Closed
Bug 1070192
Opened 9 years ago
Closed 8 years ago
Add documentation around add-on signing to MDN
Categories
(addons.mozilla.org Graveyard :: Code Quality, defect, P2)
addons.mozilla.org Graveyard
Code Quality
Tracking
(Not tracked)
RESOLVED
FIXED
44.2
People
(Reporter: clouserw, Assigned: jorgev)
References
Details
(Whiteboard: [qa-])
We should add documentation around add-on signing to MDN. Off the top of my head, this should include: * Policies around signing * Expectations for self-hosting (namely, you would host after we sign it, you wouldn't download a key from us and sign it yourself) * What the meta-inf directory is doing in your add-on .zip. What happens if you change it or it already exists when you upload. * Blocklisting changes There are probably more. Tentatively assigning to Jorge, because I don't know who else would own this.
|
Assignee | |
Comment 1•8 years ago
|
||
Most of this is covered here: https://developer.mozilla.org/en-US/Add-ons/Distribution, but there are still a few things missing.
|
||
Comment 2•8 years ago
|
||
Anything we can do to help on the missing bits?
|
||
Comment 3•8 years ago
|
||
Things that are missing from the docs: - switching unlisted/listed: https://bugzilla.mozilla.org/show_bug.cgi?id=1172696#c26 (the part explaining that an add-on can switch needs to be modified) - multi-package XPIs aren't signed, but their inner extensions needs to be: https://bugzilla.mozilla.org/show_bug.cgi?id=1184008#c11 - an entry about what can be auto-validated: - only unlisted add-ons that aren't sideloaded - if they don't have warnings with signing severity attached higher than trivial) - if they do have any of those, they'll need a first manual review, and the reviewer might flag some of those warnings as ignorable for future updates - the part explaining that beta versions are only signed if they pass auto validation isn't correct anymore (all beta versions are automatically signed)
|
|
Assignee | |
Comment 4•8 years ago
|
||
The first and part of the third point are now addressed in https://developer.mozilla.org/en-US/Add-ons/Distribution. The remaining bits are too edge-casy to try to explain in detail to someone looking for general information, IMO. The second point is now addressed here: https://developer.mozilla.org/en-US/docs/Multiple_Item_Packaging#Signing
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → 44.2
|
|
Assignee | |
Comment 5•8 years ago
|
||
I was referring to comment #3, not comment #0, by the way.
|
|
Assignee | |
Updated•8 years ago
|
Whiteboard: [qa-]
|
||
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•