nobody
/
LocalCDN
17
112
Fork 9
Code Issues 2 Pull Requests Releases 52 Wiki Activity
Labels Milestones
New Issue

[addons.mozilla.org] Information about v2.6.2 #285

Closed
opened 4 months ago by nobody · 16 comments
nobody commented 4 months ago
Owner

Maybe some of you have already noticed, version 2.6.2 has been released here, but you can't see it on addons.mozilla.org yet. This is caused by the fact that Mozilla has rejected the version. The reason is that I am supposed to give the original source of all 158 resources. Links to CDNs are not allowed 😒

Your add-on includes third-party libraries. Please provide the origin of the exact library version you were using and make sure you are using an exact copy of the original maintainers release version. For more information, refer to https://extensionworkshop.com/documentation/publish/third-party-library-usage/ .

Unfortunately this is difficult because e.g. Babel does not provide precompiled JavaScript files. In the case of Google Material Icons and Bootstrap, I have edited or renamed files to allow replacement or version upgrade without problems.

I'll wait and see what I get as a response and update this issue immediately...

Maybe some of you have already noticed, version 2.6.2 has been released [here](https://codeberg.org/nobody/LocalCDN/releases/tag/v2.6.2), but you can't see it on addons.mozilla.org yet. This is caused by the fact that Mozilla has rejected the version. The reason is that I am supposed to give the original source of all 158 resources. Links to CDNs are not allowed :unamused: > Your add-on includes third-party libraries. Please provide the origin of the exact library version you were using and make sure you are using an exact copy of the original maintainers release version. For more information, refer to https://extensionworkshop.com/documentation/publish/third-party-library-usage/ . Unfortunately this is difficult because e.g. [Babel](https://codeberg.org/nobody/LocalCDN/src/branch/main/resources/babel-polyfill/7.12.1) does not provide precompiled JavaScript files. In the case of [Google Material Icons](https://codeberg.org/nobody/LocalCDN/src/branch/main/resources/google-material-design-icons/google-material-design-icons.css#L6) and [Bootstrap](https://codeberg.org/nobody/LocalCDN/src/branch/main/resources/twitter-bootstrap/4.6.0), I have edited or renamed files to allow replacement or version upgrade without problems. I'll wait and see what I get as a response and update this issue immediately...
👍 3
nobody changed title from Information about v2.6.2 in addons.mozilla.org to [addons.mozilla.org] Information about v2.6.2 4 months ago
colbergv commented 4 months ago

You had us hope for a "recommended" badge there :) But we are behind you.

You had us hope for a "recommended" badge there :) But we are behind you.
❤️ 3
nobody referenced this issue from a commit 4 months ago
Removed unnecessary files (#285)
nobody added this to the v2.6.3 milestone 4 months ago
nobody referenced this issue from a commit 4 months ago
Deleted: THIRD_PARTY.md (#285)
nobody referenced this issue from a commit 4 months ago
Created: THIRD_PARTY.txt (#285)
nobody commented 4 months ago
Poster
Owner

Unfortunately I still have no feedback from Mozilla. The last answer from the reviewer was on 2021-02-26 😒

Screenshot AMO Developer Hub

Unfortunately I still have no feedback from Mozilla. The last answer from the reviewer was on 2021-02-26 😒 ![Screenshot AMO Developer Hub](https://codeberg.org/attachments/93fd1c8b-3dad-4e73-8550-15447260a90d)
screenshot9958.png
14 KiB
😕 1
6543 commented 4 months ago

can we as users vote for it somehow :D ?

can we as users vote for it somehow :D ?
nobody commented 4 months ago
Poster
Owner

That would be nice, but I don't think so.

At worst, Mozilla will disable the extension because it violates the policy. 😞

That would be nice, but I don't think so. At worst, Mozilla will disable the extension because it violates the policy. :disappointed:
6543 commented 4 months ago

why is Decentraleyes allowed to do the same ?!?

why is Decentraleyes allowed to do the same ?!?
nobody commented 4 months ago
Poster
Owner

I don't know. Looks like something changed in the validation process in Feb 2021 (see screenshot). The last update of Decentraleyes was in November last year. Maybe Thomas (developer of Decentraleyes) has already been contacted by Mozilla and is also affected.

The test/beta versions are also affected. 😒

I don't know. Looks like something changed in the validation process in Feb 2021 (see screenshot). The last update of Decentraleyes was in November last year. Maybe Thomas (developer of Decentraleyes) has already been contacted by Mozilla and is also affected. The test/beta versions are also affected. 😒
screenshot9959.png
121 KiB
screenshot9960.png
57 KiB
colbergv commented 4 months ago

This is sad. LocalCDN is one of my must-haves.

This is sad. LocalCDN is one of my must-haves.
nobody commented 3 months ago
Poster
Owner

Good news. I have received a reply from Mozilla:

Please create a script that would download the files from the servers and compare them to the files inside the XPI. Please remember that established libraries must be included in their original format without any modification (changing the file name does not matter)

Good news. I have received a reply from Mozilla: > Please create a script that would download the files from the servers and compare them to the files inside the XPI. Please remember that established libraries must be included in their original format without any modification (changing the file name does not matter)
👍 2
nobody referenced this issue from a commit 3 months ago
Added: Audit script (#285)
colbergv commented 3 months ago

That's really great to hear.

That's really great to hear.
nobody referenced this issue from a commit 3 months ago
Audit script moved and doc added (#285)
6543 commented 3 months ago

@nobody sorry but I tryed your ./audit.sh and had to do chmod +x audit.sh first (should be set & commited ... but this is only a nit)

then I only got No connection: ../resources ... for USE_TOR=false

@nobody sorry but I tryed your `./audit.sh` and had to do `chmod +x audit.sh` first (should be set & commited ... but this is only a nit) then I only got `No connection: ../resources ...` for USE_TOR=false
nobody commented 3 months ago
Poster
Owner

Thanks for testing 👍

I've implemented a few checks, because maybe something is missing on this OS.

Which OS are you using?

Thanks for testing :+1: I've implemented a few checks, because maybe something is missing on this OS. Which OS are you using?
6543 commented 3 months ago

I use latest artix (linux 5.11.4 x64)

with your patches if i start it with: USE_TOR=false ./audit.sh I get this:

...
REMOTE HASH: -
STATUS:      NO CONNECTION https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.1/js/swiper.min.js
=============================================================================================================================================
SCANNED:     9/1071
PATH:        ../resources/Swiper/5.4.5/css/swiper.min.css
1615568271 ERROR torsocks[14691]: [socks5] Resolve destination buffer too small (in socks5_recv_resolve_reply() at socks5.c:701)
LOCAL HASH:  -
REMOTE HASH: -
STATUS:      NO CONNECTION https://cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/css/swiper.min.css
=====================================================
...
I use latest artix (linux 5.11.4 x64) with your patches if i start it with: `USE_TOR=false ./audit.sh` I get this: ```sh ... REMOTE HASH: - STATUS: NO CONNECTION https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.1/js/swiper.min.js ============================================================================================================================================= SCANNED: 9/1071 PATH: ../resources/Swiper/5.4.5/css/swiper.min.css 1615568271 ERROR torsocks[14691]: [socks5] Resolve destination buffer too small (in socks5_recv_resolve_reply() at socks5.c:701) LOCAL HASH: - REMOTE HASH: - STATUS: NO CONNECTION https://cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/css/swiper.min.css ===================================================== ... ```
nobody commented 3 months ago
Poster
Owner

You have to manually edit that option inside the script and then run the script.

...
# ============================================================================= 
# SETTINGS:
#
# Use local Tor Proxy
USE_TOR=false   #fast (~ 5 minutes)
# USE_TOR=true    #slow (~ 15 minutes)
#
...

I'll add this in the README.md 👍

You have to manually edit that option [**inside** the script](https://codeberg.org/nobody/LocalCDN/src/branch/develop/audit/audit.sh#L26) and then run the script. ```sh ... # ============================================================================= # SETTINGS: # # Use local Tor Proxy USE_TOR=false #fast (~ 5 minutes) # USE_TOR=true #slow (~ 15 minutes) # ... ``` I'll add this in the README.md 👍
😆 1
6543 commented 3 months ago

I should have looked more into the script ... but I just asumed it handle things as normal linux scripts do ...

I should have looked more into the script ... but I just asumed it handle things as normal linux scripts do ...
nobody referenced this issue from a commit 3 months ago
Updated: audit.sh and README.md (#285)
nobody commented 3 months ago
Poster
Owner

Which variant you use doesn't make a big difference. The only problem with your variant is that the variable is set to true inside the script.

Normally we start bash scripts with bash script or bash script.sh, if we follow the conventions of Google. After the script name there are arguments, e.g. bash script -h or bash script.sh -h. In this case I've added the .sh extension so Windows users will immediately know what it is when WSL is configured.

The variant VARIABLE=true script.sh I've seen very rarely.

I've added a small help, which can be called with bash audit.sh -h.

Which variant you use doesn't make a big difference. The only problem with your variant is that the variable is set to true inside the script. Normally we start bash scripts with `bash script` or `bash script.sh`, if we follow the [conventions of Google](https://google.github.io/styleguide/shellguide.html#s1.1-which-shell-to-use). After the script name there are arguments, e.g. `bash script -h` or `bash script.sh -h`. In this case I've added the `.sh` extension so Windows users will immediately know what it is when WSL is configured. The variant `VARIABLE=true script.sh` I've seen very rarely. --- I've added a small help, which can be called with `bash audit.sh -h`.
nobody commented 3 months ago
Poster
Owner

What a bummer!
Now Mozilla's validator doesn't work. It works without the resources.

https://github.com/mozilla/addons/issues/1302

The version v2.6.3 cannot be published/signed at the moment.

This was probably only a temporary problem 🥳 🥳 🥳

I think we can close here now because version v2.6.2 was not released and now v2.6.3 is waiting for release.

Char errors

~~What a bummer!~~ ~~Now Mozilla's validator doesn't work. It works without the resources.~~ ~~https://github.com/mozilla/addons/issues/1302~~ ~~The version v2.6.3 cannot be published/signed at the moment.~~ This was probably only a temporary problem 🥳 🥳 🥳 I think we can close here now because version v2.6.2 was not released and now v2.6.3 is waiting for release. [<img src="https://codeberg.org/attachments/818ac654-9bd3-4467-99e7-95572433db34" alt="Char errors" width="400"/>](https://codeberg.org/attachments/818ac654-9bd3-4467-99e7-95572433db34)
screenshot9966.png
25 KiB
👍 1
nobody closed this issue 3 months ago
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
develop
main
Labels
Apply labels
Clear labels
bug
Something is not working Chromium incompatibility
Not compatible with chromium based browsers documentation
documentation duplicate
This issue or pull request already exists enhancement
Feature request/Enhancement firefox-bug
Firefox bug help wanted
Need some help invalid
Something is wrong missing framework/mapping
Missing framework or mapping need info
Need info from the reporter observation question/discussion
Question about the extension sop/cors
Same-Origin-Policy or Cross-Origin-Resource-Sharing testing
testing update framework
Update framework website
Own Website (www.localcdn.org) wontfix
This won't be fixed
No Label bug Chromium incompatibility documentation duplicate enhancement firefox-bug help wanted invalid missing framework/mapping need info observation question/discussion sop/cors testing update framework website wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
v2.6.3
Assignees
Assign users
Clear assignees
No Assignees
3 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes