Define canned response categories

[EnTeQuAk]

Followup for mozilla/addons#6653

Let's define a list of categories for canned responses.

Examples are "Security", "Privacy", "Development practises", which else do we need?

In mozilla/addons#6653 I ended up only adding "Other" for now so that we're free to choose whatever we need.

[EnTeQuAk]

@wagnerand do you have some time to come up with a good list of categories to group canned responses for line-based review comments?

[wagnerand]

For now, let's start with these:

• Security
• Privacy
• Development practises

[AlexandraMoga]

@EnTeQuAk so this issue was about adding more values for category , but I'm still seeing only Other for all the canned-responses returned by https://addons-dev.allizom.org/api/v5/reviewers/canned-responses/

Categories

``` [ { "id": 29, "title": "Approved for Public", "response": "This version has been approved for the public.\r\n\r\nThank you!", "category": "Other" }, { "id": 30, "title": "Preliminary review [positive]", "response": "Your preliminary review request has been approved.\r\n\r\nThank you.", "category": "Other" }, { "id": 31, "title": "Preliminary review [negative]", "response": "This version didn't pass full review because of the following issues:\r\n\r\n1)\r\n\r\nYou need to correct them to get full approval. Thanks.", "category": "Other" }, { "id": 32, "title": "Rejected", "response": "Your version was rejected because of the following problems:\r\n\r\n1)\r\n\r\nPlease fix them and submit again. Thank you.", "category": "Other" }, { "id": 33, "title": "Compatibility changes only", "response": "In the future, if the only change to your add-on is an update to its compatibility metadata, you do not need to upload a new file. Simply go to the Developer Hub on AMO to edit your add-on's compatibility - no code changes required!", "category": "Other" }, { "id": 35, "title": "Binary, obfuscated, minified code", "response": "This version contains binary, obfuscated or minified code. We need to review all of your source code in order to approve it. Please send the following items to amo-admin-reviews@mozilla.org:\r\n\r\n* A link to your add-on listing.\r\n* Whether you're nominating this version for Full Review or Preliminary Review.\r\n* The source files of your add-on, either as an attachment or a link to a downloadable package.\r\n* For updates, including the source code of the previously approved version or a diff is also helpful.\r\n\r\nWe will re-enable your rejected version once we have reviewed the code. You can read our policies regarding source code handling here: https://addons.mozilla.org/en-US/developers/docs/policies/reviews#section-binary. If you already sent us the sources to the specified e-mail address, you don't need to take any further action.\r\n\r\nIf you have any other questions about this process or want to ask about the status of your review, please reply to this message instead of sending it to the admin list mentioned abo", "category": "Other" }, { "id": 37, "title": "JavaScript namespacing", "response": "In order to prevent conflicts with other add-ons that may be installed by users, you need to wrap your \"loose\" variables and functions within a JavaScript object. You can see examples on how to do this at https://developer.mozilla.org/en/XUL_School/JavaScript_Object_Management.", "category": "Other" }, { "id": 38, "title": "Request testing information", "response": "Please provide us with detailed information on how to test your add-on. If authentication to a website is necessary, give us a test username and password to facilitate our work. This information can be added to the Approval Notes of the version you are submitting (and future versions preferably), and in a reply to this review email.", "category": "Other" }, { "id": 39, "title": "General eval usage", "response": "Your add-on uses the 'eval' function unnecessarily, which is something we normally don't accept. There are many reasons *not* to use 'eval', and also simple alternatives to using it. You can read more about it here: https://developer.mozilla.org/en/XUL_School/Appendix_C:_Avoid_using_eval_in_Add-ons", "category": "Other" }, { "id": 40, "title": "Parsing JSON with eval", "response": "Your add-on uses the 'eval' function to parse JSON strings. This can be a security problem and we normally don't allow it. Please read https://developer.mozilla.org/en/Using_JSON_in_Firefox for more information about safer alternatives.", "category": "Other" }, { "id": 41, "title": "Remote script injection", "response": "We don't allow add-ons to use remote scripts because they create serious security vulnerabilities. We also need to review all of your add-on code, and this makes it much more difficult. Please insert those scripts locally from your add-on code.", "category": "Other" }, { "id": 42, "title": "Hidden or duplicate files or folders", "response": "Your add-on contains duplicate or hidden files or folders. These files complicate the review process and may contain sensitive information about the system you created the XPI on. Please correct your packaging process so that these files aren't included.", "category": "Other" }, { "id": 43, "title": "testmdl", "response": "testmdlresponse", "category": "Other" }, { "id": 44, "title": "Native prototype extension", "response": "Extending the prototype of native objects like Object, Array and String is not allowed because it can cause compatibility problems with other add-ons or the browser itself.", "category": "Other" }, { "id": 45, "title": "Storing passwords in preferences", "response": "Your add-on stores passwords or other sensitive user information in the preferences, which are stored in clear text in the user's file system. We recommend that you use the Login Manager instead (https://developer.mozilla.org/en/XPCOM_Interface_Reference/Using_nsILoginManager). This gives users more choice over what is stored, and some additional security to the stored data.", "category": "Other" }, { "id": 46, "title": "enablePrivilege or codebase_principal_support usage", "response": "The codebase_principal_support preference and enablePrivilege function are considered unsafe to use and support for them will be removed from Firefox very soon: https://bugzilla.mozilla.org/show_bug.cgi?id=546866.", "category": "Other" }, { "id": 47, "title": "Add-on not generally useful [preliminary approval]", "response": "Dear add-on developer,\r\n\r\nIt is unclear to us at this time if your add-on will be useful for a general audience so that it warrants public listing. We're granting you preliminary review only, but encourage you to promote your listing so that it garners more active users and user reviews. You may re-nominate your add-on once there is more proof of its usefulness.\r\n\r\nThank you.", "category": "Other" }, { "id": 48, "title": "Duplicate search engine", "response": "We have a policy of publishing only one search engine provider per site, so users are not confused with too many almost identical options. It's possible that you can improve yours in order to have it published. Please read our rules regarding search engines for more information: https://wiki.mozilla.org/AMO:Editors/EditorGuide/SpecialAddonTypes#Search_Engines", "category": "Other" }, { "id": 49, "title": "Synchronous XMLHttpRequests", "response": "Your add-on makes remote, synchronous XMLHttpRequests which have the ability to lock-up the browser UI and are not allowed in public add-ons. Please use asynchronous requests instead.", "category": "Other" }, { "id": 50, "title": "Modifying innerHTML, unsanitized HTML", "response": "Your add-on creates DOM nodes from HTML strings containing potentially unsanitized data, by assigning to innerHTML or through similar means. Aside from being inefficient, this is a major security risk. For more information, see https://developer.mozilla.org/en/XUL_School/DOM_Building_and_HTML_Insertion. Here are some examples where you do this:\r\n\r\n ", "category": "Other" }, { "id": 59, "title": "Add-ons SDK is outdated", "response": "You are using an outdated version of the Add-ons SDK, which we no longer accept. Please repack your code with the latest stable version of the SDK: https://addons.mozilla.org/en-US/developers/builder", "category": "Other" }, { "id": 78, "title": "http content inserted in https pages", "response": "Inserting insecure (HTTP) content into secure (HTTPS) pages opens serious security vulnerabilities, making secure pages appear as insecure and putting users at risk. All inserted content must be obtained locally, or using HTTPS URLs.", "category": "Other" }, { "id": 91, "title": "Australis compatibility foo test", "response": "baaThe new Firefox theme, codename Australis, is now available in Firefox nightlies. You can get them here: http://nightly.mozilla.org/. It appears that your add-on doesn't work correctly with Australis, so please give it a test at your earliest convenience. There's some documentation for add-on developers in progress, which should help you determine what you need to change in order to be compatible: https://developer.mozilla.org/en-US/Firefox/australis-add-on-compat-draft test", "category": "Other" }, { "id": 92, "title": "JavaScript library hash doesn't match", "response": "Your add-on includes an JavaScript library file that doesn't match our checksums for known release versions. We require all add-ons to use unmodified release versions, obtained directly from the developer's website. You can find a list of the library versions we support here: http://mzl.la/amo-libs", "category": "Other" }, { "id": 97, "title": "changed victor again", "response": "but why? test with eviljeff", "category": "Other" }, { "id": 98, "title": "Approved", "response": "Approved!", "category": "Other" }, { "id": 99, "title": "1. Sexual or pornographic content", "response": "Sexual or pornographic content", "category": "Other" }, { "id": 100, "title": "2. Inappropriate or offensive content", "response": "Inappropriate or offensive content", "category": "Other" }, { "id": 101, "title": "3. Violence, war, or weaponry images", "response": "Violence, war, or weaponry images", "category": "Other" }, { "id": 102, "title": "4. Nazi or other hate content", "response": "Nazi or other hate content", "category": "Other" }, { "id": 103, "title": "5. Defamatory content", "response": "Defamatory content", "category": "Other" }, { "id": 104, "title": "6. Online gambling", "response": "Online gambling", "category": "Other" }, { "id": 105, "title": "7. Spam content", "response": "Spam content", "category": "Other" }, { "id": 106, "title": "8. Low-quality, stretched, or blank image", "response": "Low-quality, stretched, or blank image", "category": "Other" }, { "id": 107, "title": "9. Header image alignment problem", "response": "Header image alignment problem", "category": "Other" } ] ```

[EnTeQuAk]

This issue actually was about being able to select different categories in the canned response admin. Once you define another category there, you'll see it in the API response.

[AlexandraMoga]

Verified fixed on stage

 {
        "id": 41,
        "title": "Remote script injection",
        "response": "We don't allow add-ons to use remote scripts because they create serious security vulnerabilities. We also need to review all of your add-on code, and this makes it much more difficult. Please insert those scripts locally from your add-on code.",
        "category": "Security"
    },
    {
        "id": 42,
        "title": "Hidden or duplicate files or folders",
        "response": "Your add-on contains duplicate or hidden files or folders. These files complicate the review process and may contain sensitive information about the system you created the XPI on. Please correct your packaging process so that these files aren't included.",
        "category": "Other"
    },
    {
        "id": 43,
        "title": "Unprotected iframe or browser tag",
        "response": "Your add-on uses the 'iframe' or 'browser' XUL elements without a 'type' attribute. If you're loading web content on them and you don't set type=\"content\", your add-on can become a serious security threat. If you're loading chrome content, be as explicit as you can about it, so that we don't reject your add-on because of it. You can read more about it here: https://developer.mozilla.org/En/XUL/Iframe#a-browser.type",
        "category": "Privacy"
    },
    {
        "id": 44,
        "title": "Native prototype extension",
        "response": "Extending the prototype of native objects like Object, Array and String in XUL overlays is not allowed because it can cause compatibility problems with other add-ons or the browser itself.",
        "category": "Privacy"
    }