[HTTPS-Everywhere] 2.2.1 stable released

Peter Eckersley pde at eff.org
Fri Aug 17 22:34:05 PDT 2012 

As the package maintainer, it's up to you.  There have been a couple of times
in the history of the project when we've had to push releases quickly to deal
with breakage, so I can't promise it'll never happen again.  If appManaged
meant that Fedora/RHEL users wouldn't normally get HTTPS Everywhere updates
until they upgrade their OS, I'd say it was a bad idea because sites
themselves break their HTTPS support and we push updates to fix that.  But if
appManaged means that you'll wait a few days after most stable releases before
pushing them to RedHat users, that seems fine.

The backstory is that we try to be conservative about what goes into stable
releases, but in this case our hand was forced by Firefox upstream; HTTPS
Everywhere 2.1 was completely broken by Firefox 15's deprecation of E4X; we
wrote a patch to fix that; we tested the patch in HTTPS E 3.0dev5; I then
cherry-picked the patch back to the stable branch and tested it, but the bug
only showed up in fresh installs, not upgrades from other versions of HTTPS
Everywhere, and I didn't test a fresh install in a fresh browser profile.

There's also no doubt that we could have better automated testing
infrastructure for the project.  We have decent testing of rulesets, and it's
going to get better thanks to Ondrej's efforts, but should ideally build test
suites for the extension machinery that use either selenium or Firefox's
internal testing frameworks.

On Fri, Aug 17, 2012 at 07:33:12PM -0500, Russell Golden wrote:
> Yargle flargle. This one actually works.
> 
> I'm adding the appManaged flag to the install.rdf file in my Fedora
> and EPEL RPMs. I'm technically supposed to offer you the patch, but I
> don't think it'd be good to ship in the official version, and it's
> kind of obvious how to do it anyway.
> 
> If me adding that flag bothers you, please say so and I'll remove it.
> I just don't want a repeat of today's "fun" to happen to my users.
> 
> Russell Golden
> Fedora Project Contributor
> niveusluna at niveusluna.org
> (972) 836-7128
> --
> "We are the Borg. Lower your shields and surrender your ships. We will
> add your biological and technological distinctiveness to our own. Your
> culture will adapt to service us. Resistance is futile."
> 
> 
> On Fri, Aug 17, 2012 at 4:56 PM, Peter Eckersley <pde at eff.org> wrote:
> > https://www.eff.org/files/https-everywhere-2.2.1.xpi
> >
> > 2.2.1                                     (2012-08-17)
> >   * Fix a configuration-parsing bug in 2.2 that would
> >     ignore default_off rules if this was a first install
> >     https://mail1.eff.org/pipermail/https-everywhere/2012-August/001511.html
> >   * Add a cleanup routine for profiles affected by that bug.
> >
> > --
> > Peter Eckersley                            pde at eff.org
> > Technology Projects Director      Tel  +1 415 436 9333 x131
> > Electronic Frontier Foundation    Fax  +1 415 436 9993
> >
> > _______________________________________________
> > HTTPS-everywhere mailing list
> > HTTPS-everywhere at mail1.eff.org
> > https://mail1.eff.org/mailman/listinfo/https-everywhere
> 
> _______________________________________________
> HTTPS-everywhere mailing list
> HTTPS-everywhere at mail1.eff.org
> https://mail1.eff.org/mailman/listinfo/https-everywhere

-- 
Peter Eckersley                            pde at eff.org
Technology Projects Director      Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993

More information about the HTTPS-everywhere mailing list