Releases: mozilla/addons-server
Releases Β· mozilla/addons-server
2025.08.21
This week's push hero is @diox
Previous Release: 2025.08.19
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
Contributors
diox
Assets 2
2025.08.19
This week's push hero is @diox
Previous Release: 2025.08.07-3
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
What's Changed
Notable things shipping
- Pin version of zizmor by @diox in #23764
- soft-block versions on delete by @eviljeff in #23768
- use primary_db with duplicate_addon_version_for_rollback task by @eviljeff in #23774
- Introduce new scanner: Name Add-on Regexp Checker, NARC by @diox in #23775
- Fix permission for 2nd level approval queue by @wagnerand in #23796
- Re-run scanner actions if results changed when running narc scanner on version by @diox in #23793
- Add UsageTier checks for ratings ratio, and disable thresholds by @eviljeff in #23794
- Handle average_daily_users of 0 in UsageTier threshold-based rules by @diox in #23805
- Change NARC scanner to run on versions rather than uploads by @diox in #23801
- Handle manifest parsing errors caused by narc in auto_approve by @diox in #23806
Dependendabots
- Bump click from 8.1.8 to 8.2.1 in /requirements by @dependabot[bot] in #23483
- Bump python from
0175d8ftoe55523fby @dependabot[bot] in #23636 - Bump click-plugins from 1.1.1 to 1.1.1.2 in /requirements by @dependabot[bot] in #23620
- Bump eslint from 9.28.0 to 9.32.0 by @dependabot[bot] in #23741
- Bump source-map from 0.7.4 to 0.7.6 by @dependabot[bot] in #23729
- Bump mozilla/addons-frontend from 2025.05.29 to 2025.08.07 by @dependabot[bot] in #23789
Full Changelog: 2025.08.05...2025.08.19
Contributors
diox, eviljeff, and 2 other contributors
Assets 2
2025.08.07-3
Cherry pick release
Push hero is @diox
Previous Release: 2025.08.07-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Full Changelog: 2025.08.07-2...2025.08.07-3
Contributors
diox
Assets 2
2025.08.07-2
Cherry pick release
Push hero is @diox
Previous Release: 2025.08.07-1
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Full Changelog: 2025.08.07-1...2025.08.07-2
Contributors
diox
Assets 2
2025.08.07-1
Cherry pick release
Push hero is @eviljeff
Previous Release: 2025.08.07
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
- run
./manage.py process_versions --task block_old_deleted_versions --with-deleted
Full Changelog: 2025.08.07...2025.08.07-1
Contributors
eviljeff
Assets 2
2025.08.07
This week's push hero is @KevinMind
Previous Release: 2025.07.31-1
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Run ./manage.py process_users --task=restrict_banned_users
Addons-Frontend Changelog:
mozilla/addons-frontend@2025.08.07...2025.09.04
Addons Server Changelog:
What's Changed
Notable things shipping
- Add action to (mass-) delete restrictions in admin by @diox in #23754
- Implement devhub UI to trigger version rollback by @eviljeff in #23702
- refactor AMO_LANGUAGES to make it settable per env by @eviljeff in #23747
- add statsd ping specifically for rollback success (or failure) by @eviljeff in #23758
- Restrict emails being banned by @diox in #23753
- Update mozilla/addons github actions after security patches by @KevinMind in #23762
Dependendabots
- Bump addons-linter from 7.18.0 to 7.19.0 by @dependabot[bot] in #23757
Full Changelog: 2025.07.31...2025.08.07
Contributors
diox, eviljeff, and 2 other contributors
Assets 2
2025.07.31-1
Special push for addons-server outside of regular schedule. Push hero is @diox
Previous Release: 2025.07.24-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
What's Changed
Notable things shipping
- Add Policies FAQ to links and restructure links to make them more obvious by @KevinMind in #23689
- Update copy for rejection emails to account for versions being rejected while awaiting review by @diox in #23738
- send enforcement action for override decisions by @eviljeff in #23710
- Add action to (mass-) delete restrictions in admin #23754
Dependendabots
- Bump the google group across 1 directory with 2 updates by @dependabot[bot] in #23701
- Bump ruff from 0.12.2 to 0.12.4 in /requirements by @dependabot[bot] in #23715
- Bump django-multidb-router from 0.10 to 0.11 in /requirements by @dependabot[bot] in #23673
- Bump pillow from 11.2.1 to 11.3.0 in /requirements by @dependabot[bot] in #23645
- Bump @eslint/plugin-kit from 0.3.1 to 0.3.4 by @dependabot[bot] in #23739
- Bump hashin from 1.0.3 to 1.0.5 in /requirements by @dependabot[bot] in #23574
- Bump glob from 11.0.2 to 11.0.3 by @dependabot[bot] in #23580
- Bump pytest from 8.4.0 to 8.4.1 in /requirements by @dependabot[bot] in #23599
- Bump pydot from 4.0.0 to 4.0.1 in /requirements by @dependabot[bot] in #23597
- Bump setuptools from 78.1.1 to 80.9.0 in /requirements by @dependabot[bot] in #23509
- Bump django-dbbackup from 4.2.1 to 4.3.0 in /requirements by @dependabot[bot] in #23444
- Bump markdown from 3.8 to 3.8.2 in /requirements by @dependabot[bot] in #23609
- Bump mozilla/autograph from 7.5.0 to 7.5.1 by @dependabot[bot] in #23613
- Bump freezegun from 1.5.2 to 1.5.3 in /requirements by @dependabot[bot] in #23691
- Bump globals from 15.15.0 to 16.3.0 by @dependabot[bot] in #23648
- Bump pytest-xdist from 3.7.0 to 3.8.0 in /requirements by @dependabot[bot] in #23650
- Bump typing-extensions from 4.13.2 to 4.14.1 in /requirements by @dependabot[bot] in #23670
Full Changelog: 2025.07.24...2025.07.31-1
Contributors
diox, eviljeff, and 2 other contributors
Assets 2
2025.07.31
Special push for addons-server outside of regular schedule. Push hero is @diox
Previous Release: 2025.07.24-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
What's Changed
Notable things shipping
- Add Policies FAQ to links and restructure links to make them more obvious by @KevinMind in #23689
- Update copy for rejection emails to account for versions being rejected while awaiting review by @diox in #23738
- send enforcement action for override decisions by @eviljeff in #23710
Dependendabots
- Bump the google group across 1 directory with 2 updates by @dependabot[bot] in #23701
- Bump ruff from 0.12.2 to 0.12.4 in /requirements by @dependabot[bot] in #23715
- Bump django-multidb-router from 0.10 to 0.11 in /requirements by @dependabot[bot] in #23673
- Bump pillow from 11.2.1 to 11.3.0 in /requirements by @dependabot[bot] in #23645
- Bump @eslint/plugin-kit from 0.3.1 to 0.3.4 by @dependabot[bot] in #23739
- Bump hashin from 1.0.3 to 1.0.5 in /requirements by @dependabot[bot] in #23574
- Bump glob from 11.0.2 to 11.0.3 by @dependabot[bot] in #23580
- Bump pytest from 8.4.0 to 8.4.1 in /requirements by @dependabot[bot] in #23599
- Bump pydot from 4.0.0 to 4.0.1 in /requirements by @dependabot[bot] in #23597
- Bump setuptools from 78.1.1 to 80.9.0 in /requirements by @dependabot[bot] in #23509
- Bump django-dbbackup from 4.2.1 to 4.3.0 in /requirements by @dependabot[bot] in #23444
- Bump markdown from 3.8 to 3.8.2 in /requirements by @dependabot[bot] in #23609
- Bump mozilla/autograph from 7.5.0 to 7.5.1 by @dependabot[bot] in #23613
- Bump freezegun from 1.5.2 to 1.5.3 in /requirements by @dependabot[bot] in #23691
- Bump globals from 15.15.0 to 16.3.0 by @dependabot[bot] in #23648
- Bump pytest-xdist from 3.7.0 to 3.8.0 in /requirements by @dependabot[bot] in #23650
- Bump typing-extensions from 4.13.2 to 4.14.1 in /requirements by @dependabot[bot] in #23670
Full Changelog: 2025.07.24...2025.07.31
Contributors
diox, eviljeff, and 2 other contributors
Assets 2
2025.07.24-2
This week's push hero is @eviljeff
Previous Release: 2025.07.24
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
Full Changelog: 2025.07.24...2025.07.24-2
Contributors
eviljeff
Assets 2
2025.07.24-1
NOT DEPLOYED TO PROD - to be replaced with 2025.07.24-2
Cherry pick release
This week's push hero is @KevinMind
Previous Release: 2025.07.24
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons Server Changelog:
Full Changelog: 2025.07.24...2025.07.24-1
Contributors
KevinMind