Intent to Implement System Add-on: SHIELD/Normandy

Francesco Lodolo [:flod] flod at
Tue Sep 27 04:30:55 UTC 2016

Can you clarify if this add-on requires localization and what's the plan 
for it?
I quickly looked at the add-on repo, I see references to messages but 
not the actual strings.

> Hi!
> This is a notice of our intent to implement a system add-on to handle
> the client-side logic for SHIELD. And by intent, I mean our team[1] has
> been working on it since before the Intent to Implement email was part
> of the Go Faster release process. Surprise! :P
> (FYI SHIELD is the initiative, Normandy is the codename used on Github
> for the service, add-on, etc. that support the initiative)
> Reference links
> ---------------
> Tracking bug[2]:
> Wiki:
> Add-on Repo:
> Add-on Overview
> ---------------
> SHIELD is a product delivery system that we use for things that require
> customizable behavior with a very short update cycle. We currently use
> it for gathering feedback and sentiment from users via Heartbeat
> surveys, as well as for enrolling users in feature experiments via
> SHIELD Studies.
> Right now we do this using the hidden self-repair iframe that loads
> on Firefox start-up. The self-repair page
> fetches "recipes" from the service, which have a set of filters for
> targeting types of users, JavaScript that implements their behavior, and
> configuration that is passed to the JavaScript when it is executed.
> These recipes are then filtered and executed within the iframe.
> The Normandy system add-on will replace (and disable) this iframe, and
> instead directly fetch the recipes and execute them in a JS sandbox.
> With the system add-on, we will be able to add new functionality for
> recipes instead of being limited by the iframe, and will also be able to
> target recipes based on more information, such as the data in Telemetry.
> We've worked with the Services Ops security team and the Platform
> security team to ensure that the downloading and execution of recipes is
> as safe as possible. Recipes are signed using autograph[3] to prevent
> tampering, and the sandbox implementation has been preliminarily reviewed.
> Timeline
> --------
> We're very close to finishing implementation, and expect to have the
> code ready for review within a week or so. We are working with QA to
> come up with a test plan and timeline for testing.
> Our current plan is to get merged into mozilla-central and get uplifted
> to 51.0/Aurora shortly after, as the Strategy and Insights team doesn't
> really have any specific surveys or studies they'd like to run on
> Nightly that we can use for testing.
> ---
> Let me know if you have any questions. Mythmon is the lead developer on
> the add-on and can also answer questions.
> Thanks!
> - Mike Kelly
> [1] Michael Cooper (Mythmon), Brittany Storoz, Rehan Dalal, and Benton
> Case, AKA Run the Tools, working on web-based tools that support Firefox.
> [2] Those dates in the first comment? Way off. We shifted priorities for
> a bit to focus on the service.
> [3]
> _______________________________________________
> release-drivers mailing list
> release-drivers at

More information about the firefox-dev mailing list