08 May 2025

feedPlanet Mozilla

The Rust Programming Language Blog: Announcing Google Summer of Code 2025 selected projects

The Rust Project is participating in Google Summer of Code (GSoC) again this year. GSoC is a global program organized by Google that is designed to bring new contributors to the world of open-source.

In March, we published a list of GSoC project ideas, and started discussing these projects with potential GSoC applicants on our Zulip. We had many interesting discussions with the potential contributors, and even saw some of them making non-trivial contributions to various Rust Project repositories, even before GSoC officially started!

After the initial discussions, GSoC applicants prepared and submitted their project proposals. We received 64 proposals this year, almost exactly the same number as last year. We are happy to see that there was again so much interest in our projects.

A team of mentors primarily composed of Rust Project contributors then thoroughly examined the submitted proposals. GSoC required us to produce a ranked list of the best proposals, which was a challenging task in itself since Rust is a big project with many priorities! Same as last year, we went through several rounds of discussions and considered many factors, such as prior conversations with the given applicant, the quality of their proposal, the importance of the proposed project for the Rust Project and its wider community, but also the availability of mentors, who are often volunteers and thus have limited time available for mentoring.

As is usual in GSoC, even though some project topics received multiple proposals1, we had to pick only one proposal per project topic. We also had to choose between great proposals targeting different work to avoid overloading a single mentor with multiple projects.

In the end, we narrowed the list down to a smaller number of the best proposals that we could still realistically support with our available mentor pool. We submitted this list and eagerly awaited how many of them would be accepted into GSoC.

Selected projects

On the 8th of May, Google has announced the accepted projects. We are happy to share that 19 Rust Project proposals were accepted by Google for Google Summer of Code 2025. That's a lot of projects, which makes us super excited about GSoC 2025!

Below you can find the list of accepted proposals (in alphabetical order), along with the names of their authors and the assigned mentor(s):

Congratulations to all applicants whose project was selected! The mentors are looking forward to working with you on these exciting projects to improve the Rust ecosystem. You can expect to hear from us soon, so that we can start coordinating the work on your GSoC projects.

We would also like to thank all the applicants whose proposal was sadly not accepted, for their interactions with the Rust community and contributions to various Rust projects. There were some great proposals that did not make the cut, in large part because of limited mentorship capacity. However, even if your proposal was not accepted, we would be happy if you would consider contributing to the projects that got you interested, even outside GSoC! Our project idea list is still actual and could serve as a general entry point for contributors that would like to work on projects that would help the Rust Project maintainers and the Rust ecosystem. Some of the Rust Project Goals are also looking for help.

There is also a good chance we'll participate in GSoC next year as well (though we can't promise anything at this moment), so we hope to receive your proposals again in the future!

The accepted GSoC projects will run for several months. After GSoC 2025 finishes (in autumn of 2025), we will publish a blog post in which we will summarize the outcome of the accepted projects.

  1. The most popular project topic received seven different proposals!

08 May 2025 12:00am GMT

07 May 2025

feedPlanet Mozilla

Steve Fink: Sinful Debugging

Recently, I was debugging my SpiderMonkey changes when running a JS test script, and got annoyed at the length of the feedback cycle: I'd make a change to the test script or the C++ code, rerun (under rr), go into the debugger, stop execution at a point where I knew what variable was what, set […]

07 May 2025 5:47pm GMT

Tantek Çelik: Running For Re-election in the 2025 W3C Advisory Board (AB) Election

Tantek Çelik is nominated by Mozilla Foundation.
Nomination statement from Tantek Çelik:

Hi, I'm Tantek Çelik and I'm running for the W3C Advisory Board (AB) to build on the momentum the AB has built with transitioning W3C to a community-led and values-driven organization. I have been participating in and contributing to W3C groups and specifications for over 25 years.

I am Mozilla's Advisory Committee (AC) representative and previously served on the AB for several terms, starting in 2013, with a two year break before returning in 2020. In early years I drove the movement to shift W3C to more open licenses for specifications, and more responsiveness to the needs of open source communities and independent website publishers.

Most recently on the AB I led the AB's Priority Project for a W3C Vision as contributor and editor, taking it through wide review, and consensus at the AB to a vote by the AC to adopt the Vision as an official W3C Statement.

Previously I also co-chaired the W3C Social Web Working Group that produced several widely interoperably deployed Social Web Standards. Mastodon and other open source software projects built a social network on ActivityPub and other social web specs which now require maintenance from implementation experience. As such, I have participated in the Social Web Incubator Community Group and helped draft a new charter to restart the Social Web Working Group and maintain these widely adopted specifications.

With several members stepping down, the AB is experiencing much higher than usual turnover in this election.

I am running for re-election to both help with continuity, on the Vision project and other efforts, and work with new and continuing Advisory Board members to build a fresh, forward looking focus for the AB.

I believe governance of W3C, and advising thereof, is most effectively done by those who have the experience of actively collaborating in working groups producing interoperable specifications, and especially those who directly create on the web using W3C standards. This direct connection to the actual work of the web is essential to prioritizing the purpose & scope of governance of that work.

Beyond effective governance, the AB has played the more crucial role of a member-driven change agent for W3C. While the Board and Team focus on the operations of keeping the W3C legal entity running smoothly, the AB has been and should continue to be where Members go to both fix problems and drive forward-looking improvements in W3C to better fulfill our Vision and Mission.

I have Mozilla's financial support to spend my time pursuing these goals, and ask for your support to build the broad consensus required to achieve them.

I post on my personal site tantek.com. You may follow my posts there or from Mastodon: @tantek.com@tantek.com

If you have any questions or want to chat about the W3C Advisory Board, Values, Vision, or anything else W3C related, please reach out by email: tantek at mozilla.com. Thank you for your consideration.

Addendum: More Candidates Blogged Nomination Statements

Several other candidates (all new candidates) have also blogged their nomination statements, on their personal websites, naturally. This is the first AB election I know of where more than one candidate blogged their nomination statement. Ordered earliest published first:

And one more candidate blogged about why he is running:

07 May 2025 5:21pm GMT

Data@Mozilla: Data and Firefox Suggest

Introduction

Firefox Suggest is a feature that displays direct links to content on the web based on what users type into the Firefox address bar. Some of the content that appears in these suggestions is provided by partners, and some of the content is sponsored. It may also include locally-stored items from the user's history or bookmarks.

In building Firefox Suggest, we have followed our long-standing Lean Data Practices and Data Privacy Principles. Practically, this means that we take care to limit what we collect, and to limit what we pass on to our partners. The behavior of the feature is straightforward-suggestions are shown as you type, and are directly relevant to what you type.

We take the security of the datasets needed to provide this feature very seriously. We pursue multi-layered security controls and practices, and strive to make as much of our work as possible publicly verifiable.

In this post, we wanted to give more detail about what data is needed to provide this feature, and about how we handle it.

What is Firefox Suggest?

The address bar experience in Firefox has long been a blend of results provided by partners (such as the user's default search provider) and information local to the client (such as recently visited pages). Firefox Suggest augments these data sources with search completions from Mozilla, which it displays alongside the local and default search engine suggestions.

Firefox Suggest data flow diagram

Suggest is currently available by default to users in the following countries:

Data Collected by Mozilla for an improved experience

Users with access to Suggest can choose to enable an expanded version of the feature. This feature requires access to additional data and is only available to users who have chosen to opt-in (via an opt-in prompt or their Settings menu). When users have opted in to the improved experience, Mozilla collects the following information to power Firefox Suggest.

How Data is Handled and Shared

Mozilla handles this data conservatively. When passing data on to our partners, we are careful to only provide the partner with the minimum information required to serve the feature.

For example, we only do not share user's specific search queries (except where the user has signed up for the enhanced experience), and we do not identify which specific user sent the request, or use cookies to track users' online activity after their search is performed.

Similarly, while a Firefox client's location can typically be determined from their IP address, we convert a user's IP address to a more general location immediately after we receive it, and we remove it from all datasets and reports downstream. Access to machines and (temporary, short-lived) datasets that might include the IP address is highly restricted, and limited only to a small number of administrators. We don't enable or allow analysis on data that includes IP addresses.

We're excited to be bringing Firefox Suggest to you. See the product announcement to learn more!

EDIT: May 7, 2025: Updated to clarify product details and reflect changes.

07 May 2025 9:00am GMT

This Week In Rust: This Week in Rust 598

Hello and welcome to another issue of This Week in Rust! Rust is a programming language empowering everyone to build reliable and efficient software. This is a weekly summary of its progress and community. Want something mentioned? Tag us at @thisweekinrust.bsky.social on Bluesky or @ThisWeekinRust on mastodon.social, or send us a pull request. Want to get involved? We love contributions.

This Week in Rust is openly developed on GitHub and archives can be viewed at this-week-in-rust.org. If you find any errors in this week's issue, please submit a PR.

Want TWIR in your inbox? Subscribe here.

Updates from Rust Community

Official
Project/Tooling Updates
Observations/Thoughts
Rust Walkthroughs
Research
Miscellaneous

Crate of the Week

This week's crate is structstruck, a proc-macro crate for enabling nested struct/enum definitions.

Thanks to Julius Michaelis for the self-suggestion!

Please submit your suggestions and votes for next week!

Calls for Testing

An important step for RFC implementation is for people to experiment with the implementation and give feedback, especially before stabilization.

If you are a feature implementer and would like your RFC to appear in this list, add a call-for-testing label to your RFC along with a comment providing testing instructions and/or guidance on which aspect(s) of the feature need testing.

Let us know if you would like your feature to be tracked as a part of this list.

RFCs
Rust
Rustup

If you are a feature implementer and would like your RFC to appear on the above list, add the new call-for-testing label to your RFC along with a comment providing testing instructions and/or guidance on which aspect(s) of the feature need testing.

Call for Participation; projects and speakers

CFP - Projects

Always wanted to contribute to open-source projects but did not know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

Some of these tasks may also have mentors available, visit the task page for more information.

If you are a Rust project owner and are looking for contributors, please submit tasks here or through a PR to TWiR or by reaching out on X (formerly Twitter) or Mastodon!

CFP - Events

Are you a new or experienced speaker looking for a place to share something cool? This section highlights events that are being planned and are accepting submissions to join their event as a speaker.

No Calls for papers or presentations were submitted this week.

If you are an event organizer hoping to expand the reach of your event, please submit a link to the website through a PR to TWiR or by reaching out on X (formerly Twitter) or Mastodon!

Updates from the Rust Project

447 pull requests were merged in the last week

Compiler
Library
Cargo
Rustdoc
Rustfmt
Clippy
Rust-Analyzer
Rust Compiler Performance Triage

A relatively noisy week due to addition of new benchmarks as part of our 2025 benchmark update, and a number of large regressions in a rollup landing late in the week (and so not yet investigated).

Triage done by @simulacrum. Revision range: 25cdf1f6..62c5f58f

2 Regressions, 2 Improvements, 6 Mixed; 3 of them in rollups 31 artifact comparisons made in total

Full report here.

Approved RFCs

Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

Final Comment Period

Every week, the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.

Tracking Issues & PRs

Rust

Other Areas

Cargo

Rust RFCs

No Items entered Final Comment Period this week for Language Reference, Language Team or Unsafe Code Guidelines.

Let us know if you would like your PRs, Tracking Issues or RFCs to be tracked as a part of this list.

New and Updated RFCs

Upcoming Events

Rusty Events between 2025-05-07 - 2025-06-04 🦀

Virtual
Asia
Europe
North America
South America

If you are running a Rust event please add it to the calendar to get it mentioned here. Please remember to add a link to the event too. Email the Rust Community Team for access.

Jobs

Please see the latest Who's Hiring thread on r/rust

Quote of the Week

Well, the answer is basically yes. Our firmware is all Rust. Every component of our autonomy stack is Rust. Our app is 50% in Rust. And, our visualization tools are in Rust. Our production tools are in rust. The production QC software, which we ship to China, is in rust. Our internal websites are in rust. It's rust all over. We've drank the Rust Kool-Aid. In fact, there is no Python installed on the robots. This is not to dis Python at all, but it's just simply not there.

We use Python for neural network training. But Python is boxed to that. Everything else is Rust. And, the advantage of using Rust exponentially builds up.

- Vivek Bagaria on filtra.io

Thanks to Brian Kung for the suggestion!

Please submit quotes and vote for next week!

This Week in Rust is edited by: nellshamrell, llogiq, cdmistman, ericseppanen, extrawurst, U007D, joelmarcey, mariannegoldin, bennyvasquez, bdillo

Email list hosting is sponsored by The Rust Foundation

Discuss on r/rust

07 May 2025 4:00am GMT

05 May 2025

feedPlanet Mozilla

Firefox Nightly: Keep on Rolling with Profile Improvements – These Weeks in Firefox: Issue 180

Highlights

Friends of the Firefox team

Resolved bugs (excluding employees)

Volunteers that fixed more than one bug

New contributors (🌟 = first patch)

Project Updates

Accessibility

Add-ons / Web Extensions

Add-ons Manager & about:addons
WebExtensions Framework
WebExtension APIs

DevTools

WebDriver BiDi

Lint, Docs and Workflow

Migration Improvements

New Tab Page

Profile Management

Search and Navigation

Storybook/Reusable Components/Acorn Design System

Tab Groups

05 May 2025 11:20am GMT

William Durand: Moziversary #7

A few days ago, this was my seventh Moziversary 🎂 I joined Mozilla as a full-time employee on May 1st, 2018. I previously blogged in 2019, 2020, 2021, 2022, 2023, and 2024.

While I may not have the energy to reflect extensively on the past year right now, I can say with confidence that the last 12 months have been incredibly productive, and things are generally going well for me.

Seven years later, I am still part of the Add-ons team. As a senior staff engineer, I am no longer working full time on the WebExtensions team. Instead, I am spending my time on anything related to Add-ons within Mozilla (be it Firefox, AMO, etc.).

My team went through a lot of changes over the last few years1, with some years more memorable than others. About a year ago, things started to head into the right direction, and I am rather hopeful. It's going to take some time, but the team is really set up for success again!

Shout-out to all my amazing colleagues at Mozilla, I wouldn't be where I am today without y'all ❤️

  1. Let's talk briefly about the elephant. Mozilla has changed a lot too but I don't have much control over that so I tend to not think too much about it 🤷

05 May 2025 12:00am GMT

The Rust Programming Language Blog: Announcing rustup 1.28.2

The rustup team is happy to announce the release of rustup version 1.28.2. Rustup is the recommended tool to install Rust, a programming language that empowers everyone to build reliable and efficient software.

What's new in rustup 1.28.2

The headlines of this release are:

How to update

If you have a previous version of rustup installed, getting the new one is as easy as stopping any programs which may be using rustup (e.g. closing your IDE) and running:

$ rustup self update

Rustup will also automatically update itself at the end of a normal toolchain update:

$ rustup update

If you don't have it already, you can get rustup from the appropriate page on our website.

Rustup's documentation is also available in the rustup book.

Caveats

Rustup releases can come with problems not caused by rustup itself but just due to having a new release.

In particular, anti-malware scanners might block rustup or stop it from creating or copying files, especially when installing rust-docs which contains many small files.

Issues like this should be automatically resolved in a few weeks when the anti-malware scanners are updated to be aware of the new rustup release.

Thanks

Thanks again to all the contributors who made this rustup release possible!

05 May 2025 12:00am GMT

02 May 2025

feedPlanet Mozilla

Tantek Çelik: CSF_02: Entropy Is Your Friend In Security

Deliberate use of entropy, randomness, even changing routines can provide a layer of defense for cybersecurity.

More Steps for Cybersecurity

Here are three more steps (in addition to Three Steps for IndieWeb Cybersecurity) that you can take to add obstacles to any would be attackers, and further secure your online presence.

  1. Different email address for each account, AKA email masking. Use or create a different email alias for each service you sign-up for. With a single email inbox, like any username at Gmail, you can often append a plus sign (+) and a brief random string. If you use your own #indieweb domain for email addresses, pick a different name at that domain for each service, with a bit of entropy like a short number. Lastly, another option is to use an email masking service - try a web search for that phrase for options to check out. Each of these works to limit or at least slow down an attacker, because even if they gain control of one email alias or account, any "forgot password" (AKA password reset or account reset, or sometimes called recovery) attempts with that same email on other services won't work, since each service only knows about an email address unique to it.
  2. Different password for each account. This is a well known security technique against credential stuffing attacks. I.e. if someone retrieves your username and password from a data breach, or guesses them, or tricks (phishes) you into entering them for one service, they may try to "stuff" those "credentials" into other services. Using different passwords for all online services you use can thwart that attack. Note however that different passwords with the same email address will not stop an account reset attack, which is why this tip is second to email masking.
  3. Use a password manager to autofill. All modern browsers and many operating systems have built-in password managers, most of which also offer free sync services across devices. There is also third party password manager software and third party password manager services which are designed to work across devices, browsers, and operating systems. Regardless of which option you choose, always using a password manager to autofill your login username (or email) and password can be a very effective method of reducing the chances of being phished. Password managers will not autofill forms on fake phishing domains that are pretending to be a legitimate service. Password managers can also help with keeping track of unique email addresses and passwords for each service. Most will also auto-generate long and random (high entropy) passwords for you.

I'll close with a reminder that Perfect is the enemy of good. This post has been a draft for a while so I decided to publish it as a summary, rather than continuing to iterate on it. I'm sure others have written much longer posts. Similarly, even if you cannot take all these actions immediately everywhere, you can benefit by incrementally taking some of these steps on some accounts. Prioritize important accounts and take steps to increase their security.

Previous post in this series: CSF_01: Three Steps for IndieWeb Cybersecurity

Glossary

Glossary for some terms, phrases, and further reading on each.

credential stuffing
https://en.wikipedia.org/wiki/Credential_stuffing
data breach
https://en.wikipedia.org/wiki/Data_breach
entropy
https://en.wikipedia.org/wiki/Entropy_(information_theory)
password manager
https://en.wikipedia.org/wiki/Password_manager
phish, phished, phishes, phishing
https://en.wikipedia.org/wiki/Phishing

Syndicated to: IndieNews

02 May 2025 11:45pm GMT

The Mozilla Blog: Mozilla’s CEO discusses testimony in U.S. v. Google search case

Today, Mozilla Chief Financial Officer, Eric Muhlheim, testified in the U.S. v. Google LLC search trial, highlighting the potential impacts this case could have on small and independent browsers, and the overall ecosystem.

There are a few key themes of Muhlheim's testimony that we'll expound on:

Mozilla's search options are based on user choice

Firefox users view Google as the best quality search engine. Mozilla experienced this firsthand when we switched the Firefox browser's default search engine from Google to Yahoo between 2014 and 2017 in an effort to support search competition. Firefox users found Yahoo's search quality lacking and some switched to Google search while others left the Firefox browser altogether.

Firefox offers its users greater and more easily accessible search engine choice than any major browser. From providing search engine shortcuts, to easy default settings and a range of options in the address bar, alternative search engines are readily available within Firefox. Put simply, our long-standing search strategy has been to evaluate and select the best search experience region by region, enabling choice for Firefox users with more than 50 search providers across more than 90 locales. We make sure our agreements do not make Google an exclusive search provider on Firefox or impede our ability to promote choice.

The breaking point

It's no secret that search revenue accounts for a large portion of Mozilla's annual revenue. Firefox is an independent browser - we don't have our own OS, devices, or app store. Without this revenue, Mozilla and other small, independent browsers may be forced to scale back operations and cut support for critical projects like Gecko, the only remaining browser engine competing with Google's Chromium and Apple's WebKit.

Innovation, privacy and user choice can only thrive when browser engines compete. Without that, there's no push to make the web faster, safer, or more inclusive. If we lose or weaken Gecko, the web will be optimized for commercial business models and priorities, not the values that Mozilla champions for the web such as privacy, accessibility and user choice. The open web only stays open if websites, apps, and content interoperate and work everywhere.

Truly improving competition and choice cannot solve one problem by creating another.

The path forward

Following the testimony, Laura Chambers, CEO of Mozilla, emphasized what we'd like to see coming out of the trial by stating: "This case will shape the competitive landscape of the internet for years to come, and any remedy must strengthen, rather than weaken, the independent alternatives that people rely on for privacy, innovation, and choice.

Smaller, independent browsers, like Firefox, rely on monetization through search partnerships to sustain our work and invest in user-focused innovation. Without these partnerships, we'd face serious constraints-limiting not just our ability to grow but also the availability to provide a non-profit-backed alternative to Chrome, Edge, and Safari.

This case is also about user choice. Mozilla's approach to search is built around giving people options. Time and again, we've seen people leave our browser when forced to use a search engine they don't prefer. Without search partnerships, independent browsers - like Mozilla's Firefox browser and Gecko browser engine - would face severe constraints.

We recognize the importance of improving search competition. However, doing so shouldn't come at the cost of browser competition. We believe the court should ensure that small and independent browsers are not harmed in any final remedies. Without this, we risk trading one monopoly for another, and the vibrant, people-first web we've spent decades fighting for could begin to fade."

The post Mozilla's CEO discusses testimony in U.S. v. Google search case appeared first on The Mozilla Blog.

02 May 2025 4:50pm GMT

Don Marti: new browser buying rules for states?

The W3C TAG, in Third Party Cookies Must Be Removed, writes, Third-party (AKA cross-site) cookies are harmful to the web, and must be removed from the web platform.

But, because of a variety of business, legal and/or political reasons, that's not happening right now. As power users know but a lot of people don't, a typical web browser is not really usable out of the box. (Remember when Linux distributions came with a mail server set up as an open SMTP relay? And you had to learn how to turn that off or have your Linux box used by email spammers? Good times.) Some of the stuff that needs to get fixed before using a browser seriously includes:

Not every user can be expected to reconfigure their browser and install extensions. In a higher-trust society users would not have to learn this stuff-the browser vendors would have been taking their Fiduciary Duties seriously all along. But that's not the way it is. So the responsibility ends up falling on the company or school desktop administrator, or family computer person, to fix as much as possible (turning off browser ad features from the command line).

Power users and support people (paid and unpaid) can do some of the work, and another place to pay attention to browser problems is at the state level. States buy a lot of desktop computers, and the procurement process is an opportunity to require some fixes. Back in the late 1990s, the Microsoft Windows game Minesweeper caused a moral panic over government employee time wasting, and three states required that computers purchased by the government must have the pre-installed games removed.

Web surveillance has a much bigger set of risks than just time-suckage, so states could add the necessary browser reconfiguration or extensions to their requirements. The purchasing policy change to remove third-party cookies is about as easy as the change to remove Minesweeper. Requiring a complete ad blocker would be going too far because of speech issues and the use of ads to support legit sites, so a state requirement could result in funding for a blocklist that covers just the super crime-filled and otherwise risky ad services and leaves the rest alone for now.

More: there ought to be a law

Bonus links

The hammer falls on Apple's malicious-compliance scheme by Jason Snell, A senior Apple exec could be jailed in Epic case; it's time to end this disaster by Ben Lovejoy. (Nice economic stimulus-more subscription money will go to small content or software businesses that are more likely to hire people, and less to a big company that's just going to sit on it or do stock buybacks or whatever.)

Why I'm getting off US tech by Paris Marx. A proper response to the dominance of US tech firms and the belligerence of the US government won't come through individual actions; it requires governments in Europe, Canada, Brazil, and many other parts of the world to strategize and deploy serious resources to develop an alternative.

02 May 2025 12:00am GMT

30 Apr 2025

feedPlanet Mozilla

Mozilla Addons Blog: WebExtensions Support for Tab Groups

Exciting news: with yesterday's release of Firefox 138, tab groups are now available to all users! Tab groups have been a long standing feature request for users, so it's wonderful to see this go out to everyone.

New browser features are great, but what's even better is when they're backed by WebExtensions APIs that allow our amazing developer community to deeply integrate with those features. So, without further ado, let's get into the new capabilities available in this release.

What's new in 138

Firefox 138 includes initial support for tab group management in WebExtensions APIs. More specifically, we've updated the Tabs API with a few new tricks that allow extension developers to create tab groups, modify a group's membership, and ungroup tabs:

Best practices

As we learn more about how users interact with Tab Groups and how extensions integrate Tab Groups into their features, we'll build out and expand on suggestions to help Add-on developers create better interactions for users. Here's some suggestions we have so far.

Moving tabs

Be aware that changing a tab's position in the tab strip may change its group membership, and that your users may not expect that moving tabs using your add-on will move tabs in or out of their tab groups. Use the groupId property on Tab instances to ensure that the tab is or is not grouped as expected.

Reorganizing tabs

Take tab groups into consideration when organizing tabs. For example, Firefox Multi-Account Containers has a "sort tabs by container" feature that reorganizes tabs so that tabs in the same container are grouped together. Since moving a tab can change its group membership, this could have unexpected consequences for users. To avoid this destructive operation, the add-on was updated to skip over grouped tabs.

To avoid destructive changes to a user's tab groups, we recommend reorganizing ungrouped tabs or tabs inside a window's tab groups as opposed to organizing all tabs within a window.

What's coming

In addition to the features added in 138, we are also looking to further expand tab group support with the introduction of the Tab Groups API in Firefox 139. This will address a few gaps in our tab group supporting including the ability to:

We've already landed the initial implementation of this API in Firefox 139 Beta, but we'd love to get feedback on the API design and capabilities from our development community. If you're feeling adventurous, you can start experimenting with these new capabilities and sharing feedback with us today. We encourage you to share your experiences and thoughts with us on Discourse.

If everything proceeds smoothly during the next beta cycle, we anticipate that the Tab Groups API will be available with the release of Firefox 139. We look forward to seeing what you build!

The post WebExtensions Support for Tab Groups appeared first on Mozilla Add-ons Community Blog.

30 Apr 2025 11:38pm GMT

The Mozilla Blog: An NYC culture reporter on YouTube’s influence and the tab that got away

Man with a short afro and beard wearing a light yellow jacket, looking directly at the camera in a softly lit room with beige walls.<figcaption class="wp-element-caption">Adlan Jackson is a writer, editor and worker-owner at Hell Gate, a New York City news publication founded as a journalist-run cooperative.</figcaption>

Here at Mozilla, we are the first to admit the internet isn't perfect, but we know the internet is pretty darn magical. The internet opens up doors and opportunities, allows for human connection, and lets everyone find where they belong - their corners of the internet. We all have an internet story worth sharing. In My Corner Of The Internet, we talk with people about the online spaces they can't get enough of, the sites and forums that shaped them, and how they would design their own corner of the web.

We caught up with Adlan Jackson, the culture reporter and editor at Hell Gate, a reader-supported New York City news site owned and run by journalists. He talks about YouTube's cultural influence, the browser tab he shouldn't have closed and joining his first online forum at age 11 (with parental permission).

What is your favorite corner of the internet?

I'm a millennial, so I still think YouTube is maybe the most important and underrated social network. I feel like so much culture runs downstream from YouTube.

I've got a few different niches. One is "A Song of Ice and Fire," the "Game of Thrones" book series. I'm into the deep lore and theory videos, especially the esoteric stuff decoding symbolism. That's my "chew through some hours" zone.

I also love watching performance videos. The YouTube of the late 2000s and early 2010s had this thriving music community. People would post covers, concert footage, TV performances - all of it. I feel like I developed my entire music taste and sensibility from those videos. That scene has kind of dropped off in the Instagram era, which is a shame, because Instagram just doesn't archive like YouTube does.

There are still some people out there doing it, though. There's someone on YouTube right now who's super active in New York - they go to a ton of indie shows and tape them. I've actually been DMing them to ask for an interview, but they haven't responded.

And yeah, I read the comments. YouTube comments on music videos are famously sentimental and mostly pretty positive. But I like the arguments, too. There's a lot of generational overlap in the YouTube community, so you'll see these debates play out that don't really happen on other platforms.

What is an internet deep dive that you can't wait to jump back into?

I've been really trying to understand online gambling.

I'm not a sports person, so the whole legalization and mainstreaming of sports betting completely passed me by. But it feels like it's everywhere now - so pervasive that I feel like I'm missing out by not understanding the culture, how it works and why it seems to have hooked people so universally. Lately, I've been trying to spend more time in online gambling communities to figure it out.

What is the one tab you always regret closing?

I kind of have this eternal regret that there was some tab I closed that I shouldn't have - and if I hadn't, my life would be completely different and better. I have no idea what it was, but I'm sure it mattered.

I used to have hundreds of tabs open all the time. I've recently resolved to stop doing that and just close everything out regularly. But back then, I definitely felt like there were essays and Substack posts that were going to lead me to my next big story - and now they're just gone.

What can you not stop talking about on the internet right now?

I try to avoid posting [on social media] too much. I used to tweet a lot. Now, in my capacity as a blogger at Hell Gate, I can't stop talking about the local music scene.

What was the first online community you engaged with?

It was probably this MMO RPG I used to play called "MapleStory" - a Korean side-scrolling, action-adventure, anime-style RPG. There was a forum called sleepywood.net. Sleepywood was a town in MapleStory, so that's what the website was named after.

I was in there at 11 years old. I remember signing up for the forum - it was just an old style web forum. You had to be 13 or older, and I wasn't. So I asked my mom, "Can you give me permission to be on this forum?" She wrote a thing, and they let me on.

What's funny is, I could have just made it up. But I specifically remember that I didn't. I really got my mom's permission.

If you could create your own corner of the internet, what would it look like?

I think it would be a place where people feel empowered to create on their own terms. A space where independent media is thriving, and where people are more motivated to pay for work created by people they personally value - not by large conglomerates.

So, someone who skips a Netflix subscription but pays for their friend's blog. Or someone who doesn't have Amazon Prime, but subscribes to a local newspaper.

What articles and/or videos are you waiting to read/watch right now?

Let me look. What do I have opened? The first thing on my YouTube is a Lord of the Rings lore video by In Deep Geek, which is a channel I follow pretty regularly. It's about the Dead Men of Dunharrow, the ghost warriors who join Aragorn at the gates of Mordor. I'll probably watch that later today.

If the internet were designed to strengthen local news, what would that look like? Who should be responsible for making that happen?

I think the government should give money to local news outlets because we're an important part of civil society. Mostly, I think the government should support local media. But it's also nice when people really believe in it, too.

As for tech companies - it depends on the company. Some shouldn't play a role at all. But unconditional cash? That would be great. Cash with no conditions attached.


Adlan Jackson is a writer, editor and worker-owner at Hell Gate, a New York City news publication founded as a journalist-run cooperative. He joined the team in 2023 to focus on arts and culture coverage - a beat Hell Gate has always embraced, but Adlan is the first staffer dedicated specifically to it. He covers what's happening around the city and keeps readers up to date on the local art scene. His work has also appeared on Pitchfork, the New York Times Magazine and The New Yorker.

The post An NYC culture reporter on YouTube's influence and the tab that got away appeared first on The Mozilla Blog.

30 Apr 2025 3:00pm GMT

Mike Hommey: Firefox Git Migration, the unofficial guide

The migration is imminent. By the time you read this, it has probably already happened.

The official procedure to migrate a developer's workstation is to create a fresh clone and manually transfer local branches through patch files.

That can be a bit limiting, so here I'm going to lay out an alternative (unofficial) path for the more adventurous who want to convert their working tree in-place.

The first step-if you don't already have it-is to install git-cinnabar (version 0.7.0 or newer), because it will be temporarily used for the migration. Then jump to the section that applies to your setup.

Edit: But what section applies? You might ask.

If you're using Mercurial, you already know ;)

If you're using Git, the following commands will help you figure it out (assuming you already installed git-cinnabar, see below):

git cinnabar git2hg 05e5d33a570d48aed58b2d38f5dfc0a7870ff8d3

If the command prints out 9b2a99adc05e53cd4010de512f50118594756650, you want the section for gecko-dev. If it prints 0000000000000000000000000000000000000000, try the next command.

git cinnabar git2hg 028d2077b6267f634c161a8a68e2feeee0cfb663

If this command prints out 9b2a99adc05e53cd4010de512f50118594756650, go to the section for a pure git-cinnabar clone. Otherwise, try the next command.

git cinnabar git2hg 2ca566cd74d5d0863ba7ef0529a4f88b2823eb43

If this command prints out 9b2a99adc05e53cd4010de512f50118594756650, congratulations, you're already using the new repository. This can happen if you bootstrapped during roughly the second half of April. Go to the section for a recently bootstrapped clone for some extra cleanup.

If none of the commands above returned the expected output, I don't know what to tell you, unfortunately :(

Installing git-cinnabar

Run the following commands:

$ mkdir -p ~/.mozbuild/git-cinnabar
$ cd ~/.mozbuild/git-cinnabar
$ curl -sOL https://raw.githubusercontent.com/glandium/git-cinnabar/master/download.py
$ python3 download.py && rm download.py
$ PATH=$PATH:$HOME/.mozbuild/git-cinnabar

Migrating from Mercurial

This was covered in my previous post about the migration, but here is an up-to-date version:

As a preliminary to simplify the conversion, in your local clone of the Mercurial repository, apply your MQ stacks and create bookmarks for each of the heads in the repository.

Something like the following should list all your local heads:

$ hg log -r 'head() & draft()'

And for each of them, you can create a bookmark with:

$ hg bookmark local/<name> -r <revision>

(the local/ part is a namespace used to simplify the conversion below)

Then run the following commands:

$ git init
$ git remote add origin https://github.com/mozilla-firefox/firefox
$ git remote update origin
$ git -c cinnabar.graft=true fetch hg://hg.mozilla.org/mozilla-unified
$ git -c cinnabar.refs=bookmarks fetch hg::$PWD refs/heads/local/*:refs/heads/*
$ git reset $(git cinnabar hg2git $(hg log -r . -T '{node}'))

And you're all set. The local master branch will point to the same commit your Mercurial repository was checked out at. If you had local uncommitted changes, they are also preserved. Once you've verified everything is in order and have converted everything you need, you can run the following commands:

$ rm -rf .hg
$ git cinnabar clear

That will remove both the Mercurial repository and the git-cinnabar metadata, leaving you with only a git repository.

Migrating from gecko-dev

If for some reason you have a gecko-dev clone that you never used with git-cinnabar, you first need to initialize git-cinnabar, running the following command in your working copy:

$ git -c cinnabar.graft=true fetch hg://hg.mozilla.org/mozilla-unified

Once the above ran, or if you already had used gecko-dev with git-cinnabar, you can processed with the conversion. Assuming the remote that points to https://github.com/mozilla/gecko-dev is origin, run:

$ git remote set-url origin hg://hg.mozilla.org/mozilla-unified

Then, follow the instructions in the section below for migrating from a plain git-cinnabar clone.

Migrating from a plain git-cinnabar clone

Run the following command from your local working copy:

$ git -c cinnabar.graft=https://github.com/mozilla-firefox/firefox cinnabar reclone --rebase

That command will automatically rebase all your local branches on top of the new git repository.

If the reclone command output something like the following:

Could not rewrite the following refs:
   refs/heads/<name>
They may still be based on the old remote branches.

it means your local clone may have contained branches based on a different root, and the corresponding branches couldn't be converted. You'll have to go through them to rebase them manually.

Once everything is in order, you can finish the setup by following the instructions in the section below for migrating from a recently bootstrapped clone.

Migrating from a recently bootstrapped clone

Assuming the remote that points to the Mercurial repository is origin, run:

$ git remote set-url origin https://github.com/mozilla-firefox/firefox
$ git -c fetch.prune=true remote update origin
$ git cinnabar clear

Once you've run that last command, the git-cinnabar metadata is gone, and you're left with a pure git repository, as if you had cloned from scratch (except for some now dangling git objects that will be cleaned up later by git gc)

You may need to adjust the upstream branches your local branches track. Run git remote show -n origin to check which remote branch each local branch is set to merge with. If you see entries like merges with remote branches/<something> or merges with remote bookmarks/</something>, you'll need to update your Git configuration accordingly. You can inspect those settings using the output of git config --get-regex 'branch.*.merge'.

If you encounter any problem, please leave a comment below or ping @glandium on #git-cinnabar on Element.

30 Apr 2025 9:07am GMT

This Week In Rust: This Week in Rust 597

Hello and welcome to another issue of This Week in Rust! Rust is a programming language empowering everyone to build reliable and efficient software. This is a weekly summary of its progress and community. Want something mentioned? Tag us at @thisweekinrust.bsky.social on Bluesky or @ThisWeekinRust on mastodon.social, or send us a pull request. Want to get involved? We love contributions.

This Week in Rust is openly developed on GitHub and archives can be viewed at this-week-in-rust.org. If you find any errors in this week's issue, please submit a PR.

Want TWIR in your inbox? Subscribe here.

Updates from Rust Community

Newsletters
Project/Tooling Updates
Observations/Thoughts
Rust Walkthroughs
Miscellaneous

Crate of the Week

This week's crate is rust-sel4, a no_std crate to bind to the Se4L microkernel APIs.

Thanks to Robbie VanVossen for the suggestion!

Please submit your suggestions and votes for next week!

Calls for Testing

An important step for RFC implementation is for people to experiment with the implementation and give feedback, especially before stabilization.

If you are a feature implementer and would like your RFC to appear in this list, add a call-for-testing label to your RFC along with a comment providing testing instructions and/or guidance on which aspect(s) of the feature need testing.

Rust

Let us know if you would like your feature to be tracked as a part of this list.

Call for Participation; projects and speakers

CFP - Projects

Always wanted to contribute to open-source projects but did not know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

Some of these tasks may also have mentors available, visit the task page for more information.

If you are a Rust project owner and are looking for contributors, please submit tasks here or through a PR to TWiR or by reaching out on X (formerly Twitter) or Mastodon!

CFP - Events

Are you a new or experienced speaker looking for a place to share something cool? This section highlights events that are being planned and are accepting submissions to join their event as a speaker.

No Calls for papers or presentations were submitted this week.

If you are an event organizer hoping to expand the reach of your event, please submit a link to the website through a PR to TWiR or by reaching out on X (formerly Twitter) or Mastodon!

Updates from the Rust Project

389 pull requests were merged in the last week

Compiler
Library
Cargo
Rustdoc
Clippy
Rust-Analyzer
Rust Compiler Performance Triage

Strange week with lots of noise peeking through the performance runs. The only really significant change was a performance improvement that comes from allowing out of order encoding of the dep graph.

Triage done by @rylev. Revision range: 8f2819b0..25cdf1f6

Summary:

(instructions:u) mean range count
Regressions ❌
(primary)
0.5% [0.1%, 3.0%] 77
Regressions ❌
(secondary)
0.6% [0.1%, 2.4%] 77
Improvements ✅
(primary)
-0.7% [-1.3%, -0.2%] 106
Improvements ✅
(secondary)
-0.7% [-1.2%, -0.2%] 29
All ❌✅ (primary) -0.2% [-1.3%, 3.0%] 183

4 Regressions, 2 Improvements, 4 Mixed; 2 of them in rollups 38 artifact comparisons made in total

Full report here

Approved RFCs

Changes to Rust follow the Rust RFC (request for comments) process. These are the RFCs that were approved for implementation this week:

Final Comment Period

Every week, the team announces the 'final comment period' for RFCs and key PRs which are reaching a decision. Express your opinions now.

Tracking Issues & PRs

Rust

Other Areas

Language Reference

No Items entered Final Comment Period this week for Cargo, Rust RFCs, Language Team or Unsafe Code Guidelines.

Let us know if you would like your PRs, Tracking Issues or RFCs to be tracked as a part of this list.

New and Updated RFCs

Upcoming Events

Rusty Events between 2025-04-30 - 2025-05-28 🦀

Virtual
Asia
Europe
North America
South America

If you are running a Rust event please add it to the calendar to get it mentioned here. Please remember to add a link to the event too. Email the Rust Community Team for access.

Jobs

Please see the latest Who's Hiring thread on r/rust

Quote of the Week

With Bevy clearly being an extended test suite for Rust's trait solver, how did you get the idea to also turn it into a game engine?

Every sufficiently advanced test is indistinguishable from a game engine 🙂

- /u/0x564A00 and /u/_cart on /r/rust

Thanks to Ludwig Stecher and Josh Triplett for the suggestion!

Please submit quotes and vote for next week!

This Week in Rust is edited by: nellshamrell, llogiq, cdmistman, ericseppanen, extrawurst, U007D, joelmarcey, mariannegoldin, bennyvasquez, bdillo

Email list hosting is sponsored by The Rust Foundation

Discuss on r/rust

30 Apr 2025 4:00am GMT

Don Marti: links for 30 April 2025

Some legal risk avoidance notes for independent sites: Online Safety Act Notes for Small Sites - Russ Garrett, A guide to potential liability pitfalls for people running a Mastodon instance by Denise. (Not legal advice, consult your lawyer…)

The one interview question that will protect you from North Korean fake workers by Iain Thomson. (yes, it's a clickbait headline, but worth it.)

Europe Has Failed, But Ukraine Might Still Save It by Phillips P. O'Brien. Even though the return of the openly pro-Putin Donald Trump to the White House was at least a 50-50 proposition for most of 2024, European states refused to accept the reality staring them straight in the face.

Docling Technical Report. This technical report introduces Docling, an easy to use, self-contained, MIT-licensed open-source package for PDF document conversion. It is powered by state-of-the-art specialized AI models for layout analysis (DocLayNet) and table structure recognition (TableFormer), and runs efficiently on commodity hardware in a small resource budget. The code interface allows for easy extensibility and addition of new features and models.

Two Peoples by Brian Jacobs. The likes of Google and Meta realised early and have exploited brilliantly the reality that he who controls measurement controls revenue.

Why Individual Rights Can't Protect Privacy by Daniel Solove. While I admire the CPPA's effort to educate, the notion that the ball is in the individuals' court is not a good one. This puts the on individuals to protect their privacy when they are ill-equipped to do so and then leads to blaming them when they fail to do so.

Cutting back poppies and harvesting seed on Weeding Wild Suburbia, How to Make Seed Bombs on MrBrownThumb. Happy California Golden Poppy season to all who celebrate.

Molly White's napkin math: I saved hundreds or even thousands of dollars a month just from switching from Substack to self-hosted Ghost

BPS is a GPS alternative that nobody's heard of by Jeff Geerling. (Not for navigation, for timekeeping)

Ian Jackson: Rust is indeed woke In the Rust community, we care about empowerment. We are trying to help liberate our users. And we want to empower everyone because everyone is entitled to technological autonomy. (For a programming language, empowering individuals means empowering their communities, of course.)

30 Apr 2025 12:00am GMT