weixin_39990250
weixin_39990250
2020-12-09 01:50

Make Lightbeam WE available to non-developers to try out

Another Mozillian made a great observation that we should make the new Lightbeam WE available to community members for download and testing without a CLI (Node, web-ext run, etc. from the README).

One idea here is to have a releases page on our GitHub repo. Here's an example for Containers. Here's a helpful GitHub article about how to set these up.

I believe we need to get the add-on signed and then can upload an XPI, though using an XPI requires using about:config.

Could you explain a little more about the signing process and how the user would install the add-on in Firefox after they download the file? Are there any additional files we would need to make or steps to enable this?

该提问来源于开源项目:mozilla/lightbeam-we

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

5条回答

  • weixin_39990250 weixin_39990250 5月前

    From :

    With about:addons + Install Add-On from File, they need to select the .xpi file. Which means you’ll have to use web-ext build to build the .xpi file, and host it. (Usually it’s hosted on AMO, but you can also host it on GitHub releases. I can show you how I do this for Containers)

    The Add-on still has to be signed. You can use web-ext sign command to do that for each release. https://developer.mozilla.org/en-US/Add-ons/WebExtensions/web-ext_command_reference#web-ext_sign but you’ll need API access as an author/maintainer of the add-on on AMO, which takes a while to get the add-on through review.

    You can build an un-signed .xpi file with web-ext build. (In fact web-ext sign does this first, then POSTs the un-signed .xpi to AMO for signing.) You can publish the un-signed .xpi file wherever you want, but it will only work on Aurora, Nightly, or un-branded builds of Firefox with xpinstall.signatures.required set to false in about:config.When AMO signs the add-on, yes - it essentially verifies that the .xpi was submitted thru the AMO process by an authorized developer of the add-on.

    点赞 评论 复制链接分享
  • weixin_39778447 weixin_39778447 5月前

    Since this is a web extension, I think we can just zip up all the resources we need, and then sign them. You can use the web-ext tool to use that, but you need creds first. If we just want to do it occasionally, it might just be easier to use the developer interface to manually sign the zip file as an unlisted (self-hosted) extension.

    IE something like:

    zip lightbeam.zip js/* images/* css/* shavar-prod-lists/* index.html manifest.json node_modules/d3/build/d3.min.js

    And then uploading this zipfile here: https://addons.mozilla.org/en-US/developers/addon/submit/distribution

    点赞 评论 复制链接分享
  • weixin_39778447 weixin_39778447 5月前

    But we should create an "npm run build" or something which pulls the lists of files from somewhere or something more maintainable than what I said above :)

    点赞 评论 复制链接分享
  • weixin_39778447 weixin_39778447 5月前

    BTW i just tested the above approach and it seems to work. 1. Create a new AMO account 2. Choose "Submit a new addon" on the website 3. Choose the self hosted option 4. Upload the zip file and then choose to sign it 5. download the signed .xpi file, and host it somewhere

    And you end up with something like http://misuse.co/lightbeam/lightbeam-1.0-an+fx-windows.xpi

    Which is installable in Firefox (both release and nightly wfm). We could try to automate this or have it built into the commit-hooks but not sure it neccessary given that this is temporary until we overide the old addon.

    点赞 评论 复制链接分享
  • weixin_39875842 weixin_39875842 5月前

    This webextension is now available on AMO. Is this issue still valid?

    点赞 评论 复制链接分享