6d5662d), closes #6561
  • sms: add padlock to sms submit form (1c7f105), closes #5856

1.122.4 (2018-10-12)

Bug Fixes

  • emails: add recovery key images (b0342c5)

1.122.3 (2018-10-09)

chore

  • recovery: enable recovery key for 100% users (b156f26)

1.122.2 (2018-10-08)

  • Merge v1.121.3 into 122

1.122.1 (2018-10-03)

  • Merge train-121 from private repo into 122

1.122.0 (2018-10-02)

Bug Fixes

  • ci: use npm 6 in travis (b48fc63)
  • CWTS: Fix the checkbox alignment in RTL langugates. (9d4bda3), closes #6574
  • email: on password reset, hash email with the emailToHashWith value (fbb6e39)
  • scripts: make tls-shrink script portable (726255a)
  • show-password: Use a show-password icon that works on low DPI screens. (014547a), closes #6235
  • test: Force clear localStorage for the handshake tests. (db947ad), closes #6182

chore

  • config: Add scoped-keys configuration for Firefox Send. (1950681)
  • deps: Update to the latest i18n-abide to get rid of security warnings. (4ceca38)
  • package: bump fxa-shared to 1.0.14 + npm shrinkwrap (8e29dc0)

Features

  • a256gcm: Ban unsafeExplicitIV by default. (023e9a8)
  • email-first: Allow invalid emails in query params. (0077e47), closes #6584
  • scripts: force registry links in shrinkwrap to use tls (0da2fe7)

Refactor

  • pairing: Convert lib/channels/web.js to ES6 module format. (98bb69d), closes #6514
  • pairing: Extract a required module. (4add95c), closes #6514
  • pairing: Extract a256gcm related utils into its own module. (b5f6756), closes #6514
  • pairing: Extract hkdf into its own module. (f4d167d), closes #6514
  • pairing: Extract the fxa-crypto-deriver lazy loading (1a94048), closes #6514
  • pairing: Extract validate and vat formatting updates (c2fd736), closes #6514

1.121.3 (2018-10-05)

Bug Fixes

  • links: Remove en-US from any SUMO/MDN links. (43d10c5)

chore

  • recovery: enable recovery key for 10% of users (cccd708)

1.121.2 (2018-10-02)

  • recovery: increase recovery key length to 28 (691f1c5)

1.121.1 (2018-10-01)

chore

  • recovery: roll back recoveryKey experiment to 0 percent (b86ab5b)

1.121.0 (2018-09-18)

Bug Fixes

  • code: fix some lgtm analysis warnings (c9836c2)
  • codes: enable recovery key for 10% users (94eefe5)
  • email-first: Disallow firefox.com addresses for email first (fc69618), closes #6027

chore

  • deps: Remove the easterEgg (8832ab7), closes #6543
  • modules: Convert from require to import in app-start.js (331d82d), closes #6404

Features

  • pw-strength: Fully roll out designF everywhere. (3d6ca5d), closes #6562
  • router: Groundwork to load views on demand. (da5a9e4), closes #6404

Performance Improvements

  • accounts: Sends only one mail when password changed (#6515), r=@vbudhram (b291779), closes #6515

Refactor

1.120.3 (2018-09-14)

Bug Fixes

  • recovery: specify a reason when doing account recovery for metrics (6618da1)

chore

  • codes: update clients for token code experiment (7d23730)

Features

  • pw-strength: All ltr users see designF, 50/50 split for Arabic (6f706ef), closes #6550

1.120.2 (2018-09-11)

Bug Fixes

  • codes: continue sign-in progress after generating from low recovery codes (866c2c8)

1.120.1 (2018-09-06)

Features

  • pw-strength: 50% to Arabic, 100% in German (5e60249), closes #6516

1.120.0 (2018-09-06)

Bug Fixes

  • codes: fix token code regex and error message (95c1ba4)
  • codes: pr updates (dc4c352)
  • codes: redirect user to replace recovery codes when they are low (c3cf28e)
  • codes: update token code requirements (3bbdaf2)
  • csp: allow 'blob' in blocked-uri for CSP reports (#6488) r=@vbudhram (6f5d48e), closes #6488 #6230
  • errors: Backend service failures restarts the poll (21259c2), closes mozilla/fxa-auth-server#2600
  • logs: make logger optional in metrics-errors (#6484) r=@vbudhram (cd817bb), closes #6484 #6225
  • metrics: send events from /metrics-flow to amplitude (7e5ed08)
  • scripts: Fix the run_remote_dev.sh script (#6505) r=@shane-tomlinson (05d10b8), closes #6505
  • style: don't display firefox logo on small screens for choose what to sync (#6509) r=@v (d1b17a9), closes #6509 #6314
  • style: fix missing recovery code icons (a371d1a)
  • tests: auto-download nightly, and config to run tests with nightly (#6510) r=@vladikoff (7666375), closes #6510
  • tests: fix PKCE tests for token-code experiment (#6490) r=@vbudhram (fb90fc3), closes #6490
  • tests: return promise so on error it's not unhandled rejection (#6508) (56ed71f), closes #6508

chore

  • modules: Convert a couple of modules to ES6 format. (#6501) r=@vladikoff (ea4c8e3), closes #6501 #6404

Features

  • errors: improve metrics and style of the Working error (#6483) r=@vbudhram (58d0cba), closes #6483 #5354 #4866
  • mixins: Add hash parameter processing for the pairing flow. (#6502) r=@vladikoff (b7a6033), closes #6502 #6404
  • ua-parser: Add a genericDeviceType method. (#6503) r=@vbudhram (cdf6e18), closes #6503 #6404

style

  • account recovery: Centered messages of re-enter password screen (c629faf)

1.119.3 (2018-08-23)

Bug Fixes

  • tests: install request and request-promise in TeamCity (#6485) r=@jrgm (1eb5793)

Features

  • tests: add E2E tests for the fxa-email-service (#6470) r=@vbudhram (7d4cb3f), closes #6372

Refactor

  • modules: Convert a bunch of modules to ES6 format (#6479) r=@vladikoff (c72ae27)

1.119.2 (2018-08-23)

Bug Fixes

  • experiment: enable account recovery for test emails (#6468), r=@shane-tomlinson (bc7a821), closes #6468

Features

  • pw-strength: designF is rolled out to 100% of english users. (#6477), r=@vbudhram (e37800c), closes #6477

1.119.1 (2018-08-22)

Features

  • metrics: log 'enter-email.view' in metrics-flow (#6469) (d2e3147), closes #6395

1.119.0 (2018-08-21)

Bug Fixes

chore

  • deps: Remove coveralls (#6443) r=@vladikoff (98b6d80)
  • deps: Remove grunt-contrib-watch (#6444) r=@vbudhram,@vladikoff (f4494e2)
  • modules: Convert account.js & tests to use ES6 modules (#6453) r=@vladikoff (b117629)

Features

  • password-strength: Bump experiment to 100% in en, 20% in de (#6447) r=@vladikoff (8f5d0b5), closes #6446
  • recovery: add recovery key metrics (#6431), r=@shane-tomlinson (9d77430)

1.118.2 (2018-08-13)

Bug Fixes

  • email-first: Enable the "show password" button on email first. (#6442) r=@vbudhram (70ac6bf), closes #6434

Features

  • password-strength: Bump experiment to 100% in en, 20% in de (#6447) r=@vladikoff (8f5d0b5), closes #6446

1.118.1 (2018-08-09)

Bug Fixes

  • ci: build on tags (#6424) r=@jrgm (566b579)

1.118.0 (2018-08-08)

Bug Fixes

  • codes: align center totp back links (#6416) r=@shane-tomlinson (70fbdd9)
  • links: add account recovery sumo link (#6421) r=@shane-tomlinson (fd3c924)
  • tests: update test timeout (#6415), r=@vladikoff (b7058b0)
  • tests: update token code experiment tests (#6419), r=@shane-tomlinson (f89cf6a)

chore

  • es6: Convert sign_in_* to use ES6 modules. (1abdc39)
  • install: Only clone the l10n repo if needed. (#6393) r=@vladikoff (df68a56)
  • test: Re-enable link checks in Fx TOS/PP (#6412), r=@philbooth (25a561f)

Features

  • css: build CSS using webpack instead of grunt-sass (#6351) r=@vladikoff (6320f41), closes #6165
  • email-first: Use cached creds if available in email-first (#6360) r=@philbooth (5e57926), closes #6082
  • recovery: account recovery password reset screens (#6411), r=@philbooth (fdf1a5d)
  • recovery: account recovery setup screens (93ffd92)
  • recovery: add account recovery experiment (1bafd3a)
  • test: All helper failures cause a screenshot to be taken. (#6382) r=@philbooth (f2fce6c)
  • tests: migrate to circle 2 (#6410) r=@vbudhram (40ba1d3), closes #6336
  • webpack: upgrade to webpack 4 r=@vladikoff (652aad7)

1.117.1 (2018-07-31)

Bug Fixes

  • totp: remove totp experiment (#6403) r=@vladikoff,@shane-tomlinson (074a89c)

1.117.0 (2018-07-24)

Bug Fixes

chore

  • docs: remove old server box (#6366) r=@shane-tomlinson (d5fa009)
  • release: Merge train-116 into master r=@shane-tomlinson (7e00c35)

Features

  • style: Use the Photon checkbox styling. (#6308) r=@vladikoff,@ryanfeeley (dae81e1), closes #6029

Refactor

  • Remove unused file (a54d170)
  • Remove unused file (72cfd8b)
  • deps: Remove SearchParamMixin where unneeded. (#6373) r=@philbooth (dd86dc2)
  • mixins: Remove SigninMixin from views where it isn't used. (#6374) r=@philbooth (521016c)
  • modules: Convert a bunch of modules to ES6 format (#6363) r=@vladikoff (41860aa)
  • router: Do all link transformation from the router. (#6361) r=@vladikoff (3573ecf)

1.116.5 (2018-07-23)

Bug Fixes

  • pw-strength: "password_missing" no longer emit when view is shown (#6377) r=@philbooth (b56af2e), closes #6375

1.116.4 (2018-07-18)

Bug Fixes

  • pw-reset: Ensure pw reset completes w/ uid & email specified in email (#6369) r=@vbudhram, (f793a2f), closes #6368

1.116.3 (2018-07-18)

Features

  • pw-strength: Enable the experiment for 10% of users. (#6355) r=@vladikoff (2f300a9), closes #6354

1.116.2 (2018-07-18)

Bug Fixes

  • oauth: handle '+' in scope normalization (#6365) (f57c087)

chore

  • release: Merge train-116 into master(#6350) r=@vladikoff (3a8fca4)

1.116.1 (2018-07-12)

Bug Fixes

  • pw-strength: Report password strength metrics to amplitude (#6353) r=@vladikoff (34c7d46), closes #6349

1.116.0 (2018-07-11)

Bug Fixes

  • circle: run tests on a node8 box (#6348) r=@jrgm (555d1cd), closes #6328
  • codes: add account recovery crypto (#6323), r=@rfk, @linuxwolf (f775f44)
  • form: Catch the form validation errors, no more console message. (#6337) r=@philbooth (13b15e4), closes #6025
  • l10n: Fix the string extraction script (#6344) r=@vladikoff (c19e0fa), closes [(#6344](https://github.com/(/issues/6344) #6343
  • metrics: force utm_source=email when signing in from CAD (17ab1fd)
  • password-reset: Update the password reset text for clarity. (#6305) r=@philbooth (f4033bb), closes #6213
  • pw-strength: Ban service names anywhere in password if > 1/2 of password. (#6341) r=@philboot (394f5e9), closes #6321
  • pw-strength: Immediately update pw balloon on submit (#6340) r=@philbooth (a6ca166), closes #6299
  • pw-strength: Make the tooltips, pw-strength balloon more a11y friendly. (#6338) r=@philbooth (a072a10)

chore

  • release: Merge mozilla/train-115 into master r=@shane-tomlinson (eb10ac8)

Features

  • errors: Add error message for auth-server errno 203. (#6329); r=shane-tomlinson (91749fc)
  • test: Show more helpful error messages for the route check. (#6332) r=@vladikoff (17b0d2a)

1.115.0 (2018-06-27)

Bug Fixes

  • codes: use new line carriage return and spaces to separate recovery codes (#6307) r=@rf (8ed9554)
  • metrics: prevent reset-password from clobbering mixed-in events (5ba15f8)
  • teamcity: add config file for stable3 (ba358e3)
  • test: Fix the sign_up->afterVisible test (c9f4a65), closes #6290
  • timers: Always destroy timers created in view.setTimeout. (5d10672), closes #6291
  • timers: Ensure listeners are bound even if an invalid timer is passed to clearTimeout (e64af66)
  • typo: Moved the period outside of link (1fd05d2)

chore

  • release: Merge train-114 into master r=@shane-tomlinson (edcf013)
  • test: Make the wrapAssertion method easier to read. (feb9510)

Features

  • pw-strength: Design F (#6273) r=@vbudhram, @philbooth (d951180)

Refactor

  • experiment: Extract a common isTestEmail function for all experiments. (#6294) r=@philboot (cc8bd89)
  • module: Remove AMD wrapper from SignUpPasswordView (#6287) r=@vladikoff (fe9c262)
  • module: Remove the AMD wrapper on lib/experiment.js (#6303) r=@vbudhram (0c68a0c)
  • tooltip: Extract the "one tooltip at a time" logic (#6302) r=@vbudhram (81eea37)

1.114.5 (2018-06-22)

1.114.4 (2018-06-22)

Bug Fixes

  • codes: add totp experiment to manual experiments (#6297), r=@philbooth (59f21f2)

1.114.3 (2018-06-14)

Bug Fixes

  • l10n: Enable nb-NO locale by updating fxa-shared (#6280) r=@philbooth,@vladikoff (9cdf6dd)

1.114.2 (2018-06-14)

Bug Fixes

  • docker: let's do only one npm version override (4a498d4)

1.114.1 (2018-06-13)

Bug Fixes

  • docker: base image node:8-alpine and upgrade to npm6 (401165f)

chore

  • shrinkwrap: Update the version in npm-shrinkwrap.json (b3a08b0)

1.114.0 (2018-06-13)

Bug Fixes

  • codes: adds more support for assistive technologies (#6239), r=@shane-tomlinson (53da50a)
  • codes: append email to recovery code download file (#6237), r=@shane-tomlinson (a99c286)
  • codes: use number pad when entering totp code (#6269), r=@vladikoff (66d5278)
  • css: make "show password" button background white on blur (#6260) r=@vladikoff (7354d47)
  • dep: update to fxa-crypto-relier 2.3.0 (#6246) r=@shane-tomlinson (f6820f7)
  • email-first: Handle email-first refresh on /signup, /signin (#6245) r=@vladikoff,@philbooth (82e30b5), closes #6243
  • oauth: translate oauth permissions (#6271) r=@vbudhram (054b392), closes #4758
  • refresh: adds Last checked: as tooltip, updates Refresh to Refresh Status (#6238), (32d9d68)
  • style: Fix input element zoom issues on iOS. (6f7a48d)
  • teamcity: fix small potential race on teamcity test kickoff (#6255) (f5f8f3e), closes [(#6255](https://github.com/(/issues/6255)

chore

  • deps: Use native promises instead of bluebird. (ef6a097)
  • totp: enable totp for 100% of users (#6256), r=@shane-tomlinson (7e3ddfd)

Features

  • websessions: reenable websessions (#6270) r=@vbudhram (b4d82d9)

1.113.4 (2018-06-10)

Features

  • oauth: Allow lockbox to request the "oldsync" OAuth scope. (#6272) r=@vladikoff (306af32)

1.113.3 (2018-06-05)

chore

  • totp: enable totp for 100% of users (#6256), r=@shane-tomlinson (5313c34)

1.113.2 (2018-06-04)

Bug Fixes

  • authorization: Minor updates for /authorization endpoint (#6252) r=@vladikoff (0528bf6), closes #6250

1.113.1 (2018-06-01)

Features

  • Lockbox: Add newest Lockbox app redirect_uri (#6248) r=@vladikoff (89cef79), closes #6247

1.113.0 (2018-05-30)

Bug Fixes

  • css: make sign-in confirm button blue (#6233) (cd2718d)
  • recovery: support copying recovery codes in ios (#6232), r=@vladikoff (59b344d)
  • validation: Stricter utm_ parameter metrics validation (#6200) r=@philbooth (821f276)

Features

  • metrics: metrics flow for iframeless flow (#6227) r=@philbooth (0921bc5)

1.112.3 (2018-05-21)

Bug Fixes

1.112.2 (2018-05-18)

Bug Fixes

  • config: Allow configuring statsd host (#6208) r=@vladikoff,@shane-tomlinson (9da130e)
  • deps: Update fxa-geodb (#6211) r=@philbooth (c171e6b)

Features

  • totp: enable totp for 10% of all users (#6212), r=@shane-tomlinson (2a0b52d)

Refactor

  • metrics: move amplitude email types back here from fxa-shared (14a66c5)

1.112.1 (2018-05-17)

Bug Fixes

  • npm: rewrap npm for v5.10 (#6201) (2d28818)

1.112.0 (2018-05-15)

Bug Fixes

  • basket: Match the expected basket subscribe & lookup-user API (#6160) r=@rfk, @vladikoff (c5f4fc2), closes #6076
  • client: improve messaging before delete account (#6178) (9ce21db)
  • metrics: remove temporary flow validation fallback code (0d8929c)
  • nsp: update devs and nsp (c9e0ecc)
  • sentry: update sentry and fix error reporting (#6191) r=@shane-tomlinson (8c29280), closes [(#6191](https://github.com/(/issues/6191)
  • settings: Fix the position of the rotate button. (#6192) r=@philbooth (0eab619), closes [(#6192](https://github.com/(/issues/6192) #6166
  • strings: escape totp sumo string (#6176), r=@philbooth (fbc0c63)
  • teamcity: echo $FXA_UNTRUSTED_OAUTH_APP_ROOT too (51ad440)
  • teamcity: point the gcppoc config at {123,321}done-poc RPs (8b02bb7)
  • test: Fix tests due to an obscured "Sign out" button. (#6194) r=@philbooth (7deb586), closes [(#6194](https://github.com/(/issues/6194) #6193
  • tests: adjust mozilla.org link to have www (#6199) (b180d1d)
  • tooltip: Show tooltips above the input on mobile (#6195) r=@vladikoff (fe3706c), closes #6188
  • totp: send service name when verifing totp token (#6153), r=@shane-tomlinson (bf40511)

Features

  • recovery: update view when low on recovery codes (#6181), r=@shane-tomlinson (c83bd01)
  • show-password: replace show password with eye icon (#6184) r=@vbudhram, @shane-tomlinson (8c46222), closes #6023
  • signin: Show a user "card" for the email-first signin flow. (#6187) r=@vbudhram, @vladik (cffe58b), closes #6126
  • sms: Fully roll out SMS in BE, DK, NL (#6190), r=@vbudhram (ba27a39), closes #6189
  • style: Apply Photon styles to the buttons (#6155) r=@vbudhram (3dd7b77)
  • style: Remove "card" view in mobile layout. (#6158) r=@vbudhram (2a55dd5)
  • style: Use system fonts instead of Fira Sans (#6146) r=@vladikoff (1d09150), closes #6145

Refactor

  • experiment: Remove the q3FormChanges experiment. (#6164) r=@vladikoff,@irrationalagent (22d1c64), closes #5872
  • style: Apply Photon styles to message boxes (#6183) r=@vbudhram (1580118)
  • style: General photon style updates (#6185) r=@vbudhram (1d0933b)
  • style: Update anchors to use photon colors. (#6167) r=@philbooth (85cc444)
  • styles: Apply Photon styles to input fields. (#6175) r=@philbooth (5242beb)

Reverts

  • csp: revert removing csp support for gravatar (#6177), r=@shane-tomlinson (556dcc2)

1.111.2 (2018-05-03)

Bug Fixes

  • totp: add sumo link for totp (#6159), r=@shane-tomlinson (d721e0f)

1.111.1 (2018-05-02)

Features

  • totp: add totp as an experiment and enable for mozilla/softvision (#6141) r=@shane-tom (8dd33fe)

1.111.0 (2018-05-01)

Bug Fixes

  • build: Fix grunt watch:livereload by updating grunt-contrib-watch (#6097) r=@vladikof (8f7ff77), closes [(#6097](https://github.com/(/issues/6097) #6092
  • ci: clean up travis logs (#6119) (3e4656b)
  • code: disable token code experiment for 123done (#6103) r=@rfk,@vladikoff (7318438)
  • css: Update recovery code placeholder text, and recovery code css size (#6100), r=@sh (f9d5a6e)
  • ios: iOS only shows numbers in the keyboard for the age input (#6133) r=@vbudhram (d6d336a), closes #6132
  • npm: update to shrinkwrap with dev (b99c80c)
  • server: strictly validate experiment names (53bf7cc)
  • session: add session token to account delete (#6099), r=@shane-tomlinson (6862a63)
  • strings: remove extra spaces from session (#6148) (f38b20a)
  • teamcity: add a gcppoc config (7f038db)
  • templates: match local behaviour of templates with prod (#6110) r=@vladikoff,@jrgm (e80c7bf)
  • tests: fix OAuth permission test (#6121) r=@jrgm (8caf2c1), closes [(#6121](https://github.com/(/issues/6121)
  • tests: teamcity server tests now need underscore (530473c)

chore

  • npm: update nvmrc to node 8 (f64f491)
  • teamcity: add a jrgm config so I can test fxa-dev (839201d)

Features

  • keys: Allow fetching scoped keys for use with Firefox Sync. (#6017); r=stomlinson,vlad (f93c112)
  • metrics: Generate a node.js compatible experiment name list (#6087) r=@philbooth (0751c01)
  • node: run travis with node 8 (#6062) r=@shane-tomlinson (5bf0a5f)
  • node: update to node 8 (#6088) r=@jrgm (56b5509)
  • session: update upgrade session panel (#5922), r=@shane-tomlinson (2e0b193)

Refactor

  • oauth: Remove support for AMO migration text (#6131) r=@vladikoff (8f884aa), closes #6123
  • sync: Remove support for migration=sync11 (#6130) r=@philbooth (f20822c), closes #6122

1.110.6 (2018-05-01)

Bug Fixes

  • docker: Force npm@5 in docker builds. (#6143) r=@vladikoff (f707a97)

1.110.5 (2018-04-27)

Bug Fixes

  • nsp: update nsp (67b228d)
  • oauth: make Chrome for Android able to sign up and sign in via button confirmation (69e9ffc), closes #6089
  • oauth: match client id (9e3b916)
  • test: Add a signin to an OAuth relier with Chrome for Android (aba9901)
  • test: Create the user before trying to verify! (bdcff68)
  • tests: make a signin test work (820dd38)

Refactor

  • oauth: Simplify the Chrome for Android handling. (aa19e3b)

1.110.4 (2018-04-26)

Bug Fixes

  • metrics: stop using user-agent string in flow id check (fa1c770)

1.110.3 (2018-04-25)

Bug Fixes

1.110.2 (2018-04-25)

Bug Fixes

  • permissions: Allow untrusted reliers to request 'openid' scope. (#6111) r=@vladikoff (5b259ad)

1.110.1 (2018-04-20)

Bug Fixes

  • server: fix undefined dereference (dc6e30b)

1.110.0 (2018-04-17)

Bug Fixes

  • csp: remove gravatar from csp rules (#6015); r=@rfk (51a32d7)
  • css: make qr code padding consistent (#6048), r=@shane-tomlinson (c2ac36d)
  • email: send correct email when using unblock code (#6064), r=@philbooth, @shane-tomlins (e31e97a)
  • email-first: Ensure "Mistyped email" links work as expected. (#6067) r=@philbooth (8a9a772), closes #6033
  • experiment: Disable A/B experiment interface for navigator.webdriver r=@rfk (203858b), closes #6026
  • htmllint: Fixes #5668 upgrade es6-promise to 4.2.4 (#6050) r=@vladikoff (cd41660), closes #5668 [(#6050](https://github.com/(/issues/6050) #5668
  • metrics: add locale to flow events (433cba7)
  • npm: update to npm5 (#6042) r=@shane-tomlinson (ccbbd1b)
  • style: disable 'clear' button for default avatar (#6037) r=@vladikoff (f19eddf)
  • style: drag-off state for buttons r=@vladikoff (0bdf73d), closes #5255
  • test: Remove duplicate email_first functional test entries. (#6054), r=@vbudhram (963188d)
  • tests: enable TOTP tests on Circle (#6066), r=@vbudhram (7caa9ae)
  • tests: update tests for recovery code updates (#6075), r=@philbooth (c18bdf3)
  • totp: Fix the "can add TOTP to account and confirm web signin" test (#6069) r=@vladiko (47545b6), closes [(#6069](https://github.com/(/issues/6069) #6068

chore

  • deps: Remove the babel-middle dependency, it's not used. (#6055) r=@vbudhram (4e5a462)
  • deps: Update sinon to @4.5.0 (#6038) r=@vbudhram (0816af5)
  • docs: Remove obsolete oauth-in-an-iframe docs. (#6041) r=@shane-tomlinson (9b168fd)
  • emails: use popular email domain list from fxa-shared (c4f2232)
  • favicon: Fixes #6030 Remove OLD Firefox favicon (#6035) r=@vladikoff (b919763), closes #6030 [(#6035](https://github.com/(/issues/6035)

Features

  • email-first: Enable the email-first flow for OAuth reliers. (#6034) r=@philbooth (71a20af), closes #6009
  • signup: Add verification password to email-first signup. (#6028) r=@vbudhram (e00b6ad), closes #5947
  • sms: Partial SMS rollout in BE and NL. (#6032) (193ca25), closes #6031
  • SMS: Roll out Denmark(DK) to 50%. (#6065) r=@philbooth (e052e1e)

Refactor

  • metrics: use boiler-plate amplitude code from fxa-shared (a5ab837)

1.109.4 (2018-04-20)

Bug Fixes

  • nsp: update nsp (84fd024)
  • oauth: make Chrome for Android able to sign up and sign in via button confirmation (76c24ff), closes #6089
  • oauth: match client id (ae00d86)
  • test: Add a signin to an OAuth relier with Chrome for Android (ac7f8a0)
  • test: Create the user before trying to verify! (dfc68c2)
  • tests: make a signin test work (4263db2)

Refactor

  • oauth: Simplify the Chrome for Android handling. (b97f5ca)

1.109.3 (2018-04-06)

Features

  • recovery: add initial recovery codes (c3732cd)

1.109.2 (2018-04-04)

Bug Fixes

Features

  • oauth: support Notes Android redirect (#6020) r=@rfk (bd97464)

1.109.1 (2018-04-04)

Bug Fixes

  • server: ensure unsafe input doesn't leak from user-agent strings (e73873c)

1.109.0 (2018-04-04)

Bug Fixes

  • metrics: ensure CAD view and engage events are correct (#6008) (0b3f687)
  • metrics: include full version information in amplitude event data (90582ef)
  • metrics: use $append on the experiments user property (c5db581)
  • node: Use Node.js v6.14.0 (#6011) (f760603)
  • oauth: fix password reset for scoped reliers verifying in same browser (#6010) r=@rfk (a777ecf), closes [(#6010](https://github.com/(/issues/6010) #5934
  • server: validate ip addresses before use (1c86c67)
  • signin: Handle deleted account and new email login afterwards (#5997) r=@vbudhram (f93cbd2), closes #4316
  • tests: disable TOTP tests on Circle (bce6467)
  • tests: fix websession test (#6000) (d31d21b), closes [(#6000](https://github.com/(/issues/6000)
  • tests: move totp to flaky tests (0a0cc0e)

Features

  • metrics: add an email_domain property to amplitude click events (ec082c1)
  • password: Check old password using sessionReauth if possible. (#5946), r=@vbudhram (4fb90da)

Reverts

  • tests: fix websession test (a967cbe)

1.108.1 (2018-03-28)

Bug Fixes

  • token: disable token code experiment for sync users (#6007) r=@vladikoff (df1c4f2)

1.108.0 (2018-03-20)

Bug Fixes

chore

Features

  • clients: Add Lockbox icon, fix Pontoon icon (#5959), r=@vbudhram (a3ac644), closes [(#5959](https://github.com/(/issues/5959)
  • metrics: emit view, engage & submit events for CAD (2a707ac)
  • oauth: force validate provided redirect uri (#5948) r=@rfk (339ed9a)
  • styles: make SVG hearts beat (#5960) r=@ryanfeeley,@vbudhram (bac9441)
  • webpack: load imports from CDN (#5989) r=@philbooth (eacab12), closes #5989

Refactor

  • js: remove require.js remains (#5953) r=@vbudhram (abe0536)
  • metrics: Removed get-metrics-errors.js (#5976) r=@vladikoff (3105aa0), closes #5970

style

  • server templates: remove unnecessary conditional comments (#5973) r=@vladikoff (9ff8db0)
  • settings: Disabled the done button on secondary email(#5981), r=@vbudhram (7d67920)

BREAKING CHANGES

  • OAuth redirect uris must be updated in the database

Fixes #5827

1.107.5 (2018-03-13)

Features

  • totp: initial totp implementation (#5962), r=@vladikoff (8a3b610)

1.107.4 (2018-03-12)

Reverts

  • deps: revert speed-trap to 0.0.6 due to breakage with Firefox (1daeec3)

1.107.3 (2018-03-08)

Features

  • token: enable tokenCode experiment in desktopV3 (#5964) r=@vbudhram,@vladikoff (13dffa3)

1.107.2 (2018-03-07)

1.107.1 (2018-03-06)

Features

  • signin: Re-authenticate an existing session if possible. (#5899) r=@vladikoff,@vbudhram (dffe305), closes #5703

1.107.0 (2018-03-06)

Bug Fixes

docs

  • metrics: Document new entrypoint=whatsnew value. (#5951) r=@vladikoff (7aab8a5)

Features

  • avatars: support new default avatar API (#5942) (24eddb8)
  • forms: replace our password advice with responsive message (#5940) r=@vbudhram,@ryanfee (bac0c07), closes #5750

1.106.7 (2018-03-09)

Reverts

  • deps: revert speed-trap to 0.0.6 due to breakage with Firefox (1daeec3)

1.106.6 (2018-03-08)

Features

  • token: enable tokenCode experiment in desktopV3 (#5961) (d93ffeb)

1.106.5 (2018-03-07)

Bug Fixes

  • tests: disable profile avatar test (f5fb665)

1.106.4 (2018-03-07)

  • token: use the correct service (#5955) r=@vladikoff (1197a33)

1.106.3 (2018-02-23)

Bug Fixes

1.106.2 (2018-02-21)

Features

  • code: enable token code experiment sync users for 1.8% each cohort (#5926) r=@vladikof (c99b5ca)

1.106.1 (2018-02-21)

Bug Fixes

  • metrics: treat enter-email as an "auth" view for flow events (#5924) r= (623dded)

1.106.0 (2018-02-21)

Bug Fixes

  • avatar: add spinner to avatar loading (#5888) r=@vladikoff (6bd8b5c)
  • cad: hide the success message after direct navigation (#5881) r=@vladikoff (5cbac34), closes #5852
  • copy: Show email section to view status (#5908), r=@vbudhram (0c1e614)
  • deps: adjust speed-trap dep and fix nsp issue (#5911) (06ec9a4), closes [(#5911](https://github.com/(/issues/5911)
  • deps: reinstate old version of speed-trap (3d96dc9)
  • errors: ensure that toError always behaves sanely (d04620e)
  • experiment: fix the token code experiment (#5918) r=@vladikoff (60e9164), closes [(#5918](https://github.com/(/issues/5918)
  • nsp: disable nsp 566 (#5920) (0a4bcd8)
  • strings: update communication pref strings (#5910), r=@vbudhram (a98d7a3)
  • style: swap reset links per feedback (#5903) r=@ryanfeeley (1514796)
  • styles: fix icon overlap in CWTS on iOS (#5909), r=@vbudhram (b5f4268), closes [(#5909](https://github.com/(/issues/5909)
  • tests: adjust lang bundle regex for new naming pattern (#5892) r=@vladikoff (e0d0176)
  • tests: install fxa-js-client for teamcity tests (#5889) (5eff4d8)
  • tests: install fxa-js-client for teamcity tests (#5890) r=@vladikoff (b00869d)
  • tokenCode: Add support for tokenCode sync experiment (#5894) r=@vladikoff (5f714de)
  • webpack: fix string extraction for webpack builds (#5893) (cc9cd30), closes [(#5893](https://github.com/(/issues/5893)

chore

  • deps: update speed-trap (1c5e690)
  • password: graduate confirm password experiment (#5917), r=@philbooth, @vladikoff (d1f878b)

Features

  • build: migrate to webpack (#5868) r=@philbooth,@vbudhram (e0bd497)
  • eslint: bring back indent rule (#5887) r=@vbudhram (08e931e), closes #5875
  • oauth: add another lockbox redirect url (a58aa99)
  • sms: deploy SMS in Australia to 100% (#5885) r=@rfk (936faf8), closes #5883
  • styles: improve reset password for reliers (#5896) r=@ryanfeeley,@vbudhram (6e05ab9)

Refactor

  • deps: remove bower (#5915) r=@vbudhram (a6d7a94)
  • docs: link the policy page to the different doc (#5901) r=@vbudhram (f9f8631)
  • strings: remove "cloud services" (#5904) r=@vbudhram,@ryanfeeley (de3d61e)

Reverts

  • tokencode: revert isSync detection (#5913) r=@rfk (771c4cb)

1.105.2 (2018-02-12)

Refactor

  • docs: link the policy page to the different doc (#5901) r=@vbudhram (fbc8515)

1.105.1 (2018-02-08)

Features

  • oauth: add another lockbox redirect url (18b269b)

1.105.0 (2018-02-06)

Bug Fixes

  • emails: enable change email for users (#5851), r=@philbooth (bdb690b)
  • experiment: Add the treatment-link to token code experiment (#5849), r=@philbooth (df6efe5)
  • input_capitalize: make input field capitalize (#5862), r=@vbudhram, @vladikoff (a66fa84)
  • market: Show marketing when opening on FxiOS (#5871), r=@philbooth (6174a5c)
  • metrics: emit amplitude click events earlier (e5db03a)
  • notification_align: make notification button align better (#5861) r=@vladikoff,@vbudhram (35441fc), closes #5860
  • test: Fix sign-in code test (#5877) r=@vladikoff (4d6f048), closes [(#5877](https://github.com/(/issues/5877) #5874
  • tests: Update travis and circle to use FF58 (#5847), r=@philbooth (d676a7b)

1.104.0 (2018-01-24)

Bug Fixes

  • intern: alphabetical order of modules (69f7a3e)
  • intern: npm install leadfoot, requirejs, yargs here too (abdb750)
  • metrics: ditch the non-useful performance flow events (#5822) r=@vladikoff,@vbudhram (8699d03)
  • settings: #4982 clear inputs on Esc keyup (#5821) r=@vladikoff (bdd3915), closes #4982
  • style: add padding over save settings button (#5841), r=@vbudhram (c34800a)
  • teamcity: add a config for stable-beta (3c7f87c)
  • tests: add intern 4 support (#5787) r=@vbudram,@pb (cd7c3dd), closes #5228
  • tests: ensure consistent Date.now() in _calculateQueueTime test (4538217)
  • tests: fix TeamCity Intern 4 tests (67ec566)
  • tests: fix up server test register function (335cdaf)
  • typo: typo in test name and fxa-client (#5828) (18228ec)

chore

  • deps: update fxa-geodb (#5839), r=@vbudhram (f7ef81a)

Features

  • signin: Add token codes experiment (#5706), r=@pb, @vladikoff (4fb8208)
  • sms: enable sms 100% for PT, ES, FR, IT. 50% for AU (#5829); r=rfk (bf4d9ad)

Refactor

  • icon: replace firefox-notes icon (#5833), r=@vbudhram (f86889b)
  • ios: remove old timer hack for Firefox iOS6, remove old tests (#5823) r=@vbudhram (1982475), closes #5820

Reverts

  • settings: #4982 clear inputs on Esc keyup (#5821) r=@vladikoff (d71916f)

1.103.0 (2018-01-09)

Bug Fixes

  • delete_account: Made 'Incorrect Password' error field specific (#5792) r=@shane-tomlinson (c1977b5)
  • node: use node 6.12.3 (#5807) r=@vladikoff (236bda9)
  • settings: #5680 dismiss tooltips on cancel in settings (#5791) r=@shane-tomlinson (166d63a), closes #5680
  • test: Better display of unit test failures. (#5797), r=@vbudhram (045f688)
  • test: Fix the broken Sync v3 signin tests (#5778), r=@vbudhram (80855e2), closes [(#5778](https://github.com/(/issues/5778)
  • tests: do not override intern.reporters if already set (1fbdc05)
  • tests: fix failing geolocation amplitude tests (#5819) r=@vladikoff (6f99ade), closes [(#5819](https://github.com/(/issues/5819)

Features

  • CAD: /connect_another_device redirects to /sms for eligible users. (#5766) r=@vladiko (d29140e), closes #5737
  • CAD: Enable CAD on signin for everyone. (#5794) r=@vbudhram (5a37b5d), closes #5793
  • client: update to fxa-js-client 0.1.70 (#5809) (8ecd887)
  • docs: Add separators to README.md (#5784) r=@shane-tomlinson (d6ceafc)
  • logging: log an error when validation fails, logs results for routes such as /metrics (#5 (41add48)
  • sms: Add Australia (AU) (#5781) r=@rfk (c8f8c93)
  • sms: Rollout rate of 0.5 for ES, PT, 1 for RO (#5783) r=@vladikoff (9dff9ab), closes #5782
  • SMS: Set France (FR) to 50% (#5800) r=@vladikoff (cb3acb2)
  • SMS: Set Italy (IT) to 50% (#5799), r=@vbudhram (b66a317)
  • test: Halve the unit test run time. (#5780), r=@vbudhram (b6f66ce)

Performance Improvements

  • fxa-client: removed sms-errors.js (98373a0)

Refactor

  • l10n: Make translation fetch Webpack compatible. (#5785) r=@vladikoff (9dd4e4a)
  • sms: clean up (592d0e0)
  • sms: remove sms errors.js (fd3399f)

Reverts

  • sms: "Remove sms errors.js" (#5811) (1a18855)

1.102.1 (2017-12-20)

Features

  • email-first: Report email-first metrics to amplitude. (#5796) r=@philbooth (c09f2a6), closes #5788

1.102.0 (2017-12-13)

Bug Fixes

  • apps: Update Notes icon (#5768) r=@shane-tomlinson (a6429ed), closes #5767
  • copy: update sync-engines.js (#5769) r=@vladikoff,@ryanfeeley (c8c8afe)

Features

  • sms: Enable SMS in Denmark (DK) and the Netherlands (NL) (#5749) r=@vbudhram (e191b19), closes #5746

Refactor

  • client: Replace p-promise with native promises (#5543) r=@vbudhram (27c189d)

1.101.5 (2017-12-07)

Features

  • sms: Fully roll out Germany (DE) and Austria (AT) (#5775) (4563a61)

1.101.4 (2017-12-07)

Reverts

  • sms: "Use a known test number for SMS tests. (#5720)" (0eb7263)

1.101.3 (2017-12-05)

Bug Fixes

1.101.2 (2017-11-29)

Bug Fixes

  • metrics: ensure metrics always has a uid (#5764) r=@vladikoff (ddd11a2)

1.101.1 (2017-11-29)

chore

  • logs: log an anonymous event when we see the DNT header (5ada4f2)

1.101.0 (2017-11-27)

Bug Fixes

  • config: switch to .com scopes (#5754) r=@rfk (302e84f)
  • CWTS: Fix CWTS columns when firstrun is 420px. (#5738) r=@vladikoff,@ryanfeeley,@vbudh (924588b), closes [(#5738](https://github.com/(/issues/5738) #5710
  • deps: Forbid use of $ w/o requiring jquery. (#5732) r=@vbudhram (e35b847)
  • deps: update some prod deps (#5751) (2467a29)
  • metrics: stop sending raw client ids to amplitude (#5753) r=@vladikoff (765e764)
  • modules: Use Webpack compatible module define statements. (#5733) r=@vladikoff (08ba4de)
  • sms: Use a known test number for SMS tests. (#5720) r=@vbudhram (8e8d2d7)
  • test: A signup test mixed done and promises. (#5734) r=@philbooth (58ddff7)
  • test: Fix the StaleElementReference error in the SMS resent test. (#5747) (0c585ab), closes [(#5747](https://github.com/(/issues/5747) #5745
  • tests: fix attempt for flaky gated session test (#5752) r=@vladikoff,@shane-tomlinson (86bdc39), closes [(#5752](https://github.com/(/issues/5752)

chore

  • ci: Use release version of Fx 57 for CI tests. (#5740) r=@vladikoff (7349dd8)
  • fx-57: Use Fx 57 logo for everyone. (#5729) r=@philbooth (a4e0fb1), closes #5719

Features

  • cwts: Move the back button below the submit button. (#5739) r=@ryanfeeley, @vbudhram (79ef689), closes #5724
  • keys: add HKDF uid salt to scoped keys (#5736) r=@rfk (13a7525)
  • sms: Enable SMS in Spain (ES), Italy (IT), Portugal (PT) (#5726) (48d37ca), closes #5574

Refactor

  • l10n: Remove the global Translator object. (#5731) r=@philbooth (20e9aa9)

1.100.5 (2017-11-20)

Features

  • keys: add HKDF uid salt to scoped keys (#5736) r=@rfk (1f403ca)

1.100.4 (2017-11-17)

Features

  • OpenID: Enable CORS on the /.well-known/openid-configuration endpoint. (#5730) r=@vladik (98c5b41), closes #5453

1.100.3 (2017-11-17)

Bug Fixes

  • SMS: soft-launch LU. Change default rolloutRate to 0. (#5728) r=@vbudhram (759e976), closes #5727

Features

  • keys: add support for deriving scoped keys in the oauth flow (#5675) r=@rfk,@shane-tom (dd53307), closes #5701

1.100.2 (2017-11-16)

Bug Fixes

  • SMS: soft-launch LU. Change default rolloutRate to 0. (#5728) r=@vbudhram (1049eb6), closes #5727

1.100.1 (2017-11-16)

Features

  • CAD: Enable CAD on signin for 50% of people. (#5722) r=@philbooth (8bee8b7), closes #5721
  • sms: Enable SMS to 50% of Germany (DE) (#5723) r=@philbooth (ac57c33)

1.100.0 (2017-11-14)

Bug Fixes

  • back-mixin: Fix the "New broker method needed for click" error. (#5695) r=@vladikoff (4a77b2f), closes [(#5695](https://github.com/(/issues/5695) #5515
  • CAD: remove Maybe Later (#5674), r=@vbudhram (78cccaa)
  • copy: Added a hyphen to Sign-in confirmed (#5679) r=vladikoff (6876737)
  • css: correctly wrap button for emails (#5681) r=vladikoff (b0d2b24), closes #5508
  • devices: use initial capital letter on strings (#5692), r=@vbudhram (d911bcf)
  • errors: Ensure all server returned errors have entries. r=vladikoff,philbooth (#5707) (9677ec1)
  • logo: use new logo on terms and privacy pages (#5717) r=@vbudhram,@shane-tomlinson (aa9396c), closes #5709
  • metrics: promote entrypoint to amplitude user properties (#5684) r=@vladikoff (65b4b04), closes mozilla/fxa-amplitude-send#26
  • metrics: remove flow_id on fxa_pref amplitude events (057234f)
  • node: use node 6.12.0 (#5716) r=@vladikoff (573dbe8)
  • restmail: Fix open restmail links (#5696) r=@vladikoff (b01a496), closes [(#5696](https://github.com/(/issues/5696) #5666
  • signin: autofocus on sign in button when password is not required (#5657) r=@vladikoff (4ccff91)
  • sms: Ensure the SMS form for both AT and DE are tested. (#5694) r=@philbooth (e5a4cc9)
  • sms: SMS exp metrics are not reported for fully rolled out countries. (#5683), @vbudh (455f2ce)
  • style: Fix styling for 2nd password experiment. (#5704) r=@vladikoff,@ryanfeeley (a5c2882), closes [(#5704](https://github.com/(/issues/5704) #5581
  • ui: ensure that long lines wrap in device manager (#5693), r=@vbudhram (3c25d9e)
  • ui: move device manager buttons to new row on mobile (#5714) r=@shane-tomlinson,@vla (2c06f6e), closes #5712 #5713

Features

  • broker: redirect to Choose What to Sync on newer versions of Firefox for iOS (#5640) r=s (2b403d6)
  • devices: include location in the last sync/active string (#5682) r=@vladikoff (eee6e92), closes #5597
  • sass: SASS lint warnings are now errors. (#5700) r=@vladikoff (38688e0), closes #5699
  • session: Upgrade user session (#5626), r=@shane-tomlinson, @vladikoff (04cff4e)
  • sms: Bump Austria (AT) to 50% (#5718) r=@vladikoff (1d3644e)
  • sms: Enable SMS in Belgium, France, Luxembourg (#5698) r=@philbooth (83dc5ed)

1.99.3 (2017-11-07)

Bug Fixes

  • sms: If SMS is enabled, always send a signinCode. (#5688) r=@vbudhram (6b1617b)

1.99.2 (2017-11-07)

Bug Fixes

  • sms: Allow SMS sending again. (#5687) r=@vladikoff (a9886f6), closes #5685

1.99.1 (2017-11-01)

Bug Fixes

  • emails: account for post change email being sent (28fa709)

1.99.0 (2017-11-01)

Bug Fixes

  • avatar: Use the Photon icons for avatar change. (#5602) r=@ryanfeeley (8439e85), closes #5530
  • css: Fix secondary email margin (#5620), r=@philbooth (16259d0), closes [(#5620](https://github.com/(/issues/5620)
  • css: Show password border radius problem (#5628) r=@vbudhram, @ryanfeeley, @shane-tom (f0d1fca)
  • emails: Remove question mark (#5645) r=@shane-tomlinson (df00da5)
  • markup: remove redundant viewport meta tag (#5635), r=@vbudhram (ca476ef)
  • metrics: add country and region to amplitude events (c576b8a)
  • metrics: Fix the "working" error being reported in cwts. (#5656) r=@philbooth (040f26c), closes [(#5656](https://github.com/(/issues/5656) #5655
  • sms: Fully rolled out countries all use signinCodes (#5647) r=@philbooth (ea199fe), closes #5632
  • sms: Use the same graphic on /sms/sent as /sms (#5601) r=@ryanfeeley (1b32c22), closes #5589
  • style: Account for emoji shifting line height of device information (#5630) r=@ryanfeel (726b033), closes #5516
  • style: Remove the duplicate border declaration. (f6054ff)
  • style: Update the color of the devices "open panel" spinner. (#5604) r=@ryanfeeley (a9d217d), closes #5568
  • styles: fix logo styling (dbf2425)
  • test: Fix "Firefox Desktop Sync v1 signin - unverified" functional test. (#5634) r=@ph (26911e2), closes [(#5634](https://github.com/(/issues/5634) #5633
  • test: Fix the change password tests. (#5652) r=@philbooth (2f494cf), closes [(#5652](https://github.com/(/issues/5652) #5649
  • tests: install fxa-geodb for teamcity server tests (1926804)

chore

Features

  • clients: display approximate last active times for old clients (7074dda)
  • metrics: emit timing flow events for settings activity (1bbf1a9)
  • metrics: Replaced active with hover active (#5609), r=@vbudhram (b0a6f82)
  • sms: Add support for Austria, Germany (#5624) r=@philbooth (b3b9d52), closes #5572
  • sms: Open SMS up to 50% of RO users. (#5623) r=@vbudhram (46fe49e), closes #5611

Refactor

  • sms: Use formatted phone number returned from auth-server. (#5621) r=@philbooth (6597224)

Reverts

  • style: Replaced active with hover active (#5631) (2f5c83a)

1.98.6 (2017-10-30)

Bug Fixes

  • styles: fix logo styling (9f2026c)

1.98.5 (2017-10-26)

chore

  • docker: Update to node v6.11.5 for security fix (bea8543)

1.98.4 (2017-10-26)

1.98.3 (2017-10-25)

Bug Fixes

  • css: Show password border radius problem (#5628) r=@vbudhram, @ryanfeeley, @shane-tom (e222543)
  • logo: Use the new Firefox logo in Fx Desktop/Android >= 57, iOS >= 10. (#5643) r=@vbud (46921fb), closes #5588
  • markup: remove redundant viewport meta tag (#5635), r=@vbudhram (4b3eff4)
  • sms: Use the same graphic on /sms/sent as /sms (#5601) r=@ryanfeeley (e5e3f99), closes #5589
  • style: Account for emoji shifting line height of device information (#5630) r=@ryanfeel (bc03d2b), closes #5516
  • style: Fix sasslint warnings. (5d0bf08)
  • train-98: A collection of styling fixes for train-98 (#5646) r=@shane-tomlinson (aec9573), closes [(#5646](https://github.com/(/issues/5646)

1.98.2 (2017-10-19)

Bug Fixes

  • style: Ensure the content box-shadow is not visibile in the firstrun flow. (#5614), r=@ (ecab8bb)

Features

  • metrics: emit raw navtiming flow events (4d194c1)

1.98.1 (2017-10-18)

Bug Fixes

  • metrics: add missing reason property to disconnect event (ae97461)

1.98.0 (2017-10-17)

Bug Fixes

  • build: Use the newest bower to use newest registry. (5d870a1), closes #5570
  • css: Add photon shadow style and easing (#5550) r=@shane-tomlinson (86dc936), closes #5531
  • docs: add table of contents to the readme (3aed10f)
  • email-first: Show a readonly on the signin/signup pages. (#5591) r=@vbudhram (122f930), closes #5582
  • metrics: add missing browser, os and device amplitude properties (8c221f2)
  • metrics: map service event property from client id (#5583), r=@vbudhram (aa0a297)
  • signup: Show signup bounced errors in about:accounts from /confirm (7c33ed6), closes #5566
  • sync: Firefox 58 transitions after email verification, not 57. r=@philbooth (61d03d3), closes #5556
  • test: Fix the StaleReferenceError in settings_clients.js test. (#5596) r=@vbudhram (2836d5e), closes [(#5596](https://github.com/(/issues/5596) #5593
  • tests: make tests work in FF56 or FF57 (#5555) r=vladikoff,shane-tomlinson (594caa0), closes #5547

chore

  • app-start: Replace _.bind with fat arrows for readability. (#5559) r=vladikoff (0454471)

Features

  • metrics: add experiment data to amplitude user properties (4b8355a)
  • metrics: add uid to metrics payload (ba39aeb)
  • settings: remove Unsubcribe, link out to email prefs (#5551) r=@philbooth (2722bba)
  • sms: Remove the control group from the sendSms experiment. (#5590) r=@philbooth (848cef1), closes #5561

Refactor

  • form: remove disabled form state (#5437) r=@vbudhram (7b9ab94)

1.97.2 (2017-10-05)

Bug Fixes

  • CAD: Do not show the "sign in" button if the user is at CWTS. (#5557) r=vladikoff (110a3ad), closes #5554

1.97.1 (2017-10-04)

Bug Fixes

1.97.0 (2017-10-03)

Bug Fixes

chore

  • assertion: Document why cert/assertion durations are what they are. (#5499); r=rfk (5380a3f)
  • ci: whitespace-only change to README.md to trigger nightly CI (69339f7)
  • nsp: except nsp 525 (#5514) r=vbudhram (6c29628)

Features

  • deps: update deps (#5534), r=@vbudhram (ddc84dd)
  • email: update newsletter strings (#5513) r=vbudhram,davismtl (d227184)

Refactor

  • CAD: Simplify logic to decide whether to show CAD after email verification. (#5545) r (1f645ed)
  • client: Use relative paths (#5495) (ead2f2c)

1.96.6 (2017-09-28)

Bug Fixes

Reverts

  • logging: use mozlog instead of process.stderr.write (#5538) (ee82b57)

1.96.5 (2017-09-27)

Bug Fixes

1.96.3 (2017-09-26)

Bug Fixes

  • email-first: Bump the email-first sample rate to 2.5%. (#5524) r=@philbooth (cb2e1dc), closes #5502

1.96.2 (2017-09-25)

Bug Fixes

1.96.1 (2017-09-21)

chore

  • nsp: except nsp 525 (#5514) r=vbudhram (73199a8)

Features

  • metrics: include utm params in metrics context (491c967)

1.96.0 (2017-09-18)

Bug Fixes

  • avatar: For ios devices, only show change avatar for ios > 10 (#5480) r=vladikoff,shane- (c02d094), closes #5436
  • cad: Fixes based on @vladikoff's feedback. (f1f8a00)
  • experiments: Only enable the experiment defined by forceExperiment. (#5447) r=vladikoff (16ff59e), closes #5446
  • l10n: Fix double escaping problems on /*_complete pages. (#5491) r=vladikoff (b5de42b), closes [(#5491](https://github.com/(/issues/5491) #5407
  • l10n: Fix the signin header and button text in rm. (#5470) r=vladikoff (1cc0044), closes [(#5470](https://github.com/(/issues/5470)
  • metrics: include deviceId in metricsContext data (35a703f)
  • password: Add test case for user changing primary, changing password, changing email (#548 (34c4565)
  • style: Double link margins when two links are stacked on mobile. (#5471) r=vladikoff (a1bb9bc), closes #4655
  • styles: use an svg spinner (#5483) r=shane-tomlinson,vbudhram (b05b521)
  • test: Add a test for signin unblock in Fx >= 57. (cc83734)
  • test: Add tests for bounced emails in about:accounts for Fx 57 (e32cb5c), closes #5311
  • test: Fix a typo, users go to /connect_another_device post-verification. (381f050)
  • test: Fixes based on @vbudhram's feedback. (0b3269e)
  • test: Fixes related to the email-opt-in on signup tests. (#5485) r=vladikoff (7605ce7), closes [(#5485](https://github.com/(/issues/5485)
  • test: Revert changes to fennec/ios suites. (81fb406)

Features

  • CAD: Add CAD to signin (ef9eb39), closes #5262
  • CAD: Add CAD to signin r=@vladikoff (b8f299b)
  • devices: add loading indicator to device list (#5423) r=shane-tomlinson (57568aa), closes #5040
  • styles: animate some icons (#5419) r=ryanfeeley (1c11944), closes #5168
  • sync: Transition screens after login message in Fx >= 57 (d31de35), closes #5197

Refactor

  • test: Cleanup on the connect_another_device suite. (#5449) r=vladikoff (be96fc5)
  • test: Modernize fx_ios_v1_sign_in. (#5451) r=vladikoff (90f8119)
  • test: Modernize the fx_firstrun_v1_sign_in suite. (#5450) r=vladikoff (caf0999)
  • test: Modernize the sync_sign_in.js suite. (#5448) r=@vbudhram (8dd796a)
  • test: Modernize the sync_v3_sign_in.js suite. (#5477) r=vladikoff (462c0c8)

Reverts

  • brokers: add uid to can_link_account in FxSyncChannel (#5492) r=@shane-tomlinson (453a3f6)

1.95.2 (2017-09-12)

Bug Fixes

  • email-first: email-first experiment is isolated from other experiments. (#5479) r=vladikoff (bca0f72), closes #5452
  • email-first: Remove the vpassword field in email-first. (#5478) r=vladikoff (2a8279f)

1.95.1 (2017-09-11)

Bug Fixes

  • email-first: Report flow events from /signin, /signup. (e1d59ca), closes #5455
  • test: Remove mailcheck from travis. (883a536), closes #5309
  • test: Use the previous trusty image on Travis. (aa943f7)

Features

1.95.0 (2017-09-06)

Bug Fixes

chore

  • metrics: Log how frequently users are forcibly signed out from /settings. (#5441) r=vladi (105db7b), closes #5435
  • npm: update shrinkwrap command to shrink (d22f4cd)
  • pkg: update engine to 6 (#5396) (fd2f01c)
  • tests: run server tests using the "pretty" reporter (#5440) r=@shane-tomlinson (246c743)

Features

  • brokers: add uid to can_link_account in FxSyncChannel (#5386) r=@shane-tomlinson (7f2abc6)
  • metrics: send amplitude events to the logs (#5412) r=vladikoff (386886e), closes #5346

Refactor

  • brokers: Extract next steps from complete_sign_up to broker behaviors. (#5430) r=vladikof (d276e10)
  • l10n: extract l10n from node_modules (#5395) r=@shane-tomlinson (417103b)
  • settings: adjust assertion caching (#5422) r=shane-tomlinson (5eea741), closes #4949
  • test: Modernize the connect_another_device suite. (#5415) r=vladikoff (ab390ca)
  • test: Modernize the fx_fennec_v1_sign_in/force_auth functional suites. (#5411), r=@vbu (9ca6781)
  • test: Modernize the fx_ios_v1_sign_up suite. (#5414), r=@vbudhram (ec979e1)
  • test: Modernize the sync_*_force_auth functional suites. (#5413), r=@vbudhram (a91f800)
  • test: Use selectors.js and ES6 in the change_password suite (#5404) r=vladikoff (61b9c45)
  • tests: sinon 3 migration (#5429) r=@shane-tomlinson (240c204)
  • views: Use ES2015 Class syntax for CAD/SmsSend views. (#5409) r=vladikoff (bb0d84a)

1.94.2 (2017-08-30)

Bug Fixes

  • metrics: engaged flow events should only be triggered if the user engages! (#5401) r=@p (968b7a8), closes #5388
  • metrics: Ensure emailFirst experiment metrics are reported. (#5402) r=vladikoff (1e4cf29), closes #5397

1.94.1 (2017-08-23)

Features

  • sms: Log why users are ineligible for the SMS experiment. (#5385) r=@philbooth (765b2b4), closes #5382

1.94.0 (2017-08-22)

Bug Fixes

  • cwts: Handle bounced emails and confirmations while on CWTS. (#5343) r=@philbooth (5e3bc73), closes #4193
  • email-first: Navigate to /, not /email if no account. (#5371) r=@philbooth (89d33bd)
  • experiments: Replace crc with md5 as the hashing function. (#5380) r=vladikoff (ce4b911), closes #5378
  • form: On device disconnect,"Rather not say" is selected by default (#5289) r=vladikoff (274103a)
  • metrics: Do not log views that navigate in afterRender. (#5377) r=@philbooth (e8a9af8), closes #5375
  • metrics: Use enter-email as the viewName for /. (#5376) r=@philbooth (1fdf6e9), closes #5372
  • signup: Stop polling after leaving the /confirm page. (#5342) r=@vbudhram (aee366c), closes #5325
  • styles: update to new Photon colours (#5344) (05f9ffb)
  • test: Reduce the number of tests run on circle. (#5370) r=vladikoff (71d9460), closes #5355

chore

  • dependencies: upgrade away from deprecated mozlog usage (#5349) r=vladikoff (c316ad3)

Features

  • devices: add Pontoon to client list (#5366), r=@vbudhram (1acf7ae)
  • email-first: A/B test for email-first. (#5351) r=@philbooth (f022a24), closes #5335
  • email-first: Handle relier specified emails in email-first flow. (#5381) r=@philbooth (1d23bce), closes #5353

1.93.0 (2017-08-08)

Bug Fixes

Features

  • CAD: ABC test for CAD phase 3 (deep link) (#5332) r=@philbooth (84d5709), closes #5278
  • client: email first flow (#5177) (5db6d32), closes #5194
  • clients: add location information, update title hover location (#5329) r=udaraweerasinghe (bb4f757), closes #5291
  • forms: add non-disabled button experiment (#5268) r=shane-tomlinson (fdf724e)
  • signin: add a sign-in bounced email screen (8c844a5)
  • signup: add a Confirm Password field (#5249) r=@shane-tomlinson (c977f07)
  • verification: Add apple association file (#5287) r=vladikoff,rfk,shane-tomlinson (59247b5)

Refactor

  • config: remove allowedParentOrigins from front-end config (#5338) r=@shane-tomlinson (745b1dc)
  • reset_password: Use back-mixin in reset_password (#5316) r=vladikoff,philbooth (f9f7f10)
  • test: Convert reset_password functional tests to use selectors.js (#5294) r=vladikoff (316a337)

Reverts

  • cwts: Revert "Check addresses and creditcards by default." (#5315) r=vladikoff (b76d67b), closes #5314
  • cwts: Revert the revert - re-check addresses and creditcards. (#5337) r=vladikoff (adb8a71)

1.92.2 (2017-07-28)

Bug Fixes

  • sms: Ensure SMS can be sent on Fx 55+. (#5301) r=@philbooth (22f3838)
  • sync: Only show addresses if the browser says it's supported. (#5296) r=@philbooth ( (e3d9cc0), closes #5292
  • test: Fix the OAuth with handshake tests on latest/stage/prod. (c658662), closes #5300

1.92.1 (2017-07-25)

Bug Fixes

1.92.0 (2017-07-25)

Bug Fixes

  • clients: add 'last sync time unknown' (#5257) r=shane-tomlinson (9a8369c), closes #4988
  • clients: update strings to support first and last sync isMemoryToken values (#5256) r=uda (89e0d6a), closes #3908
  • cwts: Check addresses and creditcards by default. (#5282) r=shane-tomlinson (413d65c), closes #5269
  • settings: fix typo in iPad device css (#5266) r=vbudhram (b3d92fd), closes [(#5266](https://github.com/(/issues/5266) #5051
  • signup: Focus the age input if email/password prefilled (#5281) r=philbooth,vladikoff (deb16e3)
  • sms: Allow the user to go back after resending an SMS. (#5246) r=vladikoff,philbooth (75d8c4b), closes #5244
  • strings: update OAuth Apps with a "Revoke" string (#5263) r=ryanfeeley (9625526), closes #5036
  • styles: add active styles to primary buttons in settings (#5267), r=@vbudhram (dff0aea)
  • styles: add new CWTS image (#5259) r=ryanfeeley,shane-tomlinson (8ea6907), closes #5098
  • test: Increase automatedBrowser timeout to fetch fxaStatus. (#5274) r=vladikoff (59f014e)
  • tests: add memory clean up helper for functional tests (#5192) (86438e2)

chore

Features

  • clients: add new Firefox Notes icon (#5245) r=vbudhram (f86a8c2)
  • clientsList: order by type and time, and correct text (#5264) r=vladikoff (91e98e8)
  • email: add new email graphic, switch to SVG (#5124) r=ryanfeeley (2a49cf6), closes #5105
  • emails: Add support for change email (#5242) r=shane-tomlinson,vladikoff (39bb771)
  • oauth: Add tests for OAuth w/ desktop handshake (#5248) r=vladikoff (0496e09)
  • signin: send marketingOptIn parameter to server (eb2e973), closes #5195
  • sync: Extract the Sync Suggestion logic into a mixin to be shared. (#5253) r=philbooth (42a3219)

Refactor

  • client: Extract a form-prefill-mixin. (#5258) r=vladikoff,seanmonstar (294a3f6)
  • client: ServiceMixin sets service, serviceName in setInitialContext. (#5250) r=@phil (5f13252)
  • coppa: Make the COPPA view a mixin for easier reuse. (#5261) r=@philbooth (808a814)
  • email-opt-in: Extract the email-opt-in frontend logic for re-use. (#5275) r=@vbudhram (8fafad7)
  • mixins: Mixins can now declare other mixins as dependencies. (#5251) r=@shane-tomlinson (b5942ae)
  • test: Update the sign_up functional test to use selectors.js (#5260) r=vladikoff (79de14e)

1.91.1 (2017-07-14)

Bug Fixes

  • cwts: Success message updates. (#5224) r=vladikoff (8481957)
  • devices: Correctly print a session's name if no userAgent is sent. (#5231) r=vladikoff (eccb6aa), closes #5230
  • nodejs: upgrade to 6.11.1 for security fixes (#5232) r=vladikoff (29255e7), closes [(#5232](https://github.com/(/issues/5232)
  • tests: handle new Firefox Sync website in tests (#5240) (2ac4c0f)

1.91.0 (2017-07-12)

Bug Fixes

  • devices: support the new Add-ons client in the devices view (#5206) r=philbooth (1d5438a), closes #4835
  • docs: Remove the extra "When to specify" header. (#5223) r=vladikoff (2ffdc21)
  • lint: fix sasslint warning for the settings module (d9e063c)
  • metrics: categorise the performance flow events (cfa3870)
  • scssFile: fixes padding mismatch of client name (#5200) r=vladikoff (11c1202), closes [(#5200](https://github.com/(/issues/5200)
  • settings: add primary button box-shadow (#5208) r=philbooth (6298cad), closes #5179
  • sms: Adjust redirect endpoint enhancements. (#5221) r=philbooth,vladikoff (2b337c7), closes #5218
  • styles: match the radio button style with Firefox Desktop (#5207) r=philbooth (9bc4821), closes #5143
  • test: Fix the broken "settings clients - sessions" test. (#5227) r=philbooth,vladikoff (cb9d50b), closes [(#5227](https://github.com/(/issues/5227) #5226

chore

  • text: Centered blue message (#5191) r=@shane-tomlinson (a779203)
  • text: Put Back link on bottom (#5184) r=@shane-tomlinson (e80b558)
  • text: Remove unneeded periods (#5187) r=@shane-tomlinson (078f103)
  • text: Removed click here (#5189) r=vladikoff (b04e2a0)
  • text: Removed fake bold and a period (#5182) r=vladikoff (2ba1290)
  • text: Removed pad class (#5190) r=vladikoff (723a296)
  • text: Removed stray period and underline (#5183) r=vladikoff (4517cde)

Features

  • docker: switch to docker based fxa ci box (#5162) r=@shane-tomlinson (08c8904)
  • emails: Check with auth-server to ensure secondary emails is enabled for user (#5214), r (359e45f)
  • node: upgrade to Node 6 (#5173) r=@shane-tomlinson (de067d3)
  • sms: Re-add the SMS deeplink tests. (#5167) r=@philbooth (7f9aa9e), closes #5136
  • sync: Add support for creditcards and addresses as sync engines. (#5158) r=@vladikoff (93f2db2), closes #5087

Refactor

1.90.1 (2017-06-29)

Bug Fixes

  • test: Disable SMS sending tests on production environments. (#5185) r=@jbuck, @philboo (e55dc57)

1.90.0 (2017-06-28)

Bug Fixes

  • config: remove non-existing config files before attempting to load (#5153) r=vladikoff (15b8e82)
  • cwts: Remove the leftover CWTS styles. (#5166) r=vladikoff (d6d416f)
  • CWTS: removed desktop-only caveat (#5165) r=vladikoff (3367707)
  • deps: update some prod dependencies (#5137) (366563b)
  • logging: fix request logging (#5142) r=vladikoff (a23d5eb), closes [(#5142](https://github.com/(/issues/5142) #5111
  • sign-in: Put registration links on left/top (#5123) r=@shane-tomlinson (d12ce20)
  • strings: update "Why Sync multiple devices?" (f4d138c), closes #5035
  • strings: update strings in confirm and unblock r=vladikoff (5a9db37)
  • styles: add hover state to primary buttons (#5157) r=vladikoff (f0502ac)
  • tests: add a script to be run to check resource deployment (#5147) r=vladikoff (0246dbd)
  • tests: add a test to confirm that DNS hooking works (#5145) r=vladikoff (01a2aeb)
  • tests: make npm-install-deps reusable (#5146) r=vladikoff (a3799be)
  • tests: provide a way to pre-flight check entrained resources (#5131) r=vladikoff (d1ebbfb)
  • tests: switch from bash to sh in teamcity tests (#5152) r=vladikoff (6ab32e5)

chore

  • logging: add remote address chain to fxa content server (#5155) r=vladikoff (99534a1)
  • nvm: nvmrc file for easier nvm usage (#5156) r=vladikoff (1852bbf)
  • tests: add new server test dependency on morgan (#5154) r=vladikoff (7c6ca0e)

Features

  • brokers: Add brokers for mob_android_v1 and mob_ios_v1 (#5084) r=@philbooth (3cca54e)
  • emails: Update verification email sent string (#5135) r=vladikoff,shane-tomlinson (5735b07)
  • experiments: Internalize experiment rules. (#4902) r=vladikoff (d3a5f4d), closes #4893
  • metrics: emit flow events for newsletter subscription (d7c576f)
  • oauth: support PKCE oauth parameters (#5126) r=shane-tomlinson (645b493)
  • settings: Reorder settings so display name is below account picture (#5139), r=@vbudhram (5be33ef)
  • sms: Re-add "Use a distinct phone number for every SMS test." (#5150) (e91864a), closes #5136
  • test: Store screencaps at https://screencap.co.uk. (#5132) r=vladikoff (058e1f1)

Refactor

  • broker: Clean up the fx-sync-channel broker. (#5163) r=vladikoff (ccbfa6c)
  • broker: Extract finishOAuthFlowIfOriginalTab to share between methods. (#5141) r=@phil (aba3a15)
  • build: Replace babel-preset-2015-nostrict with babel-preset-2015 (#5161) r=vladikoff (cd013d2)
  • experiments: remove old config file (#5148) r=@shane-tomlinson (c9f4a94)
  • test: Update some sync_* functional tests to use selectors.js (#5164) r=vladikoff (f546f09)

1.89.0 (2017-06-13)

Bug Fixes

  • sms: Use a distinct phone number for every SMS test. (#5128) r=@philbooth (6ea77cd)
  • test: Remove the testPhoneNumber default to fix tests. (18721e7)

Features

  • emails: add tests for unblock and sign in confirmation (#5125) (841e1cf), closes #5054
  • metrics: Add a flow.signup.link.signin flow event. (#5116) r=@philbooth (b8d7e56)
  • sms: Add support for the SMS signinCode (#5092) r=@vbudhram, @philbooth (25b4c30)

Refactor

  • fxa-client: Reduce boilerplate when delegating to fxa-js-client. (#5108) r=@philbooth (277e046)

Reverts

  • sms: Use a distinct phone number for every SMS test. (#5133) (d342fab)

1.88.1 (2017-06-01)

Bug Fixes

Features

  • CAD: Log clicks on app store links into flow metrics. (#5113) r=@philbooth (8c55d18), closes #5112
  • CAD: Make it easier to find .smsStatus errors in the logs. (#5121) r=@philbooth (c20bc4c)

Reverts

  • sms: Re-add the "Maybe later" link. (#5119) r=@vbudhram (b639e0a), closes #5117

1.88.0 (2017-05-30)

Bug Fixes

  • app-store: Open app-store links in a new tab. (#5083) r=@philbooth (252ba6e), closes #5079
  • cad: Always show app store buttons for /connect_another_device, /sms (#5061) r=@vbudh (4bbbfb5), closes #4948
  • devices: Add the 1800 ms artificial delay when clicking Refresh (#5074) r=@vbudhram, @p (218ef6c)
  • devices: bring back sync start date to device view (#5058) r=vbudhram (3064f03)
  • docker: only push from one test node (#5065) r=jrgm (3a269e6), closes #4950
  • firstrun: Show the continue to Firefox Sync subheader in the firstrun page (#5064) r=@ry (3224eb8), closes #5063
  • server: allow empty event_id fields (#5097) (935ac11), closes #5049
  • sign_in: Fix how the listener is bound for account->chang:accessToken (#5103) r=@philboot (d7298f5), closes [(#5103](https://github.com/(/issues/5103)
  • test: Fix "Upgrade from account that has accountData" (#5107) r=vladikoff,philbooth (c8fba8f), closes [(#5107](https://github.com/(/issues/5107) #5104
  • tests: pull entrained sub-resources in all locales (tests/server/l10n-entrained.js) (#5 (3fcaafa)
  • tests: remove uppercase check for route tests (#5096) r=jrgm (5ea8d83), closes #5086

Features

  • CAD: Add CAD to the signup tab in firstrun (#5026) r=@philbooth, @ryanfeeley (a574d84), closes #4944
  • client: Sync state with the browser! (#4695) r=@philbooth (18fa0d5)
  • sms: Add the /m/:signinCode redirect handler. (#5082) r=@philbooth (398d339), closes #5081

Refactor

  • client: Clean up invoke* using ES2015. (#5075) r=@philbooth (6ec3f64)
  • metrics: Remove viewToId and helpers.testIsViewLogged (#5069) r=@philbooth (f1cbf2b)
  • mixins: Move search-param-mixin and user-agent-mixin to /lib (#5099) r=vladikoff (efea825)
  • test: In app-start.js, convert to fat arrows. (#5100) r=vladikoff (5f7d8b6)
  • test: Modernize the sign_in view unit test. (#5102) r=self (3f665b6)

1.87.3 (2017-05-24)

Features

  • emails: Add emails feature flag check (#5093), r=@shane-tomlinson (dae0ff6)

1.87.2 (2017-05-23)

Bug Fixes

  • build: Ensure the requireOnDemand files use SRI (#5094), r=@vbudhram (6e5ef7b)

Features

  • emails: Disable secondary emails for everyone (#5095) r=vladikoff (0fe39b8)

1.87.1 (2017-05-17)

Bug Fixes

1.87.0 (2017-05-15)

Bug Fixes

chore

  • test: add a latestd config (aa73dab)

Features

  • channels: Unify how channels handle errors. (#4889) r=vladikoff (ecc007c)
  • deps: update some prod dependencies (#5031) (addefb0)
  • devices: add OS device icons (#4975) r=shane-tomlinson (d3668b9), closes #4985
  • docker: push branches to dockerhub (#4990) r=jrgm (8d3ce17)
  • docker: remove the old docker file (#4997) (fd9a0fb)
  • emails: UX for additional emails r=vladikoff,vbudhram,shane-tomlinson (314e593), closes #4756
  • experiments: update to train-87 experiments (#5056) (574ecb4)

Refactor

  • brokers: Rename redirect.js to oauth-redirect.js (#5017) r=vladikoff (3ceb9fb)
  • brokers: Split off web, fx-sync-channel auth brokers. (#4995) r=@vbudhram (9df2f8f)
  • channels: Place all web channel command declarations in one location. (#5055) r=@philbooth (bdb02dc)
  • client: Automate link transforming for OAuth integrations. (#5033) r=@philbooth (0a337ae)
  • docs: Remove unused mailcheck and webChannelId query params. (#5048) r=vladikoff (76ec6d4)
  • gravatar: Remove gravatar (#4927) r=vladikoff (c897b6d)
  • sms: Remove the "Maybe later" link. (#5045) r=vladikoff (1c71687), closes #5044
  • test: Modernize the settings.js functional suite. (#4980) r=@philbooth (0477e9e)
  • test: Remove the oauth keys tests. (#5002) r=vladikoff (e80fba2), closes #5001
  • validation: Use VAT for validation everywhere on the front. (#4981) r=@philbooth (7648a8c)

1.86.0 (2017-05-01)

Bug Fixes

chore

  • test: add a latestd config (aa73dab)

Features

  • channels: Unify how channels handle errors. (#4889) r=vladikoff (ecc007c)
  • devices: add OS device icons (#4975) r=shane-tomlinson (d3668b9), closes #4985
  • docker: push branches to dockerhub (#4990) r=jrgm (8d3ce17)
  • docker: remove the old docker file (#4997) (fd9a0fb)

Refactor

  • brokers: Rename redirect.js to oauth-redirect.js (#5017) r=vladikoff (3ceb9fb)
  • gravatar: Remove gravatar (#4927) r=vladikoff (c897b6d)
  • test: Modernize the settings.js functional suite. (#4980) r=@philbooth (0477e9e)
  • test: Remove the oauth keys tests. (#5002) r=vladikoff (e80fba2), closes #5001
  • validation: Use VAT for validation everywhere on the front. (#4981) r=@philbooth (7648a8c)

1.85.3 (2017-04-26)

Features

  • sessions: disable web sessions by default (#4999), r=vladikoff (ba07e1f4)

1.85.2 (2017-04-21)

Bug Fixes

  • setting: Made Add… buttons blue. (#4823) r=@shane-tomlinson (1760d1e)
  • test: Fix the "delete oauth sessions" test. (#4969) r=vladikoff (e0ecc62), closes [(#4969](https://github.com/(/issues/4969) #4968
  • tests: make tests support Firefox 53 (#4973) (2d3914b)
  • validation: Add validation rules for resume and utm_* (#4956), r=@shane-tomlinson, @philboot (bb8d298)

chore

  • docker: Use official node image & update to Node.js v4.8.2 (#4961) r=vladikoff (eb057d3)

Features

  • deps: fxa-js-client update to 0.1.56 (#4965), r=@vbudhram (3dfd295)
  • test: Make it easier to load screenshots in the browser. (#4970) r=vladikoff (770fbe8)

1.85.1 (2017-04-19)

Bug Fixes

Features

  • sessions: make sessions available to all (#4964) r=vbudhram (e39410c)

1.85.0 (2017-04-17)

Bug Fixes

Features

  • client: sync-suggestion URL is dynamic based on the environment (#4798) r=@shane-tomli (413b70f), closes #4605
  • l10n: Add support for msgctxt when translating. (#4916) r=vladikoff,shane-tomlinson (c818489)
  • lb: Add lbheartbeat for dockerflow (#4919), r=@jbuck (393bc15)
  • server: disable server verification (#4937) (1a39219)
  • sms: SMS country based updates. (#4872) r=@philbooth, @vbudhram (c183737), closes #4861
  • test: Add functional tests for the sync-suggestion URL. (#4921) r=@philbooth (d9234a0)
  • test: Replace Sync v2 tests w/ Sync v3 tests. (#4876) r=vladikoff (8498a5f)
  • test: Screenshot on error in testElementExists, visibleByQSA. (#4943) r=@philbooth (e05f95e)
  • test: Throw an error if emails do not contain the expected header. (#4926) r=vladikoff (1a23841)

Refactor

  • client: Extract a "sync-auth-mixin" from connect_another_device.js (#4888) r=@vbudhram (fdca066)
  • client: Remove the password strength checker. (#4903) r=vladikoff (4786c1f)
  • oauth: Remove support for verification_redirect (#4911) r=@vladikoff (103fb42), closes #4870
  • test: Use helpers to interact with restmail. (#4942) r=@philbooth (1cfa0fb)

1.84.2 (2017-04-11)

Bug Fixes

  • clients: set correct device type for mobile clients (#4936) r=vbudhram (a1f0f3b), closes #4932

1.84.1 (2017-04-06)

Bug Fixes

  • errors: Add the new email bounce errors. (518d553), closes #4905
  • experiments: Use train-84 experiments. (#4909) r=@jbuck (9a455e0)
  • server: add back verify_email route (a5a8d30)
  • test: Close all windows but the first after a test run. (282260e), closes #4896
  • test: Fix Firefox Desktop Sync v2 sign_in (9ba1874), closes #4898
  • test: Fix sync v2 password reset test. (a572f58), closes #4894

Features

  • server: disable server verification (e17f097)

1.84.0 (2017-04-04)

Bug Fixes

chore

  • config: Add environment config options (ac4f622)

Features

  • experiments: Re-add additionalInfo parameter for experiment functions. (#4877) r=@vbudhram (5cec42e)

Refactor

  • test: Modernize the oauth_sign_up tests. (#4871) r=vladikoff (f0d99c4)

1.83.4 (2017-03-27)

Bug Fixes

  • sms: Fix visiting /sms w/o ?service=sync query parameter. (#4865) r=vbudhram,vladikof (9c8b14d), closes [(#4865](https://github.com/(/issues/4865)
  • sms: Only show the SMS form to desktop users. (#4860) r=@vbudhram, @philbooth (66afcd5)

1.83.3 (2017-03-24)

Bug Fixes

chore

  • validation: Update to VAT 0.0.9 (#4848) r=@philbooth (d15994a)

Features

  • CAD: Remove the CAD experiment. (#4781) r=@vbudhram (912a948)

Refactor

  • client: Create views for / and /oauth routes. (#4858) r=@philbooth (4ad97fb)
  • user-agent: Extract a user-agent-mixin to share amongst the views. (#4859) r=@philbooth (b78a26c)

1.83.2 (2017-03-22)

Bug Fixes

Refactor

  • test: Use helpers in the Firstrun Sync v2 sign_up test. (#4838) r=@philbooth (b0ff599)

1.83.1 (2017-03-22)

Bug Fixes

  • docs: changelog fixes (249b9c2)
  • sms: US area codes must start with 2-9. (#4834) r=vladikoff (6aa1460), closes #4833
  • tests: fix process.nextTick testing issues (#24) r=jrgm (68fd55a), closes [(#24](https://github.com/(/issues/24)
  • tests: lock Selenium and geckodriver versions (#4836) r=jrgm (6085ff5)
  • validation: adjust validation rules based on sentry feedback (d8bf79a)

chore

  • sms: Use +407 for the Romania prefix. (72fb877)

Features

  • metrics: Validate POST data to /metrics-errors. (#23) r=vladikoff (7b8532b)
  • metrics: Validate the POST /metrics body (#22) r=vladikoff (4cbd363)
  • server: try to verify emails on the server (#4794) r=vbudhram (005549a)
  • sms: Allow sending SMS messages to Romania. (42afec7), closes #4829
  • sms: SMS feature gated by the auth-server. (#4827) r=vladikoff,philbooth (de3ba24), closes #4789

1.83.0 (2017-03-20)

Bug Fixes

  • auth_errors: User received an error message saying no message (408d692)
  • change_password: Field specific error message when password is same. (4262abd)
  • change_password: Made "Incorrect Password" error field specific (ad0048a)
  • config: allow env vars for experiment config (#4785) r=philbooth (ea2c538), closes #4780
  • config: env vars for config page_template_subdirectory,static_directory (#4803) r=vladik (f94bb48)
  • CWTS: Ensure destroy calls the parent. (#4808) r=@philbooth (397afaf)
  • CWTS: Fix styles for the trustedUI (#4786) r=vladikoff (e6aa57b), closes [(#4786](https://github.com/(/issues/4786) #4749
  • display_name: button now says Add when display name hasn't been set (ef7b6b6)
  • preferences: add specific error msg for rate-limiting error (#4812) r=vladikoff (236d172)
  • server: fix undefined dereference in perf flow events (#4822) r=vladikoff (05ed9ee), closes [(#4822](https://github.com/(/issues/4822)
  • server: fix undefined dereference in perf flow events (#4822) r=vladikoff (#4824) (a142805), closes [(#4822](https://github.com/(/issues/4822) [(#4824](https://github.com/(/issues/4824)
  • sign_in: Making incorrect password error message field specific on Sign in page (c28061f)
  • signup: decrease checkbox line height for email opt-in on signup page (#4797) r=vladikof (5935bf9), closes #4707
  • teamcity: add config for fxadevtest box (45705ba)
  • version: use use cwd and env var to get version (9287337)

Features

  • CAD: Add flow metrics for connect another device. (#4787) r=@philbooth (65a70b0), closes #4783
  • sms: Allow the user to resend and go "back" from /sms/sent (#4777) r=@vbudhram (8a2c5e7)
  • sms: Use Able to decide if user should see /sms (#4792) r=vladikoff (8b19765)
  • websessions: add Sessions to client list (#4628) r=stomlinson,vbudhram (4c1a8cd)

Refactor

  • experiments: Simplify the experiment architecture (#4809) r=vladikoff (95b122f)

1.82.4 (2017-03-20)

Bug Fixes

  • validation: adjust validation rules based on sentry feedback (c975bb1)

1.82.3 (2017-03-18)

Bug Fixes

1.82.2 (2017-03-16)

Bug Fixes

1.82.1 (2017-03-08)

Features

  • metrics: Validate POST data to /metrics-errors. (#23) r=vladikoff (5ca663b)
  • metrics: Validate the POST /metrics body (#22) r=vladikoff (56f7635)

1.82.0 (2017-03-06)

Bug Fixes

  • reset-password: Fix the reset password flow w/ e10s enabled! (#4770) r=vladikoff (179d0b9), closes [(#4770](https://github.com/(/issues/4770) #4769
  • sms: Allow parens in the phone number (#4773) r=@philbooth (11ca81d), closes #4764
  • sms: Fix autofocus cursor position on input[type=tel] (#4760) r=@philbooth (d16cf4a), closes [(#4760](https://github.com/(/issues/4760)
  • sms: input[type=tel] is only required w/ required attribute. (#4759) r=@philbooth (f71e1b7)
  • tests: add missing teamcity test dependency "joi" (#4772) r=vladikoff (6530352)
  • tests: on-headers is required for server tests (#4771) r=vladikoff (a6ac5ae)

Features

  • CSP: Use joi to validate CSP reports. (#4746) (ef2e28d)
  • mailcheck: enable mailcheck (#4751) r=vladikoff (910b319)
  • metrics: emit a flow event for active experiments (799b4ab)
  • metrics: emit flow events for key performance metrics (33f2cf3)
  • server: Set security headers on all HTML pages. (#4750) r=@rfk (878b694)
  • sms: Add a configurable successMessage to resend-mixin (#4761) r=@philbooth (6d1f906)
  • tests: Reload mocha tests whenever source/js changes. (#4752) r=vladikoff,vbudhram (56199d1)

Refactor

  • client: auth brokers listens for view-shown to call afterLoaded. (#4754) r=@philbooth (0264490)
  • client: ConfirmResetPassword extends BaseView, not ConfirmView. (0e90d64)
  • notifier-mixin: Simplify the notifier-mixin using built in object event methods (#4779) r=@philb (d129a6b)

1.81.0 (2017-02-23)

Bug Fixes

chore

  • docs: Explain why 0.80.1 is empty (cae891c)
  • l10n: add Web Session to strings.js (#4743) (3101617)
  • versions: update to 1.x version (a043e45)

Features

  • eslint-plugin-fxa: using 1 repository of eslint rules (#4698) (14301be)
  • prefer-const: changes acc. to prefer-const eslint rule (#4710) r=vladikoff (f9006d4), closes #4632
  • sms: Send SMS view (#4625) r=vladikoff (36c815f), closes #4373

Refactor

  • CAD: WhyConnectAnotherDeviceView uses the BackMixin (#4738) r=@philbooth (246a0fe), closes #4735
  • client: Extract a PulseGraphicsMixin. (#4730) r=@philbooth (f82517d)
  • client: move flow model resposibilities out of the views (4071291)
  • metrics: Log the loaded event from the metrics module. (#4745) r=@philbooth (5c1ca7e)
  • settings: Simplify settings header rendering. (#4744) r=@philbooth (2d6499b)

0.80.2 (2017-02-14)

Bug Fixes

  • client: Clear all account data on sign out. (#19) r=@seanmonstar (f361fd1)

0.80.1 (2017-02-14)

Reverse merge fixes from 0.79.4.

0.80.0 (2017-02-07)

Bug Fixes

  • account: throw an error when generating assertions with invalid session token (#4666) r=s (7b867b0), closes #4586
  • client: generate fresh flow id and begin time on sign-out (3ea1a9a)
  • clients: add a "Got it" button to the client disconnected view (#4687) r=vbudhram (a73a53b), closes #4633
  • clients: retry with a fresh token on OAuth requests (#4688) (1cd050a), closes #4659
  • hsts: fix HSTS header config value (#4668) r=vbudhram (dfabff9), closes [(#4668](https://github.com/(/issues/4668) #4657
  • iOS: Send the login message within the visibilitychange (#4682) (5bca42f)
  • tests: add a direct unit test of signOutAccount (6937fcb)
  • tests: Bail out after the first test failure on Circle to speed test runs. (#4678) (94acc26)
  • tests: fix 2 typos in test title (6fa4336)
  • tests: make sure OAuth title tests check the value (a368849)

chore

  • docs: User=>user for consistency. (#4699) (da001bc)

Features

  • CAD: install_from.fx_desktop A/B metric, use consistent names. (#4696) r=vladikoff (f41a418), closes #4692
  • design: switch to new mozilla logo (#4674) r=ryanfeeley (ce8bf92), closes #4656

Refactor

  • client: scope added (6e4b4e2)
  • test: Thenify all the helpers. (#4697) r=vladikoff (30f9b19)

0.79.4 (2017-02-13)

Bug Fixes

  • tests: adjust to new SUMO urls (#4713) (#4720) (b50aa81), closes #4712

Features

  • firstrun: Add fx_firstrun_v2 events to support new firstrun flow. (#4717) (f1373ed)

0.79.3 (2017-01-26)

Bug Fixes

  • client: Use a 5 sec timeout to send login in Fx for iOS. (#4671) r=@rfk (e0686ec)
  • connect-another-device: Disable CAD for signin. (#4672) r=vladikoff (014557e), closes #4665

chore

  • experiments: Update content-experiments to train-79 (#4677) (4edfe87)

Features

  • experiments: Push all knowledge of mutually exclusive tests to able. (#4673) r=@philbooth, vl (b8cff6e)

0.79.2 (2017-01-24)

Bug Fixes

Refactor

  • test: Modernize the fx_firstrun_v1_sign_up tests. (#4661) r=@philbooth (7e1b034)

0.79.1 (2017-01-24)

Bug Fixes

  • docker: Start docker service (c6cd981)

0.79.0 (2017-01-23)

Bug Fixes

  • client: Fix status message on /connect_another_device (#4640) r=@philbooth (651a56b), closes [(#4640](https://github.com/(/issues/4640) #4634
  • cwts: ux changes to make choose-what-to-sync less confusing (#4619), r=@vbudhram (c279f90), closes #4515
  • docker: Only build docker image on master or tag (#4644) r=vladikoff (ffddf10)
  • metrics: Only send navigationTiming data on the first flush. (#4603) r=vladikoff (153292b), closes #4601
  • metrics: POST metrics if any field has changed since the last send. (#4602) r=vladikoff (7c468e7), closes #4479
  • require: extend load time out of requireOnDemand to 40 seconds (#4647) r=@shane-tomlinson (af6cdd7)
  • signin: add oauth query strings to sign in and sign up views (#4584) r=@shane-tomlinson (6bf3da9), closes #4547
  • strings: adjust confirm reset password resend string (#4607) (c8b2468)
  • styles: fix sasslint and add border-radius for webkit / blink browsers (5baf61d)
  • test: Avoid rate limiting in a confirm functional test. (#4613) r=vladikoff (d78733e), closes #4537
  • test: Change after to afterEach. (#4642) r=vladikoff (605293a)
  • test: Fix sign in to OAuth with Sync creds test timeout. (#4650) r=vladikoff (11c2b5e), closes [(#4650](https://github.com/(/issues/4650) #4649
  • test: Fix the broken refreshes_metrics functional test. (#4629) r=@vbudhram (a731bef), closes [(#4629](https://github.com/(/issues/4629)
  • test: Fix the failing OAuth functional tests. (#4630) r=@vbudhram (a6336a5), closes [(#4630](https://github.com/(/issues/4630)

chore

  • deps: Update to grunt-sass@2.0.0 for Alpine Linux compatibility (#4621) r=vladikoff (b4a1c8c)
  • tests: make sure unit tests pass with different locales (#4535) r=shane-tomlinson (878b80c), closes #4437

Features

  • connect-another-device: Add a close button to "why connect another device" (#4626) r=@vbudhram (6ed0196), closes [(#4626](https://github.com/(/issues/4626) #4604
  • docker: Add CloudOps Dockerfile & CircleCI build instructions (#4620) r=vladikoff (dc46ea0)
  • metrics: Log the number of stored accounts on the /signin page. (#4493) (f44dcb5)

Refactor

  • client: Extract all routes into their own modules. (#4615) r=vladikoff (4d0a211)
  • metrics: Add explicit signin/signup metrics (#4606), r=@shane-tomlinson (b5aa2d2)
  • relier: remove service-name abstraction (#4645) r=@shane-tomlinson (c9ff9ab), closes #4436
  • style: test page created and radio-button added (495ba9a)
  • test: thenify not needed for getVerificationLink (#4623) r=@philbooth (bf11add)
  • test: No context for some FxDesktop helpers. (#4611) (1117934)
  • test: No more thenify for openVerificationLinkDifferentBrowser (772e16a)
  • test: Remove context from noSuchBrowserNotification and testIsBrowserNotified (# (e7f417e)
  • test: remove context from openPasswordResetLinkDifferentBrowser (#4636) r=@philboo (ad5a53a)
  • test: Remove context from openSignInInNewTab (31fe201)
  • test: remove context from openSignUpInNewTab (#4617) r=@philbooth (4447161)
  • test: Remove context from respondToWebChannelMessage (6a36587)
  • test: Remove context from testAreEventsLogged, fetchAllMetrics (d979483)

Reverts

  • docker: Add CloudOps Dockerfile & CircleCI build instructions" (#4643) (cbc75cf)

0.78.0 (2017-01-09)

Bug Fixes

  • account: capture uncaught sessionStatus errors (9a429ae)
  • client: Stop using able to get the account blocked SUMO link. (#4597) r=vladikoff (59cba43), closes #4588
  • clients: change Get-App button to Download (#4571) r=philbooth (37fd2c3), closes #4413
  • deps: update to latest p-promise and fxa-js-client (#4580) (5c85df4), closes #2160
  • docs: Bring back the accidentally deleted client-metrics.md content. (#4593) r=vladiko (1114db8)
  • email: adjust text of email resend link (#4599) r=vbudhram (2472054)
  • links: open external links on about:accounts in new tabs (f40d5d7)
  • progress_indicator: disable element while the progress indicator is active (#4582) r=@shane-tomlinso (1f5499c), closes #4167
  • reset: add relier name into reset (bffc19c)
  • reset: change button and header on the reset page (#4564) (f15e2d7), closes #4538
  • rtl: fix rtl in the devices & apps view (ade305a)
  • server: advertise OAuth scopes in OIDC (#4587); r=rfk (5099f51), closes #3433
  • tests: marionette fixes: remove selenium check; export X DISPLAY (#4596) r=vladikoff (ed11ab7)
  • tests: update to support latest Firefox driver (#4442) (ea575bb), closes #3995

Features

  • client: Stringify WebChannel payloads in Fx Desktop >= 50. (#4579) r=@mhammond, @rfk (4888e28), closes #4577
  • server: Remove unsafe-eval and reportOnly CSP rules! (#4595) r=vladikoff,jrgm (76b2014), closes #4594
  • signup: allow users to dismiss suggest-sync (240c30a)

Refactor

  • client: reduce duplicated auth broker initialisation logic (#4568) r=@shane-tomlinson (4505f2e)
  • test: Remove context from openFxaFromRp, openFxaFromUntrustedRp (#4576) r=@philb (232e2f5)
  • test: Remove context from reOpenWithAdditionalQueryParams (d4f4ca3)
  • test: Remove context from test*WasShown (8b27f6e)
  • test: Remove tests/functional/lib/test.js (#4592) r=@philbooth (0578596)

0.77.0 (2016-12-28)

Bug Fixes

chore

  • ci: add retry command to Circle (#4517) (b4e2ec1)
  • ci: disable Firefox A/B experiments in CI browser (#4536) (a24f9b5)
  • ci: reorder CI scripts (e04dec4)
  • ci: try to disable signed extensions in Firefox 46 on Circle Ci (#4511) (4a8a7ef)
  • docs: Remove openGmail and syncCheckbox experiment docs. (#4530) (e63b256)
  • tests: force disable e10s while we are on Firefox 46 (#4505) r=shane-tomlinson (6fa0ea2)
  • travis: disable Node 6 builds until fixed (#4508) (bf70aed), closes [(#4508](https://github.com/(/issues/4508)

Features

  • client: Add AMO specific help text on signin/signup. (#4550) r=vladikoff (9c595b9), closes #4302
  • client: complete on fennec (#4370) r=vladikoff (c80d1aa)
  • experiments: update to train-77 experiments (#4556) (c21711e)

Refactor

  • avatar: this._displayedProfileImage removed (#4502) r=shane-tomlinson,vladikoff (3f4ec6f), closes #4386
  • client: Clean up complete_sign_up a bit. (#4518) r=vladikoff (2d3123b)
  • client: Configurable marketing-snippet and marketing-mixin. (#4519) r=@vladikoff (8abf49d)
  • client: Extract a modal-panel-mixin from modal-settings-panel-mixin. (#4506) r=vladikoff (a54eac0)
  • client: Remove preVerifyToken support. (#4539); r=vladikoff,rfk (9cbf5d9), closes #4152
  • test: Modernize the oauth_sign_up_verification_redirect tests. (#4557) (f7755e7)
  • test: Remove context from fillOutChangePassword (04298c6)
  • test: Remove context from fillOutCompleteResetPassword (#4522) r=@vladikoff (a0a357e)
  • test: Remove context from fillOutDeleteAccount (9c7a1a7)
  • test: Remove context from noSuchElement (#4523) r=vladikoff (b95fd7b)
  • test: Remove context from openExternalSite (#4545), r=@vbudhram (736a063)
  • test: remove context from openSettingsInNewTab (28d746a)
  • test: Remove context from openVerificationLinkInNewTab (face514)

0.76.0 (2016-12-13)

Bug Fixes

  • deps: update to latest prod dependencies (#4484) (e8beb84)
  • metrics: make metrics.flush safely re-entrant (#4478) (c06bd31)
  • metrics: propagate metrics context data to /account/reset (#4489), r=@vbudhram (00a30f8)
  • test: Hard code location of Firefox for circle tests. (#4495) r=vladikoff (5c8b11e)

Features

  • deps: update to fxa-js-client 0.1.50 (0bd4a68)
  • verify: Allow iOS Private Browsing to verify emails (#4476) r=shane-tomlinson (1af3c2a), closes #4481

Refactor

  • tests: Remove context from several functional test helpers. (#4490) (ef06852)

0.75.1 (2016-11-29)

Bug Fixes

  • client: Canonicalize emails when going to /settings (#4473) r=vladikoff (5901b2a), closes #4463
  • client: Use the server returned email when signing in. (#4472) r=vladikoff (668be9e), closes #4467

0.75.0 (2016-11-28)

Bug Fixes

  • client: is*Visible fixes for template written messages. (b58cfb4)
  • client: Babel is only available during development. (#4433) r=vladikoff (6da1956)
  • client: delete the redundant flow-event-metadata model (#4456) (01e06a5)
  • client: Fix the startup l10n/everything-else race condition. (#4438) (24e9932), closes [(#4438](https://github.com/(/issues/4438)
  • client: Flush metrics before redirecting to an external link. (5bcf94f), closes #4458
  • client: pass correct OAuth client id to certificateSign (0c89b9a)
  • client: Visible success/error messages stay visible on view render (7fa9c00)
  • clients: add refresh progress state (#4382) r=vbudhram,shane-tomlinson (b42102e), closes #4165
  • clients: add tablet support to app placeholders (#4414) r=vbudhram (3f97df4), closes #4412
  • clients: Always sort the current device first. (#4430) r=vladikoff (7ce2bf9)
  • csp: update helmet to version 3 (#4444) r=vbudhram (517a287)
  • l10n: fix string extraction in server syntax (#4443) (819f098), closes [(#4443](https://github.com/(/issues/4443) #4406
  • metrics: drop invalid utm_ params from flow data (3a3a7b1)
  • metrics: log some metrics about the number of clients (#4454) r=vbudhram (c5075a8), closes #4229
  • metrics: round flow time down before emitting (f1f87cc)
  • metrics: separate the begin and view flow events (33b2f00)
  • test: Fix failing oauth-reset-password functional test (#4465) (9428b8e), closes [(#4465](https://github.com/(/issues/4465)
  • tests: add SRI testing to functional tests (#4432) r=vbudhram,shane-tomlinson (d99d598), closes #4364
  • webchannel: handle errors from Firefox WebChannels (#4457) r=shane-tomlinson (8fa56e6), closes #3668

chore

  • docs: Add a comment about why view.logView is done in app.js (44304c2)
  • git: Update .gitignore to support nested .eslintrc files (#4409) r=vladikoff (10ecdfb)
  • nsp: remove exceptions (#4416) r=pdehaan (a4728ca), closes #4410
  • shrinkwrap: add npm script for shrinkwrap (#4445) (fce4016), closes #4439
  • typo: fix 'suppress' type in base.js (6c1a3e5)

Features

  • client: Enable "show" password button for everyone! (#4435) r=vladikoff (830f666)
  • client: Pass the email address in the resume token. (898b7cf)
  • devices: add duplicate reason for disconnecting (69bd338)
  • l10n: Include translations in JS bundle. (#4348) r=vladikoff (eb79afc)
  • server: Babel can be disabled via config. (#4418) r=vladikoff (e08231d)

Refactor

  • client: Cleanup marketing-mixin & marketing_snippet responsibilities r=vladikoff (ffcbbfe)
  • client: skip rendering if navigate is called in beforeRender (f58b1a5)
  • email: Remove sendEmailIfVerified logic r=vladikoff (886f394)
  • metrics: extract flow event logic from POST /metrics handler (3e69724)
  • test: bounced email takes care of its own prerequisites. (#4466) r=vladikoff (1f27ff5)
  • test: fillOutResetPassword no longer takes a context. (#4405) r=seanmonstar,vladikoff (d082a40)
  • test: fillOutSignIn no longer takes a context (395b958)
  • test: fillOutSignUp no longer takes a context. (#4404) r=seanmonstar,vladikoff (20ea0fe)
  • test: openPage no longer takes a context. (#4434) (2de72cd)

0.74.0 (2016-11-14)

Bug Fixes

  • client: Do not show marketing material on Fx for iOS. (#4368), r=@vbudhram (7909cc5), closes #4366
  • client: Fix unlocalized app store buttons. (#4394) (edb9404), closes [(#4394](https://github.com/(/issues/4394)
  • client: Make the constructor a normal function in FlowEventMetadata (a078e6f)
  • client: Merge marketing_snippet_ios and marketing_snippet (#4384) (cb34b95)
  • client: Open email preferences in new tab (#2500) (#4387) r=shane-tomlinson,vladikoff (452cce0), closes #2500
  • config: Strip any trailing '/v1' from auth_server_base_url. (#4357); r=shane-tomlinson (ba0c0c0)
  • logging: validate flow id before emitting events (ccfc033)
  • metrics: overhaul flow events for more accurate funnel analysis (7507f2a)
  • password: hide show password label until theres text in the pass… (#4099) r=vladikoff,ryan (01e6fcb), closes #4095
  • routes: Redirect *_complete to *_verified r=vladikoff (295cfc5)
  • signup: Changes style of badges (#4340) r=vladikoff (c44a1b4), closes #3697
  • test: Always send a locale when creating an account. (#4363) (2268a64)
  • test: Fix the "device and apps panel works" functional test. (6b7eb2c), closes #4397
  • test: Fix the "device and apps panel works" functional test. (#4403) r=vladikoff (105b14c), closes [(#4403](https://github.com/(/issues/4403) #4397
  • test: Sync reset password, verify different browser. (05d21a5), closes #4399
  • test: Sync reset password, verify different browser. (#4402) (96ad29c)
  • test: Try to figure out Firstrun v1 sign_in - unverified (#4365) r=vladikoff (40f78e1)
  • typo: fix typos (ea84f99)

chore

  • lint: fix sasslint in marketing ios (94b17b6)

Features

  • apps: add new service icons, enable apps feature (#4381) r=vbudhram (72b06a5), closes #4213
  • client: Add iOS App banner to pages (#4371) r=vladikoff (58e57e5)
  • client: Send source_url to Basket's /subscribe endpoint (#4342); r=rfk (4bdbfa1), closes #4315

Refactor

  • avatar: remove getAvatars, prepare to remove 'selected' param (ad89416)
  • avatar: remove getAvatars, prepare to remove 'selected' param (#4393) r=shane-tomlinson (76ccf02)
  • cancel: auth_brokers/base.js->canCancel moved to capabilities (#4374) r=vladikoff,shane- (80b9999), closes #3235

0.73.1 (2016-11-02)

Bug Fixes

  • tests: raven is a test dependency for server tests (d6f0900)

chore

  • deps: update got, shrinkwrap (#4360) (0970140)

0.73.0 (2016-11-01)

Bug Fixes

chore

Features

  • devices: add mobile get app placeholders (#4261) r=vbudhram,shane-tomlinson (861af52), closes #4261
  • icons: Use optimized svg icons in device view (#4294) r=vladikoff (703e372)
  • metrics: Add reset password flow metrics (cc02b52)
  • sentry: Add sentry middleware for express (#4345) r=vbudhram (4bd04bf), closes #4208
  • tests: Allow CircleCI test parallelization. (#4298) (42b80c9)

Refactor

  • client: Reduce repetition when initializing the auth-brokers. (66cfb66)
  • client: remove crosstab. (#4192) r=vladikoff (07b5902), closes #3415
  • deps: switch from request to got module (#4344) r=rfk (f1d7cf9)
  • disconnect: OAuth services Disconnect button does not need … (#4314) r=vladikoff (bb87fc3)
  • settings: remove sync preference button (#4326) (9f43ddf)
  • tests: Remove context from clearBrowserState (#4343) r=vladikoff (421d376)

0.72.1 (2016-10-20)

Bug Fixes

  • csp: single-quote 'none' keyword (#4311) (22557a9)

0.72.0 (2016-10-19)

Bug Fixes

Features

  • signin unblock (#4154) (18850e1)
  • hpkp: Add HPKP headers (#4097) (660f604)
  • metrics: Always send a metricsContext.context from the content server. (#4251) (1fefb77)
  • server: Ban all objects using CSP. (#4285) (b6e9a25)
  • test: Point circle at fxa-ci.dev.lcip.org (#4282) (3cec607)
  • test: Use package.json for version info for teamcity dep install (8de7ef0)
  • tests: Update Fx and Selenium versions on Travis. (#4271) (5831294)

Refactor

  • client: var=>const for all requires (#4263) (5490a0b)
  • client: Ditch var self=this (#4264) (808ad8d)
  • client: Remove colon from device timestamps (#4222) r=shane-tomlinson,vladikoff (253da2e)
  • client: Use object shorthand for functions. (#4265) (f44c262)
  • incorrect-password: Changed Text in case of wrong password (#4258) r=vladikoff (9279e69)
  • signup: Messaging Size Matched (#4249) r=vladikoff (05db4d2)
  • test: Update the confirm functional test to use helpers. (#4273) (35b9330)
  • tests: Update the email-optin tests to use helpers. (#4279) (2f273cd)

0.71.0 (2016-10-06)

Bug Fixes

  • build: backslash-escape "/" in character class to satisfy minimizers (#4206) r=vladikof (c3a65ce)
  • build: Ensure revs/filenames are correctly created. (#4210) r=vladikoff,jbuck (6338a82)
  • build: switch to grunt-file-rev from grunt-rev (#4199) r=jbuck (e4f750d)
  • client: Add 'rel=noopener noreferrer' to all external links (c19c7ed), closes #4091
  • client: Fix signup confirmation poll. (307bb67), closes #4237
  • client: normalizeXHRError handling 503 and 429 error (2a7009c)
  • devices: use uid for devices panel (9213f29)
  • docs: Standardize jsdoc param/returns to use {Capital} for types. (#4226) (b58f427)
  • logging: ensure flow begin events get correct flow_time (#4236) (bed3feb)
  • logging: identify the view in flow.begin event (#4224) r=vladikoff (b8952f0)
  • password: remove need inspiration link from password prompts (#4172) (c392f96)
  • server: Only one bodyParser.json is needed. (#4200) r=vladikoff (ee82c3c)
  • signin: displaying new message for already verified sign-in tokens (#4176), r=@vbudhram (7eb856e)
  • test: Fix the sign in to OAuth with Sync creds on latest. (#4245) r=vladikoff (dc60cea), closes [(#4245](https://github.com/(/issues/4245)
  • tests: add oauth app functional tests (#4209) r=shane-tomlinson (9af4895), closes #4109
  • tests: Ensure the complete_sign_in functional tests pass. (#4183) (60c8159)
  • tests: fix broken data-flow-begin functional tests (#4223) (bdf72a6), closes [(#4223](https://github.com/(/issues/4223)

chore

  • circle: add circle.yml with testing config (#4197) (2df2b48)
  • client: Rename webmailLink to unsafeWebmailLink (#4174) r=vladikoff (3511ccd)

Features

  • client: /config now returns a 410 HTTP status. (#4153) r=vladikoff (e6ff90e)
  • metrics: add flow event for have-account (bcc0974), closes #4216
  • metrics: adjust tests and logic for the event (4272d51)
  • sentry: move sentry release version to front-end (#4220) r=vbudhram (18ddbf6), closes #3474
  • shared: add new locales (9a24702)

Refactor

  • client: Add the external-links-mixin to the BaseView (#4184) (9900587)
  • client: Remove all direct fxaClient calls from the views. (#4194) (64081c6)
  • fennec: force_auth_complete removed (#4211) r=vladikoff (729720c)
  • jsdocs: displaying new message for already verified sign-in tokens (#4178) r=vladikoff (3824ab8)
  • settings: ellipses added (#4202) r=vladikoff (eb5418e)
  • tests: convert 2 sign-in functional test suites to use helpers. (#4207) r=vladikoff (d1a3247)

0.70.0 (2016-09-20)

Bug Fixes

chore

  • client: Changed "Tabs" to "Open tabs" (#4156) (7b31dc2)
  • client: Update Google Play Store badges (#4140) r=vladikoff (f8fcaf7)
  • docs: Add missing client metrics docs (#4083) (03b8d1b)
  • docs: add release v0.69.0 notes (440e528)
  • docs: Add screen images to client metrics docs (#4139) (c3cc9d4)
  • docs: Document known values for entrypoint metrics param. (ddcf9c8)
  • server: Remove custom FxOS CSP code. (#4118) r=vladikoff (a1fef3d), closes #3958
  • tests: Remove listenForWebChannelMessage - it's no longer needed. (#4142) r=vladikoff (6bd603f)
  • travis: drop node 0.10 support in travis (#4149) (ba77285)

Features

  • client: Embed config values in the HTML. (#4147) r=vladikoff (1e8f1d7)
  • deps: Use jQuery 3.1.0 and sinon 1.17.5 (#4117) r=vladikoff (4fe8dc0)
  • devices: add devices modal and additional metrics (#4131) r=vbudhram,shane-tomlinson (aed667e)
  • devices: add tablet icon (#4132) r=vbudhram (d9c007e), closes #4030
  • errors: support localized throttled message (#4145) (374858e)
  • experiments: update to latest experiment tag (#4171) (8ffa42f)
  • metrics: add flow.attempt_signin, flow.engage, flow.attempt_signup (#4150) r=rfk,philboot (e618104)
  • oauth: add OAuth app management ui (#3935) r=shane-tomlinson,vbudhram (e6b4333), closes #3921

Refactor

  • client: Extract all element type specific code from form.js (#4108) (e33ecc4)
  • client: Reduce fxa-js-client fetch boilerplate (#4090) (51a70fb)
  • client: Unify all the resend email code into resend-mixin. (#4123) (4231045)
  • signin: make all beforeSignIn methods use the account object (#4082) (58af33b)

0.69.0 (2016-09-07)

Bug Fixes

  • build: remove date from js bundle (#4102), r=@vbudhram (31ca1c1), closes #4101
  • client: Improved calls to action on the confirm reset password screen. (#4100) (2063d6c)
  • clients: fix fetch for two simultaneous responses (#4111) r=vbudhram (dd2727c), closes [(#4111](https://github.com/(/issues/4111)
  • oauth: set TTL for the authorization request (#4075) r=shane-tomlinson (3af4e9a), closes #3982
  • sentry: bring back cache busting file names in sentry (#4103) r=vbudhram (0627b17)
  • signin: Add delay for login message on iOS broker (#4089), r=@shane-tomlinson (c04980d)
  • styles: fix horizontal align for comm pref (#4098) r=vladikoff (0f13938), closes [(#4098](https://github.com/(/issues/4098) #3886
  • tests: send Origin headers with resource requests when appropriate (#4059) (030874f)

chore

  • docs: Add missing client metrics docs (#4083) (03b8d1b)

Features

  • oauth: add OAuth app management ui (#3935) r=shane-tomlinson,vbudhram (e6b4333), closes #3921

Refactor

  • client: Reduce fxa-js-client fetch boilerplate (#4090) (51a70fb)
  • signin: make all beforeSignIn methods use the account object (#4082) (58af33b)

0.68.1 (2016-08-24)

Bug Fixes

  • styles: change color of label on permissions page (#4079) r=vladikoff (f2cf887), closes #4052
  • styles: remove transition on show password button (#4078) r=vladikoff (10f6d44), closes #4076
  • tests: adjust timeouts and window handles for TeamCity tests (#4081) (be51e51)
  • tokens: Display expired token on sign-in verification error (#4047) (296250f)

Refactor

  • client: Remove support for fx_ios_v2 (#4080) r=vladikoff (f6ea1ef), closes #4073

0.68.0 (2016-08-23)

Bug Fixes

  • client: Fix autofocus being called repeatedly on hidden settings panels. (#4043) r=vladi (a541eca), closes [(#4043](https://github.com/(/issues/4043)
  • css: Remove right margin on settings (#4054) r=vladikoff (5c4083c)
  • deps: update prod dependencies (#4034) (6682ae2)
  • l10n: fix input type direction to match Gmail (#4070) r=vbudhram (025ed91), closes [(#4070](https://github.com/(/issues/4070)
  • l10n: fix translations for the password warning (#4068) r=vbudhram (ce88b84), closes [(#4068](https://github.com/(/issues/4068)
  • logging: flow.begin is a flowEvent, not an activityEvent (#4051) r=vladikoff (32fa116)
  • sentry: do not send the same error more than once (#4066) r=vladikoff (82b4e30), closes #4023
  • sentry: separate errors by errno, switch known errors to info level (#4074) (d0b3828)
  • signup: add an error code for unknown account verifications (#4061) r=vbudhram (46595e1), closes #3989
  • strings: adjust support link for devices and apps (#4072) r=rfk (4227c2d), closes #4067
  • styles: adjust property sort order to remove lint warnings (b1e0bc0)
  • styles: bring back CWTS email field (#4063) (a472bea), closes #4062
  • teamcity: tests now require fxa-shared installed (381fb20)
  • tests: Add a helper function to close a window. (#4038) r=vladikoff (7a7785e), closes [(#4038](https://github.com/(/issues/4038)

chore

  • tests: disable auto update for test profiles (27e2728)
  • travis: retry nsp check on travis due to flaky api (0ca0c5d)

Features

  • experiments: update latest experiments for train-68 (#4071) (dfa8f84)
  • passwords: add support article about password strength (#4014) r=vbudhram (b6a3319), closes #3945
  • settings: escape key hides the current panel (#3845) r=vladikoff (82c7fba)

Refactor

  • client: browserify jwcrypto to prepare for requireOnDemand. (#4035) r=vladikoff (3600b0a)
  • client: jwcrypto is now loaded using requireOnDemand. (#4041) r=vladikoff (84706d8)
  • client: Load fxa-js-client using requireOnDemand. (#4042) r=vladikoff (ff706a4)
  • client: Refactor the hide-on-escape key code. (#4046) r=vladikoff (615e138)
  • client: Use cache busting URLs with require on demand. (#4002) r=vladikoff (053153e)
  • client/server: Ditch the postMessage origin check for iframes (#4008) (c1f5260)
  • devices: remove timeago, use device last active from the fxa-auth-server (#4033) (36bb232)
  • devices: rename devices view to clients (#4055) r=vbudhram,rfk (d425e8f)
  • l10n: use shared source for l10n list (#4050), r=@vbudhram (a3a5294)

0.67.0 (2016-08-09)

Bug Fixes

  • build: Fix l10n extraction of template strings. (#4028) r=vladikoff (38557d5), closes [(#4028](https://github.com/(/issues/4028) #4027
  • client: No screen transition post confirm signin for OAuth Webchannel keys (#3997) r=vla (6d15ece), closes #3966
  • client: OAuth flows that request keys must do signin confirmation. (#3991) (a77c3c9)
  • client: Only show passwords while depressing the "show" button. (#3978) (251f0e3)
  • client: propagate flow data to confirm view (#3990) (cbbd8a5)
  • client: update to latest able version (#4018) (4466d93)
  • devices: add 'last active' to formatted string (#4015) r=shane-tomlinson (96eaafa), closes #3960
  • devices: add title attribute to device names (#4016) r=vbudhram,ryanfeeley (83f0da2), closes #3959
  • experiments: update experiments to train 67 (#4025) (3762ea2)
  • jsdoc: add eslint jsdoc validation (#4010) (fcf1ebf)
  • logging: use legacy log format for activityEvents (b87805e)
  • signup: add utm params to suggest-sync (#4029) r=vbudhram (aabd4f6), closes #4021
  • styles: remove bold from current device (#4020) (138c98c), closes #4019
  • tests: fix remote tests/server/routes/get-fxa-client-configuration (69bfeee)

chore

  • client: Remove signin confirmation transition code from fxa-client.js (d26aa75)
  • deps: Bump fxa-js-client to 0.1.46 (#3987) r=vbudhram,vladikoff (c1b42bc)
  • deps: Bump the fxa-js-client version to 0.1.45 (#3983) r=vladikoff (401bd31)
  • scripts: update npm versions used to run in teamcity (#3999) r=vladikoff (4d600e7)
  • teamcity: a tool to help updating bash-embedded dependencies (#4001) r=vladikoff (8bce55b)

Features

  • metrics: Add utms to statsd (#4026) r=vladikoff (859591a)

0.66.0 (2016-07-26)

Bug Fixes

  • avatar: prevent buttons from flashing (#3850) (6e7f360)
  • client: always send a service param to /certificate/sign (01a0ae5)
  • client: Check for expired sessions whenever the user focuses the settings page. (#3924) (25cf276)
  • client: Help the password manager save the username on pw reset/change. (#3977) r=vladik (362b2fb)
  • client: Hide all visible passwords on form submit. (#3969) (a6c848c)
  • client: use context constants instead of literals (#3961) (88ae365)
  • confirm: add known error code when polling fails (#3943) r=vbudhram (c509963), closes #3925
  • devices: adjust download links for browsers (#3926) r=vladikoff (d178aee), closes #3540
  • l10n: Fix l10n extraction on ES2015. (#3963) r=vladikoff (01334e7), closes [(#3963](https://github.com/(/issues/3963) #3962
  • server: Allow FxOS 1.x and Fennec < 25 to sign in/up (#3940) (5b87852)
  • server: Ensure CSS for the TOS/PP agreements is served from the CDN. (#3981) r=vladikoff (b4867ed), closes #3976
  • server: Re-add the /.well-known/openid-configuration route (7781973)
  • styles: fix settings email header when display name set (#3930) (65aef25), closes [(#3930](https://github.com/(/issues/3930)
  • teamcity: fail fast if all servers are not up (#3936) r=vladikoff (a2c9656)
  • teamcity: server tests don't need selenium running (#3975) r=vladikoff (86deba7)

chore

  • deps: Bump request and universal-analytics dependencies (#3967) (b271bce)
  • dev: add remote development script and docs (#3971) r=pdehaan,vbudhram (d82f0a1), closes #3951
  • openid: Remove support for OpenID. (8532c17)
  • strings: add location strings to strings.js (#3972) (1e27f74)

Features

  • build: ES6 with babel (#3841) (72f9051)
  • client: Always notify browser on password change. (#3913) (56417ac)
  • client: Remove Account Lockout. (#3956) r=vladikoff (4b8b867), closes #3949
  • client-config: Add a /.well-known/fxa-client-configuration endpoint (#3919) (cbd341a)
  • metrics: Add a <view_name>.back event when the user clicks a back link (9bd0c6c)
  • password: make hints progressively useful (#3791) r=vladikoff (e327d39), closes #3731
  • server: Update helmet to the newest version. (#3941) r=vladikoff (3e3fdc8)
  • tests: Add more functional tests for sign in unverified flow. (#3947) r=vladikoff,vbudh (e7b7f24)
  • tests: Add signin confirmation tests for iOS, Fennec, WebChannel (#3937) (0f8293f)

Refactor

  • client: remove campaign param support, switch to utm_campaign (#3915) (e6d20a9)
  • client: remove state from the resume token (#3923) r=shane-tomlinson (615c7aa)
  • jscs: port jscs to eslint (#3946) r=vladikoff (7606356), closes #3669
  • oauth: remove support for privacy and terms uris (#3942) (430716d)

0.65.0 (2016-07-12)

Bug Fixes

chore

Features

  • client: Add a button to Open in Yahoo/HotMail/Outlook (#3872) r=vladikoff (46cdc3b), closes #3640
  • client: Add fade in to 'Back' link on confirm view (#3894) r=vladikoff (b6ddc02)
  • client: Reword and slowly fade in the resend account verification email link (17b2cfe), closes #2654
  • client: users from login and registration to about:accounts (#3870) r=vladikoff (6a59d8c), closes #3421
  • metrics: send reminder param to account verification (#3871) r=vbudhram (c3c04f8), closes #3864

Refactor

  • errors: catch interpolation error (#3917) r=vladikoff (5703853), closes #3846
  • settings: Code migration from settings-mixin to settings.js (#3873) r=vladikoff (cba214b), closes #3091
  • signup: remove exclude_signup support (#3883) (a2ff648)
  • tests: Refactor the change password tests to use helpers. (#3910) (aa14f05)

style

  • devices: improve current device design (#3828) r=vladikoff,shane-tomlinson (a88c1c8)

0.64.0 (2016-06-22)

Bug Fixes

  • client: Filter unwanted fields in call to /recovery_email/status (#3839) (317c9cf)
  • client: force numeric input for age field on signup page (#3803) r=shane-tomlinson,vbudh (0e96539)
  • client: Show a sensible error message if basket is unavailable. (#3867) r=vladikoff,jbuc (9ca06dd), closes #3866
  • confirm: change resend email limit to first 4 attempts (#3816) r=vbudhram (f02bf19), closes #3777
  • eslint: update eslint-config-fxa version (#3853) r=vladikoff (eab5cc6), closes #3852
  • links: adjust mobile app links (#3815) r=vbudhram (58a837c), closes #3692
  • metrics: Remove the caching sha from urls in the sentry stacktrace (#3861) r=vladikoff (242f24e), closes #3829
  • mozlog: update to 2.0.4 (#3826) r=vladikoff (5b7d707)
  • nsp: add advisory 117 to list of known issues (3f1de6e)
  • nsp: add to ignore list (49f42c6), closes #3857
  • nsp: update packages to fix nsp warnings (#3849) r=vladikoff (b4051af), closes [(#3849](https://github.com/(/issues/3849) #3848
  • password: Add missing unit tests (#3812) r=vladikoff,TDA (23eebb7)
  • permissions: remove line break on permissions page (#3834) r=vladikoff (f78187a), closes #3833
  • rtl: rtl weird behavior with special characters (#3824) r=vladikoff (21d2dfd), closes #3811
  • spelling: change stength to strength (#3819) r=vladikoff (0abbdfd), closes #3818
  • tests: ensure no leftover firefox-bin are running (#3820) (0f52dcb)
  • tests: ignore error from killall firefox-bin (d14d7be)
  • tests: show selenium version from /wd/hub/status at test start (#3804) (cd02afd)

chore

  • l10n: Remove the placeholder strings for fxa-83 (#3856) r=vbudhram (abe1496)
  • marketing: Use more specific text for the marketing opt-in. (bb7a71f)
  • tests: Remove listenForWebChannelMessages calls from tests. (#3768) r=vladikoff (c68e130)
  • tests: Update avatar.js to use functional helpers, remove listenForWebChannelMessages. (1385213)
  • tests: useTeamCityReporter=true for intern_server tests (#3823) (81f355e)

Features

  • client: Signin confirmation (#3671) (7c5aee4)
  • experiment: add show-password experiment (#3801) r=vbudhram (03debc1)
  • metrics: add statsD/DataDog tag if user is part of experiment (#3836) (bd7dec8)
  • styles: Add support for .woff2 (#3844) (b204544)
  • tests: Filter unwanted lines from the mocha stack trace. (#3813) r=vladikoff (34fa5d7)
  • verify: Pass service param when verifying email address. (#3757) r=vbudhram (2ea10df)

Refactor

  • cocktail: change _.extend to cocktail.mixin (#3830) (25a1ad8)
  • flowId: optimize get-index route by adjusting flow-metrics (263d859)
  • styles: refactor sass variables (#3783) (4c929a4)
  • tests: Use a helper to get the remote reference. (#3808) (f32761e)

style

  • colors: restyle buttons, links and labels to conform to mozilla style guide (#3755) (3925684)
  • devices: make devices and buttons responsive (#3825) (050cb73)
  • gravatar: left align label (#3842) (8dfd207)
  • links: stack side-by-side links (#3817) r=vladikoff (8476364), closes #3798

0.63.0 (2016-06-01)

Bug Fixes

chore

  • deps: Update fxa-js-client to 0.1.39 (#3787) r=vladikoff (5ceea48)
  • markdown: port marked to remarkable (#3746) r=pdehaan,vladikoff (ba542f7), closes #3728
  • npm: update shrinkwrap (#3771) (f7dccbb)
  • nsp: Exclude moment CVE from nsp checks (#3756) (02adab5)

Features

  • client: Handle the upcoming /complete_signin route. (bde60b4)
  • client: Stop passing 400 page error messages via query parameters. (#3715) r=vladikoff (2cad043)
  • metrics: Generate flowId on the server (#3736) (48919e1)
  • robots: adjust robots config to use "noindex" everywhere. (#3604) (f6ed899)
  • tests: Add a functional test for re-verifying an account. (#3781) (b2ef9c1)

Refactor

  • client: Prepare for pw change/reset endpoints to return session data. (#3747) (8d4b359)
  • tests: Refactor many functional tests to use helper methods. (#3751) (09585b4)

0.62.0 (2016-05-18)

Bug Fixes

  • base64url: Trim padding per RFC 7515. (#3713) r=vladikoff,rfk (585520d)
  • client: handle async invalid token on signin (#3681) r=shane-tomlinson (e484bd4)
  • server: add extra body check for report error (#3709) (c65cbcd), closes #3708
  • server: add extra body check for report error (#3709) (f10868d), closes #3708
  • style: Autofocus on submit button and added tabindex (#3703) (322902c)
  • styles: change focused fields color scheme (#3727) (fdae81a)
  • styles: increase bottom margin for old password field (#3724) (eac3bee)
  • styles: replace clear sans with fira sans (#3685) r=shane-tomlinson,ryanfeeley (4798131)
  • teamcity: use optional TeamCity reporter (#3749) r=vladikoff (abc2e0b)
  • tests: add missing test runner dependency: helmet (#3723) r=vladikoff (0e92554)
  • tests: adjust oauth 123done tests for logout (#3722) r=vbudhram (e6bd768), closes #3721
  • tests: Fix the failing functional test. (#3706) r=vladikoff (2b6f3d7), closes [(#3706](https://github.com/(/issues/3706)
  • tests: Fix the failing functional test. (#3706) r=vladikoff (8747e0d), closes [(#3706](https://github.com/(/issues/3706)
  • tests: some functional tests are not cross-dependent anymore (#3719) r=vladikoff,shane- (f4fd9cf), closes #3716
  • tests: speed up the relier unit tests (#3717) (8bb3edf)
  • tests: use sessionstorage for testing webchannel messages (#3741) r=shane-tomlinson (b750cd5)

chore

  • cleanup: cleanup gitignore (#3734) (297e00a), closes #3733
  • docs: update npm version in README (5c62196)
  • sass-lint: add sass linting (#3732) r=vladikoff,pdehaan (c4d2def)

Features

  • client: Fully validate email and uid in the relier. (#3711) (298be44)
  • client: pass metrics context metadata to the back end (#3702) r=vladikoff (2ebc49a)
  • errors: Add messaging for new "request blocked" errno 125. (#3735) (aae3c5c)
  • locale: add Arabic locale support (#3726) r=vbudhram (4450796)
  • locale: enable Finnish locale (#3738) r=vbudhram (0ef9621), closes #3737

0.61.1 (2016-05-09)

Bug Fixes

0.61.0 (2016-05-03)

Bug Fixes

  • channels: fix iframe message parsing (a7c7ca2), closes #3602
  • client: update to fxa-js-client 0.1.37 (#3690) (d9ab90c)
  • metrics: Scrub PII from CSP reports (1549c87), closes #3689
  • signup: Update button text on signup and CWTS pages. (203f905), closes #3623
  • views: do not show session expired warnings in views (#3700) r=vbudhram (6103a64), closes #3222

chore

  • docs: update comment (49a4477)
  • docs: update README with new Selenium versions (#3701) (cf9de81)
  • nsp: Add .nsprc config file to ignore NSP warnings (db49863)
  • tests: Sort the front end unit tests alphabetically. (2d7ffc9)
  • travis: drop node 0.12 support (6af6274)

Features

  • client: implement resume token validation (#3682) (148f42a)
  • client: Remove synchronization of unmasking on change password fields (cd782c3)
  • metrics: emit flow.begin event from metrics endpoint (#3683) (8942991)
  • metrics: update to support Sentry 8 and new raven.js (#3695) r=shane-tomlinson (e302894), closes #3599
  • server: Enable CSP! (#3627) (bc714b0)

Refactor

  • client: move fxaClient access out of view (#3696) (dc579de)
  • csp-reports: Updates based on @vladikoff's feedback (864deb5)

0.60.0 (2016-04-19)

Bug Fixes

  • client: Clear resetPasswordConfirm flag after successful reset. (b72c27c)
  • client: Do not skip "reset password" screen in force_auth. (b22eeb4), closes #3477
  • client: Reduce the number of parseMessage errors. (37e8f04), closes #3594
  • client: Remove support for Iframed OAuth flows. (5d19757), closes #3628
  • client: Sign out messages disappear when user starts typing (198070e)
  • client: isPasswordAutocompleteDisabled removed (7fb7dae)
  • deps: update most prod deps (a5ae334)
  • deps: update node-uap version (b43ecdd)
  • deps: update to bluebird 3 promises (b5f5f17)
  • strings: fix device string (c4a85c8)
  • tests: Fix the failure on addEventListener. (371f091), closes #3408
  • tests: adjust checkbox test to click on labels properly (fd3c658), closes #3618
  • tests: update device tests to wait for device delete request (84a34df), closes #3405

Features

  • client: Show a startup spinner on startup (e8f3252), closes #2980
  • client: Smooth out the "reset_password_confirm=false" flow. (17e27c1)
  • client: Strict validation of email and uid on force_auth (f666c8b), closes #3040
  • reset: add reset_password_confirm parameter to allow auto submit (59bfb5f)
  • signin: handle new account must reset error (126) (b2908af)

Refactor

  • client: Convert durations into duration-js (8795b14), closes #1657
  • client: Extract account reset logic into a mixin to be shared. (7bc28f6)
  • client: Extract open-gmail logic into a mixin to be shared. (007d470)
  • client: In siginin, rename .prefill to .prefillEmail. (489a80f)
  • client: Move error reporting from app-start a shared module. (ea12cc5)
  • logging: Add error module (13858f3)

chore

  • ci: add circleci scripts into tests (235e20d)
  • client: Add the strings needed for the email reconfirmation feature. (efb639f)
  • client: Alphabetize a couple of out of order dependencies. (39dd282)
  • deps: update devDeps (b7a2862)
  • deps: update to Intern 3.1.1 (aa14ce6)

0.59.0 (2016-03-21)

Bug Fixes

  • confirm: do not show errors during confirmation polling (944fc5e), closes #2638
  • metrics: limit Sentry stack frames (293ab07), closes #3167
  • tests: server tests now require bluebird and lodash (39461dd)

chore

  • docs: add a link to prod content server (659bd3c)
  • docs: Document helper functions added in #3595 (2255991)
  • tests: Add a missing unit test for views/confirm.js (5ac2347)
  • travis: unlock node.js versions (0cf6289), closes #3586

Features

  • client: Better handling of deleted accounts on /force_auth (485433f), closes #3057 #3283
  • client: joi like validation of query parameters (d9e18ea)
  • referer: Only send origin in referer header, not whole URL. (f12b67b)
  • server: emit the new flow.begin activity event (5b74706)

Refactor

  • tests: Overhaul the force_auth tests. (89de5cd)

Reverts

  • server: remove server-generated flowId and flow.begin event (83f0503)

0.58.1 (2016-03-09)

Bug Fixes

  • build: Fix grunt build exception if server template open in vim (d6c9661), closes #3581
  • client: Only normalize scopes for trusted reliers when prompting for consent. (8aa23fe)
  • server: Ensure the 400 page prints error messages in production. (1279cff), closes #2070 #3572
  • tests: add htmlparser2 dependency to teamcity/run-server.sh (26d33af)

chore

  • tests: Functional test for trusted relier that prompts for consent (c89ceb1)

Refactor

  • client: Simplify url.js->searchParams (ed3c190)

0.58.0 (2016-03-08)

Bug Fixes

  • build: copy error pages into dist, not app (118e2c8)
  • client: forbid single-part domains in email addresses (4c42f47)
  • client: Handle old accounts that contain accountData (479b7dd), closes #3466
  • client: Only send login notices to Fx if all data is available. (53fe05f), closes #3514
  • server: Allow the /signin, /signup, /reset_pasword to be framed (f513fb2), closes #3518
  • test: Ensure addEventListener exists before invoking. (918cf7b), closes #3408
  • tests: allow setting fxaDevBox with teamcity run-server.sh (62b8b58)
  • tests: don't quote commit value (might have leading spaces) (d25225b)
  • tests: Fix test timeout with selenium 51 (9021c28)
  • tests: handle OUT: garbage from jsawk (6b268ea)
  • tests: update modules to match package.json, and jsawk fix (d36f285)
  • tests: update teamcity server test driver (902195c)
  • validation: Add validation to optional params in models and reliers (46cc1ad), closes #2025 #3490 #3452

chore

  • client: Update fxa-js-client to 0.1.34 (fdd9f4e)
  • git: Remove built app based error pages from .gitignore (ebf464c)
  • strings: Add strings needed for update password reset flow (fb5087c)
  • tests: latest4 is also an fxa-dev box (8b57f1e)
  • tests: Pre-merge cleanup of tests and HTML. (5844134)
  • tests: Remove hard coded client_id from oauth choose redirect tests. (5064b69)

Features

  • amo: Signin/Signup based on email query param with existing account (d30d508)
  • build: Prepare to serve static content from a CDN. (93209b2), closes #3447 #3462 #3463
  • client: Add a mixin to handle updating external URLs on Fx for iOS (f2f7fc1)
  • server: add hard crash maintenance mode template (b168cf2), closes #3103
  • styles: Updated password reset flow (822ab77)

0.57.0 (2016-02-23)

Bug Fixes

  • client: Do not show the easter egg if in an iframe. (b59e4fe), closes #3483
  • client: Fix error message behavior post-screen transition. (7da39a8), closes #3503
  • client: Fix password reset in e10s. (2211306)
  • client: Fix show/hide password toggle on force_auth (6033838), closes #3532
  • client: Fix uploading an avatar from file (0d87a98), closes #3519
  • client: Focus the display name field when opening the panel. (21634ba), closes #3517
  • cwts: show all sync engine options to all clients (98d1059), closes #3494
  • devices: remove plural strings from connected date (02d493b), closes #3510
  • metrics: Report Windows 10 metrics reporting. (045ad50), closes #3445
  • style: Cleanup sync options styling (6d8cd85)
  • teamcity: record content,oauth,profile,auth version (latest4) (3190cb0)
  • tests: adjust case sensitive tests for sync v2 (82946a2)

chore

  • client: Add the strings for PR #3426 (bc80f3a)
  • client: signin from signup final touches (7ef7ae9)
  • install: Sort the dependencies in package.json (3c0d651)

Features

  • build: Add SRI integrity attributes to static resources. (4b23a90), closes #3449
  • client: Add support for prompt=consent for OAuth reliers. (041b9fa), closes #3505
  • client: allow users to sign in from sign-up view (b513701)
  • client: Expand the permissions screen. (851446a), closes #2477
  • cwts: enable choose what to sync in fx-firstrun-v2 and refactor other cwts auth_broker (c5d28cc), closes #3365
  • sass: add hover and active states for avatar upload dialog buttons (fca16ac)

Refactor

  • test: Image uploader functional tests upload images. (859b7c0)

0.56.0 (2016-02-10)

Bug Fixes

  • client: Do not sign out of Sync when visiting /force_auth (f96672c), closes #3431
  • client: Ensure status messages are shown on the signup page. (dfeb53b)
  • client: Ignore postMessages from chrome://browser (7010bbd)
  • client: No more redirect to signin_complete w/ fx_desktop_v2 (723da2b), closes #3330 #3353
  • client: Update the _redirectTo stragglers, add tests. (da5fbfe)
  • confirm: fix openGmail button visibility (aa122cb), closes #3487
  • experiments: update to train-55 experiments (01459b6)
  • metrics: Filter obviously invalid StatsD timings (cdeac93)
  • metrics: Send an error's context as a Sentry report tag. (8bdfd57), closes #3470
  • spelling: fix a few typos (8394a57)
  • teamcity: record content,oauth,profile,auth version (f2672a0)
  • test: Fix the attempt to use webcam for avatar functional test. (18b0c6d), closes #3455
  • travis: lock node versions until new versions are supported (ad92350)

chore

  • client: Add a unit test for sign_up.js->onAmoSignIn (d1364e2)
  • client: Add the AMO migration string to strings.js (2f8c721)
  • client: Remove submit from ForceAuthView. (d221aed), closes #3438
  • client: Remove the extra mixins from the ForceAuthView. (6316053), closes #3437
  • docs: Add migration possible values documentation. (8d0e17a)

Features

  • client: Enable "Sync Preferences" from the firstrun flow. (539ed50), closes #3417
  • confirm: promote "open gmail" to a feature (833358d), closes #3368
  • migration: Updated to support AMO migration through the migration query param (949f717)
  • sass: use custom SVGs for avatar upload buttons (21c2821)

Refactor

  • client: Extract accountKeys, relierKeys to the Account model. (3fdef3f)
  • relier: remove isFxDesktop(), it is not used (888dd3f)

0.55.0 (2016-01-26)

Bug Fixes

  • client: enforce validation of notifier event data (7002c76)
  • client: Fix the browser back button in the firstrun flow. (6c306e0), closes #3296
  • client: tolerate missing _formPrefill in signed-out-notification-mixin (cf2c6c7)
  • config: switch to readable config values (d9326cc), closes #2874
  • devices: format connected date (20eb09a), closes #3377
  • metrics: Reduce the number of localStorage errors in Sentry. (aedb762)
  • sentry: adjust cache busting files for Sentry (2a85d0a), closes #3420 #3363
  • template: update cookies required message to include local storage (59672c5), closes #3129
  • test: Fix the 'sign in with a second sign-in tab open' test. (8fd9ef5), closes #3380

chore

  • client: Remove the unused ConfigLoader dep from cookies disabled. (5c33eb8)
  • deps: update to latest fxa changelog (675a95e)
  • docs: update node version (5a500c5)
  • docs: update servers and selenium version (bf92684)

docs

  • contributing: Mention git commit guidelines (7f3cfcd)

Features

  • client: Log localStorage errors on startup. (49aedc8)
  • client: Report email opt-in status to firstrun page. (cd7fa8b), closes #3411
  • client: Support the newest navigator.mediaDevices API for fetching avatars (3913f55)
  • docker: Additional Dockerfile for self-hosting (2db851c)
  • metric: Add metric to track when user successfully changes their password (14c3344)
  • sass: Show a spinner while loading a ProfileImage. (f360c9c)

Refactor

  • client: Better Account field sandboxing (d432199)
  • client: Further data sandboxing (afe52ee)
  • client: Simplify the _isEmailFirefoxDomain function. (ea29e57)

0.54.0 (2016-01-12)

Bug Fixes

  • client: fx-desktop-v2 broker halts before signup confirmation poll. (34c9728), closes #3330
  • client: Only send internal:* messages across the InterTabChannel. (1e169b8)
  • csp: make CSP reports more detailed, remove sample rate (41d919c), closes #3297
  • docs: remove outdated Docker docs (4487573)
  • metrics: optimize StatsD tags for performance (207556a), closes #3349
  • signup: disallow @firefox email field during sign up (56465b2), closes #3332
  • sourcemap: add head.js sourcemap (fdb822c), closes #3355
  • styles: fixes avatar styling to be consistent with fx desktop, fixes #3276 (e3bd998), closes #3276
  • styles: update age styles to work properly in latest Firefox (c6da26c)
  • teamcity: allow GIT_COMMIT to be set via environment (d2147c7)
  • tests: allow unset value of GIT_COMMIT (1dd0fd7)
  • tests: Fix the communication preferences tests. (ae1104f), closes #3357
  • tests: improve iframe functional tests (969b0b9), closes #3361

Features

  • client: Add a "Sync Preferences" button for fx-desktop-v3 broker. (7fd2855), closes #3079

Refactor

  • client: Add retrySignUp and verifySignUp to the Account model (cf6700a)
  • metrics: remove unused metrics tags (d086fa0), closes #3346

0.53.0 (2015-12-30)

Bug Fixes

  • client: focus first input in choose_what_to_sync (1196b27)
  • ux: fix checkbox styling in the choose what to sync screen (1653f9)
  • ux: minor tweak to the button spinner in mobile view (c5b40e1c)
  • tests: add config to run latest with node 4.x (30fc761)
  • tests: fix functional tests for oauth and password reset (ca18a0c)
  • deps: update to Intern 3.0.6 (990a8d0)
  • deps: update prod dependencies (7fd2b82)
  • snippet: remove extra Firefox for iOS string (9f4a359)

Refactor

  • client: Move some view based reset password logic to mixins/models (9561faf)

0.52.0 (2015-12-15)

Bug Fixes

  • devices: rename lastConnected to lastAccessTime (9ec1ff6)
  • openid: add lint and tests to openid routes (d63f8ed)
  • server: fix server test for post-csp (315340e), closes #3300
  • tests: add openid .well-known endpoint test (dd68356)
  • tests: fix functional test iframe failure (fad077c), closes #3306
  • tests: remove special rules for copied locales (28a8396)
  • travis: build and test on 0.10, 0.12 and 4.x (ba4d829)

Features

  • openid: add /.well-known/openid-configuration route (8cf2ec5), closes #3299

Refactor

  • client: Move deleteAccount logic from view to user.js/account.js (dbc531c)
  • client: Use the Account's isSignedIn method in base.js (f6bf420)

0.51.0 (2015-12-02)

Bug Fixes

  • devices: improve testing coverage and clean up (4163505)
  • docs: add browser support section (cd3a975)
  • experiments: bump experiments to train-51 (0de6c33)
  • tests: use bower@1.6.5 in teamcity tests (b9ab071)

Features

  • deps: update fxa-js-client to v0.1.33 (b77145b)
  • devices: basic device UI for the settings panel (20c305d)
  • l10n: Add translatable string for a "Help" link. (bdbf4b5)

Refactor

  • client: Move View creation logic out of router.js (74556db)

0.50.0 (2015-11-17)

Bug Fixes

  • avatars: updated the avatar to the latest haired one (327d67d)
  • client: fix name clash with web-channel events (7148184)
  • client: update Firefox for iOS marketing snippet (1373e4c), closes #3280
  • csp: Fix the default-profile.svg CSP error. Code cleanup. (4200976)
  • experiments: bump experiments to train 50 (a4fdd11)
  • l10n: remove locale copying (e0387cf)
  • l10n: remove redundant l10n files (b36f782), closes #3258
  • tests: add a way to disable client metrics stderr (64e79a5), closes #3158

Features

  • csp: enable report only CSP in production (2fbe096), closes #1426

Refactor

  • client: Convert app to the Simplified CommonJS wrapper. (6a4c81a)
  • client: Replace interTabMixin with notifierMixin. (2b4a3d7), closes #3244

0.49.3 (2015-11-06)

Bug Fixes

  • client: fix name clash with web-channel events (8e23d6d)

0.49.2 (2015-11-04)

Bug Fixes

  • build: adjust shrinkwrap due to a failing SHA (56e346f)
  • config: switch default config to use consistent server values (0a6fa42), closes #1543

Features

  • docs: Document WebChannel communication with the browser. (bd91b48), closes #1262

0.49.1 (2015-11-03)

Bug Fixes

  • client: rename broadcast to triggerAll (98b383d)
  • experiments: update experiments to latest branch (93111f6)
  • tests: fix server test for the pt locale (95ea6b6), closes #3254

0.49.0 (2015-11-02)

Bug Fixes

  • client: Do not use the OAuth Redirect broker to verify Sync sign ups. (f419efd), closes #3215
  • client: Remove /force_auth query params upon successful signin. (bb3da5e), closes #2071
  • client: clear query params on sign-out (0f73d4c)
  • client: clear relier uid on sign-out (aff6073)
  • client: remove debug logging from crosstab (568518b)
  • cwts: update "choose what to sync" design. (d05147c), closes #3183
  • cwts: update column design to properly align the data types (ae578e4), closes #3246
  • design: update "Choose what to sync" image r=vladikoff (32797fd)
  • l10n: copy pt_PT to pt in l10n (ef70dac)
  • tests: Disable grunt validate-shrinkwrap for now. (3c86c84), closes #3237
  • tests: close unclosed window in functional test (fdebd27)

Features

  • build: Add the git sha used in the build to the production JS. (998dfac), closes #2625
  • client: Show the button on verification tab in Fennec (5accebb), closes #3140
  • client: Use the BroadcastChannel instead of crosstab if available. (774ce7c)
  • client: Use the newest crosstab, which presents a more sane API. (3f2199f)
  • client: synchronise signed-in state across tabs (ecebd94)
  • cwts: add Choose what to sync to fx_desktop_v2 (e9b05ec), closes #3213
  • docs: Document all base authentication broker method parameters. (0143f04)
  • ios: add choose what to sync for Firefox for iOS 2 (8d797c6), closes #3139

Refactor

  • client: Unify callback data in InterTabChannel and Backbone.Events (9136ab5), closes #3229
  • client: extract hard coded key codes (b5a584b), closes #3163

0.48.0 (2015-10-20)

Bug Fixes

  • build: Fix the eslint indendation errors. (8f2bd3c), closes #3189
  • build: extend r.js timeout for building production (346fa46), closes #3166
  • client: Ensure /signin is visible when users sign out after verification (dc67988), closes #3187
  • client: Log the correct screen name for the settings panels. (ee07505), closes #3029
  • client: Only allow one profile request per account per tab session. (c7067cd)
  • client: Suppress spurious login messages to the browser. (23fbe8b), closes #3078
  • coppa: move to age input coppa (2341e83), closes #3137
  • experiments: bump to train 48 experiments (97b30f2)
  • links: align secondary links (10309fb)
  • messages: misaligned success and error messages (00ccec5)
  • metrics: Fix the refresh metrics when refreshing a settings subpanel. (d4a5307), closes #3172
  • settings: add floating labels to delete account and display name (6f3e650), closes #2848
  • settings: make header bottom margin uniform (ed6981c)
  • settings: remove underline on links (ee7235e)
  • signup: tooltips no longer removed when pressing an arrow key (80ae84b), closes #1858
  • tests: Fix functional tests when run against a remote server. (21b19b7), closes #3174 #3182
  • tests: Fix the communication preferences tests. (9b6762c), closes #3176
  • tests: Force installation of fxa-jwtool for the oauth server (9a99eea)

Features

  • coppa: better support for COPPA warning on FxiOS (abbb302), closes #3164
  • ios: hide "Choose what to sync" for fx_ios_v1 (5c6bf2a), closes #3141

Refactor

  • basket: extricate basket proxy server into its own repo. (0882f5f)
  • client: Extract router.onAnchorWatch into a new view, AppView. (292d725)
  • client: Simplify the floating placeholder mixin logic. (d0f3aca)
  • client: move router.showView logic to the AppView. (d00708d)
  • test: Allow fillOutSignUp to accept an optional age. (2646dd4)
  • tests: Reduce boilerplate in the settings functional tests. (607f672)

0.47.1 (2015-10-07)

Bug Fixes

  • lint: disable object-literal-order-checking in basket proxy server. (a4ebfd5)
  • basket: revert "refactor(basket): extricate basket proxy server into its own repo."

0.47.0 (2015-10-06)

Bug Fixes

  • checkbox: make custom checkbox label clickable (5a7dcc6), closes #3132
  • client: Fix the confirm_reset_password screen polling logic & tests. (6cd7dc1), closes #2483
  • client: Show the success message for 5 seconds to help functional tests. (10a882f)
  • config: copy 'local.json-dist' to 'local.json' if it don't exists (0eefb94), closes #2619
  • deps: bump dependencies (6964d0c), closes #3064
  • l10n: Do not show fuzzy strings to users. (e1fe471), closes #3113
  • server: Fix server crash if metrics event does not include type (0703cc0), closes #1208397
  • settings: Unblock rendering of settings on communication prefs screen (2118e53), closes #3061
  • settings: clean up compressed landscape layout (aa585af)
  • signup: show red border only after tooltip rendered (ef08d86), closes #1865
  • styles: make setting header UI better (b907fdc), closes #3055

Features

  • build: Object literals must be sorted alphabetically. (8067c62)
  • client: Add View behavior functions instead of passing around objects. (4af0916)
  • client: Add support for new fennec screens. (8698f01)
  • client: Add the beginning states of capabilities. (ec9ddab)
  • client: Choose what to sync on the web (9beaaad)
  • client: Follow on /settings updates. (20faf0e)
  • client: Start on view behaviors. (ba0b7bc)
  • i18n: Enable Romanian (05abfd1), closes #3125
  • metrics: Add a loaded event that is logged after first screen render. (404bc9b), closes #3100
  • signup: add new checkbox style (5633045), closes #2302
  • test: Add more /force_auth functional tests. (3afdc32)

Refactor

  • basket: extricate basket proxy server into its own repo. (2b53107)
  • client: Start email confirmation polling in afterVisible. (a37eb6f)

0.46.0 (2015-09-23)

Bug Fixes

  • client: Only one sessionStatus check call should be made from /settings (51bc0c5), closes #3007
  • client: Reuse assertions for a given sessionToken for the duration of the browser tab. (2bf08ab), closes #3085
  • client: Smooth out the /settings page load. (207dfd6)
  • styles: adjust line-height for settings (0d4af0b), closes #3052
  • tests: Fx updates, improve progress output (fbeba0f)
  • tests: on first time, run the update (a7769bc)
  • tests: only update lastupdate file on success (b7b0921)

Features

  • openid: base OpenID login (as xhr) (25bba0f)

Refactor

  • client: Alphabetize deps and hash keys in metrics.js (4756620)
  • client: Alphabetize deps, routes and object keys in router.js (092f37b)
  • client: Rename the FxDesktopRelier to the SyncRelier (2e11bf0)
  • client: Tease appart the FxSync and FxDesktopV1 auth brokers. (cc963ab)
  • server: Alphabetize the FRONTEND_ROUTES array. (0474246)
  • test: Alphabetize the routes to test in the pages functional test. (719c67c)

0.45.1 (2015-09-17)

Bug Fixes

  • force_auth: make sure force_auth supports the Firefox password manager (01bcd8e), closes #3049
  • style: Fix the signin/signup width on mobile devices. (39e2ada), closes #3060
  • tests: Fix the cookies disabled functional tests. (002b899), closes #3066

0.45.0 (2015-09-11)

Bug Fixes

  • avatar: correctly center camera preview (ae9ee07)
  • avatars: render the camera preview properly in portrait and landscape mode (d33e369)
  • build: adjust eslint settings (ff1fd47)
  • client: Allow the firstrun flow to halt after signin. (9686548), closes #2945
  • client: Clear form prefill info after signin/signup/signout. (91f0608), closes #3034
  • experiments: include confirm view verification (d976d3c)
  • l10n: remove const keyword that breaks acorn JS parser (32afb92), closes #3005
  • lint: disallow const keyword (0b88aca)
  • metrics: prevent utm parameters from being dropped after verification (edde78a), closes #2937
  • styles: adjust specific signup input help styles (47ad129)
  • tests: add proper promise return to firstrun (1882757)
  • tests: adjust experiment return signup url (354f88a), closes #3047
  • tests: update iOS signup tests to refelect new exclude_signup=1 behaviour (79c2de4), closes #3030
  • tests: update travis to firefox 40 (0f0f955)
  • version: use explicit path with git-config (cec9e9f)

Features

  • delete_account: notify observers of a logout event (d74c972), closes #2993
  • l10n: add fa as a supported locale. (7690dcd)
  • metrics: Send navigationTiming stats to StatsD. (0842fa4)
  • metrics: add ga pageviews (b7830c8), closes #2898
  • settings: "forgot password" affordance to change password (936c64b), closes #994
  • verification: organize verification experiments (07a6b6d), closes #2673

Refactor

  • client: Add BaseExperiment.extend to simplify experiment extension. (24cf4b8)
  • client: Cleanup and unification. (b563c3e)
  • client: Move back button related code from base.js to back-mixin.js (230510d)
  • client: Only allow exclude_signup=1 if the context=fx_ios_v1 (9d9d560)
  • client: Pass a NullStorage instance to experiments for unit tests. (aacffd2)
  • experiments: add docs, change to view.notify, fix up tests (e0d1b2f)

0.44.1 (2015-08-25)

Bug Fixes

  • account: handle unverified attempts to request profile data (ba49d4b)
  • avatars: allow users to change their avatar if they have/had one (4efe6fd)
  • avatars: use an error object instead of string to ensure it is not logged twice (487abc5)
  • client: Handle the entryPoint query parameter. (67b54fc), closes #2885
  • client: Only make profile requests if a valid accessToken exists. (f73ccde)
  • deps: update dev dependencies (e6ee68f)
  • deps: update grunt-contrib-uglify to 0.9.2 (7caf769)
  • deps: update to express-able 0.4.4 (0a22e00)
  • easteregg: update easter egg SHA (9a9f7e3)
  • firstrun: increase response timeout for iframing (89d8d08)
  • forms: disable spellcheck (cc03c33), closes #2910
  • forms: remove spellcheck from reset_password (bfe7b0d)
  • input: remove autocapitalize on iOS (2ef1174)
  • metrics: Provide more detailed logging for errors fetching /config (e149da2)
  • metrics: measure how helpful mailcheck is (ff13860), closes #2819
  • metrics: move screen metrics to ga from datadog (8c2731f), closes #2614
  • profile: avoid creating new instances of account (981660c)
  • profile: do not request an access token when saving an account (59efae0)
  • reset: improve the reset password caveat copy (0d32d07), closes #2762
  • sentry: remove noise from referer header in sentry (d6ad1cf)
  • server: add server route for /unexpected_error (c1342ef)
  • settings: always show avatars and fix modal cancel buttons (a1422a9)
  • settings: clean up amd dependencies (a885945)
  • settings: escape display name (0f21cdc)
  • settings: fix avatar modal (c2a8c6b)
  • settings: fix gravatar permission screen within modal (a1ad7cb)
  • settings: fix lint errors and mocha failures (46d49a0)
  • settings: fix page titles and other nits (36b3302)
  • settings: fix short page styling (cd19bb0), closes #2862
  • settings: move sub panel logic from settings to a separate subPanel component (a5a56e8)
  • settings: prevent flicker when leaving settings page (55f8936)
  • settings: refactor sub panel template so that it is not empty (0d484e3)
  • src: Fix a typo: UNVERIFIED=>UNVERIFIED_ACCOUNT (b40b735)
  • strings: change "Already have an account?" to "Have an account?" (2d28f3e), closes #2753
  • tests: Fix the failing avatar functional tests. (fb59c19), closes #2987
  • tests: Speed up the iframe origin tests. (e908d70), closes #2986
  • tests: do not compare flushTime property in storage-metrics tests (72cf1bc), closes #2984
  • tests: fix gravatar permission tests (56d9e1c)
  • tests: fix typo in tests (aa496ed)
  • tests: fix up flaky test for desktop credentials (c078458)
  • tests: remove misguided time-based assertion (2782f0a)
  • tests: restore functional tests (72d4969)
  • tests: switch from teardown and setup to improve stability (6a33723)
  • travis: install auth, oauth and profile servers for travis (26e768e)
  • user: cache the signed in account instance to reduce token fetching (8737367)
  • view: log errors in extended views initialize() (b08b5ac), closes #2964

Features

  • client: Cache busting on-demand load. (88c8f32)
  • client: Start on the FxFennecV1AuthenticationBroker (3095f21)
  • coppa: input based COPPA (64bfe86), closes #2108
  • deps: update production dependencies (ecbf309)
  • docs: Document email validation errors for signin/signup. (da90143), closes #2909
  • l10n: add en-GB as a supported locale. (bacd99e), closes #2942
  • metrics: add queue time to analytics (d62891d), closes #2903
  • sentry: include version in Sentry reports (a53db95), closes #2724
  • signup: Password Strength Checker (166b5e1)

0.44.0 (2015-08-24)

Bug Fixes

  • account: handle unverified attempts to request profile data (ba49d4b)
  • avatars: use an error object instead of string to ensure it is not logged twice (487abc5)
  • client: Handle the entryPoint query parameter. (67b54fc), closes #2885
  • client: Only make profile requests if a valid accessToken exists. (f73ccde)
  • deps: update dev dependencies (e6ee68f)
  • deps: update grunt-contrib-uglify to 0.9.2 (7caf769)
  • deps: update to express-able 0.4.4 (0a22e00)
  • easteregg: update easter egg SHA (9a9f7e3)
  • firstrun: increase response timeout for iframing (89d8d08)
  • forms: disable spellcheck (cc03c33), closes #2910
  • forms: remove spellcheck from reset_password (bfe7b0d)
  • input: remove autocapitalize on iOS (2ef1174)
  • metrics: Provide more detailed logging for errors fetching /config (e149da2)
  • metrics: measure how helpful mailcheck is (ff13860), closes #2819
  • metrics: move screen metrics to ga from datadog (8c2731f), closes #2614
  • profile: avoid creating new instances of account (981660c)
  • profile: do not request an access token when saving an account (59efae0)
  • reset: improve the reset password caveat copy (0d32d07), closes #2762
  • sentry: remove noise from referer header in sentry (d6ad1cf)
  • server: add server route for /unexpected_error (c1342ef)
  • src: Fix a typo: UNVERIFIED=>UNVERIFIED_ACCOUNT (b40b735)
  • strings: change "Already have an account?" to "Have an account?" (2d28f3e), closes #2753
  • tests: Fix the failing avatar functional tests. (fb59c19), closes #2987
  • tests: Speed up the iframe origin tests. (e908d70), closes #2986
  • tests: do not compare flushTime property in storage-metrics tests (72cf1bc), closes #2984
  • tests: fix gravatar permission tests (56d9e1c)
  • tests: fix typo in tests (aa496ed)
  • tests: fix up flaky test for desktop credentials (c078458)
  • tests: remove misguided time-based assertion (2782f0a)
  • tests: restore functional tests (72d4969)
  • tests: switch from teardown and setup to improve stability (6a33723)
  • user: cache the signed in account instance to reduce token fetching (8737367)
  • view: log errors in extended views initialize() (b08b5ac), closes #2964

Features

  • client: Cache busting on-demand load. (88c8f32)
  • client: Start on the FxFennecV1AuthenticationBroker (3095f21)
  • coppa: input based COPPA (64bfe86), closes #2108
  • deps: update production dependencies (ecbf309)
  • docs: Document email validation errors for signin/signup. (da90143), closes #2909
  • l10n: add en-GB as a supported locale. (bacd99e), closes #2942
  • metrics: add queue time to analytics (d62891d), closes #2903
  • sentry: include version in Sentry reports (a53db95), closes #2724
  • signup: Password Strength Checker (166b5e1)

0.43.0 (2015-08-04)

chore

  • chore(client): Add the Sync migration strings to strings.js (ac20b86)
  • chore(deps): Bump out of date deps. (d0b8915), closes #2784
  • chore(deps): update development dependencies (bf9f563)
  • chore(deps): update grunt-eslint to 16.0.0 (677a4c0)
  • chore(dev): add 'npm run start-production' command to make it easier to run the server in prod mode (679eeaf)
  • chore(docs): Fix a typo in the firstrun docs. (15f26ac)
  • chore(docs): Update the commit body guidelines to include the issue number (fcf4058)
  • chore(l10n): update pot files (164b9e7)
  • chore(lint): Remove the eslint complexity checks (3592d79)
  • chore(sass): update sass (cf5dadf)
  • chore(strings): add choose what to sync strings (73194ed)
  • chore(travis): remove libgmp-dev (492fd94)
  • chore(travis): update Travis to use npm 2 (7d6ac7d)

feat

  • feat(client): Add the FxiOSV1 Authentication Broker. (5cff1f4), closes #2860

  • feat(client): Provide fx_ios_v1 context string for use by FxiOS (2767a26), closes #2861

  • feat(client): redirect to the requested page after successful login (ccfbef4), closes #2821

  • feat(client): sign in/up messaging for migrating users (88a56ac)

  • feat(content-server): Easter egg for Cloud Services (70e1998), closes #2470

  • feat(deps): updating production dependencies (26c26f1)

  • feat(docs): Add info about the firstrun communication protocol. (6e18531)

  • feat(l10n): Add support for Hindi (hi) and Hindi-India (hi-IN). (c45edce)

  • feat(l10n): check if translated urls are valid (5d378e1), closes #2763

  • feat(test): Add signin functional tests for Fx on iOS. (bf4fadf)

  • Merge pull request #2686 from mozilla/convert-iframe-channel (9ec6b18)

  • Merge pull request #2737 from mozilla/phil/issue-2493 (6601361), closes #2493

  • Merge pull request #2781 from TDA/issue-2470-easter-egg-redesigned (131171c)

  • Merge pull request #2803 from mozilla/document-firstrun-protocol (456449e)

  • Merge pull request #2804 from mozilla/firstrun-docs-typo (bd43972)

  • Merge pull request #2805 from vladikoff/issue-2763-verify-translated-urls (dff66fa)

  • Merge pull request #2806 from mozilla/bump-eslint (34c6e30)

  • Merge pull request #2807 from vladikoff/update-deps-t43 (c7c4a18)

  • Merge pull request #2808 from vladikoff/prod-start (d679f9a)

  • Merge pull request #2809 from vladikoff/devdeps-t43 (94d56d7)

  • Merge pull request #2812 from mozilla/ios-metrics-missing (48dee30)

  • Merge pull request #2813 from mozilla/phil/issue-2493-postponed-navigation (8de80bf)

  • Merge pull request #2814 from mozilla/issue-2784-outdated-deps (8eda711)

  • Merge pull request #2816 from mozilla/issues-2513-2623-normalize-auth-errors (c144c51)

  • Merge pull request #2822 from eoger/issue-2821 (dcab648)

  • Merge pull request #2823 from mozilla/phil/issue-2786 (ee4443f)

  • Merge pull request #2826 from mozilla/issue-2789-de-eslint-complexity (b8db477)

  • Merge pull request #2833 from mozilla/issue-2830-correct-oauth-errors (d60dd9d)

  • Merge pull request #2839 from mozilla/add-hindi-support (0ccfb8d)

  • Merge pull request #2840 from eoger/issue-2837 (b98e8f3)

  • Merge pull request #2841 from mozilla/update-sass (e976839)

  • Merge pull request #2845 from mozilla/issue-2844-merge-warning-firstrun (0efbe4e)

  • Merge pull request #2846 from vladikoff/npm2 (4ed0589)

  • Merge pull request #2847 from eoger/contributing-body-fixes (640f6ac)

  • Merge pull request #2851 from mozilla/issue-2850-invalid-client-id (3bb62ae)

  • Merge pull request #2853 from mozilla/issue-2658-firstrun-signout (4b6ab6a)

  • Merge pull request #2854 from mozilla/remove-libgmp-dev (93f3641)

  • Merge pull request #2857 from mozilla/issue-2856-metrics-screen-name-order (73d8587)

  • Merge pull request #2859 from mozilla/issue-2858-one-mailcheckEnabled-choice (74160d5)

  • Merge pull request #2863 from mozilla/issue-2786-strings (d3eace6)

  • Merge pull request #2865 from mozilla/rfk/fx-ios-v1-context (c39d365)

  • Merge pull request #2866 from mozilla/constant-names (5cf3012)

  • Merge pull request #2868 from mozilla/issue-2860-no-signup-fx-ios (719b2ae)

  • Merge pull request #2869 from mozilla/choose-sync-strings (40783dc)

  • Merge pull request #2871 from mozilla/rfk/basket-api-timeout (42b73e2)

  • Merge pull request #2875 from vladikoff/i2495 (b4dc552)

  • Merge pull request #2876 from vladikoff/migrate-test-fix (66dcd79)

  • Merge pull request #2878 from vladikoff/exp43 (9b6beda)

fix

  • fix(avatar): cropper resize tests are more accurate (8c7f362)
  • fix(avatars): fixes blank avatars when session is expired (3d0e7eb), closes #2495
  • fix(basket): add explicit timeout when proxying to basket api. (7fde0f5)
  • fix(client): Do not allow firstrun Sync based flows to sign out. (a28fce6), closes #2658
  • fix(client): Fix incorrect OAuth errors in error table. (78ba49e), closes #2830
  • fix(client): Fix merge warning handling in the firstrun flow. (4914b73), closes #2844
  • fix(client): Invalid client id's show a 400 page, not 500. (cd898f5), closes #2850
  • fix(client): Normalize all errors from the Auth Server. (3a45d1a), closes #2513 #2623
  • fix(experiments): add train-43 experiments (9fa1fd4)
  • fix(metrics): Ensure a screen's name is logged before any of it's events. (25971d1), closes #2856
  • fix(metrics): Only check whether mailcheck is enabled once. (6de03f1), closes #2858
  • fix(metrics): minimize flush timeout and flush event metrics on blur event (5b22cb3), closes #2577
  • fix(metrics): postpone OAuth navigation until metrics are flushed (503e670)
  • fix(metrics): use sendBeacon where available (d45586e)
  • fix(tests): better migration message functional tests (ecb28ea)
  • fix(tests): use "afterEach" instead of "teardown" for sync settings tests (f49cafb)

refactor

  • refactor(client): Rename FX_DESKTOP_CONTEXT to FX_DESKTOP_V1_CONTEXT (146dd54)
  • refactor(client): Rename FX_DESKTOP_SYNC to SYNC_SERVICE. (5dc8b7a)
  • refactor(client): Simplify the app-start error reporting/redirection. (918ff9c)
  • refactor(client): The IframeChannel is now DuplexChannel based. (aa15de2)

0.42.0 (2015-07-21)

Bug Fixes

  • able: update shrinkwrap (d8fa3019)
  • avatars:
    • resize avatars before cropping them (decc26c8)
    • error message does not overlap with the default avatar anymore (5f5284f7)
    • ensure uploaded avatars dimensions are 100x100px at least (43580105)
    • replace the word Home by Back (c8b9bb10)
  • client:
    • Hide the border around the marketing snippet for the firstrun flow. (a84e2546)
    • Ensure COPPA errors are logged. (628b62c8)
    • Handle 4xx and 5xx Basket errors. (bc862acb)
    • Ensure the password manager has an email to work with. (ff38e16a)
    • Firstrun flow should not halt the screens after login. (a178fa0b)
  • config:
    • add production experiments config file (8c87743d)
    • use dev branch of experiments (0f3bdbc2)
  • cookies: redirect to /cookies_disabled if storage is disabled (a24931f2, closes #2480)
  • forms: fixes regression with the floating placeholder (d9853f00, closes #2739)
  • log: log errors with no message (37af6e2a)
  • metrics: include coppa errors in metrics (3b5841a5, closes #2512)
  • oauth: handle short-lived access tokens for profile server requests (b372c806)
  • server:
    • remove 'Fxa requires JavaScript' message in ie8/9 Add conditional comment to not (158c041b, closes #2279)
    • let server task fail if port is in use (fb175809)
  • signin: Hide the Unauthorized avatar error (bc17e796)
  • styles: Hide the service name in the firstrun flow. (4d98dd1a)
  • sync: do not send sessionTokenContext to Firefox Sync (5b29830b, closes #2766)
  • tests:
    • show the firefox --version in test logs (f1c60a29)
    • only log "waiting" if too many attempts (427ef395)
    • set metrics.sample_rate based on FxaDevBox too (8b7d469e)
    • allow override of expected value from remote server (3e734189)
    • add fxaDevBox config param (6688dd73)
    • only update Fx binaries if they are stale (989243e5)
    • add a test runner for intern_server tests (1e551e37)

Features

  • avatars: enable the gravatar option with permission prompt (c2b5d96c, closes #2053)
  • client:
    • Send a signup_must_verify event to the firstrun page on signup. (da411363)
    • update to fxa-js-client 0.1.30 (d81207c5)
    • firstrun - notify the parent of important events. (aade4c77)
    • Pass Google Analytics query params to metrics. (b0f273a2)
    • Preserve uniqueUserId across email verifiation. (84063546)
    • campaign and entrypoint are sent to metrics on verification. (2c354ae0)
    • Add support for context=fx_desktop_v2 (8830562a)
  • metrics:
    • add server google analytics events (c549edfb)
    • Report all metrics to our backend. (bf71368e)
    • add timing metrics to the statsd collector (90c95c7f)

0.41.1 (2015-07-08)

Bug Fixes

  • templates: fixes issues with 50*.html templates in production mode (09e95013, closes #2663)

0.41.0 (2015-07-08)

Bug Fixes

  • avatars: Fix float imprecision errors when saving cropped image (b241c698)
  • client: Mozilla Payments flow is not considered an iframe. (82c1981d)
  • content-server: open TOS/PP in new tab if inside an iframe Check for presence of link inside ifr (a556142e, closes #2351)
  • icons: add a precomposed icon for apple devices to avoid extra 404 requests (df4dccd7, closes #2655)
  • lint: Fix the eslint camelcase errors. (b352476a)
  • marketing: add a bit of top margin to the opt in (042c210f)
  • styles: Fix the header spacing for the firstrun flow. (b855a72b)
  • tests:
    • check that content in all expected languages is available (89591f00)
    • adjust code to support IE10 (a1c7c203, closes #2378)

Features

  • avatars: add metrics for avatar cropping operations (79c05c97)
  • metrics: add Sentry metrics for front-end errors (9c11f69a)
  • oauth: allow access_type query parameter (ebcc10d4)
  • signup: adds mailcheck + ab testing (1553651d)

Breaking Changes

  • Developer's local.json needs to be updated to remove the api_proxy configuration parameter. (d69a64b1)

0.40.0 (2015-06-29)

Bug Fixes

  • avatars: rounded camera cropper in google chrome (5c4a1264)
  • basket: add a bit more logging to basket-proxy-server (2de3d6aa)
  • build: revert use script and force it to use function mode (faa0a02d)
  • client:
    • Supress the malformed WebChannelMessageToContent log for errors (531a2259)
    • Fix the submit button on communcation preferences page. (fa0df9c7)
  • lint: remove "use strict" from server code (745e569b, closes #2558)
  • server: inconsistent use of 'use strict' (38ab1c05, closes #1318)
  • tests:
    • restore first tests to run are signin and signup (c3d474a1)
    • use the regularly updated firefox binaries (8bb8e3b4)
    • fix Basket functional tests (6adf3c0d)
    • add a run script for beta on latest (bcb0e699)

Features

  • client:
    • Notify IFRAME reliers when the content height changes. (c698324b)
    • Add Easter Egg to Content Server (0a5ea8ed)
  • metrics: add uuid for metrics and able purposes (89ac7a58)
  • server: Support /v1/reset_password (043f6221)
  • style: The chromeless style hides the header. (7b12bbf6)

0.39.0 (2015-06-09)

Bug Fixes

  • avatars:
    • allow users to change their avatar if they have/had one (e6a9cd0d)
    • disable the gravatar option on avatar change (153f3d4c)
  • basket:
    • only destroy the token if we successfully acquired one (de4c26c7)
    • URI-encode email address in basket server urls. (a43061d3)
  • basket-proxy: tighten up param checking and logging (fa5aa01d)
  • client: Continue email verification flow on Basket server error. (919e64db)
  • docs: add verification_redirect to query params (5dff0821, closes #2438)
  • form: fixes form autofill for Firefox and paste for iOS (9b062568)
  • metrics: measure when users add or modify their profile picture. (e5b35659, closes #2294)
  • npm: move request to production dependency (dcd6a50c)
  • oauth: sanitize scope of untrusted reliers (f80a57fb)
  • test: Fix refreshes_metrics functional test on Firefox 18 (52c88e54)
  • tests:
    • more improvements to avatar tests to avoid remote timeouts (c7a44841)
    • improve legal copy tests and update avatar tests (11104f77)
    • skip functional/email_opt_in test if fxaProduction=true (c7fbe52c)
    • wait for ".error" to be visible; fixes #2475 (8ab41765)

Features

  • Email opt-in. (8c4246ec)
  • build: Compress the HTML files (39667b9a)
  • server: add basket proxy server (4cbfed3d)
  • tests: Add metrics in functional tests (18658991)

0.38.1 (2015-05-28)

Bug Fixes

  • oauth: sanitize scope of untrusted reliers (619b3429)
  • tests: wait for ".error" to be visible; fixes #2475 (436a47c7)

0.38.0 (2015-05-26)

Bug Fixes

  • avatars:
    • Redirect to settings/avatar/change on error (6b6a5f77)
    • cache the profile image after fetching (30601d4f, closes #2429)
  • client: Invalid scopes is an error message. (3f42a328)
  • docs:
    • add <screen_name>.refresh metrics event (d30a95b2)
    • add confirm resend metrics event (492f8bbf)
    • fix metrics documentation headers (dc24d386)
  • metrics:
  • oauth:
    • strip permissions that are not on the whitelist (a6a22c0a)
    • update verification_redirect to always redirect in same browser or show "proceed (3be6da92, closes #2436, #2402)
  • tests:
    • improve progress indicator coverage (51cb1058, closes #2465)
    • remove Test lib from verification_redirect (a38d8082)
    • update travis to firefox 38 (35d0027f)
    • Update the submit button selector for the permissions screen tests. (e67cbc30)

Features

  • / can be framed by allowed reliers. (aedfae9e)
  • client: Pass along a service and reason whenever signing a user in. (32812392)
  • lib: storage lib is now able to use sessionStorage (33c53def)
  • metrics: measure page reloads by user (29ede010)
  • oauth: signal action=signup or action=signin at end of oauth flow. (9016164b)

0.37.1 (2015-05-14)

Bug Fixes

  • metrics: track account deleted events (2c296a44, closes #2297)
  • oauth: serviceUri is not used for now so remove it (b361aba3)
  • tests: increase timeout for password reset tests (10a3fc6c)

0.37.0 (2015-05-13)

Bug Fixes

  • client:
    • Ensure ask-password metrics are only logged once. (bc336543)
    • getUserMedia check for avatar change. (0a0405bd)
  • oauth:
    • bring back oauth session clearing to WebChannels (7487fe65)
    • Ensure we can derive relier keys during the signup flow. (fd2fc72d)
  • signup: make email suggestion tooltip keyboard accessible (6d40efbb, closes #2185)
  • tests:
    • Fix the oauth permissions tests. (2b479e1e)
    • more timeout and fix element .end() for OAuth tests (6296db62)
    • add untrusted app to TeamCity configs (33a97662)
    • stabilize tos and pp functional tests (50994dc6)

Features

  • client:
    • Sync over WebChannel glue (92b118c9)
    • Add a DuplexChannel, convert the WebChannel to a duplex channel. (9b1ebb1e)
  • metrics:
    • Log metrics about whether we ask for a password at signin: (838c365e)
    • adds DataDog integration (d10b0de0)
  • oauth:
    • 'verification_redirect' option for OAuth reliers (a5fdaee9)
    • show permission screen for untrusted reliers (123821de)
    • suggest account to use during sign up if possible (7fc06358)
  • test: Print unit test names when they fail in travis. (08932c5a)

0.36.3 (2015-05-01)

Bug Fixes

  • tests: stabilize tos and pp functional tests (d14d608a)

0.36.2 (2015-04-30)

Features

  • oauth: suggest account to use during sign up if possible (186b2d74)

0.36.1 (2015-04-29)

Bug Fixes

  • client: If a relier wants keys, give them keys. (519ca117)

0.36.0 (2015-04-27)

Bug Fixes

  • csp: use only the origin part of fxaccount_url (with /v1 is a csp violation) (db55881b)
  • css: Show links in TOS/PP text next to the original anchor text. (5fcb9664)
  • icons: fixes 404s for iOS icons (e488c8af, closes #2062)
  • l10n:
    • missing legal template redirect should start with "/" (0498008a)
    • copy es-ES legal templates to es (76d895a1, closes #2305)
  • styles: Hide the top-right Mozilla link if signing into Sync on Fx for iOS (a536e557)
  • test: make asyncTimeout settable from the intern command line (77ddde9b)

Features

  • client: Add the change_password and delete_account messages to the FxDesktop broker. (56306f10)
  • test: Add env-test.js unit tests. (207a84ce)

0.35.0 (2015-04-13)

Bug Fixes

  • auth-broker: fixes fx-desktop channel tests for FF18 and FxOS 1.* (2cadc2bd)
  • avatars: show a default avatar if a uploaded avatar does not load (cbdc5a11, closes #1804)
  • client: Replace the with fi (no ligature). (43a402ef)
  • csp:
    • use camelCase option keys instead of e.g., "img-src" (730939aa)
    • improve content-security-policy configuration (bad1e80d)
  • jscs: allow the 'other' quote mark to be used, but only to avoid having to escape (b4fc1fda)
  • server:
    • Serve HTML templates for TOS/PP if Accept header is not text/partial (3207c1d8)
    • migrate to Express 4 (bc008ce4, closes #2214)
  • settings: allow settings page redirect to work with extra query params (4f8d64c0, closes #2301)
  • teamcity: replace execSync with sync-exec module (57cf75a1)
  • test: add missing "/v1" on FXA_AUTH_ROOT (09b8ca91)
  • tests:
    • tasks for running latest-beta and latest-esr builds in stage (1c84e7f8)
    • create a task to ensure latest release, beta and esr builds are available (bceb2e22)

Features

  • client: Add "Chromeless" styling - remove all the extra stuff. (b17dc56b)
  • docs: Add documentation about the accepted query parameters. (295fc00e)

0.34.0 (2015-03-31)

Bug Fixes

  • client:
    • Only send postMessages to and from the expected parent when using the iframe. (0a453d1c)
    • Channel timeouts are informative, they no longer throw errors. (0b7770c1)
    • Extract the COPPA datepicker logic into its own module. (a368072d)
  • l10n: sv is no longer maintained, copy strings from sv-SE (7d28bfcd, closes #1773)
  • server: Translate static pages (in dev mode too!). (28e5759d)
  • test: Fix the account locked tests when run against latest. (45073cf6)

Features

  • client: Add the account locked flows. (8e405298)
  • settings: redirect to avatar change page when query param setting=avatar (344f9c70, closes #2249)

0.33.0 (2015-03-16)

Bug Fixes

  • client:
    • Use standard error formats for expired and damaged verification links. (86384b2f)
    • Opt in to the iframe broker. (09b9bac2)
    • Ensure console errors are displayed in Firefox on catastrophic startup error. (47a8c299)
  • docs:
    • Update docs for the new iframe message format. (20121dc7)
    • Correct the documentation of the afterResetPasswordConfirmationPoll function. (033ad26e)
  • tests: Start the auth-db server for travis. (8f21f017)

Features

  • channels: broadcast messages across across all channels (dfacd358, closes #2095)
  • docs: Document the email suggestion events. (29b0fadb)

0.32.0 (2015-03-03)

Bug Fixes

  • avatars:
    • show error if avatar removal fails (9dcd9b65)
    • fix avatar image uploads (1e6ecd8a)
    • prevent flicker when loading avatars on settings pages (c3be4f45, closes #2105)
  • build: simple default grunt command (9f101ee1)
  • client:
    • Simplify the message serialization for the iframe channel. (1af5009d)
    • Add "successfully" to most success messages. (ec4b4fcc)
  • errors: reverts the "Invalid verification code" string back to normal. r=vladikoff (14cbf41d)
  • l10n: join server templates so email strings are not overwritten (b0898f76)
  • pages: 502 pages should be allowed to be iframed (00e69196, closes #2056)
  • router:
    • make sure loaded message is still sent after a view render error (79c93978)
    • anchor event handler should handle event bubbling (cd4a64ca)
  • server: Ensure templates render text in dev mode. (b7c5eb0a)

Features

  • docker: Dockerfile and README update for basic docker development workflow (4b244644)
  • docs: Document the iframe protocol. (02e0fc49)
  • login: indicate whether the account is verified in the fx-desktop channel (6c5c0c42, closes #2094)
  • oauth: Expose relier-specific encryption keys to OAuth WebChannel reliers. (a0318c28, closes #2088)
  • signup: suggest proper email spelling (a825a83f, closes #871)
  • tests: Boost the test coverage of router.js (0e7d06e6)

0.31.0 (2015-02-17)

Bug Fixes

  • client: Redirect to /settings for direct access users who verify signup or password re (31e4b2c6)
  • metrics: track window.onerror (4f9bd296)

Features

  • metrics: Log more screen info (85a05e41)

0.30.0 (2015-02-02)

Bug Fixes

  • avatars: fixes Firefox 18 dataType json request (005c9f5d, closes #1930)
  • l10n: use en as the default language instead of en-US (8f599d54, closes #2072)
  • xhr: send correct JSON content-type and accept headers to api servers (8dc69d0b)

Features

  • avatars: set the account by uid when visiting avatar pages (d9f5649e, closes #1974, #1876)
  • client: Add a loaded message for the fx-desktop and iframe brokers. (c9ca23e8)
  • l10n: add az locale to list (0acd097e, closes #1774)
  • metrics:
    • Add signup.customizeSync.(true|false) metrics. (919f9281)
    • Log whether the user changes the password visibility. (13b2b835)

0.29.0 (2015-01-20)

Bug Fixes

  • avatars: make avatar navigation l10n friendly (014b4ec5, closes #1729)
  • client:
    • Do not display errors after window.beforeunload is triggerred. (2e080e81)
    • Disable the sign up confirmation poll for Sync. (e6421a71)
    • Only request keys from the server for Sync users. (283b41b4)
  • iframe: fixes styling issues caused by the iframe environment #2 (9347d818, closes #2010)
  • logging: switch to mozlog (a346b9d1, closes #1994)
  • signin: better reject with errors (2e6c3bbd, closes #2031)
  • tests:
    • fail when not enough coverage, add more oauth-errors coverage (87be18f7)
    • better functional tests for age dropdowns (01c70f95)

Features

  • Check for required OAuth parameters on startup. (52f65f78)
  • client:
    • force_auth action for oauth! (82a6c0be)
    • Give the relier the ability to overrule cached credentials. (74cb38e1)
  • docs: Start on an architecture doc (4a3c0540)
  • error-pages: add a static 502.html error page for nginx to route to (fe343454)

0.28.0 (2015-01-05)

Bug Fixes

  • account: filter account.toJSON (6044aa6d)
  • build: generate sourcemaps (fdcf92fd, closes #258)
  • client:
    • We broke password managers with autocomplete=off on password fields! (7df783f2)
    • OAuth/redirect users who paste the verification link into the original tab shoul (86b1c5cb)
    • Allow Fx18 to use the iframe flow. (c2020f85)
  • docs: update AUTHORS list (09aec587, closes #1981)
  • iframe: fixes styling issues caused by the iframe environment (740006de, closes #2010)
  • metrics: Convert all _ in screen names to -. (726d9017)
  • server: Allow the 500 and 503 pages to be iframed. (b25faa2c)
  • signin:
    • set the current account after logging in with cached sync account (9732f05f)
    • pass account data to broker instead of using currentUser (aeb4aa15, closes #1973)
  • styles: make sure normalize.css is used in production (28ff205e, closes #1997)
  • sync: correct a typo that voided the customize sync option (8f78e1d6)
  • tests: fix up select dropdown (995a8a5a)

Features

  • client: An Fx Sync relier can specify customizeSync=true to force the Customize Sync c (a4a26f91)
  • metrics: Report distinct metrics codes for missing and invalid emails (71489471)

0.27.0 (2014-12-08)

Bug Fixes

  • client:
    • WebChannel/Hello screen and event fixes. (e67d2158)
    • Ensure the web-channel flows match expected behavior. (0cbcf9a6)
    • Show the back button for reset_password, even if an email is on the URL query st (9e293664)
    • Go to the /cookies_disabled screen instead of the /500 screen if cookies are dis (e9433b7a)
  • confirm: redirect to signup on bounced email error (bb3c8d8c, closes #1902)
  • docs: add Bower usage to CONTRIBUTING (dc9db2d7)
  • l10n: use a less spammy email headline (f2efc82b, closes #1849)
  • metrics: Show the correct screen name in the iframe flow metrics. (44c630b5)
  • signup: block signup attempts with @firefox.com emails. (b41389fc, closes #1859)
  • style: marketing snippet offset (ddbacce7)
  • styles: no more underscored classes (46e0cc0e)
  • test:
    • allow custom Firefox binary locations for tests (4338d193)
    • check that signin is complete before proceeding (ad07160d)
    • No longer redirect on the web channel tests. (21863591)
    • Fix the 'Unexpected error' flash in the sign_in tests. (58780398)
    • Remove the inter-test dependencies in the reset-password tests. (1a198fdd)
  • tests:

Features

  • client:
    • Add the iframe flow. (8561ec3c)
    • Allow TLD only domain names in email addresses (e3487a04)
  • metrics:
    • Add the campaign metric. (21e18a96)
    • Add the isMigration field to the reported metrics. (d9f7ddd1)
  • test: Add more functional tests! (a43d65f9)

0.26.2 (2014-11-20)

Bug Fixes

  • client: Go to the /cookies_disabled screen instead of the /500 screen if cookies are dis (d12d6ec8)

0.26.1 (2014-11-17)

Bug Fixes

  • l10n: update the header font mixin name for locales that use system fonts (60d05bb9)

0.26.0 (2014-11-14)

Bug Fixes

  • accounts: only fetch access token if verified (d3168850)
  • avatars:
    • ensure the default image background is covered by the profile image (387e3246)
    • load profile image on settings and sign in pages if available (382c9db9, closes #1727)
  • broker: fix desktop broker to forward account data before confirm (0492140e)
  • client:
    • Fixed missing spinner on subsequent requests. (910ff4dd)
    • Notify Sync of unverified logins and signups before the user verifies her email (8943f1f7)
    • The Sync flow should not notify the browser of login after the signup confirmati (3ba53720)
    • Autofocus on /signup works again. (7f142421)
    • The FxDesktop broker no longer sends the session_status message on startup. (8f414c4a)
    • Ensure the spinner stays spinning after signin for Sync/OAuth. (5c74b8a2)
    • Do not fail on startup if cookies or access to dom.storage is disabled. (e084cba7)
    • Ensure the Loop initiated reset password verification flow sends OAuth credentia (a91e27b5)
  • images: optimize images with new optipng (780ff760)
  • style:
    • remove end padding from text inputs (07dacd9d)
    • tos/pn layout overlap (53d8a7b3)
  • styles:
    • spinning wheel affects button height (3d536417)
    • show password border radius (20270acd)
    • odd wrapping on choose account and reset pwd links on sign in in some l10ns (f454d9d3)
  • test: Ensure the web channel tests complete. (46b578d6)

Features

  • client:
    • Allow the user to restart the signup flow on email bounce. (896d1f47)
    • Add some brokers! (83ee1861)
  • test: Add functional test for web channel flow when user signs up, closes original tab (c2b51b9d)

0.25.0 (2014-10-29)

Bug Fixes

  • chrome: fix a "read-only" strict mode error in Chrome (c15de01b)
  • client:
    • Fix CORS requests not being decoded for Fx<21 (a92ab607)
    • COPPA - make learn more link target _blank only on sync (ae06e403)
    • Allow leading/trailing whitespace on email addresses. (2385500d)
  • coppa: better align error message in pop up (7bc43ca4)
  • oauth:
    • fixes WebChannel double submit during password reset (c4ad6289)
    • validate that redirect param exists. (a8c63fd0, closes #1786)
  • test: fixes setTimeout tests in FF18 (ab270636)

Features

  • metrics: Add three new auth-errors (ca2e1c46)

0.24.0 (2014-10-20)

Bug Fixes

  • client:
    • Change the "Next" button to say "Sign up" (08a008c0)
    • Add a "forgot password?" link when using cached credentials. (99754f76)
  • oauth: use the correct client_id for local oauth server (8e1c288c)
  • signin: choosing to use a different account clears cached credentials (4919e1d1, closes #1721)
  • styles: Ensure the year of birth select box uses Clear Sans. (4f796b29)
  • test: Fix test-latest functional tests. (37696cb0)
  • tests: remove about:prefs tests from full testing (cccdeb09)
  • trusted-ui-style: make layout shorter (02c7d7fb)

Features

  • client: Create and send a resume token to the OAuth server. (8dd01b07)
  • metrics: Add metrics for signup, preverified signup, signin, hide the resend button. (76ecb248)
  • test: Add more functional tests sign up/reset password flows. (483ba166)

0.23.0 (2014-10-07)

Bug Fixes

  • appStart: show an error screen when errors occur during app start (e457eae4)
  • avatars: redirect unverified users to confirm screen (d440e4d7, closes #1662)
  • fxa-client: update to latest client (fdb6dbbb)
  • style: ensure legal pages are no taller than /signup (1698922b)
  • tests:
    • run tos and pp test for saving information separately - fixes #1640 (d2f52126)
    • Only set the autofocus timeout if the element to be focused is hidden. (ce2ce9d0)

Features

  • client:
    • Smooth out the verification flow. (02b0d351)
    • Fix the COPPA flow to allow 13 year olds that are born this year to register. (61ec08bd)

0.22.0 (2014-09-22)

Bug Fixes

  • avatars:
    • show a spinner icon when loading images with latency (ae1e17f1, closes #1527)
    • set the correct OAuth client ID for fxa-dev environment (f6374760, closes #1683)
    • integrate profile server backend for profile images (66ebc83a)
    • disable remote URL option (17e76acd)
  • client:
    • autofocus the password field on /oauth/signin if the user already has a session. (c4228b2f)
    • Auto-focus the password field on the /delete_account page. (31fc11d2)
  • errors: use the correct context for error messages (a3c4f2a2, closes #1660)
  • oauth: increase the assertion lifetime to avoid clock skew issues (132bbf57)
  • test: Fix and enable the oauth-preverified-sign-up functional test. (7cade58a)
  • tests:
    • Fix some places that race with an XHR response return (f49e3de6)
    • Fix the oauth_webchannel tests when run by themselves. (f19d2d58)

Features

  • metrics: Log entrypoint to the metrics. (9ecf71bb)
  • test: Add the ability to run npm run-script test-functional-oauth from the command l (6ca4fe4d)

0.21.0 (2014-09-08)

Bug Fixes

  • avatars: allow mobile browsers to reposition the image during crop (74202ea1)
  • hsts: force hsts headers and use milliseconds (138756b1)
  • signin: cache credentials for desktop sign-ins, otherwise only cache email (33675ae8, closes #1621)
  • styles: Un-nesting some CSS to fix /signin links (1878d120)

Features

  • client: Add support for preVerfiyToken. (d30dd6d3)
  • signin: Add cached signin (7780e49a)

0.20.0 (2014-08-25)

Bug Fixes

  • build:
    • Remove imagemin for dependencies (bddf83fe)
    • Wait for config to load. Move draggable into a require.js packge. (b2a0be17)
  • l10n: remove the en i18n symlink (9c2e5ba0)
  • teats: Use execute to clear browser state (f56aa45e)
  • tests:
  • travis: Run functional tests first, move sleep. (23f124cc)

Features

  • oauth: Support for URN redirects (dc2cefd6)

0.19.0 (2014-08-11)

Bug Fixes

  • avatars:
    • add profile server client to proxy remote images (899f1895)
    • clean up numerous issues from comments in #1405 (916044d6)
  • bug:
    • IE9: browser unsupported message is very wide (488f5108)
    • fixed snippet layout error (0e3dcd9e)
  • client:
    • Show the /force_auth error message on startup, if one exists. (e61bf17e)
    • Remove the survey material all together, it's not being used. (04249936)
    • If logError/displayError/displayErrorUnsafe is called without an error, log an ` (d3bf9552)
    • Display Service Unavailable if the user visits /oauth/sign(in|up) and the OA (fe599744)
    • Ensure a down OAuth server does not cause an undefined error. (7224d952)
  • csp:
    • allow image sources from gravatar (cfd7ce84)
    • allow data uris for images (9a880661)
  • deps: update express and request dependencies to patched versions (5e990731)
  • fxa-client: remove lang from fxa-client requests (93c3384d, closes #1404)
  • l10n:
    • ensure that supported languages are a subset of the default supported languages (d0d14176)
    • add hsb and dsb to default supported languag list for asset generation (c726205d)
  • legal:
    • show home button on legal pages when loaded directly (8bf43a37)
    • fix layout of statically rendered legal pages (f59d82b1)
  • logger: fix for express logger api change (dfa60957)
  • metrics: Log a screen once, childviews should not cause the parent to be lgoged. (5964e0ba)
  • router: show error screen when view rendering fails (49eb7063)
  • sync: show Sync brand name when signin up/in for Sync (c15a2761, closes #1339)
  • test: Ensure requirejs configuration is loaded before any other scripts. (10eddcb4)
  • tos-pp: rely on accept headers instead of naviagor.language for partial requests (fdceab5a, closes #1412)

Features

  • metrics: Add screen width and height to the metrics. (0f5f3513)
  • oauth:
  • settings: profile images (fe0b8770)

0.18.0 (2014-07-28)

Bug Fixes

  • bug:
    • IE9: browser unsupported message is very wide (488f5108)
    • fixed snippet layout error (0e3dcd9e)
  • client:
    • If logError/displayError/displayErrorUnsafe is called without an error, log an ` (d3bf9552)
    • Display Service Unavailable if the user visits /oauth/sign(in|up) and the OA (fe599744)
    • Ensure a down OAuth server does not cause an undefined error. (7224d952)
  • fxa-client: remove lang from fxa-client requests (93c3384d, closes #1404)
  • l10n: add hsb and dsb to default supported languag list for asset generation (c726205d)
  • legal: fix layout of statically rendered legal pages (f59d82b1)
  • metrics: Log a screen once, childviews should not cause the parent to be lgoged. (5964e0ba)
  • router: show error screen when view rendering fails (49eb7063)
  • sync: show Sync brand name when signin up/in for Sync (c15a2761, closes #1339)
  • tos-pp: rely on accept headers instead of naviagor.language for partial requests (fdceab5a, closes #1412)

Features

  • metrics: Add screen width and height to the metrics. (0f5f3513)
  • settings: profile images (fe0b8770)

0.17.0 (2014-07-14)

Bug Fixes

  • fonts: Update connect-fonts-firasans and grunt-connect-fonts. (e5a2fdcd)
  • l10n: use correct locale if specified in url for legal pages (02c287cb, closes #1337)
  • legal: fix rendering of legal pages when loaded directly via url (70b17b37, closes #1372)
  • styles: sassify border radii (10f53c09)
  • tests: Make IE10/IE11 pass all the mocha tests. (074c7246)

Features

  • metrics: Log which marketing material is shown to a user. (afa111ac)
  • server: Add a forwarding proxy for IE8. (50060ce3)

0.16.0 (2014-06-30)

Bug Fixes

  • client:
    • Firefox for Android Sync marketing material is only available to desktop sync us (c5e62fa6)
    • Only send a link_expired event if the password reset link is expired. (38310417)
    • Fix the IE8 password toggle test for real this time. (8cdecd14)
    • Check the user's old password before attempting a change password. (b78bfaa5)
    • Remove the ability for IE8 and IE10+ to show the password field. (b257333f)
    • Abort autofocus events if no element exists with the autofocus attribute. (07a12642)
    • Throw an exception if invokeHandler is passed an invalid handler. (0f58af47)
    • Remove keyboard accessibility for the show/hide button. (09fc7a96)
    • Replace calls to [].indexOf with _.indexOf for IE8 support. (b5430e1b)
  • csp: turn on report only mode until CSP issues are resolved (e39e4128)
  • css: Remove the blue background on select element focus in IE10+ (b8300f9f)
  • desktop: keep desktop context after password change (df187b8d, closes #812)
  • ie8: use a standard font so the password field renders correctly (48c7e807, closes #1266)
  • l10n:
    • disable fira sans for unsupported locales (46dedd04)
    • build json locale bundles on server start (1ba744c3, closes #1295)
    • upgrade jsxgettext to handle nested handlebar clocks (229303ac, closes #1306)
  • oauth:
    • ensure oauth forms are enabled if valid on afterRender (f46e435c)
    • only show service name if it is defined (dc5775ee, closes #1216)
    • keep the oauth context after a page refresh (a548e575)
  • server: Add a 'connect-src' directive to allow contact with the auth-server and oauth-se (28d9a90d)
  • strings: fix reset password link error messages (cf525dcf)
  • test:
    • fix functional test remote for slow connections (8f0d0025)
    • Remove cache busting URLs in dev mode. (ffc0de84)
  • tests: Fix throttled test.. (6e3430f3, closes #1144)

Features

  • client:
    • Add email prefill on the /signin page if the email address is passed as a sear (f7049063)
    • Add email prefil on the /signup page if an email is passed as a URL search par (af7ad386)
    • add expired verification link message and a email resend link (12b1fe71)
  • server: Add x-content-type-options: nosniff headers to prevent browser content type sn (3bdc2584)

0.15.0 (2014-06-16)

Bug Fixes

  • client:
    • Convert all inline error strings to use an error object. (73231273)
    • Fix disabled cookies screen not showing correctly. (6442364e)
  • config: don't alter process.env.CONFIG_FILES from the config script (11653d4c)
  • csp: update p-promise library to version that is CSP compatible (a82e51f3)
  • form: a regression was hiding sign up/in suggestions (6466370d)
  • forms: labels should not shift unless values change (2811d0a9, closes #1008)
  • style: make tooltips work for the select list hack (30d91076)
  • test: Run Mocha tests in order (8d0d58a3)
  • tests: update legal and tos tests to work under slow conditions (17006989)

Features

  • ux: show messaging when response takes longer than expected (e4d13330)

0.14.0 (2014-06-02)

Bug Fixes

  • bug: modify select css to remediate bug 1017864 (c15d8f47)
  • build:
    • Exclude testing tools from production build (84658550)
    • Downgrade imagemin (e04c9e9a)
  • config:
    • Add oauth_url to awsbox (3e2c5576)
    • set default oauth url to dev deployment (63237fe7)
  • logs: Set metrics sample_date to 0 (037c0da4)
  • oauth: Adding functional oauth tests and fixing oauth bugs (8e941318)
  • server: Remove X-FRAME-OPTIONS for Legal and Terms (9eff994f)
  • test:
    • Update oauth client name, jshint (566355fb)
    • Force focus in Mocha tests. (23bead9a)
    • Removed 'npm run test-browser'. Combined into 'npm test' (38cb00b2)
  • tests:
    • Exclude functional tests from Travis (e84daa75)
    • fix hanging email issues (04b186ea)
  • views: strip spaces in uid, token, code when pasted (1d1919ac)

Features

  • Add front end metrics gathering. (084fce06)
  • server: serve directly over https (1216ab0d)

0.13.0 (2014-05-19)

Bug Fixes

  • build:
    • Remove Sync browser pages from distribution build (50ddf022)
    • Exclude env-test.js from the copyright check, it has its own from the Modernizr (7ae249dd)
    • Fix IE 404s when requesting .eot fonts in prod. (ef28093f)
  • client:
    • update js-client so xhr works in IE (15a75cee)
    • Fix form validation on browsers that do not have HTML5 form field validation. (aa8992eb)
    • Disable IE9 support until we get IE9's CORS situation situated. (717fbcf2)
    • Fix the styling on outdated browsers. (9b1ef4ef)
    • update js-client to 0.1.19 for request timeouts (48d6a637)
    • Fix email field focus in Chrome. No more exceptions. (d1ed5334)
    • Prefill the user's email on /signin if the user clicks the "sign in" link from " (efaa0ab8)
    • Fix the "Sign in" link on /confirm_reset_password if the user is in the force (9fbe392f)
    • No longer automatically sign in existing users on signup. (ae625d93)
  • email:
    • generated templates should escape email and link variables (7bf2b225)
    • don't escape template strings with smart quotes (886ef989)
  • emails: no need to HTML escape text based emails (fdecafb2)
  • marketing: add breakpoints for marketing snippet (cf9c7698)
  • server: Fix IE9 not showing any content. (cca162d0)
  • test: Fix the reset password related tests that were broken by the new form prefill fe (686533f6)
  • tests:
    • Fixed a regex typo in the reset password tests (c28bdfc5)
    • Fix Safari focus issues. (ef7f760e, closes #1049)
    • Add a missing semicolon. (85a795e6)
    • Fix the jshint errors and warnings in all of the tests. (ad82aac6)
  • ui: word-break long email addresses (1d1efbbf)

0.12.0 (2014-05-05)

Bug Fixes

  • build: Use the custom version of Modernizr in prod, not the full version. (7c31d07a)
  • client:
    • Do not show Fx for Android marketing material if completing sign up on B2G or Fe (23a08b4a)
    • Gracefully handle server errors when fetching translations. (24d95825)
  • l10n: normalize locale when fetching client.json (7a3ce02c, closes #1024)
  • server: Ensure the browsehappy text is translated (ae1cc9e9)

0.11.2 (2014-04-29)

Bug Fixes

  • email: Pass {{link}} url into outlook-specific markup in email templates. (ec231c25)

0.11.1 (2014-04-28)

Bug Fixes

  • client: Gracefully handle server errors when fetching translations. (768b5926)
  • l10n: revert untranslated strings (faf5651e)

0.11.0 (2014-04-21)

Bug Fixes

  • client:
    • Replaced cookie checks with localStorage checks as a work around for 3rd party c (4442d1ab)
    • Correctly handle the THROTTLED error from fxa-client.js->signUp (5ebe34c2)
    • Fix disappearing error messages when toggling password visibility. (5c71c26f)
  • emails: make emails responsive + work with outlook (f2af56c0)
  • i18n: Ensure i18n works in Chrome. (a5fa583a)
  • l10n:
    • config should return the language not locale (3d90a4b7)
    • ensure the default locale is listed as supported (07a07a6c)
  • server:
    • add cache-control header for /config (21f992f9)
    • Add maxAge cache control for static assets (581531e6)
  • templates: make firefox logo visible on templates and add mozilla logo (9b9a5039)

0.10.2 (2014-04-18)

Bug Fixes

  • tests: fix privacy heading ID (4fd3139e)

0.10.1 (2014-04-18)

Bug Fixes

  • client: Replaced cookie checks with localStorage checks as a work around for 3rd party c (c75bf680)

0.10.0 (2014-04-14)

Bug Fixes

  • build: Fix the typo when copying fonts. (cec3e6eb)
  • client: Enable back button functionality when visiting /. (35ba88e2)
  • server: Ensure fonts have cacheable URLs. (c66e6ef1)

Features

  • client: updating js client to 0.1.18 (db4764e3)

0.9.0 (2014-04-07)

Bug Fixes

  • client:
    • Redirect to start page if resend email token is invalid. (28217658)
    • Use sentance casing on placeholder text. (4d4142f9)
    • transition from password reset confirmation to signin once reset is complete (23311db0)
    • All error strings should have a Capitalized first letter. (a1a74b18)
    • Ensure auth-server errors are displayed on confirm pages. (ba156c2b)
  • tests:
    • Ensure all tests pass. (a6d0c31c)
    • Use assert(false, <message>) instead of assert.fail(<message>). (e541e3fb)
    • Fix test failures by reducing shared global state. (f6948cd4)
    • Update unit and functional tests to handle throttled password reset email reques (190ba0b5)

0.8.0 (2014-03-31)

Bug Fixes

  • build:
    • Use lowercase extensions on output files in marked. (bff7ad71)
    • Normalize TOS/PP filenames to use the _ separator. (19095a44)
  • client:
    • Ensure the client specifies a language when requesting TOS/PP templates. (eef61de4)
    • remove retry functionality over desktop channel (e722a204)
    • automatically add version to auth-server url if missing (79237efb)
    • Enabled autocomplete='off' for all password input boxes. (51d77028)
  • server: Redirect with locale name that abide understands. (b430cd7c)
  • signup: choose what to sync checkbox should persist on the signup page (0570ccdb)
  • styles:
    • kill webkit default inset shadow (bbf6f856)
    • user older standard for bg-pos to work with ios7 (0c2b7e73)
  • tests:
    • Fix the failing fxaClient->signIn test. (3e484316)
    • Ensure a real locale is used for TOS/PP template requests. (1825b321)

Features

  • Translated TOS/PP text! (26f680b3)
  • client:
    • Add support for "can_link_account" Desktop Channel message. (fecbe20d)
    • updating js client to 0.1.17 (11e8f398)

0.0.7 (2014-03-24)

Bug Fixes

  • client:
    • Session values only last as long as the browsing session now by default. (d22e5680)
    • put a fixed limit on email resend api calls (1b3c8b37)
  • fxa-client: trim leading/trailing whitespace from user's email (2b5bf630)
  • l10n: normalize locale name when generating json strings (fb1cedff)
  • style:
    • fix android chrome select box (9b889146)
    • removes flicker from post email verification screen (185d0e80)

0.0.6 (2014-03-17)

Bug Fixes

  • awsbox: fix awsbox authserver config (f0134f15)
  • build: Use fxa-content Sauce Labs account (4f383524)
  • channel:
    • call 'done' callback in Session.send if given (f92a6deb)
    • Make sure the web channel invokes the 'done' callback in Channel.send if it's gi (b8435bf9)
  • client:
    • Hide sign out from users who signed in from Firefox desktop. (5d8699de)
    • Re-enable "delete account" in settings. (9d6cf483)
    • Use /settings as the landing page when logging in to the accounts portal. (9dba7e5a)
  • constants: Added a constant for the Fx Desktop context (582b86e4)
  • l10n:
    • fix configuration typo causing default language to be undefined (4cb85819)
    • find best locale when region not available (bb67db05)
    • fix string copy task (8f0b338a)
    • fetch strings from the l10n repo and fix supported languages config (dfaa76d7)
  • routes: allow direct loading of delete_account page (e4defe45)
  • styles:
  • templates: Remove ip address restriction on email templates (edd4c0a9)
  • view: update delete account view and associated template (76635cc8)

Features

  • client: Don't show 'settings' when context=desktop and user is verified (768cd7f7)
  • session: Make the Session aware of the 'context' (3d7f1b6a)

0.0.5 (2014-03-10)

Bug Fixes

  • client:
    • signOut is always a success, even if it is a failure. (7adb896a, closes #616)
    • Show "Service unavailable" error message if auth server is unavailable or return (6c0dc629, closes #601)
  • l10n: add missing debug locale to local config (15e0403e)
  • router:
    • handle an extra slash when loading the index (bf1a5e24)
    • allow optional trailing slash on routes - fixes #641 (0c28907c)
  • server:
    • run_locally.js - just pipe the child streams to stdout/stderr (0a80fbad)
    • add timestamps to log lines - fixes GH-662 (32f64b30)
    • Use correct production path for config/version.json (5211df72, closes #530)
  • tests: Update to handle unverified users re-signing up. (32175d6e, closes #666)

Features

  • client: Password reset email prefill & /force_auth simplification. (8259981a, closes #549, #637)

0.0.2 (2014-03-03)

Bug Fixes

  • keyframe animations should go to 360 degrees, not 365 (065ab83c)
  • remove grunt-contrib-connect dependency. (77d91393)
  • show the focus ring on anchors (f4694627)
  • interpolate error string variables with data from backend. (93c672c5)
  • awsbox: fix awsbox configuration (2560de4d)
  • build:
    • Use static version numbers for bower deps (1f07875d)
    • Update lockdown.json with new dependencies (6192bcc8)
  • client:
  • l10n: use underscores instead of dashes in locale directory names; enable all locales (5fc24fc3)
  • styles:
    • Fiding duplicated selector in main.scss (c23f9f9e)
    • Removing unneeded vendor prefixes (f7e5373c)

Features

  • Add a styled 404 page, rendered on the back end. (cc2a024b)
  • build:
    • Adding npm-lockdown (d60699d7)
    • Add a grunt version task to stamp a new version. (aaa6e9d8, closes #496)
  • client: update document title on screen transition. (8973b1a3, closes #531)

Breaking Changes

  • The production configuration script must add a new option to its config :
   page_template_subdirectory: 'dist'

issue #554

. (cc2a024b)