Firebug 1.6b2

[Honza (Jan Odvarko)]

http://blog.getfirebug.com/2010/10/15/firebug-1-6b2/
Honza

[darth-...@gmx.de]

awesome beta! question: is it worth switching from 1.7a back to 1.6b
for other than stability reasons?

On 15 Okt., 17:46, "Honza (Jan Odvarko)" <odva...@gmail.com> wrote:
> http://blog.getfirebug.com/2010/10/15/firebug-1-6b2/
> Honza

[John J Barton]

On Oct 15, 10:01 am, "darth-nor...@gmx.de" <darth-nor...@gmx.de>
wrote:

> awesome beta! question: is it worth switching from 1.7a back to 1.6b
> for other than stability reasons?

1.7a has everything in 1.6b. 1.7a also has new things.
We'll start making more rapid changes on 1.7 soon, though our goal is
to keep it completely usable and to push it out to beta by the end of
the year.

jjb

[Nicolas Hatier]

Is it possible there was a packaging issue in beta 2? I don't know if
it's intended, but there seems to be a copy of beta 1 inside the /dist
subdirectory (/dist/firebug-1.6XJ.0b1.BZ).

This makes the new package 2x the size of beta 1...

Nicolas

[skierpage]

On Oct 15, 8:46 am, "Honza (Jan Odvarko)" <odva...@gmail.com> wrote:
> http://blog.getfirebug.com/2010/10/15/firebug-1-6b2/

I'm running Firefox 4.08bpre nightly with Firebug 1.6X.0b1, last
updated 2010-08-24. Tools > Add-ons doesn't think there's an update
available for it. Should I be offered 1.6b2 ?

[John J Barton]

We switched from signed xpis to https. Next week I'll see if we can
put up an update.rdf to migrate.

jjb

[John J Barton]

Thanks, a bump caused by our change from JS based packing to Ant based
packing. We'll fix it for b3.

jjb

[Honza (Jan Odvarko)]

On Oct 15, 10:56 pm, Nicolas Hatier <nicolas.hat...@gmail.com> wrote:
> Is it possible there was a packaging issue in beta 2? I don't know if
> it's intended, but there seems to be a copy of beta 1 inside the /dist
> subdirectory (/dist/firebug-1.6XJ.0b1.BZ).

Yes, this sun dir was the problem. Will be fixed in 1.6b3
Thanks for noticing!
Honza

[Honza (Jan Odvarko)]

Actually I think it's safe to fix the b2, done.
Honza

[Samuel Bronson]

Why did you switch? That doesn't sound particularly safe (what if
someone breaks into the site?), and it also doesn't help at all for
off-site copies of the XPI.

[John J Barton]

On Oct 19, 5:17 pm, Samuel Bronson <naes...@gmail.com> wrote:
> On Oct 15, 8:53 pm, John J Barton <johnjbar...@johnjbarton.com> wrote:
>
> > On Oct 15, 4:40 pm, skierpage <skierp...@gmail.com> wrote:
>
> > > On Oct 15, 8:46 am, "Honza (Jan Odvarko)" <odva...@gmail.com> wrote:
>
> > > >http://blog.getfirebug.com/2010/10/15/firebug-1-6b2/
>
> > > I'm running Firefox 4.08bpre nightly with Firebug 1.6X.0b1, last
> > > updated 2010-08-24.  Tools > Add-ons doesn't think there's an update
> > > available for it.  Should I be offered 1.6b2 ?
>
> > We switched from signed xpis to https. Next week I'll see if we can
> > put up an update.rdf to migrate.
>
> Why did you switch?

Because the only tool I had to to build the signed xpis was too
difficult for others to use.

> That doesn't sound particularly safe (what if
> someone breaks into the site?),

If someone breaks into the site, updates of XPIs are not my most
immediate concern.

> and it also doesn't help at all for
> off-site copies of the XPI.

Well I guess you can create signed copies if you like. I invested a
lot of time building new tools for signing and maintaining our signing
system for almost three years. I tried multiple times to get others
interested in simple support for digital signatures. But in the end I
have to give up. The base tools for digital signatures are closely
guarded by obscurists who want you to think that normal humans should
not be allowed to work with them. You pretty much cannot get a
straight answer out of them. The technology is not that complicated
but it has a number of troublesome issues like absolute precision in
the bytes that are signed, the need to carry the signature outside of
but with the signed objects, the need to maintain the private key. But
most of all we need to pass the private key (a string) and the to-be-
signed document (another string) to a crypto algorithm to get the
signed results (the result string). It's amazing how obscure that API
can be made with a little effort.

jjb

[John J Barton]

I think I fixed this today. I hope you will be prompted to update, and
it works. After you get 1.6X.0b2, the updates should go over https.

jjb

On Oct 15, 4:40 pm, skierpage <skierp...@gmail.com> wrote: