It looks like the issue was caused by pulling in some different translations when I built the release version after including the META-INF files.
Because it takes about two days to get a fresh signature from Mozilla, I decided to re-build 5.1.1 in place after correcting the issue. If your browser did not update yet, it should auto-update to the fixed 5.1.1, and you'll have a good AMO signature. If your browser auto-updated during the last hour or so, you will have a good, functional copy of HTTPS Everywhere, but Firefox will display the warning message about signatures. In the interests of transparency, I've saved a copy of the broken version at https://www.eff.org/files/https-everywhere-eff-5.1.1-badsig.xpi. On 08/26/2015 05:41 PM, Jacob Hoffman-Andrews wrote: > Hi all, > > I rolled a new release, 5.1.1. This release contains mostly ruleset > updates. The main reason I wanted to roll a new release so soon after > 5.1.0 was to test our release and updating mechanisms after the change > in updateURL that shipped in 5.1.0. Changing the id and filename of the > extension caused a surprising number of knock-on effects in our build > system! > > So, the good news 5.1.1 is released and your browser should auto-update. > The bad news is that Firefox once again treats it as unsigned, even > though the XPI includes the META-INF/ files that comprise the signature. > We release our self-hosted version in a somewhat unusual way. Rather > than just using the signed XPI we receive from AMO, we extract the > signature components (three files under META-INF/), check them into the > HTTPS Everywhere repository, tag the commit, and build from there. This > allows us to have reproducible builds: in theory anyone checking out the > same tag, and using the same versions of the same tools (esp. sqlite), > will get a byte-for-byte equal version of the extension. Unfortunately > in this case something seems to have gone wrong. I'm investigating why > at the moment, and there should be another release soon. > > Thanks, > Jacob > _______________________________________________ > HTTPS-Everywhere mailing list > [email protected] > https://lists.eff.org/mailman/listinfo/https-everywhere _______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
