{"id":13585181,"url":"https://github.com/mozilla/fx-private-relay","last_synced_at":"2026-04-01T18:54:37.085Z","repository":{"id":36964432,"uuid":"190652903","full_name":"mozilla/fx-private-relay","owner":"mozilla","description":"Keep your email safe from hackers and trackers. Make an email alias with 1 click, and keep your address to yourself.","archived":false,"fork":false,"pushed_at":"2026-03-27T18:37:23.000Z","size":62833,"stargazers_count":1706,"open_issues_count":30,"forks_count":254,"subscribers_count":62,"default_branch":"main","last_synced_at":"2026-03-28T00:54:35.962Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://relay.firefox.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mozilla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2019-06-06T21:36:28.000Z","updated_at":"2026-03-27T22:17:35.000Z","dependencies_parsed_at":"2024-02-26T09:47:03.829Z","dependency_job_id":"5a9086f4-2b66-47ab-ad5f-fa9e005946a2","html_url":"https://github.com/mozilla/fx-private-relay","commit_stats":{"total_commits":7990,"total_committers":47,"mean_commits":170.0,"dds":0.7689612015018774,"last_synced_commit":"43607a988792b5e5ca78fe263692866622404204"},"previous_names":[],"tags_count":485,"template":false,"template_full_name":null,"purl":"pkg:github/mozilla/fx-private-relay","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Ffx-private-relay","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Ffx-private-relay/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Ffx-private-relay/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Ffx-private-relay/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mozilla","download_url":"https://codeload.github.com/mozilla/fx-private-relay/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Ffx-private-relay/sbom","scorecard":{"id":485371,"data":{"date":"2025-08-11","repo":{"name":"github.com/mozilla/fx-private-relay","commit":"57cdfc5421b5faf0fe1f228aeb524d4232a221e0"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.1,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":8,"reason":"Found 4/5 approved changesets -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'packages' permission set to 'write': .github/workflows/build-and-push-to-gar.yml:11","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build-and-push-to-gar.yml:12","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29","Warn: no topLevel permission defined: .github/workflows/build-and-push-to-gar.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/conflicts.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/dependabot-glean-parser.yml:6","Warn: no topLevel permission defined: .github/workflows/glean-probe-scraper.yml:1","Warn: no topLevel permission defined: .github/workflows/l10n-sync.yml:1","Warn: no topLevel permission defined: .github/workflows/lint-pending-strings.yml:1","Warn: no topLevel permission defined: .github/workflows/playwright.yml:1","Warn: no topLevel permission defined: .github/workflows/relay_e2e_health.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-and-push-to-gar.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/build-and-push-to-gar.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/conflicts.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/conflicts.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-glean-parser.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/dependabot-glean-parser.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-glean-parser.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/dependabot-glean-parser.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependabot-glean-parser.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/dependabot-glean-parser.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/glean-probe-scraper.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/glean-probe-scraper.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/l10n-sync.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/l10n-sync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-pending-strings.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/lint-pending-strings.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-pending-strings.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/lint-pending-strings.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/playwright.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/playwright.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/playwright.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/playwright.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/playwright.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/playwright.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/playwright.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/mozilla/fx-private-relay/playwright.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating python:3.11.8 to python:3.11.8@sha256:61d662f6d52206ab2290af4258257b5369573b6a4bbd904896699cc909221334","Warn: pipCommand not pinned by hash: Dockerfile:10","Warn: pipCommand not pinned by hash: Dockerfile:22","Warn: pipCommand not pinned by hash: .circleci/python_job.bash:256","Warn: pipCommand not pinned by hash: .github/workflows/dependabot-glean-parser.yml:28","Warn: pipCommand not pinned by hash: .github/workflows/lint-pending-strings.yml:25","Warn: npmCommand not pinned by hash: .github/workflows/playwright.yml:53","Warn: npmCommand not pinned by hash: .github/workflows/playwright.yml:55","Info:   0 out of  13 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   5 pipCommand dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (29) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T17:37:34.443Z","repository_id":36964432,"created_at":"2025-08-19T17:37:34.443Z","updated_at":"2025-08-19T17:37:34.443Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31290977,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T15:04:46.995Z","updated_at":"2026-04-01T18:54:37.057Z","avatar_url":"https://github.com/mozilla.png","language":"Python","funding_links":[],"categories":["Python","others","Communication"],"sub_categories":["Mail Forwarding"],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/mozilla/fx-private-relay/11ad17e197e23a0453bfb74fa3670c87cfc35e36/frontend/src/components/landing/images/logo-firefox-relay.svg\" width=\"250\" /\u003e\n\u003c/p\u003e\n\n# Private Relay\n\n\u003c!-- Badges include: license, size of repository, overall coverage for project via coveralls.io on main branch, status of what is deployed via whatsdeployed.io and our circleci status for main branch. --\u003e\n\n[![License: MPL 2.0](https://img.shields.io/badge/License-MPL%202.0-brightgreen.svg)](https://raw.githubusercontent.com/mozilla/fx-private-relay/main/LICENSE)\n![Repo Size](https://img.shields.io/github/repo-size/Mozilla/fx-private-relay)\n[![Coverage Status](https://coveralls.io/repos/github/mozilla/fx-private-relay/badge.svg?branch=main)](https://coveralls.io/github/mozilla/fx-private-relay?branch=main)\n[![What's Deployed](https://img.shields.io/badge/whatsdeployed-dev,stage,prod-green.svg)](https://whatsdeployed.io/s/60j/mozilla/fx-private-relay)\n[![CircleCI](https://dl.circleci.com/status-badge/img/gh/mozilla/fx-private-relay/tree/main.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/mozilla/fx-private-relay/tree/main)\n[![Relay e2e Tests](https://github.com/mozilla/fx-private-relay/actions/workflows/playwright.yml/badge.svg?branch=main)](https://github.com/mozilla/fx-private-relay/actions/workflows/playwright.yml)\n\nPrivate Relay provides generated email addresses to use in place of personal\nemail addresses.\n\nRecipients will still receive emails, but Private Relay keeps their personal\nemail address from being [harvested](https://blog.hubspot.com/marketing/what-is-a-landing-page-ht),\nand then [bought, sold, traded, or combined](https://www.bookyourdata.com/)\nwith other data to personally identify, track, and/or [target\nthem](https://www.facebook.com/business/help/606443329504150?helpref=faq_content).\n\n- [Private Relay](#private-relay)\n  - [Development](#development)\n    - [Requirements](#requirements)\n    - [Install and Run the Site Locally](#install-and-run-the-site-locally)\n    - [Working with translations](#working-with-translations)\n      - [Getting the latest translations](#getting-the-latest-translations)\n      - [Add/update messages for translation](#addupdate-messages-for-translation)\n      - [Commit translations for release](#commit-translations-for-release)\n    - [Recommended: Enable Mozilla Accounts authentication](#recommended-enable-mozilla-accounts-authentication)\n    - [Optional: Install and run the add-on locally](#optional-install-and-run-the-add-on-locally)\n    - [Optional: Run a development server to compile the frontend](#optional-run-a-development-server-to-compile-the-frontend)\n    - [Optional: Enable Premium Features](#optional-enable-premium-features)\n    - [Optional: Debugging JavaScript bundle sizes](#optional-debugging-javascript-bundle-sizes)\n      - [Test Premium](#test-premium)\n  - [Production Environments](#production-environments)\n    - [Requirements](#requirements-1)\n    - [Environment Variables](#environment-variables)\n\n## Development\n\nPlease refer to our [coding standards](docs/coding-standards.md) for code styles, naming conventions and other methodologies.\n\n### Requirements\n\n- python 3.11 (we recommend [venv](https://packaging.python.org/en/latest/guides/installing-using-pip-and-virtual-environments/))\n- PostgreSQL - even if you are using sqlite for development, requirements.txt installs\n  psycopg2 which [requires libpq](https://www.psycopg.org/docs/install.html#build-prerequisites) and Python header files.\n  The following should work:\n  - [On Windows](https://www.postgresql.org/download/windows/)\n  - On Ubuntu: `sudo apt install postgresql libpq-dev python3-dev`\n  - On OSX: `brew install postgresql libpq`\n  - On Fedora: `sudo dnf install libpq-devel python3-devel`\n- [SES](https://aws.amazon.com/ses/) if you want to send real emails\n- [Volta](https://volta.sh/) – Sets up the right versions of Node and npm, needed to compile the front-end\n\n### Install and Run the Site Locally\n\n1. Clone and change to the directory:\n\n   ```sh\n   git clone --recurse-submodules https://github.com/mozilla/fx-private-relay.git\n   cd fx-private-relay\n   ```\n\n2. Create and activate a virtual environment:\n\n   Unix based systems:\n\n   ```sh\n   virtualenv env\n   source env/bin/activate\n   ```\n\n   Windows:\n\n   ```sh\n   python -m venv env\n   source env/Scripts/activate\n   ```\n\n   If you are not using Git Bash on Windows, instead of typing `source env/Scripts/activate`, type `.\\env\\Scripts\\activate`.\n\n   Note: If you're running on Windows and get an error message stating that executing scripts are disabled on your computer, go into the Windows powershell and type `Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted`, then try again.\n\n3. Install Python and Node requirements:\n\n   ```sh\n   pip install -r requirements.txt\n   ```\n\n   ```sh\n   cd frontend\n   npm install\n   cd ../\n   ```\n\n   Note: If you're running on Windows, you may run into an issue with usage of environment variables in npm scripts. You can force npm to use git-bash: `npm config set script-shell \"C:\\\\Program Files\\\\Git\\\\bin\\\\bash.exe\"`. This the default location, your install may be different.\n\n4. Copy `.env` file for\n   [`decouple`](https://pypi.org/project/python-decouple/) config:\n\n   ```sh\n   cp .env-dist .env\n   ```\n\n5. Add a `SECRET_KEY` value to `.env`:\n\n   ```ini\n   SECRET_KEY=secret-key-should-be-different-for-every-install\n   ```\n\n6. Migrate DB:\n\n   ```sh\n   python manage.py migrate\n   ```\n\n7. Create superuser:\n\n   ```sh\n   python manage.py createsuperuser\n   ```\n\n8. Run the backend:\n\n   ```sh\n   python manage.py runserver\n   ```\n\n   and in a different terminal, build the frontend:\n\n   ```sh\n   cd frontend\n   npm run watch\n   ```\n\n### Working with translations\n\nThe following docs will get you started with development, include creating new\nstrings to translate. See [Translation and Localization](docs/translations.md)\nfor general information on Relay localization.\n\n#### Getting the latest translations\n\nWe use a [git submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules)\nfor translated message files. The `--recurse-submodules` step of installation\nshould bring the message files into your working directory already, but you may\nwant also want to update the translations after install. The easiest way to do\nthat is:\n\n- `git submodule update --remote`\n\nTo update the submodule automatically when running `git pull` or other commands:\n\n- `git config --global submodule.recurse true`\n\n#### Add/update messages for translation\n\nThe `privaterelay/locales` directory is a git repository like any other, so to\nmake changes to the messages:\n\n1. Make whatever changes you need in `privaterelay/locales/en` as you work.\n\n2. `cd privaterelay/locales/en`\n\n3. `git branch message-updates-yyyymmdd`\n\n4. `git push -u origin message-updates-yyyymmdd`\n\nYou can then open a pull request from the `message-updates-yyyymmdd` branch to\n[the l10n repo](https://github.com/mozilla-l10n/fx-private-relay-l10n) `main` branch.\n\nIf you're not yet ready to submit some strings for translation, you can\ntentatively add them to `frontend/pendingTranslations.ftl`. Strings in that file\nwill show up until strings with the same ID are added to the l10n repository.\n\nSimilarly, there is a `pending_locales/pending.ftl` where temporary backend locales strings can be stored. Once the strings from the pull request in [the l10n repo](https://github.com/mozilla-l10n/fx-private-relay-l10n) has been merged into the Relay repo, these respective strings need to be removed from `pending_locales/pending.ftl` to avoid failing CircleCI tests.\n\n#### Commit translations for release\n\nTo commit updates to the app's translations (e.g., before a release), we need\nto commit this submodule update. So, if the updated translations are ready to\nbe committed into the app, you can `git add` the submodule just like any other\nfile:\n\n- `git add privaterelay/locales`\n\nYou can then commit and push to set the app repository to the updated version\nof the translations submodule:\n\n- `git push`\n\nAn automated process updates the submodule daily, bringing in any new changes\nand translations from the Localization Team.\n\n### Recommended: Enable Mozilla Accounts authentication\n\nTo enable Mozilla Accounts authentication on your local server, you can use the\n\"Firefox Private Relay local dev\" OAuth app on accounts.stage.mozaws.net.\n\nTo do so:\n\n1. Set `ADMIN_ENABLED=True` in your `.env` file\n\n2. Shutdown the server if running, and add the admin tables with:\n\n   ```sh\n   python manage.py migrate\n   ```\n\n3. Run the server, now with `/admin` endpoints:\n\n   ```sh\n   python manage.py runserver\n   ```\n\n4. Go to [the django admin page to change the default\n   site](http://127.0.0.1:8000/admin/sites/site/1/change/).\n\n5. Change `example.com` to `127.0.0.1:8000` and click Save.\n\n6. [Go to the django-allauth social app admin\n   page](http://127.0.0.1:8000/admin/socialaccount/socialapp/), sign in with the\n   superuser account you created above, and add a social app for Firefox Accounts:\n\n| Field      | Value                                                   |\n| ---------- | ------------------------------------------------------- |\n| Provider   | Mozilla Accounts                                        |\n| Name       | `accounts.stage.mozaws.net`                             |\n| Client id  | `9ebfe2c2f9ea3c58`                                      |\n| Secret key | Request this from `#fx-private-relay-eng` Slack channel |\n| Sites      | `127.0.0.1:8000` -\u003e Chosen sites                        |\n\nNow you can sign into [http://127.0.0.1:8000/](http://127.0.0.1:8000/) with an\nFxA.\n\n:warning: Remember that you'll need to use an account on https://accounts.stage.mozaws.net/, not\nthe production site, accounts.firefox.com.\n\n\u003c!-- #### Optional: Enable SES\nTODO --\u003e\n\n### Optional: Install and run the add-on locally\n\n_Note: The add-on is located in a [separate repo](https://github.com/mozilla/fx-private-relay-add-on/). See it for additional information on getting started._\n\nThe add-on adds Firefox UI to generate and auto-fill email addresses across the web. Running the add-on locally allows it to communicate with your local server (`127.0.0.1:8000`) instead of the production server (`relay.firefox.com`).\n\n### Optional: Run a development server to compile the frontend\n\n`npm run watch` watches the `frontend/src` directory and builds the frontend\nwhen it detects changes. However, creating a production build is just time-consuming\nenough to interrupt your development flow. It is therefore also possible to run the\nfront-end on a separate server that only recompiles changed modules, and does not\napply production optimizations. To do so, instead of `npm run watch`, run\n`npm run dev`.\n\nThe frontend is now available at http://localhost:3000. Keep in mind that this\ndoes make your local development environment less similar to production; in\nparticular, authentication is normally bound to the backend server, and thus\nneeds to be simulated when running the frontend on a separate server. If\nyou make any changes related to authentication, make sure to test them using\n`npm run watch` as well.\n\n### Optional: Enable Premium Features\n\n**Note:** Premium features are automatically enabled for any user with an email address ending in\n`mozilla.com`, `getpocket.com`, or `mozillafoundation.org` (see `PREMIUM_DOMAINS` in\n`emails/models.py`). To mimic the customer's experience, it is recommended to follow the below\nprocedure.\n\nTo enable the premium Relay features, we integrate with the [FXA Subscription\nPlatform](https://mozilla.github.io/ecosystem-platform/relying-parties/reference/sub-plat-overview).\nAt a high level, to set up Relay premium subscription, we:\n\n1. [Enable Mozilla Accounts Authentication](#recommended-enable-firefox-accounts-authentication) as described above.\n\n2. Create a product \u0026 price in our [Stripe dashboard](https://dashboard.stripe.com/).\n   (Ask in #subscription-platform Slack channel to get access to our Stripe dashboard.)\n\n3. Link free users of Relay to the appropriate SubPlat purchase flow.\n\n4. Check users' FXA profile json for a `subscriptions` field to see if they can\n   access a premium, subscription-only feature.\n\nIn detail:\n\n1. [Enable Mozilla Accounts Authentication](#recommended-enable-firefox-accounts-authentication) as described above.\n\n2. Go to our [Stripe dashboard](https://dashboard.stripe.com/).\n   (Ask in #subscription-platform Slack channel to get access to our Stripe dashboard.)\n\n3. Create a new product in Stripe.\n\n4. Add all [required `product:` metadata](https://github.com/mozilla/fxa/blob/a0c7ac2b4bad0412a0f3a25fc82b5670922f8957/packages/fxa-auth-server/lib/routes/validators.js#L396-L437).\n   - Note: each piece of this metadata must have a `product:` prefix. So, for\n     example, `webIconURL` must be entered as `product:webIconURL`.\n\n5. Add `capabilities:` metadata.\n   - Note: Each piece of this metadata must have a format like\n     `capabilities:\u003cfxa oauth client ID\u003e`, and the value is a free-form string\n     to describe the \"capability\" that purchasing the subscription gives to the\n     user. E.g., `capabilities:9ebfe2c2f9ea3c58` with value of `premium-relay`.\n\n6. Set some env vars with values from the above steps:\n\n| Var                            | Value                                                                 |\n| ------------------------------ | --------------------------------------------------------------------- |\n| `FXA_SUBSCRIPTIONS_URL`        | `https://accounts.stage.mozaws.net/subscriptions`                     |\n| `PERIODICAL_PREMIUM_PROD_ID`   | `prod_KEq0LXqs7vysQT` (from Stripe)                                   |\n| `PREMIUM_PLAN_ID_US_MONTHLY`   | `price_1LiMjeKb9q6OnNsLzwixHuRz` (from Stripe)                        |\n| `PREMIUM_PLAN_ID_US_YEARLY`    | `price_1LiMlBKb9q6OnNsL7tvrtI7y` (from Stripe)                        |\n| `PHONE_PROD_ID`                | `prod_LviM2I0paxH1DZ` (from Stripe)                                   |\n| `PHONE_PLAN_ID_US_MONTHLY`     | `price_1LDqw3Kb9q6OnNsL6XIDst28` (from Stripe)                        |\n| `PHONE_PLAN_ID_US_YEARLY`      | `price_1Lhd35Kb9q6OnNsL9bAxjUGq` (from Stripe)                        |\n| `BUNDLE_PROD_ID`               | `prod_MQ9Zf1cyI81XS2` (from Stripe)                                   |\n| `BUNDLE_PLAN_ID_US`            | `price_1Lwp7uKb9q6OnNsLQYzpzUs5` (from Stripe)                        |\n| `SUBSCRIPTIONS_WITH_UNLIMITED` | `\"premium-relay\"` (match the `capabilities` value you used in Stripe) |\n| `SUBSCRIPTIONS_WITH_PHONE`     | `\"relay-phones\"` (match the `capabilities` value you used in Stripe)  |\n\n### Optional: Debugging JavaScript bundle sizes\n\nIn `frontend/`, set `ANALYZE=true` when running `npm run build` to generate a\nreport detailing which modules are taking up most of the bundle size. A report\nwill be generated for both the client and server part of the frontend, but since\nwe only use the client, we're really only interested in that. The reports will\nautomatically open in your browser, and can also be found in\n`/frontend/.next/analyze/`.\n\n```sh\nANALYZE=true npm run build\n```\n\n#### Test Premium\n\nThere is a [comprehensive doc of test\ncases](https://docs.google.com/spreadsheets/d/1fMl4LHr1kIuGHfS9jyhLrv5vAyJMBUCr2AP0sODFmJw/edit#gid=0) for purchasing premium Relay.\n\nYou can use [Stripe's test credit card details](https://stripe.com/docs/testing#cards) for payment.\n\nThe phone features are further protected by a waffle flag `phones`. In stage,\nyou'll need an SRE to add the flag to your test user. On the development\nserver, a developer can add the flag.\n\n## Production Environments\n\n### Requirements\n\nIn addition to the requirements for dev, production environments should use:\n\n- [PostgreSQL](https://www.postgresql.org/)-compatible DB\n\n### Environment Variables\n\nProduction environments should also set some additional environment variables:\n\n```\nDATABASE_URL=postgresql://\u003cusername\u003e:\u003cpassword\u003e@\u003chost\u003e:\u003cport\u003e/\u003cdatabase\u003e\nSECURE_HSTS_SECONDS=15768000\nSECURE_SSL_REDIRECT=True\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmozilla%2Ffx-private-relay","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmozilla%2Ffx-private-relay","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmozilla%2Ffx-private-relay/lists"}