Hi All, A little while ago we shipped FxA train-90 to production, but I didn't email you about it because we were busy with the all-hands and then I was on PTO. But I like having the newsletters as an easily-searchable online reference of the things we've done, so consider this one better-late-than-never!
FxA train-90 had the following highlights: Features Mobile Push Pt3: deeplink with email - We now emit a special "flow.continued" flow event to allow us to measure the overall success rate across two distinct sign-in flows on two devices. Change Primary Email (Phase 2) - Deleting an email from your account will now invalidate any outstanding password-reset tokens. OAuth Support for Web Extensions - Our oauth server now supports the Proof Key for Code Exchange protocol (aka "PKCE") to improve the security of the oauth flow when used from a webextension. Quality Improvements: - The experiments infrastructre in fxa-content-server is now self-contained, rather than pulling in external content from the "fxa-content-experiments" repo. - We're now using AWS SNS for sending SMS messages which should simplify deployment and billing, since we already know how to pay Amazon money in exchange for services. - We have stopped sending most types of push message to iOS devices, since unsupported message types can provide some UI weirdness. We'll add them back in once the client has proper handling for each message type. - The SQS events emitted from the auth-server for consumption by relying services, now use a much more consistent approach to naming their data fields. This removes a bit of nonsese where some of the events were pretending that the account uid was an email address in order to appease legacy code in sync. - Some visual clenaups of the choose-what-to-sync page, in particular removing the not-that-helpful-in-practice disclaimer that certain data types are only supported on desktop. - We now emit explicit flow events to track newsletter signups, which will help us determine whether newsletter campaigns have any effect on our metrics. - Added a few extra sanity-checking scripts to be used as part of a deployment, for checking that e.g. CDN resources have been properly built and deployed. - The functional tests now store screen captures courtesty of https://screencap.co.uk. (#5132) - We've added new auth brokers for `context=mob_android_v1` and `context=mob_ios_v1`, which can be used by stand-alone mobile apps that are embedding the FxA login flow. - The profile-server now uses redis to cache profile data, and preliminary results suggest this has had a significant impact on server performance. As always, you can find more details in the changelogs for each repo: https://github.com/mozilla/fxa-auth-server/blob/v1.90.0/CHANGELOG.md https://github.com/mozilla/fxa-content-server/blob/v1.90.1/CHANGELOG.md https://github.com/mozilla/fxa-auth-db-mysql/blob/v1.90.0/CHANGELOG.md https://github.com/mozilla/fxa-oauth-server/blob/v1.90.0/CHANGELOG.md https://github.com/mozilla/fxa-customs-server/blob/v1.90.0/CHANGELOG.md https://github.com/mozilla/fxa-profile-server/blob/v1.90.1/CHANGELOG.md Cheers, Ryan
_______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
