Releases: mozilla/addons-server
2025.02.20
This week's push hero is @eviljeff
Previous Release: 2025.02.06-1
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons-Frontend Changelog:
Addons Server Changelog:
What's Changed
Notable things shipping
- Allow regular reviewers to delay-reject again without changing the date by @diox in #23064
- Refactor promoted groups to use APIChoicesWithNone by @KevinMind in #23051
- Clear pending rejections & set human review date in
approve_multiple_versions()
by @diox in #23053 - Make DOCKER_TARGET a buid time argument only. by @KevinMind in #23076
- Remove 'enable-soft-blocking' Waffle Switch Migration by @KevinMind in #23052
- Add Forward to Legal to important changes history in review page by @diox in #23079
- Create PromotedGroup, PromotedAddonPromotion and PromotedAddonVersion models, synced to PromotedAddon and PromotedApproval models by @KevinMind in #23060
- Allow API authentication for source package downloads by @chrstinalin in #23081
- create override decision for denied 2nd level approvals by @eviljeff in #23083
Full Changelog: 2025.02.06...2025.02.20
2025.02.06-1
This week's push hero is @diox
Previous Release: 2025.02.06
Cherry-picks:
What's Changed
Full Changelog: 2025.02.06...2025.02.06-1
Notable things shipping
- Allow regular reviewers to delay-reject again without changing the date #23064
2025.02.06
This week's push hero is @diox
Previous Release: 2025.01.23
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons-Frontend Changelog:
mozilla/addons-frontend@2025.01.23...2025.02.06
Addons Server Changelog:
What's Changed
Notable things shipping
- Support long locale in dynamic served js catalog by @KevinMind in #23006
- Add MLBF validation logic and corresponding management command by @KevinMind in #22983
- Make build-docker locally debuggable by @KevinMind in #23010
- Group celery and google packages together in dependabot config by @diox in #23018
- Log image digest in docker build by @KevinMind in #23007
- Migrate build scripts to python with single script to orchestrate during make up by @KevinMind in #23011
- delegate review actions to cinder by @eviljeff in #23004
- Support Markdown in Add-on Listing Fields by @chrstinalin in #22956
- replace uWSGI with pyuwsgi by @KevinMind in #23020
- Better checks that static file routing works as expected by @KevinMind in #23014
- Bleach Add-on Summary of all HTML by @chrstinalin in #22994
- delegate reject actions to ContentActions too by @eviljeff in #23023
- Migrate dependencies to /data/olympia by @KevinMind in #23015
- Split
es
locale into several variations and migrate existing user translations toes-ES
by @diox in #22982 - Don't translate admin events / activities hidden to developers by @diox in #23035
- Add npm dependencies in the production image by @KevinMind in #23037
- Don't flag add-ons for growth threshold if hotness is negative by @diox in #23031
- Remove extra docker volumes and extra associated configurations by @KevinMind in #23034
- Introduce vite to transpile js/css assets for development and production + vitest for static file testing by @KevinMind in #22957
- Make reviewer pending rejection input a datetime widget and allow changing it through an action by @diox in #23001
- process jobs from legal escalations with no abuse reports by @eviljeff in #23024
- Ensure we clear stashes when uploading new blocklist filters by @KevinMind in #23039
Dependendabots
- Bump mysqlclient from 2.2.6 to 2.2.7 in /requirements by @dependabot in #22986
- Bump google-cloud-storage from 2.18.2 to 2.19.0 in /requirements by @dependabot in #22918
- Bump google-api-core[grpc] from 2.21.0 to 2.24.0 in /requirements by @dependabot in #22931
- Bump grpcio from 1.68.1 to 1.69.0 in /requirements by @dependabot in #22968
- Bump prettier from 3.3.3 to 3.4.2 by @dependabot in #22915
- Bump responses from 0.25.3 to 0.25.6 in /requirements by @dependabot in #22988
- Bump pillow from 11.0.0 to 11.1.0 in /requirements by @dependabot in #22963
- Bump wrapt from 1.17.0 to 1.17.2 in /requirements by @dependabot in #22991
- Bump ipython from 8.29.0 to 8.31.0 in /requirements by @dependabot in #22960
- Bump pygments from 2.18.0 to 2.19.1 in /requirements by @dependabot in #22974
- Bump pyparsing from 3.2.0 to 3.2.1 in /requirements by @dependabot in #22964
- Bump tomli from 2.1.0 to 2.2.1 in /requirements by @dependabot in #22901
- Bump setuptools from 75.6.0 to 75.8.0 in /requirements by @dependabot in #22980
- Bump less from 4.2.1 to 4.2.2 by @dependabot in #22999
- Bump the google group across 1 directory with 4 updates by @dependabot in #23038
Full Changelog: 2025.01.23...2025.02.06
2025.01.23
This week's push hero is @KevinMind
Previous Release: 2025.01.09-1
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons-Frontend Changelog:
mozilla/addons-frontend@2025.01.09...2025.01.23
Addons Server Changelog:
What's Changed
Notable things shipping
- don't set forwarded to legal job as resolvable_in_reviewer_tools by @eviljeff in #22973
- Don't specify a package name or version, this package is not published by @diox in #22976
- Allow deleted versions to use "Confirm Multiple Versions" action by @chrstinalin in #22942
- flag correct versions for a developer appeal by @eviljeff in #22975
- Serve django locale bundles from django as a fallback in local dev by @KevinMind in #22977
- Change Wording of Escalated Appeals in Version History by @chrstinalin in #22972
- Refactor ContentDecision to be used consistently by @eviljeff in #22967
- Rename docker.md in comment in Dockerfile by @Rob--W in #22996
- Redirect incoming URLs with short languages to the long-language variant by @diox in #22998
- Do not include current extension in 'Other popular extensions' by @chrstinalin in #22946
- Move /deps/node_modules to /data/olympia/node_modules by @KevinMind in #22955
- Revert "Move /deps/node_modules to /data/olympia/node_modules (#22955)" by @KevinMind in #23002
Dependendabots
- Bump charset-normalizer from 3.4.0 to 3.4.1 in /requirements by @dependabot in #22965
- Bump click from 8.1.7 to 8.1.8 in /requirements by @dependabot in #22961
- Bump django from 4.2.17 to 4.2.18 in /requirements by @dependabot in #22993
- Bump addons-linter from 7.7.0 to 7.8.0 by @dependabot in #23005
Full Changelog: 2025.01.09...2025.01.23
2025.01.09-1
This week's push hero is @diox
Previous Release: 2024.12.12-2
Blockers:
Cherry-picks
Before we push:
Before we start:
Before we promote:
After we're done:
- Push mozilla/webservices-infra#3617 to
prod
. The PR removes allcode-manager
related Kubernetes resources and thecode-manager
references in the Nginx proxies.
Addons-Frontend Changelog:
mozilla/addons-frontend@2024.12.12...2025.01.09
Addons Server Changelog:
What's Changed
Notable things shipping
- CI tests for make check to prevent breakage to our local dev: by @KevinMind in #22928
- Add forward to legal option in reviewer tools by @eviljeff in #22886
- rm crontab by @eviljeff in #22933
- Store override decisions as seperate ContentDecision instances by @eviljeff in #22917
- Use
integer
to index ratings counts, there might be more than what fits in ashort
by @diox in #22939 - Follow up for "Migrate from BlockVersion.soft to BlockVersion.block_type" by @bakulf in #22821
- relax hold criteria, to promoted add-ons in groups but not approved yet by @eviljeff in #22941
- Faster post build startup: by @KevinMind in #22938
- Embed build info into the docker image instead of relying on runtime variables. by @KevinMind in #22930
- Mark orphaned Cinder Policies as such when syncing them, delete the ones we don't use by @diox in #22937
- Skip reindex on normal make up where index alias exists by @KevinMind in #22819
- partial revert: 46f608f by @KevinMind in #22947
- link the activity log to the ContentDecision so we can backtrack it by @eviljeff in #22936
- Switch to Python 3.12 by @diox in #22880
- send owner email for override of takedown -> ignore by @eviljeff in #22944
- Allow reviewers to reply to blocked versions by @diox in #22952
- Use monitors instead of custom healthcheck.py script to verify service dependencies' health by @KevinMind in #22951
- Add named volume for mounting host files via OLYMPIA_MOUNT by @KevinMind in #22929
- Split CI dependencies and add ./deps:/deps mount. by @KevinMind in #22934
- Fix python version used by dependabot by @diox in #22958
- Record review queue history: when a version enters the queue, when they leave it by @diox in #22927
Dependendabots
- Bump six from 1.16.0 to 1.17.0 in /requirements by @dependabot in #22919
- Bump pytest from 8.3.3 to 8.3.4 in /requirements by @dependabot in #22909
- Bump amqp from 5.2.0 to 5.3.1 in /requirements by @dependabot in #22848
- Bump django-waffle from 4.1.0 to 4.2.0 in /requirements by @dependabot in #22866
- Bump jinja2 from 3.1.4 to 3.1.5 in /requirements by @dependabot in #22962
- Bump sqlparse from 0.5.2 to 0.5.3 in /requirements by @dependabot in #22935
- Bump certifi from 2024.8.30 to 2024.12.14 in /requirements by @dependabot in #22949
- Bump addons-linter from 7.6.0 to 7.7.0 by @dependabot in #22950
- Bump setuptools from 75.2.0 to 75.6.0 in /requirements by @dependabot in #22876
- Bump cryptography from 43.0.3 to 44.0.0 in /requirements by @dependabot in #22903
- Bump dotenv from 16.4.5 to 16.4.7 by @dependabot in #22914
- Bump bitarray from 2.9.2 to 3.0.0 in /requirements by @dependabot in #22770
- Bump attrs from 24.2.0 to 24.3.0 in /requirements by @dependabot in #22948
- Bump terser from 5.36.0 to 5.37.0 by @dependabot in #22926
- Bump pyjwt from 2.9.0 to 2.10.1 in /requirements by @dependabot in #22902
- Bump grpcio from 1.67.0 to 1.68.1 in /requirements by @dependabot in #22908
- Bump django-tables2 from 2.7.0 to 2.7.5 in /requirements by @dependabot in #22966
Full Changelog: 2024.12.12-2...2025.01.09-1
2025.01.09
This week's push hero is @diox
Previous Release: 2024.12.12-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons-Frontend Changelog:
Addons Server Changelog:
What's Changed
Notable things shipping
- CI tests for make check to prevent breakage to our local dev: by @KevinMind in #22928
- Add forward to legal option in reviewer tools by @eviljeff in #22886
- rm crontab by @eviljeff in #22933
- Store override decisions as seperate ContentDecision instances by @eviljeff in #22917
- Use
integer
to index ratings counts, there might be more than what fits in ashort
by @diox in #22939 - Follow up for "Migrate from BlockVersion.soft to BlockVersion.block_type" by @bakulf in #22821
- relax hold criteria, to promoted add-ons in groups but not approved yet by @eviljeff in #22941
- Faster post build startup: by @KevinMind in #22938
- Embed build info into the docker image instead of relying on runtime variables. by @KevinMind in #22930
- Mark orphaned Cinder Policies as such when syncing them, delete the ones we don't use by @diox in #22937
- Skip reindex on normal make up where index alias exists by @KevinMind in #22819
- partial revert: 46f608f by @KevinMind in #22947
- link the activity log to the ContentDecision so we can backtrack it by @eviljeff in #22936
- Switch to Python 3.12 by @diox in #22880
- send owner email for override of takedown -> ignore by @eviljeff in #22944
- Allow reviewers to reply to blocked versions by @diox in #22952
- Use monitors instead of custom healthcheck.py script to verify service dependencies' health by @KevinMind in #22951
- Add named volume for mounting host files via OLYMPIA_MOUNT by @KevinMind in #22929
- Split CI dependencies and add ./deps:/deps mount. by @KevinMind in #22934
- Fix python version used by dependabot by @diox in #22958
- Record review queue history: when a version enters the queue, when they leave it by @diox in #22927
Dependendabots
- Bump six from 1.16.0 to 1.17.0 in /requirements by @dependabot in #22919
- Bump pytest from 8.3.3 to 8.3.4 in /requirements by @dependabot in #22909
- Bump amqp from 5.2.0 to 5.3.1 in /requirements by @dependabot in #22848
- Bump django-waffle from 4.1.0 to 4.2.0 in /requirements by @dependabot in #22866
- Bump jinja2 from 3.1.4 to 3.1.5 in /requirements by @dependabot in #22962
- Bump sqlparse from 0.5.2 to 0.5.3 in /requirements by @dependabot in #22935
- Bump certifi from 2024.8.30 to 2024.12.14 in /requirements by @dependabot in #22949
- Bump addons-linter from 7.6.0 to 7.7.0 by @dependabot in #22950
- Bump setuptools from 75.2.0 to 75.6.0 in /requirements by @dependabot in #22876
- Bump cryptography from 43.0.3 to 44.0.0 in /requirements by @dependabot in #22903
- Bump dotenv from 16.4.5 to 16.4.7 by @dependabot in #22914
- Bump bitarray from 2.9.2 to 3.0.0 in /requirements by @dependabot in #22770
- Bump attrs from 24.2.0 to 24.3.0 in /requirements by @dependabot in #22948
- Bump terser from 5.36.0 to 5.37.0 by @dependabot in #22926
- Bump pyjwt from 2.9.0 to 2.10.1 in /requirements by @dependabot in #22902
- Bump grpcio from 1.67.0 to 1.68.1 in /requirements by @dependabot in #22908
- Bump django-tables2 from 2.7.0 to 2.7.5 in /requirements by @dependabot in #22966
Full Changelog: 2024.12.12-2...2025.01.09
2024.12.12-2
2024.12.12-1
This week's push hero is @diox
Previous Release: 2024.11.28-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
- Trigger an Elasticsearch reindex (
./manage.py reindex
) to properly fix mozilla/addons#15240
Addons-Frontend Changelog:
mozilla/addons-frontend@2024.11.28...2024.12.12
Addons Server Changelog:
What's Changed
Notable things shipping
- Add support for hard/soft bloom filter base + stash by @KevinMind in #22828
- Display block type in reviewer tools & Use specific activity log for soft-blocking versions by @diox in #22891
- Make mlbf testable by @KevinMind in #22896
- Don't show duplicate flags for NeedsHumanReview reasons already flagged explicitly by @diox in #22900
- flag current version for NHR if available by @eviljeff in #22894
- Add docs about Remote Settings by @willdurand in #22897
- Set a higher DATA_UPLOAD_MAX_NUMBER_FIELDS on amo-internal-web instances by @diox in #22916
- Update block email language to accomodate possible soft blocking by @KevinMind in #22899
- Prevent Review Page Activity From Cutting Off by @chrstinalin in #22922
- Record counts for review queues, including detail per promoted class by @diox in #22906
- Remove race conditions in docker volumes during build/runtime by @KevinMind in #22912
- Fix inconsistent padding on review history by @chrstinalin in #22932
- Use integer to index ratings counts, there might be more than what fits in a short by @diox #22939
Dependendabots
- Bump mysqlclient from 2.2.4 to 2.2.6 in /requirements by @dependabot in #22850
- Bump google-auth from 2.35.0 to 2.36.0 in /requirements by @dependabot in #22831
- Bump wheel from 0.45.0 to 0.45.1 in /requirements by @dependabot in #22889
- Bump less from 4.2.0 to 4.2.1 by @dependabot in #22893
- Bump deprecated from 1.2.14 to 1.2.15 in /requirements by @dependabot in #22865
- Bump wrapt from 1.16.0 to 1.17.0 in /requirements by @dependabot in #22882
- Bump django from 4.2.16 to 4.2.17 in /requirements by @dependabot in #22920
- Bump addons-linter from 7.5.0 to 7.6.0 by @dependabot in #22921
Full Changelog: 2024.11.28-2...2024.12.12-1
2024.12.12
This week's push hero is @diox
Previous Release: 2024.11.28-2
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
Addons-Frontend Changelog:
mozilla/addons-frontend@2024.11.28...2024.12.12
Addons Server Changelog:
What's Changed
Notable things shipping
- Add support for hard/soft bloom filter base + stash by @KevinMind in #22828
- Display block type in reviewer tools & Use specific activity log for soft-blocking versions by @diox in #22891
- Make mlbf testable by @KevinMind in #22896
- Don't show duplicate flags for NeedsHumanReview reasons already flagged explicitly by @diox in #22900
- flag current version for NHR if available by @eviljeff in #22894
- Add docs about Remote Settings by @willdurand in #22897
- Set a higher DATA_UPLOAD_MAX_NUMBER_FIELDS on amo-internal-web instances by @diox in #22916
- Update block email language to accomodate possible soft blocking by @KevinMind in #22899
- Prevent Review Page Activity From Cutting Off by @chrstinalin in #22922
- Record counts for review queues, including detail per promoted class by @diox in #22906
- Remove race conditions in docker volumes during build/runtime by @KevinMind in #22912
- Fix inconsistent padding on review history by @chrstinalin in #22932
Dependendabots
- Bump mysqlclient from 2.2.4 to 2.2.6 in /requirements by @dependabot in #22850
- Bump google-auth from 2.35.0 to 2.36.0 in /requirements by @dependabot in #22831
- Bump wheel from 0.45.0 to 0.45.1 in /requirements by @dependabot in #22889
- Bump less from 4.2.0 to 4.2.1 by @dependabot in #22893
- Bump deprecated from 1.2.14 to 1.2.15 in /requirements by @dependabot in #22865
- Bump wrapt from 1.16.0 to 1.17.0 in /requirements by @dependabot in #22882
- Bump django from 4.2.16 to 4.2.17 in /requirements by @dependabot in #22920
- Bump addons-linter from 7.5.0 to 7.6.0 by @dependabot in #22921
Full Changelog: 2024.11.28...2024.12.12
2024.11.28-2
This week's push hero is @KevinMind
Previous Release deployed to production: 2024.11.14-3
Blockers:
Cherry-picks:
Before we push:
Before we start:
Before we promote:
After we're done:
- We should check for duplicate licenses on the upload page in devhub. We should set the
builtin
field to0
on duplicate licenses.
Addons-Frontend Changelog:
mozilla/addons-frontend@2024.11.14-3...2024.11.28-2
Addons Server Changelog:
What's Changed
Notable things shipping
- Add ability to harden / soften blocks in the admin by @diox in #22827
- Revert "Fallback to empty list when block type is not present on cache.json" by @willdurand in #22845
- Fallback to empty list when block type is not present by @KevinMind in #22846
- Add soft block waffle switch by @KevinMind in #22844
- Generate and write stash including soft blocked versions by @KevinMind in #22826
- Use the correct waffle switch name for soft-blocking by @willdurand in #22852
- Restrict the /64 for IPv6 when adding an automatic IP restriction from a scanner action by @diox in #22853
- report appeals for extensions to a different queue by @eviljeff in #22851
- More efficient diff function removing quadratic iterable by @KevinMind in #22859
- Remove time inefficient loop in not_blocked_items by @KevinMind in #22862
- Ensure enable-submissions Disabling Correctly Allows Bypassing by @chrstinalin in #22834
- allow unsigned versions to be flagged for NHR by @eviljeff in #22857
- add basic page to proceed/escalate held actions by @eviljeff in #22822
- Update Licenses available for add-on developers to choose from on AMO by @bakulf in #22818
- Ensure TESTING_ENV is defined in all environments correctly by @KevinMind in #22874
- drop all references to CODE_MANAGER_URL by @eviljeff in #22872
- Remove git extraction code and code-manager related APIs by @diox in #22873
- set action_date too for already disabled decisions by @eviljeff in #22871
- Store NeedsHumanReview for promoted & auto-approval disabled when auto-approval is attempted by @diox in #22868
- Fix data_seed migration data being skipped by @KevinMind in #22860
- Fix error when users.table does not exist yet during initialize by @KevinMind in #22887
- Remove unnecessary translations of activity logs strings by @diox in #22890
- Support uploading stash/filter from multiple block types by @KevinMind in #22884
- Change growth threshold algorithm do use percentage points increase by @diox in #22875
- Add support for soft/hard block in upload_to_mllf_to_remote_settings cron by @KevinMind in #22885
Dependendabots
- Bump uwsgi from 2.0.26 to 2.0.28 in /requirements by @dependabot in #22797
- Bump jquery-ui from 1.14.0 to 1.14.1 by @dependabot in #22810
- Bump addons-linter from 7.3.0 to 7.4.0 by @dependabot in #22856
- Bump addons-linter from 7.4.0 to 7.5.0 by @dependabot in #22869
- Bump pillow from 10.4.0 to 11.0.0 in /requirements by @dependabot in #22771
- Bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in #22867
- Bump sphinx from 8.0.2 to 8.1.3 in /requirements by @dependabot in #22762
- Bump jedi from 0.19.1 to 0.19.2 in /requirements by @dependabot in #22838
- Bump googleapis-common-protos from 1.65.0 to 1.66.0 in /requirements by @dependabot in #22849
- Bump pip from 24.2 to 24.3.1 in /requirements by @dependabot in #22796
- Bump tomli from 2.0.2 to 2.1.0 in /requirements by @dependabot in #22843
- Bump hashin from 1.0.2 to 1.0.3 in /requirements by @dependabot in #22807
- Bump sqlparse from 0.5.1 to 0.5.2 in /requirements by @dependabot in #22854
- Bump sphinx-rtd-theme from 3.0.1 to 3.0.2 in /requirements by @dependabot in #22847
- Bump google-cloud-bigquery from 3.26.0 to 3.27.0 in /requirements by @dependabot in #22841
- Bump proto-plus from 1.24.0 to 1.25.0 in /requirements by @dependabot in #22790
- Bump packaging from 24.1 to 24.2 in /requirements by @dependabot in #22835
- Bump wheel from 0.44.0 to 0.45.0 in /requirements by @dependabot in #22837
- Bump ipython from 8.28.0 to 8.29.0 in /requirements by @dependabot in #22793
Full Changelog: 2024.11.14-3...2024.11.28-2