support add-on badges

[rhelmer]

Add-on badges are supported by AMO: https://blog.mozilla.org/addons/2020/10/05/new-add-on-badges/

Technically this works by having a mozilla-recommendation.json in the root of the signed XPI. The primary reason we want this for Ion is to remove the "unknown site" prompt, since we plan to initiate the install from our own site and not AMO. See mozilla-rally/rally-core-addon#159 for details.

/cc @mixedpuppy @aki @kewisch @Dexterp37

[escapewindow]

Most likely this will mean a new Autograph set of creds, resulting in a new signing format here. We'll want to make sure that reviews for any addons with these badges are given extra care during review and signoff; we probably want to formalize what this means.

[hwine]

fwiw - from a chat in #addons, it's not clear (or decided yet?) if a single extension can be entitled to multiple badges. E.g. can a "made by mozilla" addon also be permitted to display the "verified for security" badge? The answer may impact the review & signoff process mentioned above.

[mixedpuppy]

fwiw - from a chat in #addons, it's not clear (or decided yet?) if a single extension can be entitled to multiple badges. E.g. can a "made by mozilla" addon also be permitted to display the "verified for security" badge? The answer may impact the review & signoff process mentioned above.

Only one would be applied even though the framework allows multiple. It does not make sense to sign a mozilla line extension if it is not verified. Likewise, it makes no sense to recommend an addon that was not verified.

[mixedpuppy]

Also, privileged addons will no longer show the "unknown site" prompt when installed from a 3rd party site (currently in beta riding the train).

[hwine]

Only one would be applied even though the framework allows multiple. It does not make sense to sign a mozilla line extension if it is not verified. Likewise, it makes no sense to recommend an addon that was not verified.

@mixedpuppy It does look like the intent is for only one to be applied - but I though the intended hierarchy was recommended < verified < official. There is some UX work to communicate that hierarchy -- if the hierarchy is incorrect, you might want to chime in over there.

[mixedpuppy]

Only one would be applied even though the framework allows multiple. It does not make sense to sign a mozilla line extension if it is not verified. Likewise, it makes no sense to recommend an addon that was not verified.

@mixedpuppy It does look like the intent is for only one to be applied - but I though the intended hierarchy was recommended < verified < official.

There is no intended hierarchy, these tags do not build on top of a prior tag. Any level of recommendation is going to be reviewed, at least in theory, at the same level. You can think of these more as a "why" they were reviewed more extensively than the general addon population.

[rhelmer]

Also, privileged addons will no longer show the "unknown site" prompt when installed from a 3rd party site (currently in beta riding the train).

I think this is sufficient for Rally for now. If/when we move to an unprivileged add-on we could use proper AMO badges. Privileged add-ons are by necessity "from" and/or "reviewed" by Mozilla so I think that's probably going to be fine for other use cases too.