Skip to content
This repository
tag: train-2012.03.…
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 419 lines (394 sloc) 26.714 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418
train-2012.03.28:
  * work towards better user messaging for when cookies are disabled: #1167, #1302
  * improved cache headers: #1331, #620
  * error handling fix in frontend code: #1339
  * new API: /wsapi/ping - used for server monitoring: #1324
  * support email providers (with BrowserID support) with digits in their hostnames: #1284
  * tools/build/dev env fixes: #1284
  * (hotfix 2012.03.30) Fix regression where 304 responses to requests for IFrame HTML would have X-Frame-Options: deny, preventing loading of iframes #1353
  * (hotfix 2012.03.30) ETag headers now vary by locale, fixes regression where switching between locales was broken #1364
  * (hotfix 2012.04.10) more rigorous checking of email inputs to WSAPI
  * (hotfix 2012.04.10) copy config/l10n-*.json to build directory
  * (hotfix 2012.04.10) final 40 production locales merged: #1412
  * (hotfix 2012.04.10) update l10n-all.json to have all locales (complete and in-progress) as well as en-US and db-LB
  * (hotfix 2012.04.10) fix more rigorous checking of email inputs to WSAPI: domain checking of 'site' parameter was validating hostnames rather than domains.
  * (hotfix 2012.04.12) fix /signup page on browserid.org: #1429

train-2012.03.14:
  * BrowserID now speaks Bulgarian
  * Fix regressions related to ToS/PP feature (#841): #1303
  * Fix regressions related to improved email selection on iOS (#1133): #1304
  * "delegation of authority" implemented: #1271, #864
  * visual improvements: #403
  * improved algorithm for finding best language for a given user: #1128
  * frontend tests now run on every commit under travisci: #635
  * improve the way that .well-known/browserid is cached: #1205
  * l10n fixes: #1124, #1300
  * tools/build/dev env cleanup: #1235, #1234, #1257, #1245, #1055
  * improvements to developer tool for checking primary support - scripts/checks_primary_support
  * documentation improvements: #1264, #1287, #1288
  * logging improvements: #1254, #1255, #1283, #1291
  * (hotfix 03.23) re-add bulgarian: #1312
  * (hotfix 03.23) add a ping wsapi to give monitoring probes a target that will test db connectivity: #1324
  * (hotfix 03.23) ensure ETag on sign-in is changed: #1331

train-2012.03.01:
  * When the user authenticates log them in automatically without going to the email picker: #198
  * database (mysql) improvements, handle temporary outages without taking down the server: #990, #1211
  * improved error flows when cookies are disabled: #835
  * travis-ci support: #1166, #1197 - http://travis-ci.org/#!/mozilla/browserid
  * clicking label in picker in iOS toggles radio button: #1133, #1137
  * dialog zooming and scrolling fixed: #423
  * Mobile firefox fixes: #1176
  * websites can now provide a ToS and PP for display in-dialog: #841
  * caching improvements: #1143, #1141
  * fix webhead crash when keysigner is unreachable: #1011
  * fix to allow viewing of error details on browserid.org: #1139
  * disable unit tests in production in the application: #1044
  * fix cases where 'keep me signed in' can disappear: #871
  * fix cases where 'keep me signed in' can't be unchecked: #1155
  * more password length checking in more places: #1173
  * rewrite compression scripts in nodejs, improve performance: #660, #1009
  * cosmetic and language fixes: #1105, #1154, #1160, #1178, #1179, #1184, #1185, #1189, #1209
  * documentation fixes: #1043
  * code cleanup: #1108, #1147, #1157, #1188
  * test cleanup: #1156
  * rpm fixes: #1165, #1177
  * devtool fixes: #1219
  * fix string extraction: #1170, #1194

train-2012.02.16:
  * improve failure mode when cookies are disabled (especially on iOS): #1056
  * serve static css/js resources from perma URLs to improve load times - #620
  * improve UI flows concerning cancelation during primary sign in: #983 #1036
  * localization improvements: #1040, #1045, #1048, #1062, #1081, #1113
  * cosmetic dialog fixes: #1062, #1058, #892, #1117
  * fix bug preventing email addresses with under-bars in hostnames: #1074
  * Mobile specific cosmetic improvements: #1072
  * don't localize developer targeted error strings: #1051
  * remove obsolete code: #1082
  * sort email addresses alphabetically in dialog picker: #130
  * improve error messages: #835, #1056
  * improve log messages: #1069
  * wsapi semantic improvements: #1083, #835
  * logging in with a primary email address no longer forces you to re-enter your password when subsequently using a secondary address: #1049
  * Fix IE specific issue where cookies with same name on domain and subdomain would collide: #296
  * long emails look better: #1100

train-2012.02.02:
  * i18n support, now BrowserID speaks your language: #926, #936, #977, #1013, #1031
  * improved error screens on slow server responses: #913, #915
  * better cache headers on all html resources (which Vary by Accept-Languages): #226, #620, #920, #938
  * cosmetic fixes: #918, #947, #966, #981, #1020, #987
  * preliminary work to improve messaging when cookies are disabled: #835
  * remove dead code: #925
  * fix include.orig.js: #921, #911
  * load testing compatibility and minified resources are no longer mutually exclusive: #939
  * improve usability via default button focus (just hit enter in more places): #946, #960
  * scripts to deploy to an amazon EC2 instance.
  * improve configuration mechanism: #582, #1006
  * limit post bodies to verifier: #878
  * cancel from forgot password doesn't cause your email to be, uh, forgotten: #1001
  * remember the users email as they move from screen to screen in the dialog: #984, #1001, #1002, #1003, #1004
  * secondary "cancel" style buttons have a smaller font: #1020
  * build fixes: #1021, #1024
  * (hotfix 2012.02.07) add a l10n-all.json which holds all locales we'll be shipping to production
  * (hotfix 2012.02.07) Fix the missing email address in the "check your email" screen for the forgot password flow. #1058
  * (hotfix 2012.02.07) Modify build process to pick up locales from a .json file
  * (hotfix 2012.02.07) fix production-locales.sh script to defer to the environment for configuration
  * (hotfix 2012.02.13) fix for IE users not seeing error screens sometimes: #1087
  * (hotfix 2012.02.22) add banner announcing brand change

train-2012.01.18:
  * support for 3rd party primary identity providers: #761, #904, #865
  * loadgen improvements
  * Re-license under MPL2: #859 (& #827)
  * clean up unused developer tools (vagrant): #861
  * (primary support) declaration of support now hosted in .well-known/browserid (was 'vep'): #865
  * unit test fixes: #889 & #851
  * help link opens in new window: #728
  * fix 'not supported' display in IE7: #831
  * language/rendering refinements: #850, #439, #622, #818, #901, #630, #888, #345, #815
  * front end performance improvements: #899, #910
  * better UX for network timeouts: #905
  * (hotfix 2012.01.23) Remove unwanted scrollbar in dialog: issue #947
  * (hotfix 2012.01.23) Fix black backgrounds on IE8: issue #929
  * (hotfix 2012.01.23) fix broken transition to "check your email": #933, #934, #935
  * (hotfix 2012.01.24) Fix "slow script" error on IE8 during keygen on behalf of primary: #956
  * (hotfix 2012.01.24) Publish javascript API to provide a native-support compatible for primaries' auth pages: #909
  * (hotfix 2012.01.24) Allow load testing hooks to be enabled with minified resources: #939
  * (hotfix 2012.01.24) IE8 fixes for primary flow: #962, #961, #958, #955
  * (hotfix 2012.01.24) print correct url for where the user will be directed: #964
  * (hotfix 2012.01.31) fix silent assertions: #972
  * (hotfix 2012.02.01) fix verification of email on a browser other than the initiator: #973, #1026 (and maybe others)

train-2012.01.05:
  * client entropy pool mixes in randomness from server for better browser RNG: #298, #800
  * new assertion format that avoids double (base64) encoding - 33% smaller: #507
  * Turn license URL in ToS into a clickable link: #382
  * limit post requests to 10kb: #822
  * improved password length checks, check in client and server code more often
  * after authenticating we store your userid rather than email in the session (many issues/possible attacks relate to this): #388
  * session cookies are now encrypted, sent only when required, and generally more awesome: #416, #832
  * IE8 display tweaks
  * primary support 90% implemented but disabled in this train (*major* changes including schema, but not user visible)
  * (hotfix on 2012.01.09) explicitly call .removeAllListeners() during http forwarding to eliminate memory leak: #839

train-2011.12.28:
  * improve animation during cert/assertion procedures in dialog: #709
  * user visible error message in dialog when under back breaking load: #738
  * cleanup and removal of stale deps from package.json
  * improve mobile formatting: #747
  * fixes in dialog communication channel: #748
  * add a waiting screen while crypto is running on slow browsers: #706
  * don't allow a user to re-add address they already have verified: #732
  * CSP (content security policy) fixes: #676
  * doc fixes regarding running browserid under vagrant
  * doc fixes regarding new dependencies (libgmp for (much) faster crypto)
  * bcrypt now runs out of process, uses all available cores, allows for app level 503 under extreme load: #694
  * Fix "cancel" in the forgot password screen when accessed via required email: #754
  * first time a user visits browserid.org, show a "learn more" message: #384
  * partial code versioning/cache busting implementation: #226 #687
  * improved build process - resource minification no longer leaves artifacts all over: #700
  * clean up whitespace. meh. #758
  * emails now come from "BrowserID@" instead of "noreply@": #756
  * completely new implementation for cross domain window communication (https://github.com/lloyd/winchan) #764 #766
  * allow canceling of "use a different email: #765
  * improve language and UX of required email flow: #608
  * better, earlier dev errors for required email: #632
  * new assertion format (smaller by 66%) handled by verifier, to be generated by browserid next train: #507
  * now you can change your password: #771 #114
  * load generator improvements: #782
  * improved PRNG: #789 #735
  * fix regressions in the above: #719 & #776
  * CSRF token uses better RNG: #800

train-2011.12.08:
  * improve performance of unit tests. #686
  * IE8 fixes. #688
  * logging improvements. #681
  * loadgen fixes. #682
  * android fixes. #704
  * performance improvements. #680
  * moar instrumentation. #691

train-2011.12.01:
  * BrowserID now requires NodeJS >= 0.6.2
  * extensive work on load generation tool: #504
  * modularize front-end, remove deps on stealjs and JSMVC: #609, #625, #634
  * front-end refactoring: #578, #611, #608, #650, #654, #655
  * regression fix: account consolidation possible without explicit canceling: #607 #612
  * make it possible to gracefully update domain key at any time: #599
  * domain key now uses RSA-2048: #600
  * optimize (and combine) frontend resources (vepbundle): #606
  * many rpm/packaging updates: #617, #656
  * timestamps on all log entries: #541
  * IE8 fixes: #615
  * unit test fixes: #557 (revisited), #629, #657
  * update_password WSAPI added: #560, #114
  * verifier improvements and unit tests: #467, #598, #605, #643, #642, #645, #646,
  * node-mysql driver update - improved for prod env #648
  * include a link to support.mozilla.com off of browserid.org - #533
  * added command line tool to create and account: #603
  * added command line tool to bcrypt a password: #651
  * fix button heights in firefox on browserid.org: #658
  * make sure logout is called only once in dialog: #666, #630
  * make 'use another email address' more discoverable: #623
  * use statsd for statistics reporting: #662
  * heartbeat checks are now shallow, only indicating presence of a server and basic health: #566
  * keysigner and verifier now saturate multiple cores via 'compute-cluster' module: #213
  * fix spurious console error messages on sites that use postMessage and include.js: #534
  * refine language in verification email: #672
  * (hotfix on 2011.12.02) Fix regression where email rate limiting tooltips in dialog were not shown: #685
  * (hotfix on 2011.12.02) Fix regression where emails sent out had no newlines: #684
  * (hotfix on 2011.12.08) Fix bug where domain key update detection was not working properly, preventing users from logging in: #734
  * (hotfix on 2011.12.08) Fix bugs in "internal api" used by native code (like openwebapps stuff): #601

train-2011.11.17:
  * frontend code restructuring and refactoring
  * process breakup complete (dbwriter, keysigner, browserid, and verifier): #460
  * several updates to production deployment scripts (rpm generation): #571, #575
  * all processes should log and exit hard if misconfigured: #576, #581
  * complete 'keep me signed in' feature: #559, #490
  * simplify and consolidate user facing help links in dialog: #553
  * clean up user facing error messages (email throttling and sent email): #579, #577, #591
  * moved 'this is not me' and 'use a different email' links based on UX suggestions: #459
  * incrementally work to repair load_gen (not yet complete) : #504
  * unit test fixes: #504
  * remove extraneous console logging: #574
  * improve email validation in main site (whitespace handling): #583, #429
  * fix serious regressions related to iOS5 fixes that prevented dialog from working the second time on RPs: #580, #588 #589
  * fix "go back and try another" link in dialog: #587
  * added "required email" feature: #491
  * (added 2011.11.18) fix regression - sporadic assertion verification failures: #616

train-2011.11.10:
  * keysigner process now handles certificate generation: #460
  * verifier no longer supports CORS requests: #245
  * experimental support for nodejs 0.6.0: #535
  * reduce access to private key (only the keysigner has access to it): #539
  * improve language of buttons during sign-in: #198
  * better error messaging during sign-in/up interactions on main site: #542
  * user only has to type their browserid password every two weeks (not one): #543
  * upgrade mysql driver - no crash upon idle reconnection: #540
  * address regression in #540 - reconnect to proper database (also fixes 'create_schema' flag): #548
  * implement 'keep me signed in' - includes API changes and UX/UI changes: #490
  * front end unit test improvements: #542, #408
  * fix regression in tooltips (weren't showing contents): #547
  * calls to __heartbeat__ aren't logged: #537
  * strip whitespace on email input: #429
  * fix sporadic errors in unit tests: #550, #556
  * crypto changes to support IE8: #244
  * fix tab ordering in UI: #544
  * chrome specific UI fixes: #552
  * better UI feedback when hovering over buttons: #553
  * reorganization of browserid process, breakout of dbwriter (not yet enabled): #460
  * improve log message error levels (be sparing with 'error'): #509

train-2011.11.03:
  * Remember the last used email for a site, and optimize the default selection based on this: #1
  * Fix regression where verification of assertions would fail for https sites: #500 (also hot-fixed in production https://github.com/mozilla/browserid/commit/1528364)
  * improved end user visible error messages: #448, #465, #512, #515
  * style/transition improvements for desktop and mobile devices: #494, #502, #522, #527
  * refuse to send out more than one email per minute to the same address: #430
  * be *really* smart about how long to display tool-tips in the dialog: #508
  * behave reasonably (at least display content) when javascript is disabled: #510
  * remember the users email as they transition between screens, when appropriate: #476
  * Suppress iOS autocapitalizion and auto-correction for email addresses: #464
  * Improve front end email address validation: #513
  * Improve repository organization: #503 & #488
  * As part of above and in prep for #460 - all processes (browserid, verifier, etc) are now always run separately (never combined into the same express instance
  * Test improvements: #520, #530, #531
  * Fix undefined reference (crash) in verifier after verification failure: #523 (hot-fixed in production: https://github.com/mozilla/browserid/commit/ba3c53)
  * Remove UI that corresponds to unimplemented features: #519
  * Handle upper case letters in domain part of email addresses properly: #501
  * Use a more conventional log format that includes time-stamps when logging to file. closes #234
  * Shutdown gracefully whenever possible, and always log why we go down: #529
  * 'LOG_TO_CONSOLE' env var for verbose console output during tests: #530
  * more checks around '/code_update' URL invocation - for bug #699171
  * Many minor bug-fixes: #497, #532
  * (2011.11.08) don't crash on mysql connection timeout: #540

train-2011.10.27:
  * link fixing ('need help?' to point to SUMO): #378
  * unit tests repaired: #469 (broken in fix to #82)
  * improve handling of network errors: #448
  * improve styling and language of email confirmation page: #349
  * logging improvements: #455
  * RPM generation script created (for installation of browserid on redhat [moz prod] boxes): #478
  * SCHEMA CHANGES to improve database performance and scalability: #480
  * change the health check call from '/ping.txt' to '/__heartbeat__': #481
  * remove application level network timeouts (let the network stack do its job, the user can cancel if they get sick of it): #485
  * improve messaging for unsupported browsers: #273, #484
  * developer documentation improvements: #496

train-2011.10.20:
  * android < 3.0 now supported: #461
  * properly set assertion expiration time to when they expire, not when they're issued: #433, #457, #458
  * update privacy policy language to jive with new UI: #381
  * add redirects for old URLs that no longer exist with the new UI: #376
  * inside the minified include.js, link to uncompressed version for developer convenience and discovery: #432
  * language tweaks: #437, #444
  * improve button UI appearance on opera and IE: #435
  * improve visual feedback for links: #440
  * UI fixes for > 2 email addresses on iOS: #417
  * smooth out screen transitions in dialog: #369
  * improved "check your email" screen on mobile: #462
  * no auto-caps nor auto-correct for iOS in add email field: #464
  * improve event listening on input fields: #406
  * remember email when moving user from signup to sign-in for known email address: #108
  * don't call sync_emails more than necessary: #434
  * assertions now include full origin (scheme+host+port). verifier accepts only host+port OR full origin, and returns whatever RP sends for back compat: #82

train-2011.10.13:
  * fix verification of email in different browser than where verification is initiated: #336
  * Android < 3.0 (browsers that can't handle JSON.parse("null")) now blocked explicitly (until we complete support)
  * textual fixes to about page: #350
  * 'cancel account' link added to manage page: #405
  * warn user that removing last email address effectively cancels account: #394, #404, #137
  * fixed signing dialog hang when you delete an email on manage page while dialog is open (now that's not obscure :P): #401
  * Optimize UI in case where user has only 1 email address: #412
  * smooth out transition from pick email to add new email pages: #410
  * reposition remove buttons on manage page: #409
  * identity and labs links open in new tabs: #380
  * fix innocuous (but ugly) error in firefox error console: #390
  * implement dynamic bcrypt work factor update: #204
  * default work factor is now at 12 (NOTE: [re]authentication now takes 6x longer - ~600ms on our current hardware): #212
  * many test fixes, and code refactoring, cleanup, and reorganization
  * accept SMTP parameters from the environment: #214 (not yet closed)
  * WSAPI CHANGES (https://github.com/mozilla/browserid/commit/511b56): all server responses are now objects: #217, #325

train-2011.10.06:
  * full site & dialog redesign: (many, many closed issues are related to this, including #269, #343, #342, #347, #354, #356, #357, #350, #349, #364, #346, #336)
  * improved debugging, all network callbacks are invoked asynchronously: #276
  * MYSQL SCHEMA CHANGE: passwd field no longer in staged table (password is now set after verify link clickthrough)
  * MYSQL SCHEMA CHANGE: add index to emails table: #209
  * WSAPI CHANGES (to support new UI): https://github.com/mozilla/browserid/commit/b6ee51
  * WSAPI CHANGES: a mis-set client clock no longer causes invalid assertions to be issued (wsapi changed to minimize network requests): #329
  * disallow re-registration of existing account: #333
  * (non-visible) namespacing in dialog code: #275
  * API BREAKING CHANGE: verifier no longer supports GET requests: #98
  * significant performance / UX improvement - keys are generated and certified when needed, not all upfront at sign-in: #278
  * remove 'download printable format' language from privacy policy: #280
  * faster keygen via crypto optimizations: https://github.com/mozilla/browserid/commit/778433
  * improvements to mobile layout & usability (specific to the new UI)
  * more user visible error messages to improve community sourced problem reports: #335
  * IE8 improvements (still not fully supported): #246, #361, #346
  * cookie fixes revisited, now on upstream version of connect-cookie-session: #310
  * (merged 2011.10.07) fix unstyled flash at first dialog display: #365

train-2011.09.29:
  * shortly after dialog is spawned, we remove the four random chars in the fragment (aesthetic)
  * fix bug where session duration had an upper bound of 7 days - the time the server was running: #310
  * fix bug where a user could go longer than 1 week without re-authenticating: #309
  * fix link on /developers page to verfier source: #326
  * (merged 2011.10.04) fix issue where a wrong-set client clock could prevent login: #329
  * (external fix in myfavoritebeer) IE9 support: #240

train-2011.09.22:
  * migrate to browserid signed certificates rather than keypairs where browserid hosts the public key: https://github.com/mozilla/browserid/issues?milestone=6
  * IE9 support
  * partial IE8 support (not yet usable, several small remaining bugs, and abysmal performance)
  * development harness (./run.js) now respects an IP_ADDRESS env var to bind to a specific address (other than 127.0.0.1)
  * improved first-time development experience: `git clone && cd browserid && npm install && npm run`
  * initial support for running locally under virtualbox via vagrant: issue #261 (thanks ozten!)
  * (fix 2011.09.23) fix race condition between relay iframe and window introduced with IE9 support. issue #287
  * (fix 2011.09.23) fix blank popup on second signin invocation in same session in FFX: issue #286
  * (fix 2011.09.23) explicitly disable caching for /wsapi calls, prevents unwanted caching of CSRF and friends. issue #294

train-2011.09.01:
  * /ws_api/set_key always returns returns value instead of HTTP 204 response: #219
  * update javascript mvc to 3.1.0.
  * major interframe/window communication change using a hidden relay iframe to facilitate IE: #97(still open)
  * link colors on browserid.org are consistent: #227

train-2011.08.25:
  * created command line load generation tool and performance analysis work: #125
  * beginning unit/functional tests for front end: #183
  * front end refactor to facilitate unit/functional tests and UX iteration: #183
  * error messages are shown on front end: #184
  * users must now verify account ownership before attempting a key sync.
  * manage page date format: #191
  * manage page button only displayed if user is currently authenticated: #195
  * manage page emails are synced on page open: #181
  * wsapi_client created for clients needing programatic access to wsapi.
  * harden set_key against duplicate keys.
  * fix new email addresses added not being synced on client: #199
  * upgrade to bcrypt 0.2.4.
  * minify include.js by default: #206
  * more than one email address can be added per dialog lifespan: #215
  * verifyier no longer verifies assertions issued by another server.
  * (2011.08.31) no error message displayed if you try to authenticate with an invalid u/p: #222

train-2011.08.18:
  * upon clickthrough of the email link, don't have the browser window close itself: #162
  * passwords must be between 8 and 80 chars: #155
  * improved handling of emailing & verification urls during local development & testing: #88
  * language changes in dialog: #150
  * many improvements to unit tests: #171
  * forgotten password flow was broken with port to mysql, fixed: #170
  * improved metrics reporting abstraction: #168
  * moved all server logging into a single file: #169
  * all files created at execution time are now in one location: #172
  * developer ergonomics - improved colorized logging with terse webserver output to console
  * always require a user to authenticate if they don't have an active session: #74
  * improved CSRF protection to fix race conditions in previous train: #173

train-2011.08.12:
  * massive zero-user-visibile refactoring of dialog javascript.
  * fix cancel button in "waiting for verification state" (issue #147)
  * all browserid source is now tri-licensed (MPL1.1/GPL/LGPL). (issue #141)
  * fixes for mobile firefox (fennec). (issue #140)
  * mysql support implemented for browserid (default persistence production) (issue #71)
  * json persistence support added - a standalone dead simple persistence layer which is the default for local development and requires no external software.
  * email secrets are now persisted in the database, so upon server restart outstanding verification links are no longer invalidated (issue #91)
  * (website) styling changes - like fix issues where links on dev page were being displayed white on white.

train-2011.08.04:
  * when user closes dialog without clicking "cancel", properly return 'null' to the webpage (via getVerifiedEmail callback) - issue #107
  * improve checks to warn developer that prerequisite software is missing. issue #110
  * parameterize software to support multiple deployment environments (dev/beta/prod) issues #102 & #52
  * documentation updates.
  * improved logging (using the winston logging framework for node.js)
  * [website] fixed inclusion of youtube video (now over https to keep browsers from getting scared about mixed mode resource inclusion)

train-1:
  * beginning of time, everything is new.
  * (2011.08.03) include youtube video embedding over https (issue #112)
  * (2011.08.04) fix mozillalabs.com link in dialog (issue #116)
Something went wrong with that request. Please try again.