Last Comment Bug 666735 - Don't offer a Firefox 7 update to users with a too-old version of Freetype
: Don't offer a Firefox 7 update to users with a too-old version of Freetype
Status: RESOLVED FIXED
[qa+]
:
Product: AUS Graveyard
Classification: Graveyard
Component: General (show other bugs)
: 3.0
: x86 Linux
: -- normal (vote)
: ---
Assigned To: Nick Thomas [:nthomas]
:
Mentors:
Depends on: 684151 745702
Blocks: 682182 686369 687826
  Show dependency treegraph
 
Reported: 2011-06-23 13:37 PDT by Joe Drew (not getting mail)
Modified: 2013-12-27 14:22 PST (History)
23 users (show)
See Also:
QA Whiteboard:
Iteration: ---
Points: ---
+
+
fixed


Attachments
Rework OS blocking (16.39 KB, patch)
2011-08-14 21:28 PDT, Nick Thomas [:nthomas]
rhelmer: review+
Details | Diff | Splinter Review
Verify.txt against production snippets (6.05 KB, text/plain)
2011-08-14 21:33 PDT, Nick Thomas [:nthomas]
no flags Details
config followup (378 bytes, patch)
2011-09-01 17:23 PDT, Nick Thomas [:nthomas]
aki: review+
Details | Diff | Splinter Review
Updated Verify.txt (6.70 KB, text/plain)
2011-09-08 04:03 PDT, Nick Thomas [:nthomas]
no flags Details
Roll-up patch with fix to destination version (16.33 KB, patch)
2011-09-08 04:19 PDT, Nick Thomas [:nthomas]
rhelmer: review+
Details | Diff | Splinter Review

Description Joe Drew (not getting mail) 2011-06-23 13:37:44 PDT
Bug 666732 will start sending the Freetype version as part of the AUS ping. This bug is to make sure we don't offer Firefox 7 updates to users running Firefox 6 on a too-old version of Freetype.
Comment 1 Nick Thomas [:nthomas] 2011-06-23 15:54:40 PDT
There are two parts to this I think:
* a config change - eg http://mxr.mozilla.org/mozilla/source/webtools/aus/xml/inc/config-dist.php#201
* a code change to make that config apply to all updates, not just major ones (since we're going to be doing minor updates from Fx5 to the latest release)

We also have to figure out how to block Fx5 users, which won't be sending the Freetype info in the query unless we can get bug 666732 into any 5.0.1 that happens. This may mean we have to update people to 6 first, then possibly on to 7.

enh: might be useful to flip the config so that it blocks based on destination release rather than the one asking for an update.

Currently don't have time to work on this.
Comment 2 Michael Lefevre 2011-06-24 08:04:06 PDT
Just a passing comment, but this seems to be rather contrary to the rest of the new update process. Is the visual experience really bad enough to leave users on an unsupported version with published security flaws (assuming that Firefox 5/6 isn't going to avoid having any vulnerabilities at all...)?
Comment 3 Asa Dotzler [:asa] 2011-07-17 23:49:40 PDT
We're getting deep into the Beta cycle. if Nick can't. then who can work on this?
Comment 4 Nick Thomas [:nthomas] 2011-08-14 21:28:33 PDT
Created attachment 553099 [details] [diff] [review]
Rework OS blocking

This patch does two major things
* blocks OSes based on the app version they'd have after an update, instead of the version in the request. I think this is a more natural way to capture that we de-supported X at ver Y, instead of listing of listing all prior versions. The unsupportedPlatforms array can have versions specified explicitly, using a wildcard (*), or by a minimum version (+)
* removes the restriction that only major updates can be blocked as unsupported. Need to do this because we're only doing minor updates in the rapid release world (4.0+)

The current blocking config is rewritten to support these changes, and I add a block for RHEL5 for Fx7 because it's ancient (v2.2.1 on 5.6). The tests have been tweaked to verify the new code is working.
Comment 5 Nick Thomas [:nthomas] 2011-08-14 21:30:52 PDT
Christian - do you have a list of strings we should block to avoid this come the first Firefox 7 beta?

Joe - what version of freetype is the minimum requirement now ? I can't see that in bug 660448.
Comment 6 Nick Thomas [:nthomas] 2011-08-14 21:33:57 PDT
Created attachment 553100 [details]
Verify.txt against production snippets

This is a test manifest against aus2-staging for the current state of the snippets. I get 168 passes with and without the code change in attachment 553099 [details] [diff] [review] applied there, so I'm pretty confident it won't regress our current blocking setup.
Comment 7 Karl Tomlinson (:karlt) 2011-08-14 21:46:32 PDT
(In reply to Nick Thomas [:nthomas] from comment #5)
> Christian - do you have a list of strings we should block to avoid this come
> the first Firefox 7 beta?
> 
> Joe - what version of freetype is the minimum requirement now ? I can't see
> that in bug 660448.

FreeType 2.3.0 (bug 456448 comment 1)
Comment 8 christian 2011-08-16 14:24:41 PDT
Product has decided we will EOL firefox on affected systems rather than deliver them a worse Firefox. Tracking for Firefox 7
Comment 9 JP Rosevear [:jpr] 2011-08-17 14:24:17 PDT
I focused on RH/Fedora, SuSE/openSUSE and Ubuntu for blocking.  Results are:

*** 

RHEL 5 -> FT 2.2.1 (see above
RHEL 6 -> FT 2.3.11

http://fedoraproject.org/wiki/LifeCycle/EOL
Fedora 14 -> FT 2.4.2
Fedora 15 -> FT 2.4.4

SLE 10 -> FT 2.1.10
SLE 11 -> FT 2.3.7 (no older than - 11.1 as base)

http://en.opensuse.org/Lifetime
openSUSE 11.3 -> 2.3.12
openSUSE 11.4 -> 2.4.4

https://wiki.ubuntu.com/Releases
Ubuntu 8.04 LTS -> 2.3.5
Ubuntu 10.04 LTS -> 2.3.11
Ubuntu 10.10 -> 2.4.2
Ubuntu 11.04 -> 2.4.4

***

Basically RHEL 5 and older and SLE 10 and older.  I'll check Debian as well.
Comment 10 Nick Thomas [:nthomas] 2011-08-17 16:44:12 PDT
Thanks for looking into this jpr. joe also mentioned
Ubuntu 06.04 LTS -> 2.1.10  
so it's too old.

The other question is how to identify those releases. RHEL5 conveniently appends a .el5 do their kernel version, which is included in our update requests.
Comment 11 JP Rosevear [:jpr] 2011-08-17 19:08:19 PDT
(In reply to Nick Thomas [:nthomas] from comment #10)
> Thanks for looking into this jpr. joe also mentioned
> Ubuntu 06.04 LTS -> 2.1.10  
> so it's too old.

Yes, anything older of course - I only covered releases that are not EOL.

> The other question is how to identify those releases. RHEL5 conveniently
> appends a .el5 do their kernel version, which is included in our update
> requests.

What kind of data do we collect? uname -a or /etc/*-release?
Comment 12 Nick Thomas [:nthomas] 2011-08-17 19:19:42 PDT
rstrong would be able to provide specifics, but an update request from Fx6 on Ubuntu 10.04 LTS is:

https://aus3.mozilla.org/update/3/Firefox/6.0/20110811165603/Linux_x86-gcc3/en-US/release/Linux%202.6.32-32-generic%20(GTK%202.20.1)/default/default/update.xml?force=1

The 'Linux 2.6.32-32-generic (GTK 2.20.1)' part is what we can block on.
Comment 13 JP Rosevear [:jpr] 2011-08-18 05:16:53 PDT
(In reply to Nick Thomas [:nthomas] from comment #12)
> https://aus3.mozilla.org/update/3/Firefox/6.0/20110811165603/Linux_x86-gcc3/
> en-US/release/Linux%202.6.32-32-generic%20(GTK%202.20.1)/default/default/
> update.xml?force=1

I just see a blank <update> tag at this link unfortunately.
Comment 14 JP Rosevear [:jpr] 2011-08-18 05:24:48 PDT
Debian Lenny (previous stable) had 2.3.7 and is EOL.
Comment 15 Nick Thomas [:nthomas] 2011-08-18 05:27:44 PDT
(In reply to JP Rosevear from comment #13)
> I just see a blank <update> tag at this link unfortunately.

That was just an example of a full query URL. The empty response is expected until there's something beyond 6.0 on the release channel.
Comment 16 JP Rosevear [:jpr] 2011-08-18 06:05:45 PDT
(In reply to Nick Thomas [:nthomas] from comment #12) 
> The 'Linux 2.6.32-32-generic (GTK 2.20.1)' part is what we can block on.

Ok, if we just have the kernel version to go by, looking at RH/SuSE/Ubuntu/Debian, we have the follow shipped kernel versions:

SLE 11 -> 2.6.27 (SLE10 2.6.13)
RHEL 6 -> 2.6.32 (RHEL5 2.6.18)
Ubuntu 8.04 LTS -> 2.6.24
Debian Stable -> 2.6.32 (Lenny 2.6.13)

So in theory we could block 2.6.23 and older kernel versions since its either EOL or without FT >= 2.3.x.

(Adding in various linux distro maintainers - not sure who the ubuntu person is).
Comment 17 Mike Hommey [:glandium] 2011-08-18 06:34:48 PDT
FWIW, there are a whole lot of people upgrading their kernel but not touching to libraries.
Comment 18 JP Rosevear [:jpr] 2011-08-18 07:06:40 PDT
(In reply to Mike Hommey [:glandium] from comment #17)
> FWIW, there are a whole lot of people upgrading their kernel but not
> touching to libraries.

Do you think there is a significant number that would be updating Firefox independent of the packaged version on their distro too?
Comment 19 Mike Hommey [:glandium] 2011-08-18 08:44:58 PDT
So, according to the URL formatter code, the most valuable piece of information we have in the update ping url is OS_VERSION, which is created from the kernel version and the GTK version. The GTK version might be a better fit.
Comment 20 JP Rosevear [:jpr] 2011-08-19 06:28:21 PDT
Gtk versions are:

SLE 11 -> 2.14.4 (SLE10 2.8.11)
RHEL 6 -> 2.18.9 (RHEL5 2.10.4)
Ubuntu 8.04 LTS -> 2.12.9
Debian Stable -> 2.20.1 (Lenny 2.12.12)

So on GTK we could block 2.10.x and older.
Comment 21 Joe Drew (not getting mail) 2011-08-19 08:08:27 PDT
Do you also have a list of what version of GTK the too-old distros use?
Comment 22 Matěj Cepl 2011-08-20 02:38:43 PDT
(In reply to Joe Drew (:JOEDREW!) from comment #21)
> Do you also have a list of what version of GTK the too-old distros use?

My RHEL-5 VM says
gtk2-2.10.4-21.el5_5.6.i386

For RHEL-4 I have as the most recent
gtk2-2.4.13-24.el4.i386
Comment 23 Nick Thomas [:nthomas] 2011-08-20 03:34:00 PDT
FWIW, we're already blocking GTK 2.0 - 2.9 for updates from Fx 2.0*, 3.5* and 3.6*, because GTK 2.10 or higher was required for Firefox 3.0. For the builds from mozilla.com at least, but that's all we're talking about blocking here anyway.
Comment 24 JP Rosevear [:jpr] 2011-08-22 05:01:54 PDT
(In reply to Joe Drew (:JOEDREW!) from comment #21)
> Do you also have a list of what version of GTK the too-old distros use?

Yes, the too old versions are in brackets.  Either FT is too old or the distro is EOL.
Comment 25 JP Rosevear [:jpr] 2011-08-22 05:04:18 PDT
(In reply to Nick Thomas [:nthomas] from comment #23)
> FWIW, we're already blocking GTK 2.0 - 2.9 for updates from Fx 2.0*, 3.5*
> and 3.6*, because GTK 2.10 or higher was required for Firefox 3.0. For the
> builds from mozilla.com at least, but that's all we're talking about
> blocking here anyway.

Ok, for consistency does it make sense to bump this to 2.0-2.10 for FF 7 and newer then?
Comment 26 Robert Helmer [:rhelmer] 2011-08-25 14:26:11 PDT
Comment on attachment 553099 [details] [diff] [review]
Rework OS blocking

This lgtm, much more readable without the regexes too.

One nit - I notice a typo in a few comments, s/detemine/determine/g
Comment 27 JP Rosevear [:jpr] 2011-08-31 07:31:29 PDT
Is this change landed now?
Comment 28 Nick Thomas [:nthomas] 2011-09-01 03:27:10 PDT
Not yet. I will update the patch to block GTK 2.10 for Fx7, and figure out when to land this around the chemspills.
Comment 29 Nick Thomas [:nthomas] 2011-09-01 17:23:14 PDT
Created attachment 557717 [details] [diff] [review]
config followup

This blocks GTK 2.10.*, per jpr in comment #25. It's on top of attachment 553099 [details] [diff] [review], which already had GTK 2.0.-2.9. blocked for Fx3.0b1+.
Comment 30 Aki Sasaki [:aki] 2011-09-01 17:28:54 PDT
Comment on attachment 557717 [details] [diff] [review]
config followup

*stamp*
Comment 31 Nick Thomas [:nthomas] 2011-09-01 19:11:19 PDT
Landed
* attachment 553099 [details] [diff] [review]
* attachment 557717 [details] [diff] [review]
with
* fixes for the detemine typos
* fixes for '10.3/10.3' -> '10.2/10.3' typos

New Rev File
1.21 	mozilla/webtools/aus/tests/Verify.txt
1.3 	mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/complete.txt
1.3 	mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/partial.txt
1.33 	mozilla/webtools/aus/xml/index.php
1.158 	mozilla/webtools/aus/xml/inc/config-dist.php
1.5 	mozilla/webtools/aus/xml/inc/config-test.php
1.28 	mozilla/webtools/aus/xml/inc/patch.class.php
Comment 32 Nick Thomas [:nthomas] 2011-09-01 20:10:58 PDT
SeaMonkey and Thunderbird people - FYI, if you're running mozilla/webtools/aus for your update server then your config-dist.php will need updating.
Comment 33 Nick Thomas [:nthomas] 2011-09-01 20:32:58 PDT
$ cvs tag AUS2_PRODUCTION
W index.php : AUS2_PRODUCTION already exists on version 1.32 : NOT MOVING tag to version 1.33
W inc/config-dist.php : AUS2_PRODUCTION already exists on version 1.157 : NOT MOVING tag to version 1.158
W inc/config-test.php : AUS2_PRODUCTION already exists on version 1.4 : NOT MOVING tag to version 1.5
W inc/patch.class.php : AUS2_PRODUCTION already exists on version 1.27 : NOT MOVING tag to version 1.28

$ cvs tag -F AUS2_PRODUCTION
T index.php
T inc/config-dist.php
T inc/config-test.php
T inc/patch.class.php
Comment 34 Nick Thomas [:nthomas] 2011-09-01 21:11:10 PDT
When I tested the changes in production we're not blocking 'GTK 2.10.', so I'm backing it out.

File 	New Rev
mozilla/webtools/aus/tests/Verify.txt 	1.22
mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/complete.txt 	1.4
mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/partial.txt 	1.4
mozilla/webtools/aus/xml/index.php 	1.34
mozilla/webtools/aus/xml/inc/config-dist.php 	1.159
mozilla/webtools/aus/xml/inc/config-test.php 	1.6
mozilla/webtools/aus/xml/inc/patch.class.php 	1.29

$ cvs diff -r1.32 -r1.34 index.php
$ cvs diff -r1.157 -r1.159 inc/config-dist.php
$ cvs diff -r1.27 -r1.29 inc/patch.class.php 

$ cvs tag AUS2_PRODUCTION
W index.php : AUS2_PRODUCTION already exists on version 1.33 : NOT MOVING tag to version 1.34
W inc/config-dist.php : AUS2_PRODUCTION already exists on version 1.158 : NOT MOVING tag to version 1.159
W inc/config-test.php : AUS2_PRODUCTION already exists on version 1.5 : NOT MOVING tag to version 1.6
W inc/patch.class.php : AUS2_PRODUCTION already exists on version 1.28 : NOT MOVING tag to version 1.29

$ cvs tag -F AUS2_PRODUCTION
T index.php
T inc/config-dist.php
T inc/config-test.php
T inc/patch.class.php
Comment 35 Nick Thomas [:nthomas] 2011-09-08 04:03:23 PDT
Created attachment 559096 [details]
Updated Verify.txt

Updated for the new 3.6.22 release, and add a test for the blocking of GTK 2.10 when the destination is 7.0bN. Set to run against aus2-staging, but can be used to verify deployment too.
Comment 36 Nick Thomas [:nthomas] 2011-09-08 04:19:39 PDT
Created attachment 559101 [details] [diff] [review]
Roll-up patch with fix to destination version

This patch rolls up attachment 553099 [details] [diff] [review] with attachment 557717 [details] [diff] [review], the fixes for the typos in the comments, and this important interdiff in index.php:

-            if ($xml->hasPatchLine() && $completePatch->isSupported($completePatch->updateType, $clean['product'], $completePatch->updateVersion, $clean['platformVersion'], $unsupportedPlatforms)) {
+            if ($xml->hasPatchLine() && $completePatch->isSupported($completePatch->updateType, $clean['product'], $completePatch->updateExtensionVersion, $clean['platformVersion'], $unsupportedPlatforms)) {

This was needed because we've been presenting human friendly strings like 'Firefox 7.0 Beta' in the update offers, by setting appv in the snippets to '7.0 Beta', and that ends up in $completePatch->updateVersion. The string in there mucks up the version comparison, so I've switched it to updateExtensionVersion, aka extv in the snippet, which is set to a sensible value of '7.0'.

Verified working and no regressions against aus2-staging.
Comment 37 Nick Thomas [:nthomas] 2011-09-08 16:35:17 PDT
Comment on attachment 559101 [details] [diff] [review]
Roll-up patch with fix to destination version

File    New Rev.
mozilla/webtools/aus/tests/Verify.txt 	1.23
mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/complete.txt 	1.5
mozilla/webtools/aus/tests/data/3/Synthetic/1.0/platform/9000000001/locale/channel/partial.txt 	1.5
mozilla/webtools/aus/xml/inc/config-dist.php 	1.161
mozilla/webtools/aus/xml/inc/config-test.php 	1.7
mozilla/webtools/aus/xml/inc/patch.class.php 	1.30
mozilla/webtools/aus/xml/index.php 	1.35 

Green on https://hudson.mozilla.org/job/AUSv2/

Tagged all of xml with AUS2_RTM_201109081628.

$ cvs tag AUS2_PRODUCTION
W index.php : AUS2_PRODUCTION already exists on version 1.34 : NOT MOVING tag to version 1.35
W inc/config-dist.php : AUS2_PRODUCTION already exists on version 1.160 : NOT MOVING tag to version 1.161
W inc/config-test.php : AUS2_PRODUCTION already exists on version 1.6 : NOT MOVING tag to version 1.7
W inc/patch.class.php : AUS2_PRODUCTION already exists on version 1.29 : NOT MOVING tag to version 1.30

$ cvs tag -F AUS2_PRODUCTION
T index.php
T inc/config-dist.php
T inc/config-test.php
T inc/patch.class.php

All tests pass using attachment 559096 [details] against aus2-staging.
Comment 39 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2011-09-22 15:29:59 PDT
qa+ for verification on Firefox 7. Test the positive case using Freetype >=2.3.0, negative case using Freetype <2.3.0

Note You need to log in before you can comment on or make changes to this bug.