I’m still hammering out what features I want to see land in BMO this year but one thing I’ve come to realize is that often the way forward on an old code base is through careful deprecation.

Adding new features, or even fixing existing bugs is often blocked by the immense weight of past decisions.

Recently we deprecated support for IE 11.
This was magic: We can use more modern javascript features. async/await, arrow functions, and so on make the frontend code much nicer to work with. It puts us on a good footing to remove our use of legacy JS frameworks and (I believe) makes contributions more attractive.

This is not to say we will enthusiastically deprecate everything that holds us back, but a measured approach is called for here.

I’m going to list the things that I intend to deprecate in the first half of 2018. This isn’t a roadmap for 2018 but these deprecations and changes will feed into that.

Server-side bug link tooltips

Right now we spend a lot of time rendering comments.
It would be nice to cache them — but they’re not cache-able in general because they contain user-specific data. That is, if you can see a security bug you’ll be able to see its description in the mouse-over hover of a bug.

After looking at several options for this, I realized it would be better to add the tool-tips client side.

While not a silver bullet, this also paves the way for adopting markdown (something I’m actively working on).

Benefit: Faster page loads, especially on popular bugs with more than a few dozen comments.

Server-side PUSH used in buglist.cgi

So if you use Firefox, you get a much better experience using buglist.cgi. You see the chomping dinosaur while your search results are collected. Unfortunately, this doesn’t work in any other browser, and it isn’t standardized. As a result, we have to be very careful with our load balancers and so on.

Making this fetch() call is pretty easy, but supporting both as an in-page fetch() and an HTTP push is quite hard. So when this switches to a fetch() the HTTP push is going away.
This is almost not a deprecation because the functionality will be mostly the same.

Benefit: Firefox users will get a better UX when request times out, and everyone else will benefit too.

The legacy show bug view will lose inline history

Right now 90% of page views hit a page that uses CSP. But many people
continue to use the legacy HTML view, which cannot do CSP because of the
InlineHistory Bugzilla extension. The legacy bug page is deprecated already
— it does not receive updates and we don’t care much about UX regressions
on it.

Short of just turning it off, I’m going to enable CSP for it. This means
inline history won’t work.

At some point, we’re just going to turn it off, and this is a step towards that.

Benefit: Security, less bad javascript to maintain.

Unsafe links will no longer be linkified

Already javascript: links in the URL field do not work on the main bug view
page. Now all bug URL links that are marked “unsafe” will appear as
clipboard-copyable text areas.

Benefit: Usability, you’ll be able to more easily use test-cases that are javascript: links.