Mozilla has a number of projects other than Firefox itself. Many of these are components of Firefox or are tools used to create Firefox, but may be used by other projects as well. Here you'll find links to documentation about these projects.
compare-localesis a Python script that helps localizers to check their work without running Firefox or another application.
- Crash reporting
- Firefox ships with an open-source crash reporting system. This system is combination of projects:
- Firefox Sync
- Firefox Sync synchronizes state and configuration data used by the browser, such as bookmarks, history, preferences, bookmarks, and so forth among all your devices.
- L20n lets localizers reach higher levels of free linguistic expression by sharpening the divide between localization and application logic.
- Leak Monitor
- MailNews stands for "Mail and Newsgroups". MailNews is the back end of the messaging parts of SeaMonkey and Thunderbird. It provides a number of functions and capabilities, including:
- McCoy uses XULrunner which is bound to break, for details see this post. Mozilla calls McCoy a "simple system" which is a clear sign that something probably is not working, and indeed, is not.
McCoy is an application that allows add-on authors to provide secure updates to their users. Applications periodically look for and install updates to their add-ons. It's important that the update information retrieved has not been tampered with since being written by the add-on author. Specifically, it focuses on the process of digitally signing update manifests so the applications can verify the integrity of a manifest retrieved over normally insecure channels.
designModeproperty of the
documentobject; this is how Midas is invoked in Gecko. Internet Explorer also supports the ability to edit specific elements using the
contentEditableattribute; Starting with Firefox 3, Gecko also supports
contentEditable. Once Midas is invoked, a few more methods of the
documentobject become available.
- Throughout mozmill and other Mozilla python code, checking the underlying platform is done in many different ways. The various checks needed lead to a lot of copy+pasting, leaving the reader to wonder....is this specific check necessary for (e.g.) an operating system? Because information is not consolidated, checks are not done consistently, nor is it defined what we are checking for.
- MozMill is a test tool and framework for writing automated tests for Gecko based applications (Firefox, Thunderbird, Songbird, etc). It is built as a command line client to let you run, and debug tests. MozMill has an extensive API to help you write functional tests that simulate user interactions, as well as a full unit test API.
- Necko is a network library that provides a platform-independent API for several layers of networking, ranging from transport to presentation layers. This API is used in many Mozilla-based client applications (including Firefox) and can be used for writing other networking clients.
- Network Security Services
- Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
- Netscape Portable Runtime (NSPR) provides a platform-neutral API for system level and libc-like functions. The API is used in the Mozilla clients, many of Red Hat's and Oracle's server applications, and other software offerings.
- Personal Security Manager (PSM)
- Personal Security Manager (PSM) consists of a set of libraries that perform cryptographic operations on behalf of a client application. These operations include setting up an SSL connection, object signing and signature verification, certificate management (including issuance and revocation), and other common PKI functions.
- Pork is a C++ parsing and rewriting tool chain. The core of Pork is a C++ parser that provides exact character positions for the start and end of every AST node, as well as the set of macro expansions that contain any location. This information allows C++ to be automatically rewritten in a precise way. The inputs driving the rewriting would normally be provided by a program-analysis system outside of Pork. (See Dehydra, Treehydra).
- This article will help you understand Shumway — Mozilla's open standards-based Flash renderer — and what it means for the community of developers currently creating the Adobe Flash platform.
- Standalone source code releases can be found on the Releases page.
- Talos is a python performance testing framework that is usable on Windows, Mac and Linux. Talos is our versatile performance testing framework we use at Mozilla. It was created to serve as a test runner for the existing performance tests that Mozilla was running back in 2007 as well as providing an extensible framework for new tests as they were created.
- Thread Sanitizer
- Thread Sanitizer (TSan) is a fast data race detector for C/C++ programs. It uses a compile-time instrumentation to check all non-race-free memory access at runtime. Unlike other tools, it understands compiler-builtin atomics and synchronization and therefore provides very accurate results with no real false positives. More information on how TSan works can be found on the Thread Sanitizer wiki.
- TPS Tests
- TPS is an end to end test for Sync. It's name stands for Testing and Profiling tool for Sync (which is a misnomer, since it doesn't do any profiling), and it should not be confused with the similarly named tests in Talos.
- Web Replay is a project to allow Firefox content processes to record their behavior, replay it later, and rewind to earlier states. Replaying processes preserve all the same JS behavior, DOM structures, graphical updates, and most other behaviors that occurred while recording.
- Zest is an experimental specialized scripting language (also known as a domain-specific language) developed by the Mozilla security team and is intended to be used in web oriented security tools.
The language is written in JSON, but we do not expect people to write Zest in this format - it is designed to be a visual language. The core language does not define any graphical representation - that is expected to be defined by the tools that integrate Zest.
It is completely free, open source and can be included in any tool whether open or closed, free or commercial.
Zest is still at a very early stage of development, but is has been made available so that anyone can play around with it.
All constructive feedback is very welcome.
Anyone can contribute to the onward development of Zest, and teams or individuals who develop security tools are especially welcome to join and help shape Zest's future.