Hi All,
Today we had our weekly backend-focussed catchup, and touched on the
following points:
* Train-75 has been deployed, apart from the profile-server tag. This
was quite small and contained a bug, so we're just going to skip it
and go straight to train-76.
* We're hoping that this release fixes the slow memory leak in
content-server, but it's too early to tell yet.
* This release should decrease the number of "invalid authorization
code" errors users are seeing in the wild, and initial metrics look
promising, but we can't yet tell by how much.
* This release caused a spike in sessionToken update writes in the db,
we think due to updated parsing of mobile user-agent strings. The
load should decrease back to normal over the next few days and can
be monitored at [1]
* Train-76 should go out this week, our last deploy for 2016. It
will include HPKP headers for oauth and profile servers.
* We recently merged a new feature to skip sign-in confirmation for
a few hours on newly-created accounts, to help people connect a second
device more easily [2]. We'll make a point release for train-76
auth-server to include it, but will not delay the initial deploy of
the train.
* We're going to change our AWS RDS database instance type, to something
that'll give us twice the memory for only 30%-ish more cost. Our db
is generally memory-bound so this should be an overall win.
* Some upcoming changes for train-77 include:
* Including location information in more of our emails, such as
"password changed successfully".
* Newly-issued OAuth tokens will be subject to strictly enforced
expiration policies, rather than the current "keep using it until
we delete it" policy that's in place for older tokens.
Cheers,
Ryan
[1]
https://kibana-fxa-us-west-2.prod.mozaws.net/#/dashboard/temp/AVkZOFwVTlXM2FwOJ35T
[2]
https://github.com/mozilla/fxa-auth-server/commit/1d1fa419849e0950e9d09e03ccccef6f30849c4c
_______________________________________________
Dev-fxacct mailing list
Dev-fxacct@mozilla.org
https://mail.mozilla.org/listinfo/dev-fxacct
