Merge mozilla-central to inbound a=merge on a CLOSED TREE
authorCoroiu Cristina <ccoroiu@mozilla.com>
Thu, 29 Nov 2018 00:34:07 +0200
changeset 448552 237e92ff9ceb03e634371ab105a69f5f086fc7e0
parent 448532 f279bb5a7e5a62c3e95f005d221213d603792e13 (current diff)
parent 448551 f2915d3ee5f8705676e4bb643eab54b62246f25f (diff)
child 448553 f005cfb0b0fa95ce3b58dd87fc21615c041e603d
push id110223
push userccoroiu@mozilla.com
push dateWed, 28 Nov 2018 22:35:19 +0000
treeherdermozilla-inbound@237e92ff9ceb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmerge
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Merge mozilla-central to inbound a=merge on a CLOSED TREE
.clang-format-ignore
js/xpconnect/src/xpcprivate.h
mobile/android/geckoview/src/main/aidl/org/mozilla/gecko/gfx/SyncConfig.aidl
mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SyncConfig.java
python/mozrelease/test/data/Firefox-62.0b11.update.json
python/mozrelease/test/data/Firefox-64.0b13.update.json
security/manager/locales/en-US/chrome/pippki/certManager.dtd
--- a/.clang-format
+++ b/.clang-format
@@ -11,13 +11,14 @@ NS_INTERFACE_TABLE_HEAD_CYCLE_COLLECTION
 NS_INTERFACE_TABLE_BEGIN|\
 NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED|\
 NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN_INHERITED$"
 MacroBlockEnd: "^\
 JS_END_MACRO|\
 NS_INTERFACE_MAP_END|\
 NS_IMPL_CYCLE_COLLECTION_.*_END|\
 NS_INTERFACE_TABLE_END|\
-NS_INTERFACE_MAP_END_INHERITING|\
+NS_INTERFACE_TABLE_TAIL.*|\
+NS_INTERFACE_MAP_END_.*|\
 NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END_INHERITED|\
 NS_IMPL_CYCLE_COLLECTION_UNLINK_END_INHERITED$"
 
 SortIncludes: false
--- a/.clang-format-ignore
+++ b/.clang-format-ignore
@@ -40,16 +40,19 @@ xpcom/glue/tests/.*
 xpcom/tests/.*
 
 # Generated by protobuf
 .*/.*.pb.h
 .*/.*.pb.cc
 
 # Autogenerated file
 gfx/gl/GLConsts.h
+gfx/webrender_bindings/webrender_ffi_generated.h
+intl/unicharutil/util/nsUnicodePropertyData.cpp
+intl/unicharutil/util/nsUnicodeScriptCodes.h
 media/mp4parse-rust/mp4parse.h
 
 # Generated from ./tools/rewriting/ThirdPartyPaths.txt
 # awk '{print ""$1".*"}' ./tools/rewriting/ThirdPartyPaths.txt
 browser/components/translation/cld2/.*
 browser/extensions/mortar/ppapi/.*
 db/sqlite3/src/.*
 devtools/client/sourceeditor/codemirror/.*
--- a/browser/base/content/test/trackingUI/browser_trackingUI_telemetry.js
+++ b/browser/base/content/test/trackingUI/browser_trackingUI_telemetry.js
@@ -31,18 +31,17 @@ add_task(async function setup() {
   let TrackingProtection = gBrowser.ownerGlobal.TrackingProtection;
   ok(TrackingProtection, "TP is attached to the browser window");
   ok(!TrackingProtection.enabled, "TP is not enabled");
 
   let enabledCounts =
     Services.telemetry.getHistogramById("TRACKING_PROTECTION_ENABLED").snapshot().values;
   is(enabledCounts[0], 1, "TP was not enabled on start up");
 
-  let scalars = Services.telemetry.snapshotScalars(
-    Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTOUT, false).parent;
+  let scalars = Services.telemetry.getSnapshotForScalars("main", false).parent;
 
   is(scalars["contentblocking.exceptions"], 0, "no CB exceptions at startup");
 });
 
 
 add_task(async function testShieldHistogram() {
   Services.prefs.setBoolPref(PREF, true);
   let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser);
--- a/browser/components/extensions/schemas/omnibox.json
+++ b/browser/components/extensions/schemas/omnibox.json
@@ -9,17 +9,17 @@
         "$extend": "WebExtensionManifest",
         "properties": {
           "omnibox": {
             "type": "object",
             "additionalProperties": { "$ref": "UnrecognizedProperty" },
             "properties": {
               "keyword": {
                 "type": "string",
-                "pattern": "^[^?\\s:]([^\\s:]*[^/\\s:])?$"
+                "pattern": "^[^?\\s:][^\\s:]*$"
               }
             },
             "optional": true
           }
         }
       }
     ]
   },
--- a/browser/components/extensions/test/xpcshell/test_ext_manifest_omnibox.js
+++ b/browser/components/extensions/test/xpcshell/test_ext_manifest_omnibox.js
@@ -7,17 +7,17 @@ async function testKeyword(params) {
     "omnibox": {
       "keyword": params.keyword,
     },
   });
 
   if (params.expectError) {
     let expectedError = (
       String.raw`omnibox.keyword: String "${params.keyword}" ` +
-      String.raw`must match /^[^?\s:]([^\s:]*[^/\s:])?$/`
+      String.raw`must match /^[^?\s:][^\s:]*$/`
     );
     ok(normalized.error.includes(expectedError),
        `The manifest error ${JSON.stringify(normalized.error)} ` +
        `must contain ${JSON.stringify(expectedError)}`);
   } else {
     equal(normalized.error, undefined, "Should not have an error");
     equal(normalized.errors.length, 0, "Should not have warnings");
   }
@@ -38,24 +38,24 @@ add_task(async function test_manifest_co
 
   // accepted multi-character keywords
   await testKeyword({keyword: "aa", expectError: false});
   await testKeyword({keyword: "http", expectError: false});
   await testKeyword({keyword: "f?a", expectError: false});
   await testKeyword({keyword: "fa?", expectError: false});
   await testKeyword({keyword: "f/x", expectError: false});
   await testKeyword({keyword: "/fx", expectError: false});
+  await testKeyword({keyword: "fx/", expectError: false});
 
   // rejected multi-character keywords
   await testKeyword({keyword: " a", expectError: true});
   await testKeyword({keyword: "a ", expectError: true});
   await testKeyword({keyword: "  ", expectError: true});
   await testKeyword({keyword: " a ", expectError: true});
   await testKeyword({keyword: "?fx", expectError: true});
-  await testKeyword({keyword: "fx/", expectError: true});
   await testKeyword({keyword: "f:x", expectError: true});
   await testKeyword({keyword: "fx:", expectError: true});
   await testKeyword({keyword: "f x", expectError: true});
 
   // miscellaneous tests
   await testKeyword({keyword: "こんにちは", expectError: false});
   await testKeyword({keyword: "http://", expectError: true});
 });
--- a/browser/components/preferences/in-content/preferences.xul
+++ b/browser/components/preferences/in-content/preferences.xul
@@ -11,22 +11,17 @@
   href="chrome://browser/skin/preferences/in-content/preferences.css"?>
 <?xml-stylesheet
   href="chrome://browser/content/preferences/handlers.css"?>
 <?xml-stylesheet href="chrome://browser/skin/preferences/applications.css"?>
 <?xml-stylesheet href="chrome://browser/skin/preferences/in-content/search.css"?>
 <?xml-stylesheet href="chrome://browser/skin/preferences/in-content/containers.css"?>
 <?xml-stylesheet href="chrome://browser/skin/preferences/in-content/privacy.css"?>
 
-<!DOCTYPE page [
-<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd">
-<!ENTITY % certManagerDTD SYSTEM "chrome://pippki/locale/certManager.dtd">
-%brandDTD;
-%certManagerDTD;
-]>
+<!DOCTYPE page>
 
 <page xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
       xmlns:html="http://www.w3.org/1999/xhtml"
       role="document"
       data-l10n-id="pref-page"
       data-l10n-attrs="title">
 
   <linkset>
@@ -44,16 +39,17 @@
     <link rel="localization" href="browser/preferences/languages.ftl"/>
     <link rel="localization" href="browser/preferences/permissions.ftl"/>
     <link rel="localization" href="browser/preferences/selectBookmark.ftl"/>
     <link rel="localization" href="browser/preferences/siteDataSettings.ftl"/>
     <link rel="localization" href="browser/aboutDialog.ftl"/>
     <link rel="localization" href="browser/sanitize.ftl"/>
     <link rel="localization" href="toolkit/updates/history.ftl"/>
     <link rel="localization" href="security/certificates/deviceManager.ftl"/>
+    <link rel="localization" href="security/certificates/certManager.ftl"/>
   </linkset>
 
   <html:link rel="shortcut icon"
               href="chrome://browser/skin/settings.svg"/>
 
   <script type="application/javascript"
           src="chrome://browser/content/utilityOverlay.js"/>
   <script type="application/javascript"
--- a/browser/components/preferences/in-content/privacy.xul
+++ b/browser/components/preferences/in-content/privacy.xul
@@ -787,29 +787,31 @@
               flex="1" />
     <vbox>
       <!-- Please don't remove the wrapping hbox/vbox/box for these elements. It's used to properly compute the search tooltip position. -->
       <hbox pack="end">
         <button id="viewCertificatesButton"
                 class="accessory-button"
                 data-l10n-id="certs-view"
                 preference="security.disable_button.openCertManager"
-                searchkeywords="&certmgr.tab.mine;
-                                &certmgr.tab.others2;
-                                &certmgr.tab.websites3;
-                                &certmgr.tab.ca;
-                                &certmgr.mine2;
-                                &certmgr.others2;
-                                &certmgr.websites3;
-                                &certmgr.cas2;
-                                &certmgr.certname;
-                                &certmgr.tokenname;
-                                &certmgr.view2.label;
-                                &certmgr.export.label;
-                                &certmgr.delete2.label;"/>
+                search-l10n-ids="
+                  certmgr-tab-mine.label,
+                  certmgr-tab-people.label,
+                  certmgr-tab-servers.label,
+                  certmgr-tab-ca.label,
+                  certmgr-mine,
+                  certmgr-people,
+                  certmgr-servers,
+                  certmgr-ca,
+                  certmgr-cert-name.label,
+                  certmgr-token-name.label,
+                  certmgr-view.label,
+                  certmgr-export.label,
+                  certmgr-delete.label
+                "/>
       </hbox>
       <!-- Please don't remove the wrapping hbox/vbox/box for these elements. It's used to properly compute the search tooltip position. -->
       <hbox pack="end">
         <button id="viewSecurityDevicesButton"
                 class="accessory-button"
                 data-l10n-id="certs-devices"
                 preference="security.disable_button.openDeviceManager"
                 search-l10n-ids="
--- a/browser/modules/AsyncTabSwitcher.jsm
+++ b/browser/modules/AsyncTabSwitcher.jsm
@@ -131,18 +131,16 @@ class AsyncTabSwitcher {
     // For telemetry, keeps track of what most recently cleared
     // the loadTimer, which can tell us something about the cause
     // of tab switch spinners.
     this._loadTimerClearedBy = "none";
 
     this._useDumpForLogging = false;
     this._logInit = false;
 
-    this._tabSwitchStopWatchRunning = false;
-
     this.window.addEventListener("MozAfterPaint", this);
     this.window.addEventListener("MozLayerTreeReady", this);
     this.window.addEventListener("MozLayerTreeCleared", this);
     this.window.addEventListener("TabRemotenessChange", this);
     this.window.addEventListener("sizemodechange", this);
     this.window.addEventListener("occlusionstatechange", this);
     this.window.addEventListener("SwapDocShells", this, true);
     this.window.addEventListener("EndSwapDocShells", this, true);
@@ -432,17 +430,16 @@ class AsyncTabSwitcher {
             // completion.
             this.switchPaintId = this.window.windowUtils.lastTransactionId + 1;
           } else {
             // We're making the tab visible even though we haven't yet got layers for it.
             // It's hard to know which composite the layers will first be available in (and
             // the parent process might not even get MozAfterPaint delivered for it), so just
             // give up measuring this for now. :(
             TelemetryStopwatch.cancel("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window);
-            this._tabSwitchStopWatchRunning = false;
           }
 
           this.tabbrowser._adjustFocusAfterTabSwitch(showTab);
           this.maybeActivateDocShell(this.requestedTab);
         }
       }
 
       // This doesn't necessarily exist if we're a new window and haven't switched tabs yet
@@ -738,22 +735,21 @@ class AsyncTabSwitcher {
   }
 
   // Fires when we paint the screen. Any tab switches we initiated
   // previously are done, so there's no need to keep the old layers
   // around.
   onPaint(event) {
     if (this.switchPaintId != -1 &&
         event.transactionId >= this.switchPaintId) {
-      if (this._tabSwitchStopWatchRunning) {
+      if (TelemetryStopwatch.running("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window)) {
         let time = TelemetryStopwatch.timeElapsed("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window);
         if (time != -1) {
           TelemetryStopwatch.finish("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window);
           this.log("DEBUG: tab switch time including compositing = " + time);
-          this._tabSwitchStopWatchRunning = false;
         }
       }
       this.addMarker("AsyncTabSwitch:Composited");
       this.switchPaintId = -1;
     }
 
     this.maybeVisibleTabs.clear();
   }
@@ -1076,21 +1072,20 @@ class AsyncTabSwitcher {
    * Telemetry and Profiler related helpers for recording tab switch
    * timing.
    */
 
   startTabSwitch() {
     TelemetryStopwatch.cancel("FX_TAB_SWITCH_TOTAL_E10S_MS", this.window);
     TelemetryStopwatch.start("FX_TAB_SWITCH_TOTAL_E10S_MS", this.window);
 
-    if (this._tabSwitchStopWatchRunning) {
+    if (TelemetryStopwatch.running("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window)) {
       TelemetryStopwatch.cancel("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window);
     }
     TelemetryStopwatch.start("FX_TAB_SWITCH_COMPOSITE_E10S_MS", this.window);
-    this._tabSwitchStopWatchRunning = true;
     this.addMarker("AsyncTabSwitch:Start");
     this.switchInProgress = true;
   }
 
   /**
    * Something has occurred that might mean that we've completed
    * the tab switch (layers are ready, paints are done, spinners
    * are hidden). This checks to make sure all conditions are
--- a/browser/modules/test/browser/browser_BrowserErrorReporter.js
+++ b/browser/modules/test/browser/browser_BrowserErrorReporter.js
@@ -108,30 +108,29 @@ add_task(async function testScalars() {
     createScriptError({message: "Whatever", stack: [frame()]}),
   ];
 
   // Use handleMessage to avoid errors from other code messing up our counts.
   for (const message of messages) {
     await reporter.handleMessage(message);
   }
 
-  const optin = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
-  const scalars = Services.telemetry.snapshotScalars(optin, false).parent;
+  const scalars = Services.telemetry.getSnapshotForScalars("main", false).parent;
   is(
     scalars[TELEMETRY_ERROR_COLLECTED],
     7,
     `${TELEMETRY_ERROR_COLLECTED} is incremented when an error is collected.`,
   );
   is(
     scalars[TELEMETRY_ERROR_COLLECTED_STACK],
     1,
     `${TELEMETRY_ERROR_REPORTED_FAIL} is incremented when an error with a stack trace is collected.`,
   );
 
-  const keyedScalars = Services.telemetry.snapshotKeyedScalars(optin, false).parent;
+  const keyedScalars = Services.telemetry.getSnapshotForKeyedScalars("main", false).parent;
   Assert.deepEqual(
     keyedScalars[TELEMETRY_ERROR_COLLECTED_FILENAME],
     {
       "FILTERED": 1,
       "MOZEXTENSION": 1,
       "resource://gre/modules/Foo.jsm": 1,
       "resource://gre/modules/Bar.jsm": 1,
       // Cut off at 70-character limit
@@ -176,17 +175,17 @@ add_task(async function testCollectedFil
 
     // Use handleMessage to avoid errors from other code messing up our counts.
     await reporter.handleMessage(createScriptError({
       message: "Fine",
       sourceName: filename,
     }));
 
     const keyedScalars = (
-      Services.telemetry.snapshotKeyedScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN, false).parent
+      Services.telemetry.getSnapshotForKeyedScalars("main", false).parent
     );
 
     let matched = null;
     if (shouldMatch) {
       matched = keyedScalars[TELEMETRY_ERROR_COLLECTED_FILENAME][filename] === 1;
     } else {
       matched = keyedScalars[TELEMETRY_ERROR_COLLECTED_FILENAME].FILTERED === 1;
     }
--- a/browser/modules/test/browser/browser_BrowserErrorReporter_nightly.js
+++ b/browser/modules/test/browser/browser_BrowserErrorReporter_nightly.js
@@ -443,18 +443,17 @@ add_task(async function testScalars() {
   await SpecialPowers.pushPrefEnv({set: [[PREF_SAMPLE_RATE, "0.0"]]});
   await reporter.handleMessage(createScriptError({message: "Additionally no name"}));
 
   // Failed fetches should be counted too
   await SpecialPowers.pushPrefEnv({set: [[PREF_SAMPLE_RATE, "1.0"]]});
   fetchStub.rejects(new Error("Could not report"));
   await reporter.handleMessage(createScriptError({message: "Maybe name?"}));
 
-  const optin = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
-  const scalars = Services.telemetry.snapshotScalars(optin, false).parent;
+  const scalars = Services.telemetry.getSnapshotForScalars("main", false).parent;
   is(
     scalars[TELEMETRY_ERROR_COLLECTED],
     3,
     `${TELEMETRY_ERROR_COLLECTED} is incremented when an error is collected.`,
   );
   is(
     scalars[TELEMETRY_ERROR_SAMPLE_RATE],
     "1.0",
--- a/browser/modules/test/browser/browser_UsageTelemetry.js
+++ b/browser/modules/test/browser/browser_UsageTelemetry.js
@@ -112,20 +112,19 @@ add_task(async function test_subsessionS
   // (about:mozilla and www.example.com, but no about:blank) and 1 URI totalURIs
   // (only www.example.com).
   checkScalars({maxTabs: 5, tabOpenCount: 4, maxWindows: 2, windowsOpenCount: 1,
                 totalURIs: 1, domainCount: 1, totalUnfilteredURIs: 2});
 
   // Remove a tab.
   BrowserTestUtils.removeTab(openedTabs.pop());
 
-  // Simulate a subsession split by clearing the scalars (via |snapshotScalars|) and
+  // Simulate a subsession split by clearing the scalars (via |getSnapshotForScalars|) and
   // notifying the subsession split topic.
-  Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                     true /* clearScalars */);
+  Services.telemetry.getSnapshotForScalars("main", true /* clearScalars */);
   Services.obs.notifyObservers(null, TELEMETRY_SUBSESSION_TOPIC);
 
   // After a subsession split, only the MAX_CONCURRENT_* scalars must be available
   // and have the correct value. No tabs, windows or URIs were opened so other scalars
   // must not be reported.
   checkScalars({maxTabs: 4, tabOpenCount: 0, maxWindows: 2, windowsOpenCount: 0,
                 totalURIs: 0, domainCount: 0, totalUnfilteredURIs: 0});
 
--- a/browser/modules/test/browser/head.js
+++ b/browser/modules/test/browser/head.js
@@ -134,19 +134,23 @@ function checkKeyedHistogram(h, key, exp
   Assert.ok(key in snapshot, `The histogram must contain ${key}.`);
   Assert.equal(snapshot[key].sum, expectedValue, `The key ${key} must contain ${expectedValue}.`);
 }
 
 /**
  * Return the scalars from the parent-process.
  */
 function getParentProcessScalars(aChannel, aKeyed = false, aClear = false) {
+  const extended = aChannel == Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
+  const currentExtended = Services.telemetry.canRecordExtended;
+  Services.telemetry.canRecordExtended = extended;
   const scalars = aKeyed ?
-    Services.telemetry.snapshotKeyedScalars(aChannel, aClear).parent :
-    Services.telemetry.snapshotScalars(aChannel, aClear).parent;
+    Services.telemetry.getSnapshotForKeyedScalars("main", aClear).parent :
+    Services.telemetry.getSnapshotForScalars("main", aClear).parent;
+  Services.telemetry.canRecordExtended = currentExtended;
   return scalars || {};
 }
 
 function checkEvents(events, expectedEvents) {
   if (!Services.telemetry.canRecordExtended) {
     // Currently we only collect the tested events when extended Telemetry is enabled.
     return;
   }
--- a/browser/themes/shared/tabs.inc.css
+++ b/browser/themes/shared/tabs.inc.css
@@ -20,17 +20,17 @@
 
 #tabbrowser-tabs {
   --tabs-top-border-width: 0px;
   --tab-min-width: 76px;
   --tab-loading-fill: #0A84FF;
 }
 
 #tabbrowser-tabs:-moz-lwtheme {
-  --tab-line-color: var(--lwt-accent-color);
+  --tab-line-color: currentColor;
 }
 
 #tabbrowser-tabpanels {
   /* Value for --in-content-page-background in in-content/common.inc.css */
   background-color: #f9f9fa;
 }
 
 :root[privatebrowsingmode=temporary] #tabbrowser-tabpanels {
--- a/devtools/client/framework/toolbox-context-menu.js
+++ b/devtools/client/framework/toolbox-context-menu.js
@@ -4,28 +4,30 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 "use strict";
 
 const Menu = require("devtools/client/framework/menu");
 const MenuItem = require("devtools/client/framework/menu-item");
 
-var stringsLoaded = false;
+// This WeakMap will be used to know if strings have already been loaded in a given
+// window, which will be used as key.
+const stringsLoaded = new WeakMap();
 
 /**
  * Lazily load strings for the edit menu.
  */
 function loadEditMenuStrings(win) {
-  if (stringsLoaded) {
+  if (stringsLoaded.has(win)) {
     return;
   }
 
   if (win.MozXULElement) {
-    stringsLoaded = true;
+    stringsLoaded.set(win, true);
     win.MozXULElement.insertFTLIfNeeded("toolkit/main-window/editmenu.ftl");
   }
 }
 
 /**
  * Return an 'edit' menu for a input field. This integrates directly
  * with docshell commands to provide the right enabled state and editor
  * functionality.
--- a/devtools/client/inspector/test/browser.ini
+++ b/devtools/client/inspector/test/browser.ini
@@ -192,8 +192,9 @@ skip-if = (os == 'linux' && bits == 32 &
 [browser_inspector_search-suggests-ids-and-classes.js]
 [browser_inspector_select-docshell.js]
 [browser_inspector_select-last-selected.js]
 [browser_inspector_search-navigation.js]
 [browser_inspector_sidebarstate.js]
 [browser_inspector_startup.js]
 [browser_inspector_switch-to-inspector-on-pick.js]
 [browser_inspector_textbox-menu.js]
+[browser_inspector_textbox-menu_reopen_toolbox.js]
new file mode 100644
--- /dev/null
+++ b/devtools/client/inspector/test/browser_inspector_textbox-menu_reopen_toolbox.js
@@ -0,0 +1,45 @@
+/* vim: set ft=javascript ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+   http://creativecommons.org/publicdomain/zero/1.0/ */
+"use strict";
+
+// Test that textbox context menu elements are still displayed correctly after reopening
+// the toolbox. Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1510182.
+
+add_task(async function() {
+  await addTab(`data:text/html;charset=utf-8,<div>test</div>`);
+
+  info("Testing the textbox context menu a first time");
+  const {toolbox, inspector} = await openInspector();
+  await checkContextMenuOnSearchbox(inspector, toolbox);
+
+  // Destroy the toolbox and try the context menu again with a new toolbox.
+  await toolbox.destroy();
+
+  info("Testing the textbox context menu after reopening the toolbox");
+  const {toolbox: newToolbox, inspector: newInspector} = await openInspector();
+  await checkContextMenuOnSearchbox(newInspector, newToolbox);
+});
+
+async function checkContextMenuOnSearchbox(inspector, toolbox) {
+  // The same context menu is used for any text input.
+  // Here we use the inspector searchbox for this test because it is always available.
+  const searchbox = inspector.panelDoc.getElementById("inspector-searchbox");
+
+  info("Simulating context click on the textbox and expecting the menu to open");
+  const onContextMenu = toolbox.once("menu-open");
+  synthesizeContextMenuEvent(searchbox);
+  await onContextMenu;
+
+  const textboxContextMenu = toolbox.doc.getElementById("toolbox-menu");
+  info("Wait until menu items are rendered");
+  const pasteElement = textboxContextMenu.querySelector("#editmenu-paste");
+  await waitUntil(() => !!pasteElement.getAttribute("label"));
+
+  is(pasteElement.getAttribute("label"), "Paste", "Paste is visible and localized");
+
+  info("Closing the menu");
+  const onContextMenuHidden = toolbox.once("menu-close");
+  EventUtils.sendKey("ESCAPE", toolbox.win);
+  await onContextMenuHidden;
+}
--- a/devtools/client/shared/test/telemetry-test-helpers.js
+++ b/devtools/client/shared/test/telemetry-test-helpers.js
@@ -22,59 +22,36 @@ class TelemetryHelpers {
   startTelemetry() {
     Services.telemetry.canRecordExtended = true;
   }
 
   /**
    * Clear all telemetry types.
    */
   stopTelemetry() {
-    Services.telemetry.canRecordExtended = this.oldCanRecord;
-
     // Clear histograms, scalars and Telemetry Events.
-    this.clearHistograms(Services.telemetry.snapshotHistograms);
-    this.clearHistograms(Services.telemetry.snapshotKeyedHistograms);
+    this.clearHistograms(Services.telemetry.getSnapshotForHistograms);
+    this.clearHistograms(Services.telemetry.getSnapshotForKeyedHistograms);
     Services.telemetry.clearScalars();
     Services.telemetry.clearEvents();
+
+    Services.telemetry.canRecordExtended = this.oldCanRecord;
   }
 
   /**
-   * Clears both OPTIN and OPTOUT versions of Telemetry Histograms.
+   * Clears Telemetry Histograms.
    *
    * @param {Function} snapshotFunc
    *        The function used to take the snapshot. This can be one of the
    *        following:
-   *          - Services.telemetry.snapshotHistograms
-   *          - Services.telemetry.snapshotKeyedHistograms
-   *
-   *        `snapshotFunc(OPTIN, true, true)` should clear the histograms but this
-   *        only deletes seemingly random histograms, hence this method.
+   *          - Services.telemetry.getSnapshotForHistograms
+   *          - Services.telemetry.getSnapshotForKeyedHistograms
    */
   clearHistograms(snapshotFunc) {
-    // Although most of our Telemetry probes are OPTOUT, OPTIN includes all OPTIN
-    // *and* OPTOUT data.
-    const OPTIN = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
-    const OPTOUT = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTOUT;
-    const tel = Services.telemetry;
-
-    for (const optInOut of [OPTIN, OPTOUT]) {
-      const snapshot = snapshotFunc(optInOut, true, false).parent;
-      const histKeys = Object.keys(snapshot);
-
-      for (const getHistogram of [tel.getHistogramById, tel.getKeyedHistogramById]) {
-        for (const key of histKeys) {
-          try {
-            getHistogram(key).clear();
-          } catch (e) {
-            // Some histograms may have already been cleaned up by the system so we
-            // swallow the "histogram does not exist" error silently here.
-          }
-        }
-      }
-    }
+    snapshotFunc("main", true);
   }
 
   /**
    * Check the value of a given telemetry histogram.
    *
    * @param  {String} histId
    *         Histogram id
    * @param  {String} key
@@ -84,20 +61,16 @@ class TelemetryHelpers {
    * @param  {String} checkType
    *         "array" (default) - Check that an array matches the histogram data.
    *         "hasentries"  - For non-enumerated linear and exponential
    *                             histograms. This checks for at least one entry.
    *         "scalar" - Telemetry type is a scalar.
    *         "keyedscalar" - Telemetry type is a keyed scalar.
    */
   checkTelemetry(histId, key, expected, checkType) {
-    // Although most of our Telemetry probes are OPTOUT, OPTIN includes all OPTIN
-    // *and* OPTOUT data.
-    const OPTIN = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
-
     let actual;
     let msg;
 
     if (checkType === "array" || checkType === "hasentries") {
       if (key) {
         const keyedHistogram =
           Services.telemetry.getKeyedHistogramById(histId).snapshot();
         const result = keyedHistogram[key];
@@ -123,23 +96,23 @@ class TelemetryHelpers {
         if (key) {
           ok(hasEntry, `${histId}["${key}"] has at least one entry.`);
         } else {
           ok(hasEntry, `${histId} has at least one entry.`);
         }
         break;
       case "scalar":
         const scalars =
-          Services.telemetry.snapshotScalars(OPTIN, false).parent;
+          Services.telemetry.getSnapshotForScalars("main", false).parent;
 
         is(scalars[histId], expected, `${histId} correct`);
         break;
       case "keyedscalar":
         const keyedScalars =
-          Services.telemetry.snapshotKeyedScalars(OPTIN, false).parent;
+          Services.telemetry.getSnapshotForKeyedScalars("main", false).parent;
         const value = keyedScalars[histId][key];
 
         msg = key ? `${histId}["${key}"] correct.` : `${histId} correct.`;
         is(value, expected, msg);
         break;
     }
   }
 
@@ -147,29 +120,25 @@ class TelemetryHelpers {
    * Generate telemetry tests. You should call generateTelemetryTests("DEVTOOLS_")
    * from your result checking code in telemetry tests. It logs checkTelemetry
    * calls for all changed telemetry values.
    *
    * @param  {String} prefix
    *         Optionally limits results to histogram ids starting with prefix.
    */
   generateTelemetryTests(prefix = "") {
-    // Although most of our Telemetry probes are OPTOUT, OPTIN includes all OPTIN
-    // *and* OPTOUT data.
-    const OPTIN = Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN;
-
     // Get all histograms and scalars
     const histograms =
-      Services.telemetry.snapshotHistograms(OPTIN, true, false).parent;
+      Services.telemetry.getSnapshotForHistograms("main", true).parent;
     const keyedHistograms =
-      Services.telemetry.snapshotKeyedHistograms(OPTIN, true, false).parent;
+      Services.telemetry.getSnapshotForKeyedHistograms("main", true).parent;
     const scalars =
-      Services.telemetry.snapshotScalars(OPTIN, false).parent;
+      Services.telemetry.getSnapshotForScalars("main", false).parent;
     const keyedScalars =
-      Services.telemetry.snapshotKeyedScalars(OPTIN, false).parent;
+      Services.telemetry.getSnapshotForKeyedScalars("main", false).parent;
     const allHistograms = Object.assign({},
                                         histograms,
                                         keyedHistograms,
                                         scalars,
                                         keyedScalars);
     // Get all keys
     const histIds = Object.keys(allHistograms)
                           .filter(histId => histId.startsWith(prefix));
@@ -212,17 +181,17 @@ class TelemetryHelpers {
     }
     dump("=".repeat(80) + "\n");
   }
 
   /**
    * Generates the inner contents of a test's checkTelemetry() method.
    *
    * @param {HistogramSnapshot} snapshot
-   *        A snapshot of a telemetry chart obtained via snapshotHistograms or
+   *        A snapshot of a telemetry chart obtained via getSnapshotForHistograms or
    *        similar.
    * @param {String} key
    *        Only used for keyed histograms. This is the key we are interested in
    *        checking.
    * @param {String} histId
    *        The histogram ID.
    * @param {Array|String|Boolean} actual
    *        The value of the histogram data.
--- a/devtools/server/actors/highlighters/flexbox.js
+++ b/devtools/server/actors/highlighters/flexbox.js
@@ -673,53 +673,81 @@ class FlexboxHighlighter extends AutoRef
   /**
    * Clear the whole alignment container along the main axis for each flex item.
    */
   renderJustifyContent() {
     if (!this.flexData || !this.currentQuads.content || !this.currentQuads.content[0]) {
       return;
     }
 
-    const lineWidth = getDisplayPixelRatio(this.win);
     const containerQuad = getUntransformedQuad(this.currentNode, "content");
     const containerBounds = containerQuad.getBounds();
-
-    // Draw a justify content pattern over the whole flex container content area.
-    this.drawJustifyContent(0, 0, containerBounds.width, containerBounds.height);
+    const { width: containerWidth, height: containerHeight } = containerBounds;
 
     for (const flexLine of this.flexData.lines) {
       const { crossStart, crossSize } = flexLine;
+      let mainStart = 0;
+
+      // In these two situations mainStart goes from right to left so set it's
+      // value as appropriate.
+      if (this.axes === "horizontal-lr vertical-bt" ||
+          this.axes === "horizontal-rl vertical-tb") {
+        mainStart = containerWidth;
+      }
 
       for (const flexItem of flexLine.items) {
         const { left, top, right, bottom } = flexItem.rect;
 
-        // Clear a rectangular are covering the alignment container.
         switch (this.axes) {
           case "horizontal-lr vertical-tb":
+          case "horizontal-rl vertical-bt":
+            this.drawJustifyContent(mainStart, crossStart, left, crossStart + crossSize);
+            mainStart = right;
+            break;
           case "horizontal-lr vertical-bt":
           case "horizontal-rl vertical-tb":
-          case "horizontal-rl vertical-bt":
-            clearRect(this.ctx, left, crossStart + lineWidth, right,
-              crossStart + crossSize - lineWidth, this.currentMatrix);
+            this.drawJustifyContent(right, crossStart, mainStart, crossStart + crossSize);
+            mainStart = left;
             break;
           case "vertical-tb horizontal-lr":
           case "vertical-bt horizontal-rl":
-            clearRect(this.ctx,
-              crossStart + lineWidth * 2, top,
-              crossStart + crossSize - lineWidth, bottom, this.currentMatrix);
+            this.drawJustifyContent(crossStart, mainStart, crossStart + crossSize, top);
+            mainStart = bottom;
             break;
           case "vertical-bt horizontal-lr":
           case "vertical-tb horizontal-rl":
-            clearRect(this.ctx,
-              containerBounds.width - crossStart - crossSize + lineWidth * 2, top,
-              containerBounds.width - crossStart - lineWidth, bottom,
-              this.currentMatrix);
+            this.drawJustifyContent(containerWidth - crossStart - crossSize, mainStart,
+              containerWidth - crossStart, top);
+            mainStart = bottom;
             break;
         }
       }
+
+      // Draw the last justify-content area after the last flex item.
+      switch (this.axes) {
+        case "horizontal-lr vertical-tb":
+        case "horizontal-rl vertical-bt":
+          this.drawJustifyContent(mainStart, crossStart, containerWidth,
+            crossStart + crossSize);
+          break;
+        case "horizontal-lr vertical-bt":
+        case "horizontal-rl vertical-tb":
+          this.drawJustifyContent(0, crossStart, mainStart, crossStart + crossSize);
+          break;
+        case "vertical-tb horizontal-lr":
+        case "vertical-bt horizontal-rl":
+          this.drawJustifyContent(crossStart, mainStart, crossStart + crossSize,
+            containerHeight);
+          break;
+        case "vertical-bt horizontal-lr":
+        case "vertical-tb horizontal-rl":
+          this.drawJustifyContent(containerWidth - crossStart - crossSize, mainStart,
+            containerWidth - crossStart, containerHeight);
+          break;
+      }
     }
   }
 
   _update() {
     setIgnoreLayoutChanges(true);
 
     const root = this.getElement("root");
 
--- a/dom/base/test/browser_use_counters.js
+++ b/dom/base/test/browser_use_counters.js
@@ -106,19 +106,19 @@ function waitForPageLoad(browser) {
   });
 }
 
 function grabHistogramsFromContent(use_counter_middlefix, page_before = null) {
   let telemetry = Cc["@mozilla.org/base/telemetry;1"].getService(Ci.nsITelemetry);
   let gather = () => {
     let snapshots;
     if (Services.appinfo.browserTabsRemoteAutostart) {
-      snapshots = telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN, false).content;
+      snapshots = telemetry.getSnapshotForHistograms("main", false).content;
     } else {
-      snapshots = telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN, false).parent;
+      snapshots = telemetry.getSnapshotForHistograms("main", false).parent;
     }
     let checkGet = (probe) => {
       return snapshots[probe] ? snapshots[probe].sum : 0;
     };
     return [
       checkGet("USE_COUNTER2_" + use_counter_middlefix + "_PAGE"),
       checkGet("USE_COUNTER2_" + use_counter_middlefix + "_DOCUMENT"),
       checkGet("CONTENT_DOCUMENTS_DESTROYED"),
@@ -165,17 +165,17 @@ var check_use_counter_iframe = async fun
       wu.forceUseCounterFlush(iframe.contentDocument);
 
       deferred.resolve();
     };
     iframe.addEventListener("load", listener, true);
 
     return deferred.promise;
   });
-  
+
   // Tear down the page.
   gBrowser.removeTab(newTab);
 
   // The histograms only get recorded when the document actually gets
   // destroyed, which might not have happened yet due to GC/CC effects, etc.
   // Try to force document destruction.
   await waitForDestroyedDocuments();
 
@@ -230,17 +230,17 @@ var check_use_counter_img = async functi
       wu.forceUseCounterFlush(content.document);
 
       deferred.resolve();
     };
     img.addEventListener("load", listener, true);
 
     return deferred.promise;
   });
-  
+
   // Tear down the page.
   gBrowser.removeTab(newTab);
 
   // The histograms only get recorded when the document actually gets
   // destroyed, which might not have happened yet due to GC/CC effects, etc.
   // Try to force document destruction.
   await waitForDestroyedDocuments();
 
@@ -283,17 +283,17 @@ var check_use_counter_direct = async fun
         let wu = content.window.windowUtils;
         wu.forceUseCounterFlush(content.document);
 
         setTimeout(resolve, 0);
       }
       addEventListener("load", listener, true);
     });
   });
-  
+
   // Tear down the page.
   gBrowser.removeTab(newTab);
 
   // The histograms only get recorded when the document actually gets
   // destroyed, which might not have happened yet due to GC/CC effects, etc.
   // Try to force document destruction.
   await waitForDestroyedDocuments();
 
--- a/dom/ipc/tests/browser_remote_navigation_delay_telemetry.js
+++ b/dom/ipc/tests/browser_remote_navigation_delay_telemetry.js
@@ -7,45 +7,42 @@ add_task(async function test_memory_dist
     ok(true, "Skip this test if e10s-multi is disabled.");
     return;
   }
 
   let canRecordExtended = Services.telemetry.canRecordExtended;
   Services.telemetry.canRecordExtended = true;
   registerCleanupFunction(() => Services.telemetry.canRecordExtended = canRecordExtended);
 
-  Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                             true /* clear */);
+  Services.telemetry.getSnapshotForKeyedHistograms("main", true /* clear */);
 
   // Open a remote page in a new tab to trigger the WebNavigation:LoadURI.
   let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, "http://example.com");
   ok(tab1.linkedBrowser.isRemoteBrowser, "|tab1| should have a remote browser.");
 
   // Open a new tab with about:robots, so it ends up in the parent process with a non-remote browser.
   let tab2 = await BrowserTestUtils.openNewForegroundTab(gBrowser, "about:robots");
   ok(!tab2.linkedBrowser.isRemoteBrowser, "|tab2| should have a non-remote browser.");
   // Navigate the tab, so it will change remotness and it triggers the SessionStore:restoreTabContent case.
   await BrowserTestUtils.loadURI(tab2.linkedBrowser, "http://example.com");
   ok(tab2.linkedBrowser.isRemoteBrowser, "|tab2| should have a remote browser by now.");
 
   // There is no good way to make sure that the parent received the histogram entries from the child processes.
   // Let's stick to the ugly, spinning the event loop until we have a good approach (Bug 1357509).
   await BrowserTestUtils.waitForCondition(() => {
-    let s = Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                       false).content["FX_TAB_REMOTE_NAVIGATION_DELAY_MS"];
+    let s = Services.telemetry.getSnapshotForKeyedHistograms("main", false).content["FX_TAB_REMOTE_NAVIGATION_DELAY_MS"];
     return s && "WebNavigation:LoadURI" in s && "SessionStore:restoreTabContent" in s;
   });
 
-  let s = Services.telemetry.snapshotKeyedHistograms(1, false).content["FX_TAB_REMOTE_NAVIGATION_DELAY_MS"];
+  let s = Services.telemetry.getSnapshotForKeyedHistograms("main", false).content["FX_TAB_REMOTE_NAVIGATION_DELAY_MS"];
   let restoreTabSnapshot = s["SessionStore:restoreTabContent"];
   ok(restoreTabSnapshot.sum > 0, "Zero delay for the restoreTabContent case is unlikely.");
   ok(restoreTabSnapshot.sum < 10000, "More than 10 seconds delay for the restoreTabContent case is unlikely.");
 
   let loadURISnapshot = s["WebNavigation:LoadURI"];
   ok(loadURISnapshot.sum > 0, "Zero delay for the LoadURI case is unlikely.");
   ok(loadURISnapshot.sum < 10000, "More than 10 seconds delay for the LoadURI case is unlikely.");
 
-  Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                             true /* clear */);
+  Services.telemetry.getSnapshotForKeyedHistograms("main", true /* clear */);
 
   BrowserTestUtils.removeTab(tab2);
   BrowserTestUtils.removeTab(tab1);
 });
--- a/dom/media/platforms/android/RemoteDataDecoder.cpp
+++ b/dom/media/platforms/android/RemoteDataDecoder.cpp
@@ -114,17 +114,17 @@ class RemoteVideoDecoder : public Remote
       bool isEOS = !!(flags & MediaCodec::BUFFER_FLAG_END_OF_STREAM);
       if (!ok && !isEOS) {
         // Ignore output with no corresponding input.
         return;
       }
 
       if (ok && (size > 0 || presentationTimeUs >= 0)) {
         RefPtr<layers::Image> img = new SurfaceTextureImage(
-            mDecoder->mImageHandle, inputInfo.mImageSize,
+            mDecoder->mSurfaceHandle, inputInfo.mImageSize,
             false /* NOT continuous */, gl::OriginPos::BottomLeft);
 
         RefPtr<VideoData> v = VideoData::CreateFromImage(
             inputInfo.mDisplaySize, offset,
             TimeUnit::FromMicroseconds(presentationTimeUs),
             TimeUnit::FromMicroseconds(inputInfo.mDurationUs), img,
             !!(flags & MediaCodec::BUFFER_FLAG_SYNC_FRAME),
             TimeUnit::FromMicroseconds(presentationTimeUs));
@@ -163,17 +163,17 @@ class RemoteVideoDecoder : public Remote
   RefPtr<InitPromise> Init() override {
     mSurface = GeckoSurface::LocalRef(SurfaceAllocator::AcquireSurface(
         mConfig.mImage.width, mConfig.mImage.height, false));
     if (!mSurface) {
       return InitPromise::CreateAndReject(NS_ERROR_DOM_MEDIA_FATAL_ERR,
                                           __func__);
     }
 
-    mImageHandle = mSurface->GetImageHandle();
+    mSurfaceHandle = mSurface->GetHandle();
 
     // Register native methods.
     JavaCallbacksSupport::Init();
 
     mJavaCallbacks = CodecProxy::NativeCallbacks::New();
     JavaCallbacksSupport::AttachNative(
         mJavaCallbacks, mozilla::MakeUnique<CallbacksSupport>(this));
 
@@ -251,17 +251,17 @@ class RemoteVideoDecoder : public Remote
 
   ConversionRequired NeedsConversion() const override {
     return ConversionRequired::kNeedAnnexB;
   }
 
  private:
   const VideoInfo mConfig;
   GeckoSurface::GlobalRef mSurface;
-  AndroidSurfaceTextureHandle mImageHandle;
+  AndroidSurfaceTextureHandle mSurfaceHandle;
   // Only accessed on reader's task queue.
   bool mIsCodecSupportAdaptivePlayback = false;
   // Can be accessed on any thread, but only written on during init.
   bool mIsHardwareAccelerated = false;
   // Accessed on mTaskQueue, reader's TaskQueue and Java callback tread.
   // SimpleMap however is thread-safe, so it's okay to do so.
   SimpleMap<InputInfo> mInputInfos;
   // Only accessed on the TaskQueue.
--- a/dom/media/tests/mochitest/test_defaultAudioConstraints.html
+++ b/dom/media/tests/mochitest/test_defaultAudioConstraints.html
@@ -9,33 +9,72 @@
 "use strict";
 
 createHTML({
   title: "Test that the audio constraints that observe at the audio constraints we expect.",
   bug: "1509842"
 });
 
 runTest(async () => {
+  // We need a real device to get a MediaEngine supporting constraints
   let audioDevice = SpecialPowers.getCharPref("media.audio_loopback_dev", "");
   if (!audioDevice) {
-    ok(false, "No device set by framework. Try --use-test-media-devices");
+    todo(false, "No device set by framework. Try --use-test-media-devices");
     return;
   }
 
   // Get a gUM track with the default settings, check that they are what we
   // expect.
   let stream = await navigator.mediaDevices.getUserMedia({ audio: true });
   let track = stream.getAudioTracks()[0];
-  let defaultConstraints = track.getSettings();
+  let defaultSettings = track.getSettings();
 
-  is(defaultConstraints.echoCancellation, true,
+  is(defaultSettings.echoCancellation, true,
       "Echo cancellation should be ON by default.");
-  is(defaultConstraints.noiseSuppression, true,
+  is(defaultSettings.noiseSuppression, true,
       "Noise suppression should be ON by default.");
-  is(defaultConstraints.autoGainControl, true,
+  is(defaultSettings.autoGainControl, true,
       "Automatic gain control should be ON by default.");
 
   track.stop();
+
+  // This is UA-dependant, and belongs in a Mochitest, not in a WPT.
+  // When a gUM track has been requested with `echoCancellation` OFF, check that
+  // `noiseSuppression` and `autoGainControl` are off as well.
+  stream =
+    await navigator.mediaDevices.getUserMedia({audio:{echoCancellation: false}});
+  track = stream.getAudioTracks()[0];
+  defaultSettings = track.getSettings();
+
+  is(defaultSettings.echoCancellation, false,
+      "Echo cancellation should be OFF when requested.");
+  is(defaultSettings.noiseSuppression, false,
+      `Noise suppression should be OFF when echoCancellation is the only
+      constraint and is OFF.`);
+  is(defaultSettings.autoGainControl, false,
+      `Automatic gain control should be OFF when echoCancellation is the only
+      constraint and is OFF.`);
+
+  track.stop();
+
+  // When a gUM track has been requested with `echoCancellation` OFF, check that
+  // `noiseSuppression` and `autoGainControl` are not OFF as well if another
+  // constraint has been specified.
+  stream =
+    await navigator.mediaDevices.getUserMedia({audio:{echoCancellation: false,
+                                                      autoGainControl: true}});
+  track = stream.getAudioTracks()[0];
+  defaultSettings = track.getSettings();
+
+  is(defaultSettings.echoCancellation, false,
+      "Echo cancellation should be OFF when requested.");
+  is(defaultSettings.noiseSuppression, false,
+      `Noise suppression should be OFF when echoCancellation is OFF and another
+      constraint has been specified.`);
+  is(defaultSettings.autoGainControl, true,
+      "Auto gain control should be ON when requested.");
+
+  track.stop();
 });
 </script>
 </pre>
 </body>
 </html>
--- a/dom/media/webrtc/MediaEngineWebRTCAudio.cpp
+++ b/dom/media/webrtc/MediaEngineWebRTCAudio.cpp
@@ -109,23 +109,22 @@ uint32_t MediaEngineWebRTCMicrophoneSour
 }
 
 nsresult MediaEngineWebRTCMicrophoneSource::EvaluateSettings(
     const NormalizedConstraints& aConstraintsUpdate,
     const MediaEnginePrefs& aInPrefs, MediaEnginePrefs* aOutPrefs,
     const char** aOutBadConstraint) {
   AssertIsOnOwningThread();
 
+  FlattenedConstraints c(aConstraintsUpdate);
   MediaEnginePrefs prefs = aInPrefs;
 
-  FlattenedConstraints c(aConstraintsUpdate);
-
   prefs.mAecOn = c.mEchoCancellation.Get(aInPrefs.mAecOn);
-  prefs.mAgcOn = c.mAutoGainControl.Get(aInPrefs.mAgcOn);
-  prefs.mNoiseOn = c.mNoiseSuppression.Get(aInPrefs.mNoiseOn);
+  prefs.mAgcOn = c.mAutoGainControl.Get(aInPrefs.mAgcOn && prefs.mAecOn);
+  prefs.mNoiseOn = c.mNoiseSuppression.Get(aInPrefs.mNoiseOn && prefs.mAecOn);
 
   // Determine an actual channel count to use for this source. Three factors at
   // play here: the device capabilities, the constraints passed in by content,
   // and a pref that can force things (for testing)
   int32_t maxChannels = mDeviceInfo->MaxChannels();
 
   // First, check channelCount violation wrt constraints. This fails in case of
   // error.
--- a/dom/webauthn/tests/browser/browser_webauthn_telemetry.js
+++ b/dom/webauthn/tests/browser/browser_webauthn_telemetry.js
@@ -2,25 +2,25 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 "use strict";
 
 const TEST_URL = "https://example.com/";
 
 // Return the scalars from the parent-process.
-function getParentProcessScalars(aChannel, aKeyed = false, aClear = false) {
+function getParentProcessScalars(aKeyed = false, aClear = false) {
   const scalars = aKeyed ?
-    Services.telemetry.snapshotKeyedScalars(aChannel, aClear)["parent"] :
-    Services.telemetry.snapshotScalars(aChannel, aClear)["parent"];
+    Services.telemetry.getSnapshotForKeyedScalars("main", aClear)["parent"] :
+    Services.telemetry.getSnapshotForScalars("main", aClear)["parent"];
   return scalars || {};
 }
 
 function getTelemetryForScalar(aName) {
-  let scalars = getParentProcessScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTOUT, true);
+  let scalars = getParentProcessScalars(true);
   return scalars[aName] || 0;
 }
 
 function cleanupTelemetry() {
   Services.telemetry.clearScalars();
   Services.telemetry.clearEvents();
   Services.telemetry.getHistogramById("WEBAUTHN_CREATE_CREDENTIAL_MS").clear();
   Services.telemetry.getHistogramById("WEBAUTHN_GET_ASSERTION_MS").clear();
--- a/gfx/gl/AndroidSurfaceTexture.cpp
+++ b/gfx/gl/AndroidSurfaceTexture.cpp
@@ -3,23 +3,16 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifdef MOZ_WIDGET_ANDROID
 
 #include "AndroidSurfaceTexture.h"
 
-#include "GeneratedJNINatives.h"
-
-#include "AndroidNativeWindow.h"
-#include "GLContextEGL.h"
-#include "GLBlitHelper.h"
-#include "GLImages.h"
-
 using namespace mozilla;
 
 namespace mozilla {
 namespace gl {
 
 void
 AndroidSurfaceTexture::GetTransformMatrix(java::sdk::SurfaceTexture::Param surfaceTexture,
                                           gfx::Matrix4x4* outMatrix)
@@ -31,189 +24,11 @@ AndroidSurfaceTexture::GetTransformMatri
 
   jfloat* array = env->GetFloatArrayElements(jarray.Get(), nullptr);
 
   memcpy(&(outMatrix->_11), array, sizeof(float)*16);
 
   env->ReleaseFloatArrayElements(jarray.Get(), array, 0);
 }
 
-class SharedGL {
-public:
-  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(SharedGL);
-
-  SharedGL(AndroidNativeWindow& window)
-  {
-    MutexAutoLock lock(sMutex);
-
-    if (!sContext) {
-      MOZ_ASSERT(sInstanceCount == 0);
-      sContext = CreateContext();
-      if (!sContext) {
-        return;
-      }
-    }
-
-    InitSurface(window);
-    ++sInstanceCount;
-  }
-
-  void Blit(const AndroidSurfaceTextureHandle& sourceTextureHandle,
-            const gfx::IntSize& imageSize)
-  {
-    MutexAutoLock lock(sMutex);
-    MOZ_ASSERT(sContext);
-
-    // Setting overide also makes conext and surface current.
-    sContext->SetEGLSurfaceOverride(mTargetSurface);
-    RefPtr<layers::SurfaceTextureImage> img =
-      new layers::SurfaceTextureImage(sourceTextureHandle,
-                                      imageSize,
-                                      false,
-                                      OriginPos::TopLeft);
-    sContext->BlitHelper()->BlitImage(img, imageSize, OriginPos::BottomLeft);
-    sContext->SwapBuffers();
-    // This method is called through binder IPC and could run on any thread in
-    // the pool. Release the context and surface from this thread after use so
-    // they can be bound to another thread later.
-    UnmakeCurrent(sContext);
-  }
-
-private:
-  ~SharedGL()
-  {
-    MutexAutoLock lock(sMutex);
-
-    if (mTargetSurface != EGL_NO_SURFACE) {
-      GLLibraryEGL::Get()->fDestroySurface(EGL_DISPLAY(), mTargetSurface);
-    }
-
-    // Destroy shared GL context when no one uses it.
-    if (--sInstanceCount == 0) {
-      sContext.reset();
-    }
-  }
-
-  static UniquePtr<GLContextEGL> CreateContext()
-  {
-    sMutex.AssertCurrentThreadOwns();
-    MOZ_ASSERT(!sContext);
-
-    auto* egl = gl::GLLibraryEGL::Get();
-    EGLDisplay eglDisplay = egl->fGetDisplay(EGL_DEFAULT_DISPLAY);
-    EGLConfig eglConfig;
-    CreateConfig(&eglConfig, /* bpp */ 24, /* depth buffer? */ false);
-    EGLint attributes[] = {
-      LOCAL_EGL_CONTEXT_CLIENT_VERSION, 2,
-      LOCAL_EGL_NONE
-    };
-    EGLContext eglContext =
-      egl->fCreateContext(eglDisplay, eglConfig, EGL_NO_CONTEXT, attributes);
-    UniquePtr<GLContextEGL> gl = MakeUnique<GLContextEGL>(CreateContextFlags::NONE,
-                                                          SurfaceCaps::Any(),
-                                                          /* offscreen? */ false,
-                                                          eglConfig,
-                                                          EGL_NO_SURFACE,
-                                                          eglContext);
-    if (!gl->Init()) {
-      NS_WARNING("Fail to create GL context for native blitter.");
-      return nullptr;
-    }
-
-    // Yield the current state made in constructor.
-    UnmakeCurrent(gl);
-    return gl;
-  }
-
-  void InitSurface(AndroidNativeWindow& window)
-  {
-    sMutex.AssertCurrentThreadOwns();
-    MOZ_ASSERT(sContext);
-
-    mTargetSurface = gl::GLLibraryEGL::Get()->fCreateWindowSurface(sContext->GetEGLDisplay(),
-                                                                   sContext->mConfig,
-                                                                   window.NativeWindow(),
-                                                                   0);
-  }
-
-  static bool UnmakeCurrent(UniquePtr<GLContextEGL>& gl)
-  {
-    sMutex.AssertCurrentThreadOwns();
-    MOZ_ASSERT(gl);
-
-    if (!gl->IsCurrent()) {
-      return true;
-    }
-
-    return  gl::GLLibraryEGL::Get()->fMakeCurrent(EGL_DISPLAY(),
-                                                  EGL_NO_SURFACE,
-                                                  EGL_NO_SURFACE,
-                                                  EGL_NO_CONTEXT);
-  }
-
-  static Mutex sMutex;
-  static UniquePtr<GLContextEGL> sContext;
-  static size_t sInstanceCount;
-
-  EGLSurface mTargetSurface;
-};
-
-Mutex SharedGL::sMutex("SharedGLContext::sMutex");
-UniquePtr<GLContextEGL> SharedGL::sContext(nullptr);
-size_t SharedGL::sInstanceCount = 0;
-
-class GLBlitterSupport final
-  : public java::GeckoSurfaceTexture::NativeGLBlitHelper::Natives<GLBlitterSupport>
-{
-public:
-  using Base = java::GeckoSurfaceTexture::NativeGLBlitHelper::Natives<GLBlitterSupport>;
-  using Base::AttachNative;
-  using Base::GetNative;
-  using Base::DisposeNative;
-
-  static java::GeckoSurfaceTexture::NativeGLBlitHelper::LocalRef
-  Create(jint sourceTextureHandle,
-         jni::Object::Param targetSurface,
-         jint width,
-         jint height)
-  {
-    AndroidNativeWindow win(java::GeckoSurface::Ref::From(targetSurface));
-    auto helper = java::GeckoSurfaceTexture::NativeGLBlitHelper::New();
-    RefPtr<SharedGL> gl = new SharedGL(win);
-    GLBlitterSupport::AttachNative(
-      helper,
-      MakeUnique<GLBlitterSupport>(std::move(gl),
-                                   sourceTextureHandle,
-                                   width,
-                                   height));
-    return helper;
-  }
-
-  GLBlitterSupport(RefPtr<SharedGL>&& gl,
-                   jint sourceTextureHandle,
-                   jint width,
-                   jint height)
-    : mGl(gl)
-    , mSourceTextureHandle(sourceTextureHandle)
-    , mSize(width, height)
-  {
-  }
-
-  void Blit()
-  {
-    mGl->Blit(mSourceTextureHandle, mSize);
-  }
-
-private:
-  const RefPtr<SharedGL> mGl;
-  const AndroidSurfaceTextureHandle mSourceTextureHandle;
-  const gfx::IntSize mSize;
-};
-
-void
-AndroidSurfaceTexture::Init()
-{
-  GLBlitterSupport::Init();
-}
-
 } // gl
 } // mozilla
 #endif // MOZ_WIDGET_ANDROID
--- a/gfx/gl/AndroidSurfaceTexture.h
+++ b/gfx/gl/AndroidSurfaceTexture.h
@@ -13,17 +13,16 @@
 
 typedef uint32_t AndroidSurfaceTextureHandle;
 
 namespace mozilla {
 namespace gl {
 
 class AndroidSurfaceTexture {
 public:
-  static void Init();
   static void GetTransformMatrix(java::sdk::SurfaceTexture::Param surfaceTexture,
                                  mozilla::gfx::Matrix4x4* outMatrix);
 
 };
 
 } // gl
 } // mozilla
 
--- a/gfx/gl/GLContextSymbols.h
+++ b/gfx/gl/GLContextSymbols.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef GLCONTEXTSYMBOLS_H_
 #define GLCONTEXTSYMBOLS_H_
 
 #include "GLDefs.h"
--- a/gfx/gl/GLContextTypes.cpp
+++ b/gfx/gl/GLContextTypes.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "GLContextTypes.h"
 #include <cstring>
 
 using namespace mozilla::gl;
--- a/gfx/gl/GLScreenBuffer.cpp
+++ b/gfx/gl/GLScreenBuffer.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "GLScreenBuffer.h"
 
 #include <cstring>
 #include "CompositorTypes.h"
--- a/gfx/gl/GLScreenBuffer.h
+++ b/gfx/gl/GLScreenBuffer.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /* GLScreenBuffer is the abstraction for the "default framebuffer" used
  * by an offscreen GLContext. Since it's only for offscreen GLContext's,
  * it's only useful for things like WebGL, and is NOT used by the
  * compositor's GLContext. Remember that GLContext provides an abstraction
--- a/gfx/gl/GLTextureImage.cpp
+++ b/gfx/gl/GLTextureImage.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "GLTextureImage.h"
 #include "GLContext.h"
 #include "gfxContext.h"
 #include "gfxPlatform.h"
--- a/gfx/gl/GLTextureImage.h
+++ b/gfx/gl/GLTextureImage.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef GLTEXTUREIMAGE_H_
 #define GLTEXTUREIMAGE_H_
 
 #include "nsRegion.h"
--- a/gfx/gl/GLUploadHelpers.cpp
+++ b/gfx/gl/GLUploadHelpers.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "GLUploadHelpers.h"
 
 #include "GLContext.h"
 #include "mozilla/gfx/2D.h"
--- a/gfx/gl/GLUploadHelpers.h
+++ b/gfx/gl/GLUploadHelpers.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef GLUploadHelpers_h_
 #define GLUploadHelpers_h_
 
 #include "GLDefs.h"
--- a/gfx/gl/MozFramebuffer.cpp
+++ b/gfx/gl/MozFramebuffer.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "MozFramebuffer.h"
 
 #include "GLContext.h"
 #include "mozilla/gfx/Logging.h"
--- a/gfx/gl/MozFramebuffer.h
+++ b/gfx/gl/MozFramebuffer.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef MOZ_FRAMEBUFFER_H_
 #define MOZ_FRAMEBUFFER_H_
 
 #include "gfx2DGlue.h"
--- a/gfx/gl/SharedSurface.cpp
+++ b/gfx/gl/SharedSurface.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurface.h"
 
 #include "../2d/2D.h"
 #include "GLBlitHelper.h"
--- a/gfx/gl/SharedSurface.h
+++ b/gfx/gl/SharedSurface.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /* SharedSurface abstracts an actual surface (can be a GL texture, but
  * not necessarily) that handles sharing.
  * Its specializations are:
  *     SharedSurface_Basic (client-side bitmap, does readback)
--- a/gfx/gl/SharedSurfaceANGLE.cpp
+++ b/gfx/gl/SharedSurfaceANGLE.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceANGLE.h"
 
 #include <d3d11.h>
 #include "GLContextEGL.h"
--- a/gfx/gl/SharedSurfaceANGLE.h
+++ b/gfx/gl/SharedSurfaceANGLE.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACE_ANGLE_H_
 #define SHARED_SURFACE_ANGLE_H_
 
 #include <windows.h>
--- a/gfx/gl/SharedSurfaceD3D11Interop.cpp
+++ b/gfx/gl/SharedSurfaceD3D11Interop.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceD3D11Interop.h"
 
 #include <d3d11.h>
 #include <d3d11_1.h>
@@ -24,28 +24,30 @@ Example: Render to Direct3D 11 backbuffe
 ID3D11Device *device;
 ID3D11DeviceContext *devCtx;
 IDXGISwapChain *swapChain;
 
 DXGI_SWAP_CHAIN_DESC scd;
 
 <set appropriate swap chain parameters in scd>
 
-hr = D3D11CreateDeviceAndSwapChain(NULL,                        // pAdapter
-                                   D3D_DRIVER_TYPE_HARDWARE,    // DriverType
-                                   NULL,                        // Software
-                                   0,                           // Flags (Do not set D3D11_CREATE_DEVICE_SINGLETHREADED)
-                                   NULL,                        // pFeatureLevels
-                                   0,                           // FeatureLevels
-                                   D3D11_SDK_VERSION,           // SDKVersion
-                                   &scd,                        // pSwapChainDesc
-                                   &swapChain,                  // ppSwapChain
-                                   &device,                     // ppDevice
-                                   NULL,                        // pFeatureLevel
-                                   &devCtx);                    // ppImmediateContext
+hr = D3D11CreateDeviceAndSwapChain(
+         NULL,                        // pAdapter
+         D3D_DRIVER_TYPE_HARDWARE,    // DriverType
+         NULL,                        // Software
+         0,                           // Flags (Do not set
+                                      // D3D11_CREATE_DEVICE_SINGLETHREADED)
+         NULL,                        // pFeatureLevels
+         0,                           // FeatureLevels
+         D3D11_SDK_VERSION,           // SDKVersion
+         &scd,                        // pSwapChainDesc
+         &swapChain,                  // ppSwapChain
+         &device,                     // ppDevice
+         NULL,                        // pFeatureLevel
+         &devCtx);                    // ppImmediateContext
 
 // Fetch the swapchain backbuffer
 ID3D11Texture2D *dxColorbuffer;
 swapChain->GetBuffer(0, __uuidof(ID3D11Texture2D), (LPVOID *)&dxColorbuffer);
 
 // Create depth stencil texture
 ID3D11Texture2D *dxDepthBuffer;
 D3D11_TEXTURE2D_DESC depthDesc;
--- a/gfx/gl/SharedSurfaceD3D11Interop.h
+++ b/gfx/gl/SharedSurfaceD3D11Interop.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACE_D3D11_INTEROP_H_
 #define SHARED_SURFACE_D3D11_INTEROP_H_
 
 #include <windows.h>
--- a/gfx/gl/SharedSurfaceEGL.cpp
+++ b/gfx/gl/SharedSurfaceEGL.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceEGL.h"
 
 #include "GLBlitHelper.h"
 #include "GLContextEGL.h"
@@ -275,17 +275,17 @@ bool
 SharedSurface_SurfaceTexture::IsBufferAvailable() const {
     return mSurface->GetAvailable();
 }
 
 bool
 SharedSurface_SurfaceTexture::ToSurfaceDescriptor(layers::SurfaceDescriptor* const out_descriptor)
 {
     *out_descriptor =
-        layers::SurfaceTextureDescriptor(mSurface->GetImageHandle(),
+        layers::SurfaceTextureDescriptor(mSurface->GetHandle(),
                                          mSize,
                                          gfx::SurfaceFormat::R8G8B8A8,
                                          false /* NOT continuous */,
                                          false /* Do not ignore transform */);
     return true;
 }
 
 ////////////////////////////////////////////////////////////////////////
--- a/gfx/gl/SharedSurfaceEGL.h
+++ b/gfx/gl/SharedSurfaceEGL.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACE_EGL_H_
 #define SHARED_SURFACE_EGL_H_
 
 #include "mozilla/Attributes.h"
--- a/gfx/gl/SharedSurfaceGL.cpp
+++ b/gfx/gl/SharedSurfaceGL.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceGL.h"
 
 #include "GLBlitHelper.h"
 #include "GLContext.h"
--- a/gfx/gl/SharedSurfaceGL.h
+++ b/gfx/gl/SharedSurfaceGL.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACE_GL_H_
 #define SHARED_SURFACE_GL_H_
 
 #include "ScopedGLHelpers.h"
--- a/gfx/gl/SharedSurfaceGLX.cpp
+++ b/gfx/gl/SharedSurfaceGLX.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceGLX.h"
 #include "gfxXlibSurface.h"
 #include "GLXLibrary.h"
 #include "GLContextProvider.h"
--- a/gfx/gl/SharedSurfaceGLX.h
+++ b/gfx/gl/SharedSurfaceGLX.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACE_GLX_H_
 #define SHARED_SURFACE_GLX_H_
 
 #include "SharedSurface.h"
--- a/gfx/gl/SharedSurfaceIO.cpp
+++ b/gfx/gl/SharedSurfaceIO.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SharedSurfaceIO.h"
 
 #include "GLContextCGL.h"
 #include "mozilla/DebugOnly.h"
--- a/gfx/gl/SharedSurfaceIO.h
+++ b/gfx/gl/SharedSurfaceIO.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SHARED_SURFACEIO_H_
 #define SHARED_SURFACEIO_H_
 
 #include "mozilla/RefPtr.h"
--- a/gfx/gl/SkiaGLGlue.cpp
+++ b/gfx/gl/SkiaGLGlue.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "skia/include/gpu/GrContext.h"
 #include "skia/include/gpu/gl/GrGLInterface.h"
 #include "mozilla/gfx/2D.h"
 #include "mozilla/ThreadLocal.h"
--- a/gfx/gl/SkiaGLGlue.h
+++ b/gfx/gl/SkiaGLGlue.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SKIA_GL_GLUE_H_
 #define SKIA_GL_GLUE_H_
 
 #ifdef USE_SKIA_GPU
--- a/gfx/gl/SurfaceTypes.cpp
+++ b/gfx/gl/SurfaceTypes.cpp
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SurfaceTypes.h"
 
 #include "mozilla/layers/TextureForwarder.h"
 
--- a/gfx/gl/SurfaceTypes.h
+++ b/gfx/gl/SurfaceTypes.h
@@ -1,9 +1,9 @@
-/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40; -*- */
+/* -*- Mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef SURFACE_TYPES_H_
 #define SURFACE_TYPES_H_
 
 #include "mozilla/RefPtr.h"
--- a/gfx/gl/WGLLibrary.h
+++ b/gfx/gl/WGLLibrary.h
@@ -61,19 +61,22 @@ public:
         HDC  (GLAPIENTRY * fGetPbufferDC) (HANDLE hPbuffer);
         int  (GLAPIENTRY * fReleasePbufferDC) (HANDLE hPbuffer, HDC dc);
         //BOOL (GLAPIENTRY * fBindTexImage) (HANDLE hPbuffer, int iBuffer);
         //BOOL (GLAPIENTRY * fReleaseTexImage) (HANDLE hPbuffer, int iBuffer);
         BOOL (GLAPIENTRY * fChoosePixelFormat) (HDC hdc, const int* piAttribIList,
                                                 const FLOAT* pfAttribFList,
                                                 UINT nMaxFormats, int* piFormats,
                                                 UINT* nNumFormats);
-        //BOOL (GLAPIENTRY * fGetPixelFormatAttribiv) (HDC hdc, int iPixelFormat,
-        //                                             int iLayerPlane, UINT nAttributes,
-        //                                             int* piAttributes, int* piValues);
+        //BOOL (GLAPIENTRY * fGetPixelFormatAttribiv) (HDC hdc,
+        //                                             int iPixelFormat,
+        //                                             int iLayerPlane,
+        //                                             UINT nAttributes,
+        //                                             int* piAttributes,
+        //                                             int* piValues);
         const char* (GLAPIENTRY * fGetExtensionsStringARB) (HDC hdc);
         HGLRC (GLAPIENTRY * fCreateContextAttribsARB) (HDC hdc, HGLRC hShareContext,
                                                        const int* attribList);
         // WGL_NV_DX_interop:
         BOOL   (GLAPIENTRY * fDXSetResourceShareHandleNV) (void* dxObject,
                                                            HANDLE shareHandle);
         HANDLE (GLAPIENTRY * fDXOpenDeviceNV) (void* dxDevice);
         BOOL   (GLAPIENTRY * fDXCloseDeviceNV) (HANDLE hDevice);
--- a/gfx/layers/FrameMetrics.h
+++ b/gfx/layers/FrameMetrics.h
@@ -49,28 +49,31 @@ struct ScrollUpdateInfo {
  * useful for shadow layers, because the metrics values are updated
  * atomically with new pixels.
  */
 struct FrameMetrics {
   friend struct IPC::ParamTraits<mozilla::layers::FrameMetrics>;
 
   typedef ScrollableLayerGuid::ViewID ViewID;
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_WITH_BASE_AT_CLASS_SCOPE(
     ScrollOffsetUpdateType, uint8_t, (
       eNone,          // The default; the scroll offset was not updated
       eMainThread,    // The scroll offset was updated by the main thread.
-      ePending,       // The scroll offset was updated on the main thread, but not
-                      // painted, so the layer texture data is still at the old
-                      // offset.
-      eRestore        // The scroll offset was updated by the main thread, but as
-                      // a restore from history or after a frame reconstruction.
-                      // In this case, APZ can ignore the offset change if the
-                      // user has done an APZ scroll already.
+      ePending,       // The scroll offset was updated on the main thread, but
+                      // not painted, so the layer texture data is still at the
+                      // old offset.
+      eRestore        // The scroll offset was updated by the main thread, but
+                      // as a restore from history or after a frame
+                      // reconstruction.  In this case, APZ can ignore the
+                      // offset change if the user has done an APZ scroll
+                      // already.
   ));
+  // clang-format on
 
   FrameMetrics()
     : mScrollId(ScrollableLayerGuid::NULL_SCROLL_ID)
     , mPresShellResolution(1)
     , mCompositionBounds(0, 0, 0, 0)
     , mDisplayPort(0, 0, 0, 0)
     , mCriticalDisplayPort(0, 0, 0, 0)
     , mScrollableRect(0, 0, 0, 0)
@@ -833,22 +836,24 @@ struct ScrollSnapInfo {
   // shipping the raw nsStyleCoord::CalcValue over IPC).
   nsPoint mScrollSnapDestination;
 
   // The scroll-snap-coordinates of any descendant frames of the scroll frame,
   // relative to the origin of the scrolled frame.
   nsTArray<nsPoint> mScrollSnapCoordinates;
 };
 
+// clang-format off
 MOZ_DEFINE_ENUM_CLASS_WITH_BASE(
   OverscrollBehavior, uint8_t, (
     Auto,
     Contain,
     None
 ));
+// clang-format on
 
 struct OverscrollBehaviorInfo {
   OverscrollBehaviorInfo()
     : mBehaviorX(OverscrollBehavior::Auto)
     , mBehaviorY(OverscrollBehavior::Auto)
   {}
 
   // Construct from StyleOverscrollBehavior values.
--- a/gfx/layers/Layers.cpp
+++ b/gfx/layers/Layers.cpp
@@ -1464,27 +1464,29 @@ RefLayer::FillSpecificAttributes(Specifi
  *
  * To save resources, the buffer is allocated on first call to StartFrameTimeRecording
  * and recording is paused if no consumer which called StartFrameTimeRecording is able
  * to get valid results (because the cyclic buffer was overwritten since that call).
  *
  * To determine availability of the data upon StopFrameTimeRecording:
  * - mRecording.mNextIndex increases on each RecordFrame, and never resets.
  * - Cyclic buffer position is realized as mNextIndex % bufferSize.
- * - StartFrameTimeRecording returns mNextIndex. When StopFrameTimeRecording is called,
- *   the required start index is passed as an arg, and we're able to calculate the required
- *   length. If this length is bigger than bufferSize, it means data was overwritten.
- *   otherwise, we can return the entire sequence.
- * - To determine if we need to pause, mLatestStartIndex is updated to mNextIndex
- *   on each call to StartFrameTimeRecording. If this index gets overwritten,
- *   it means that all earlier start indices obtained via StartFrameTimeRecording
- *   were also overwritten, hence, no point in recording, so pause.
- * - mCurrentRunStartIndex indicates the oldest index of the recording after which
- *   the recording was not paused. If StopFrameTimeRecording is invoked with a start index
- *   older than this, it means that some frames were not recorded, so data is invalid.
+ * - StartFrameTimeRecording returns mNextIndex. When StopFrameTimeRecording is
+ *   called, the required start index is passed as an arg, and we're able to
+ *   calculate the required length. If this length is bigger than bufferSize, it
+ *   means data was overwritten.  otherwise, we can return the entire sequence.
+ * - To determine if we need to pause, mLatestStartIndex is updated to
+ *   mNextIndex on each call to StartFrameTimeRecording. If this index gets
+ *   overwritten, it means that all earlier start indices obtained via
+ *   StartFrameTimeRecording were also overwritten, hence, no point in
+ *   recording, so pause.
+ * - mCurrentRunStartIndex indicates the oldest index of the recording after
+ *   which the recording was not paused. If StopFrameTimeRecording is invoked
+ *   with a start index older than this, it means that some frames were not
+ *   recorded, so data is invalid.
  */
 uint32_t
 FrameRecorder::StartFrameTimeRecording(int32_t aBufferSize)
 {
   if (mRecording.mIsPaused) {
     mRecording.mIsPaused = false;
 
     if (!mRecording.mIntervals.Length()) { // Initialize recording buffers
--- a/gfx/layers/Layers.h
+++ b/gfx/layers/Layers.h
@@ -126,22 +126,28 @@ class DidCompositeObserver {
 };
 
 class FrameRecorder {
 public:
   /**
    * Record (and return) frame-intervals and paint-times for frames which were presented
    *   between calling StartFrameTimeRecording and StopFrameTimeRecording.
    *
-   * - Uses a cyclic buffer and serves concurrent consumers, so if Stop is called too late
-   *     (elements were overwritten since Start), result is considered invalid and hence empty.
-   * - Buffer is capable of holding 10 seconds @ 60fps (or more if frames were less frequent).
-   *     Can be changed (up to 1 hour) via pref: toolkit.framesRecording.bufferSize.
-   * - Note: the first frame-interval may be longer than expected because last frame
-   *     might have been presented some time before calling StartFrameTimeRecording.
+   * - Uses a cyclic buffer and serves concurrent consumers, so if Stop is
+   *   called too late
+   *     (elements were overwritten since Start), result is considered invalid
+   *      and hence empty.)
+   * - Buffer is capable of holding 10 seconds @ 60fps (or more if frames were
+   *   less frequent).
+   *     Can be changed (up to 1 hour) via pref:
+   *     toolkit.framesRecording.bufferSize.
+   * - Note: the first frame-interval may be longer than expected because last
+   *   frame
+   *     might have been presented some time before calling
+   *     StartFrameTimeRecording.
    */
 
   /**
    * Returns a handle which represents current recording start position.
    */
   virtual uint32_t StartFrameTimeRecording(int32_t aBufferSize);
 
   /**
--- a/gfx/layers/LayersTypes.h
+++ b/gfx/layers/LayersTypes.h
@@ -190,22 +190,24 @@ enum class DrawRegionClip : int8_t {
 
 enum class SurfaceMode : int8_t {
   SURFACE_NONE = 0,
   SURFACE_OPAQUE,
   SURFACE_SINGLE_CHANNEL_ALPHA,
   SURFACE_COMPONENT_ALPHA
 };
 
+// clang-format off
 MOZ_DEFINE_ENUM_CLASS_WITH_BASE(
   ScaleMode, int8_t, (
     SCALE_NONE,
     STRETCH
 // Unimplemented - PRESERVE_ASPECT_RATIO_CONTAIN
 ));
+// clang-format on
 
 struct EventRegions {
   // The hit region for a layer contains all areas on the layer that are
   // sensitive to events. This region is an over-approximation and may
   // contain regions that are not actually sensitive, but any such regions
   // will be included in the mDispatchToContentHitRegion.
   nsIntRegion mHitRegion;
   // The mDispatchToContentHitRegion for a layer contains all areas for
@@ -451,17 +453,19 @@ public:
   }
   uint64_t Value() const {
     return mHandle;
   }
 private:
   uint64_t mHandle;
 };
 
+// clang-format off
 MOZ_DEFINE_ENUM_CLASS_WITH_BASE(ScrollDirection, uint32_t, (
   eVertical,
   eHorizontal
 ));
+// clang-format on
 
 } // namespace layers
 } // namespace mozilla
 
 #endif /* GFX_LAYERSTYPES_H */
--- a/gfx/layers/RepaintRequest.h
+++ b/gfx/layers/RepaintRequest.h
@@ -23,21 +23,23 @@ template <typename T> struct ParamTraits
 
 namespace mozilla {
 namespace layers {
 
 struct RepaintRequest {
   friend struct IPC::ParamTraits<mozilla::layers::RepaintRequest>;
 public:
 
+  // clang-format off
   MOZ_DEFINE_ENUM_WITH_BASE_AT_CLASS_SCOPE(
     ScrollOffsetUpdateType, uint8_t, (
       eNone,             // The default; the scroll offset was not updated.
       eUserAction        // The scroll offset was updated by APZ.
   ));
+  // clang-format on
 
   RepaintRequest()
     : mScrollId(ScrollableLayerGuid::NULL_SCROLL_ID)
     , mPresShellResolution(1)
     , mCompositionBounds(0, 0, 0, 0)
     , mCumulativeResolution()
     , mDevPixelsPerCSSPixel(1)
     , mScrollOffset(0, 0)
--- a/gfx/layers/TextureSync.cpp
+++ b/gfx/layers/TextureSync.cpp
@@ -84,18 +84,19 @@ WaitForTextureIdsToUnlock(pid_t pid, con
       if (allCleared) {
         return true;
       }
 
       if (lock.Wait(TimeDuration::FromMilliseconds(kTextureLockTimeout)) == CVStatus::Timeout) {
         return false;
       }
 
-      // In case the monitor gets signaled multiple times, each less than kTextureLockTimeout.
-      // This ensures that the total time we wait is < 2 * kTextureLockTimeout
+      // In case the monitor gets signaled multiple times, each less than
+      // kTextureLockTimeout.  This ensures that the total time we wait is
+      // < 2 * kTextureLockTimeout
       if ((TimeStamp::Now() - start).ToMilliseconds() > (double)kTextureLockTimeout) {
         return false;
       }
     }
   }
 }
 
 void
@@ -280,9 +281,9 @@ TextureSync::CleanupForPid(base::Process
     std::unordered_set<uint64_t>* lockedTextureIds = GetLockedTextureIdsForProcess(aProcessId);
     lockedTextureIds->clear();
   }
   gTextureLockMonitor.NotifyAll();
 }
 
 } // namespace layers
 
-} // namespace mozilla
\ No newline at end of file
+} // namespace mozilla
--- a/gfx/layers/apz/public/GeckoContentController.h
+++ b/gfx/layers/apz/public/GeckoContentController.h
@@ -47,24 +47,26 @@ public:
    * if the user moves their finger after triggering the long-tap but before
    * lifting it).
    * The difference between eDoubleTap and eSecondTap is subtle - the eDoubleTap
    * is for an actual double-tap "gesture" while eSecondTap is for the same user
    * input but where a double-tap gesture is not allowed. This is used to fire
    * a click event with detail=2 to web content (similar to what a mouse double-
    * click would do).
    */
+  // clang-format off
   MOZ_DEFINE_ENUM_CLASS_AT_CLASS_SCOPE(
     TapType, (
       eSingleTap,
       eDoubleTap,
       eSecondTap,
       eLongTap,
       eLongTapUp
   ));
+  // clang-format on
 
   /**
    * Requests handling of a tap event. |aPoint| is in LD pixels, relative to the
    * current scroll offset.
    */
   virtual void HandleTap(TapType aType,
                          const LayoutDevicePoint& aPoint,
                          Modifiers aModifiers,
@@ -104,16 +106,17 @@ public:
    */
   virtual bool IsRepaintThread() = 0;
 
   /**
    * Runs the given task on the "repaint" thread.
    */
   virtual void DispatchToRepaintThread(already_AddRefed<Runnable> aTask) = 0;
 
+  // clang-format off
   MOZ_DEFINE_ENUM_CLASS_AT_CLASS_SCOPE(
     APZStateChange, (
       /**
        * APZ started modifying the view (including panning, zooming, and fling).
        */
       eTransformBegin,
       /**
        * APZ finished modifying the view.
@@ -129,16 +132,17 @@ public:
        */
       eStartPanning,
       /**
        * APZ finished processing a touch.
        * |aArg| is 1 if touch was a click, 0 otherwise.
        */
       eEndTouch
   ));
+  // clang-format on
 
   /**
    * General notices of APZ state changes for consumers.
    * |aGuid| identifies the APZC originating the state change.
    * |aChange| identifies the type of state change
    * |aArg| is used by some state changes to pass extra information (see
    *        the documentation for each state change above)
    */
--- a/gfx/layers/apz/src/APZCTreeManager.h
+++ b/gfx/layers/apz/src/APZCTreeManager.h
@@ -116,17 +116,18 @@ struct ScrollThumbData;
  * The other functions on this class are used by various pieces of client code to
  * notify the APZC instances of events relevant to them. This includes, for example,
  * user input events that drive panning and zooming, changes to the scroll viewport
  * area, and changes to pan/zoom constraints.
  *
  * Note that the ClearTree function MUST be called when this class is no longer needed;
  * see the method documentation for details.
  *
- * Behaviour of APZ is controlled by a number of preferences shown \ref APZCPrefs "here".
+ * Behaviour of APZ is controlled by a number of preferences shown
+ * \ref APZCPrefs "here".
  */
 class APZCTreeManager : public IAPZCTreeManager
                       , public APZInputBridge {
 
   typedef mozilla::layers::AllowedTouchBehavior AllowedTouchBehavior;
   typedef mozilla::layers::AsyncDragMetrics AsyncDragMetrics;
 
   // Helper struct to hold some state while we build the hit-testing tree. The
@@ -180,22 +181,23 @@ public:
    * Preserve nodes and APZC instances where possible, but retire those whose
    * layers are no longer in the layer tree.
    *
    * This must be called on the updater thread as it walks the layer tree.
    *
    * @param aRootLayerTreeId The layer tree ID of the root layer corresponding
    *                         to this APZCTreeManager
    * @param aRoot The root of the (full) layer tree
-   * @param aFirstPaintLayersId The layers id of the subtree to which aIsFirstPaint
-   *                            applies.
-   * @param aIsFirstPaint True if the layers update that this is called in response
-   *                      to included a first-paint. If this is true, the part of
-   *                      the tree that is affected by the first-paint flag is
-   *                      indicated by the aFirstPaintLayersId parameter.
+   * @param aFirstPaintLayersId The layers id of the subtree to which
+   *                            aIsFirstPaint applies.
+   * @param aIsFirstPaint True if the layers update that this is called in
+   *                      response to included a first-paint. If this is true,
+   *                      the part of the tree that is affected by the
+   *                      first-paint flag is indicated by the
+   *                      aFirstPaintLayersId parameter.
    * @param aPaintSequenceNumber The sequence number of the paint that triggered
    *                             this layer update. Note that every layer child
    *                             process' layer subtree has its own sequence
    *                             numbers.
    */
   void UpdateHitTestingTree(LayersId aRootLayerTreeId,
                             Layer* aRoot,
                             bool aIsFirstPaint,
@@ -420,23 +422,30 @@ public:
    * Say B is scroll-grabbing.
    * The touch events go to C because it's the innermost one (so e.g. taps
    * should go through C), but the overscroll handoff chain is B -> C -> A
    * because B is scroll-grabbing.
    * For convenience I'll refer to the three APZC objects as A, B, and C, and
    * to the tree manager object as TM.
    * Here's what happens when C receives a touch-move event:
    *   - C.TrackTouch() calls TM.DispatchScroll() with index = 0.
-   *   - TM.DispatchScroll() calls B.AttemptScroll() (since B is at index 0 in the chain).
-   *   - B.AttemptScroll() scrolls B. If there is overscroll, it calls TM.DispatchScroll() with index = 1.
-   *   - TM.DispatchScroll() calls C.AttemptScroll() (since C is at index 1 in the chain)
-   *   - C.AttemptScroll() scrolls C. If there is overscroll, it calls TM.DispatchScroll() with index = 2.
-   *   - TM.DispatchScroll() calls A.AttemptScroll() (since A is at index 2 in the chain)
-   *   - A.AttemptScroll() scrolls A. If there is overscroll, it calls TM.DispatchScroll() with index = 3.
-   *   - TM.DispatchScroll() discards the rest of the scroll as there are no more elements in the chain.
+   *   - TM.DispatchScroll() calls B.AttemptScroll() (since B is at index 0 in
+   *     the chain).
+   *   - B.AttemptScroll() scrolls B. If there is overscroll, it calls
+   *     TM.DispatchScroll() with index = 1.
+   *   - TM.DispatchScroll() calls C.AttemptScroll() (since C is at index 1 in
+   *     the chain)
+   *   - C.AttemptScroll() scrolls C. If there is overscroll, it calls
+   *     TM.DispatchScroll() with index = 2.
+   *   - TM.DispatchScroll() calls A.AttemptScroll() (since A is at index 2 in
+   *     the chain)
+   *   - A.AttemptScroll() scrolls A. If there is overscroll, it calls
+   *     TM.DispatchScroll() with index = 3.
+   *   - TM.DispatchScroll() discards the rest of the scroll as there are no
+   *     more elements in the chain.
    *
    * Note: this should be used for panning only. For handing off overscroll for
    *       a fling, use DispatchFling().
    */
   void DispatchScroll(AsyncPanZoomController* aApzc,
                       ParentLayerPoint& aStartPoint,
                       ParentLayerPoint& aEndPoint,
                       OverscrollHandoffState& aOverscrollHandoffState);
--- a/gfx/layers/apz/src/APZUtils.h
+++ b/gfx/layers/apz/src/APZUtils.h
@@ -35,16 +35,17 @@ inline CancelAnimationFlags
 operator|(CancelAnimationFlags a, CancelAnimationFlags b)
 {
   return static_cast<CancelAnimationFlags>(static_cast<int>(a)
                                          | static_cast<int>(b));
 }
 
 typedef EnumSet<ScrollDirection> ScrollDirections;
 
+// clang-format off
 enum class ScrollSource {
   // scrollTo() or something similar.
   DOM,
 
   // Touch-screen or trackpad with gesture support.
   Touch,
 
   // Mouse wheel.
@@ -53,16 +54,17 @@ enum class ScrollSource {
   // Keyboard
   Keyboard,
 };
 
 MOZ_DEFINE_ENUM_CLASS_WITH_BASE(APZWheelAction, uint8_t, (
     Scroll,
     PinchZoom
 ))
+// clang-format on
 
 // Epsilon to be used when comparing 'float' coordinate values
 // with FuzzyEqualsAdditive. The rationale is that 'float' has 7 decimal
 // digits of precision, and coordinate values should be no larger than in the
 // ten thousands. Note also that the smallest legitimate difference in page
 // coordinates is 1 app unit, which is 1/60 of a (CSS pixel), so this epsilon
 // isn't too large.
 const float COORDINATE_EPSILON = 0.01f;
--- a/gfx/layers/apz/src/Axis.h
+++ b/gfx/layers/apz/src/Axis.h
@@ -250,18 +250,19 @@ public:
    * If a scale will overscroll the axis, this returns the amount and in what
    * direction.
    *
    * |aFocus| is the point at which the scale is focused at. We will offset the
    * scroll offset in such a way that it remains in the same place on the page
    * relative.
    *
    * Note: Unlike most other functions in Axis, this functions operates in
-   *       CSS coordinates so there is no confusion as to whether the ParentLayer
-   *       coordinates it operates in are before or after the scale is applied.
+   *       CSS coordinates so there is no confusion as to whether the
+   *       ParentLayer coordinates it operates in are before or after the scale
+   *       is applied.
    */
   CSSCoord ScaleWillOverscrollAmount(float aScale, CSSCoord aFocus) const;
 
   /**
    * Checks if an axis will overscroll in both directions by computing the
    * content rect and checking that its height/width (depending on the axis)
    * does not overextend past the viewport.
    *
--- a/gfx/layers/apz/src/CheckerboardEvent.h
+++ b/gfx/layers/apz/src/CheckerboardEvent.h
@@ -22,24 +22,26 @@ namespace layers {
  * a contiguous set of frames where a given APZC was checkerboarding. The intent
  * of this class is to record enough information that it can provide actionable
  * steps to reduce the occurrence of checkerboarding. Furthermore, it records
  * information about the severity of the checkerboarding so as to allow
  * prioritizing the debugging of some checkerboarding events over others.
  */
 class CheckerboardEvent {
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     RendertraceProperty, (
       Page,
       PaintedCriticalDisplayPort,
       PaintedDisplayPort,
       RequestedDisplayPort,
       UserVisible
   ));
+  // clang-format on
 
   static const char* sDescriptions[sRendertracePropertyCount];
   static const char* sColors[sRendertracePropertyCount];
 
 public:
   explicit CheckerboardEvent(bool aRecordTrace);
 
   /**
--- a/gfx/layers/apz/src/FocusState.h
+++ b/gfx/layers/apz/src/FocusState.h
@@ -13,27 +13,27 @@
 #include "mozilla/layers/FocusTarget.h" // for FocusTarget
 #include "mozilla/layers/ScrollableLayerGuid.h"   // for ViewID
 #include "mozilla/Mutex.h"  // for Mutex
 
 namespace mozilla {
 namespace layers {
 
 /**
- * This class is used for tracking chrome and content focus targets and calculating
- * global focus information from them for use by APZCTreeManager for async keyboard
- * scrolling.
+ * This class is used for tracking chrome and content focus targets and
+ * calculating global focus information from them for use by APZCTreeManager
+ * for async keyboard scrolling.
  *
  * # Calculating the element to scroll
  *
- * Chrome and content processes have independently focused elements. This makes it
- * difficult to calculate the global focused element and its scrollable frame from
- * the chrome or content side. So instead we send the local focus information from
- * each process to here and then calculate the global focus information. This
- * local information resides in a `focus target`.
+ * Chrome and content processes have independently focused elements. This makes
+ * it difficult to calculate the global focused element and its scrollable
+ * frame from the chrome or content side. So instead we send the local focus
+ * information from each process to here and then calculate the global focus
+ * information. This local information resides in a `focus target`.
  *
  * A focus target indicates that either:
  *    1. The focused element is a remote browser along with its layer tree ID
  *    2. The focused element is not scrollable
  *    3. The focused element is scrollable along with the ViewID's of its
          scrollable layers
  *
  * Using this information we can determine the global focus information by
@@ -49,22 +49,23 @@ namespace layers {
  * don't have the latest focus information, we may incorrectly scroll a target
  * when we shouldn't.
  *
  * A tradeoff is designed here whereby we will maintain deterministic focus
  * changes for user input, but not for other javascript code. The reasoning
  * here is that `setTimeout` and others are already non-deterministic and so it
  * might not be as breaking to web content.
  *
- * To maintain deterministic focus changes for a given stream of user inputs, we
- * invalidate our focus state whenever we receive a user input that may trigger
- * event listeners. We then attach a new sequence number to these events and
- * dispatch them to content. Content will then include the latest sequence number
- * it has processed to every focus update. Using this we can determine whether
- * any potentially focus changing events have yet to be handled by content.
+ * To maintain deterministic focus changes for a given stream of user inputs,
+ * we invalidate our focus state whenever we receive a user input that may
+ * trigger event listeners. We then attach a new sequence number to these
+ * events and dispatch them to content. Content will then include the latest
+ * sequence number it has processed to every focus update. Using this we can
+ * determine whether any potentially focus changing events have yet to be
+ * handled by content.
  *
  * Once we have received the latest focus sequence number from content, we know
  * that all event listeners triggered by user inputs, and their resulting focus
  * changes, have been processed and so we have a current target that we can use
  * again.
  */
 class FocusState final
 {
--- a/gfx/layers/apz/src/InputBlockState.h
+++ b/gfx/layers/apz/src/InputBlockState.h
@@ -460,18 +460,19 @@ public:
    */
   bool TouchActionAllowsPinchZoom() const;
   /**
    * @return false iff touch-action is enabled and the allowed touch behaviors for
    *         this touch block do not allow double-tap zooming.
    */
   bool TouchActionAllowsDoubleTapZoom() const;
   /**
-   * @return false iff touch-action is enabled and the allowed touch behaviors for
-   *         the first touch point do not allow panning in the specified direction(s).
+   * @return false iff touch-action is enabled and the allowed touch behaviors
+   *         for the first touch point do not allow panning in the specified
+   *         direction(s).
    */
   bool TouchActionAllowsPanningX() const;
   bool TouchActionAllowsPanningY() const;
   bool TouchActionAllowsPanningXY() const;
 
   /**
    * Notifies the input block of an incoming touch event so that the block can
    * update its internal slop state. "Slop" refers to the area around the
--- a/gfx/layers/apz/src/KeyboardScrollAction.h
+++ b/gfx/layers/apz/src/KeyboardScrollAction.h
@@ -14,23 +14,25 @@ namespace mozilla {
 namespace layers {
 
 /**
  * This class represents a scrolling action to be performed on a scrollable layer.
  */
 struct KeyboardScrollAction final
 {
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_WITH_BASE_AT_CLASS_SCOPE(
     KeyboardScrollActionType, uint8_t, (
       eScrollCharacter,
       eScrollLine,
       eScrollPage,
       eScrollComplete
   ));
+  // clang-format on
 
   static nsIScrollableFrame::ScrollUnit
   GetScrollUnit(KeyboardScrollActionType aDeltaType);
 
   KeyboardScrollAction();
   KeyboardScrollAction(KeyboardScrollActionType aType, bool aForward);
 
   // The type of scroll to perform for this action
--- a/gfx/layers/apz/test/gtest/TestHitTesting.cpp
+++ b/gfx/layers/apz/test/gtest/TestHitTesting.cpp
@@ -175,20 +175,24 @@ TEST_F(APZHitTestingTester, HitTesting2)
   SCOPED_GFX_PREF(APZVelocityBias, float, 0.0); // Velocity bias can cause extra repaint requests
 
   CreateHitTesting2LayerTree();
   ScopedLayerTreeRegistration registration(manager, LayersId{0}, root, mcc);
 
   manager->UpdateHitTestingTree(LayersId{0}, root, false, LayersId{0}, 0);
 
   // At this point, the following holds (all coordinates in screen pixels):
-  // layers[0] has content from (0,0)-(200,200), clipped by composition bounds (0,0)-(100,100)
-  // layers[1] has content from (10,10)-(90,90), clipped by composition bounds (10,10)-(50,50)
-  // layers[2] has content from (20,60)-(100,100). no clipping as it's not a scrollable layer
-  // layers[3] has content from (20,60)-(180,140), clipped by composition bounds (20,60)-(100,100)
+  // layers[0] has content from (0,0)-(200,200), clipped by composition bounds
+  // (0,0)-(100,100)
+  // layers[1] has content from (10,10)-(90,90), clipped by composition bounds
+  // (10,10)-(50,50)
+  // layers[2] has content from (20,60)-(100,100). no clipping as it's not a
+  // scrollable layer
+  // layers[3] has content from (20,60)-(180,140), clipped by composition
+  // bounds (20,60)-(100,100)
 
   RefPtr<TestAsyncPanZoomController> apzcroot = ApzcOf(root);
   TestAsyncPanZoomController* apzc1 = ApzcOf(layers[1]);
   TestAsyncPanZoomController* apzc3 = ApzcOf(layers[3]);
 
   // Hit an area that's clearly on the root layer but not any of the child layers.
   RefPtr<AsyncPanZoomController> hit = GetTargetAPZC(ScreenPoint(75, 25));
   EXPECT_EQ(apzcroot, hit.get());
--- a/gfx/layers/composite/AsyncCompositionManager.cpp
+++ b/gfx/layers/composite/AsyncCompositionManager.cpp
@@ -931,27 +931,30 @@ AsyncCompositionManager::ApplyAsyncConte
             AsyncTransformMatrix();
 
         AsyncTransformComponentMatrix combinedAsyncTransform;
         bool hasAsyncTransform = false;
         // Only set on the root layer for Android.
         ScreenMargin fixedLayerMargins;
 
         // Each layer has multiple clips:
-        //  - Its local clip, which is fixed to the layer contents, i.e. it moves
-        //    with those async transforms which the layer contents move with.
+        //  - Its local clip, which is fixed to the layer contents, i.e. it
+        //    moves with those async transforms which the layer contents move
+        //    with.
         //  - Its scrolled clip, which moves with all async transforms.
-        //  - For each ScrollMetadata on the layer, a scroll clip. This includes
-        //    the composition bounds and any other clips induced by layout. This
-        //    moves with async transforms from ScrollMetadatas above it.
-        // In this function, these clips are combined into two shadow clip parts:
+        //  - For each ScrollMetadata on the layer, a scroll clip. This
+        //    includes the composition bounds and any other clips induced by
+        //    layout. This moves with async transforms from ScrollMetadatas
+        //    above it.
+        // In this function, these clips are combined into two shadow clip
+        // parts:
         //  - The fixed clip, which consists of the local clip only, initially
         //    transformed by all async transforms.
-        //  - The scrolled clip, which consists of the other clips, transformed by
-        //    the appropriate transforms.
+        //  - The scrolled clip, which consists of the other clips, transformed
+        //    by the appropriate transforms.
         // These two parts are kept separate for now, because for fixed layers, we
         // need to adjust the fixed clip (to cancel out some async transforms).
         // The parts are kept in a cache which is cleared at the beginning of every
         // composite.
         // The final shadow clip for the layer is the intersection of the (possibly
         // adjusted) fixed clip and the scrolled clip.
         ClipParts& clipParts = clipPartsCache[layer];
         clipParts.mFixedClip = layer->GetClipRect();
--- a/gfx/layers/composite/Diagnostics.cpp
+++ b/gfx/layers/composite/Diagnostics.cpp
@@ -74,17 +74,18 @@ Diagnostics::GetFrameOverlayString(const
     gpuTimeString = nsPrintfCString("%0.1fms", mGPUDrawMs.Average()).get();
   }
 
   // DL  = nsDisplayListBuilder
   // FLB = FrameLayerBuilder
   // R   = ClientLayerManager::EndTransaction
   // CP  = ShadowLayerForwarder::EndTransaction (txn build)
   // TX  = LayerTransactionChild::SendUpdate (IPDL serialize+send)
-  // UP  = LayerTransactionParent::RecvUpdate (IPDL deserialize, update, APZ update)
+  // UP  = LayerTransactionParent::RecvUpdate (IPDL deserialize, update, APZ
+  //                                           update)
   // CC_BUILD = Container prepare/composite frame building
   // CC_EXEC  = Container render/composite drawing
   nsPrintfCString line1("FPS: %d (TXN: %d)", fps, txnFps);
   nsPrintfCString line2("[CC] Build: %0.1fms Exec: %0.1fms GPU: %s Fill Ratio: %0.1f/%0.1f",
     mPrepareMs.Average(),
     mCompositeMs.Average(),
     gpuTimeString.c_str(),
     pixelFillRatio,
--- a/gfx/layers/composite/FPSCounter.h
+++ b/gfx/layers/composite/FPSCounter.h
@@ -33,17 +33,18 @@ const int kMaxFrames = 2400;
  * The FPSCounter tracks how often we composite or have a layer transaction.
  * At each composite / layer transaction, we record the timestamp.
  * After kFpsDumpInterval number of composites / transactions, we calculate
  * the average and standard deviation of frames composited. We dump a histogram,
  * which allows for more statistically significant measurements. We also dump
  * absolute frame composite times to a file on the device.
  * The FPS counters displayed on screen are based on how many frames we
  * composited within the last ~1 second. The more accurate measurement is to
- * grab the histogram from stderr or grab the FPS timestamp dumps written to file.
+ * grab the histogram from stderr or grab the FPS timestamp dumps written to
+ * file.
  *
  * To enable dumping to file, enable
  * layers.acceleration.draw-fps.write-to-file pref.
 
   double AddFrameAndGetFps(TimeStamp aCurrentFrame) {
     AddFrame(aCurrentFrame);
     return EstimateFps(aCurrentFrame);
   }
--- a/gfx/layers/composite/LayerManagerComposite.h
+++ b/gfx/layers/composite/LayerManagerComposite.h
@@ -317,31 +317,32 @@ public:
   virtual const char* Name() const override { return ""; }
   virtual bool IsCompositingToScreen() const override;
 
   bool AlwaysScheduleComposite() const override;
 
   /**
    * Post-processes layers before composition. This performs the following:
    *
-   *   - Applies occlusion culling. This restricts the shadow visible region
-   *     of layers that are covered with opaque content.
-   *     |aOpaqueRegion| is the region already known to be covered with opaque
-   *     content, in the post-transform coordinate space of aLayer.
+   *   - Applies occlusion culling. This restricts the shadow visible region of
+   *     layers that are covered with opaque content.  |aOpaqueRegion| is the
+   *     region already known to be covered with opaque content, in the
+   *     post-transform coordinate space of aLayer.
    *
    *   - Recomputes visible regions to account for async transforms.
    *     Each layer accumulates into |aVisibleRegion| its post-transform
    *     (including async transforms) visible region.
    *
-   *   - aRenderTargetClip is the exact clip required for aLayer, in the coordinates
-   *     of the nearest render target (the same as GetEffectiveTransform).
+   *   - aRenderTargetClip is the exact clip required for aLayer, in the
+   *     coordinates of the nearest render target (the same as
+   *     GetEffectiveTransform).
    *
-   *   - aClipFromAncestors is the approximate combined clip from all ancestors, in
-   *     the coordinate space of our parent, but maybe be an overestimate in the
-   *     presence of complex transforms.
+   *   - aClipFromAncestors is the approximate combined clip from all
+   *     ancestors, in the coordinate space of our parent, but maybe be an
+   *     overestimate in the presence of complex transforms.
    */
   void PostProcessLayers(nsIntRegion& aOpaqueRegion);
   void PostProcessLayers(Layer* aLayer,
                          nsIntRegion& aOpaqueRegion,
                          LayerIntRegion& aVisibleRegion,
                          const Maybe<RenderTargetIntRect>& aRenderTargetClip,
                          const Maybe<ParentLayerIntRect>& aClipFromAncestors);
 
--- a/gfx/layers/composite/TiledContentHost.cpp
+++ b/gfx/layers/composite/TiledContentHost.cpp
@@ -6,17 +6,19 @@
 
 #include "TiledContentHost.h"
 #include "gfxPrefs.h"                   // for gfxPrefs
 #include "PaintedLayerComposite.h"      // for PaintedLayerComposite
 #include "mozilla/gfx/BaseSize.h"       // for BaseSize
 #include "mozilla/gfx/Matrix.h"         // for Matrix4x4
 #include "mozilla/gfx/Point.h"          // for IntSize
 #include "mozilla/layers/Compositor.h"  // for Compositor
+// clang-format off
 //#include "mozilla/layers/CompositorBridgeParent.h"  // for CompositorBridgeParent
+// clang-format on
 #include "mozilla/layers/Effects.h"     // for TexturedEffect, Effect, etc
 #include "mozilla/layers/LayerMetricsWrapper.h" // for LayerMetricsWrapper
 #include "mozilla/layers/TextureHostOGL.h"  // for TextureHostOGL
 #ifdef XP_DARWIN
 #include "mozilla/layers/TextureSync.h" // for TextureSync
 #endif
 #include "nsAString.h"
 #include "nsDebug.h"                    // for NS_WARNING
--- a/gfx/layers/ipc/ImageBridgeChild.h
+++ b/gfx/layers/ipc/ImageBridgeChild.h
@@ -74,36 +74,39 @@ bool InImageBridgeChildThread();
  *
  * There are three important phases in the ImageBridge protocol. These three steps
  * can do different things depending if (A) the ImageContainer uses ImageBridge
  * or (B) it does not use ImageBridge:
  *
  * - When an ImageContainer calls its method SetCurrentImage:
  *   - (A) The image is sent directly to the compositor process through the
  *   ImageBridge IPDL protocol.
- *   On the compositor side the image is stored in a global table that associates
- *   the image with an ID corresponding to the ImageContainer, and a composition is
- *   triggered.
+ *   On the compositor side the image is stored in a global table that
+ *   associates the image with an ID corresponding to the ImageContainer, and a
+ *   composition is triggered.
  *   - (B) Since it does not have an ImageBridge, the image is not sent yet.
- *   instead the will be sent to the compositor during the next layer transaction
- *   (on the main thread).
+ *   instead the will be sent to the compositor during the next layer
+ *   transaction (on the main thread).
  *
  * - During a Layer transaction:
- *   - (A) The ImageContainer uses ImageBridge. The image is already available to the
- *   compositor process because it has been sent with SetCurrentImage. Yet, the
- *   CompositableHost on the compositor side will needs the ID referring to the
- *   ImageContainer to access the Image. So during the Swap operation that happens
- *   in the transaction, we swap the container ID rather than the image data.
- *   - (B) Since the ImageContainer does not use ImageBridge, the image data is swaped.
+ *   - (A) The ImageContainer uses ImageBridge. The image is already available
+ *   to the compositor process because it has been sent with SetCurrentImage.
+ *   Yet, the CompositableHost on the compositor side will needs the ID
+ *   referring to the ImageContainer to access the Image. So during the Swap
+ *   operation that happens in the transaction, we swap the container ID rather
+ *   than the image data.
+ *   - (B) Since the ImageContainer does not use ImageBridge, the image data is
+ *   swaped.
  *
  * - During composition:
  *   - (A) The CompositableHost has an AsyncID, it looks up the ID in the
- *   global table to see if there is an image. If there is no image, nothing is rendered.
- *   - (B) The CompositableHost has image data rather than an ID (meaning it is not
- *   using ImageBridge), then it just composites the image data normally.
+ *   global table to see if there is an image. If there is no image, nothing is
+ *   rendered.
+ *   - (B) The CompositableHost has image data rather than an ID (meaning it is
+ *   not using ImageBridge), then it just composites the image data normally.
  *
  * This means that there might be a possibility for the ImageBridge to send the first
  * frame before the first layer transaction that will pass the container ID to the
  * CompositableHost happens. In this (unlikely) case the layer is not composited
  * until the layer transaction happens. This means this scenario is not harmful.
  *
  * Since sending an image through imageBridge triggers compositing, the main thread is
  * not used at all (except for the very first transaction that provides the
--- a/gfx/layers/ipc/UiCompositorControllerMessageTypes.h
+++ b/gfx/layers/ipc/UiCompositorControllerMessageTypes.h
@@ -6,33 +6,37 @@
 
 #ifndef include_gfx_ipc_UiCompositorControllerMessageTypes_h
 #define include_gfx_ipc_UiCompositorControllerMessageTypes_h
 
 namespace mozilla {
 namespace layers {
 
 //
-// NOTE: These values are also defined in mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/LayerView.java
-//       and must be kept in sync. Any new message added here must also be added there to the AnimatorMessageType enum.
+// NOTE: These values are also defined in
+// mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/LayerView.java
+// and must be kept in sync. Any new message added here must also be added
+// there to the AnimatorMessageType enum.
 //
 
+// clang-format off
 enum UiCompositorControllerMessageTypes {
   STATIC_TOOLBAR_NEEDS_UPDATE      = 0,  // Sent from compositor when the static toolbar wants to hide.
   STATIC_TOOLBAR_READY             = 1,  // Sent from compositor when the static toolbar image has been updated and is ready to animate.
   TOOLBAR_HIDDEN                   = 2,  // Sent to compositor when the real toolbar has been hidden.
   TOOLBAR_VISIBLE                  = 3,  // Sent to compositor when the real toolbar has been made  visible
   TOOLBAR_SHOW                     = 4,  // Sent from compositor when the real toolbar should be shown
   FIRST_PAINT                      = 5,  // Sent from compositor after first paint
   REQUEST_SHOW_TOOLBAR_IMMEDIATELY = 6,  // Sent to the compositor when the snapshot should be shown immediately
   REQUEST_SHOW_TOOLBAR_ANIMATED    = 7,  // Sent to the compositor when the snapshot should be shown with an animation
   REQUEST_HIDE_TOOLBAR_IMMEDIATELY = 8,  // Sent to the compositor when the snapshot should be hidden immediately
   REQUEST_HIDE_TOOLBAR_ANIMATED    = 9,  // Sent to the compositor when the snapshot should be hidden with an animation
   LAYERS_UPDATED                   = 10, // Sent from the compositor when any layer has been updated
   TOOLBAR_SNAPSHOT_FAILED          = 11, // Sent to compositor when the toolbar snapshot fails.
   COMPOSITOR_CONTROLLER_OPEN       = 20, // Compositor controller IPC is open
   IS_COMPOSITOR_CONTROLLER_OPEN    = 21  // Special message sent from controller to query if the compositor controller is open
 };
+// clang-format on
 
 } // namespace layers
 } // namespace mozilla
 
 #endif // include_gfx_ipc_UiCompositorControllerMessageTypes_h
--- a/gfx/layers/opengl/GLBlitTextureImageHelper.h
+++ b/gfx/layers/opengl/GLBlitTextureImageHelper.h
@@ -51,17 +51,18 @@ public:
      * Note: calling this function will cause the following OpenGL state
      * to be changed:
      *
      *   - current program
      *   - framebuffer binding
      *   - viewport
      *   - blend state (will be enabled at end)
      *   - scissor state (will be enabled at end)
-     *   - vertex attrib 0 and 1 (pointer and enable state [enable state will be disabled at exit])
+     *   - vertex attrib 0 and 1 (pointer and enable state [enable state will
+     *     be disabled at exit])
      *   - array buffer binding (will be 0)
      *   - active texture (will be 0)
      *   - texture 0 binding
      */
     void BlitTextureImage(gl::TextureImage *aSrc, const gfx::IntRect& aSrcRect,
                           gl::TextureImage *aDst, const gfx::IntRect& aDstRect);
 };
 
--- a/gfx/layers/opengl/TextureClientOGL.cpp
+++ b/gfx/layers/opengl/TextureClientOGL.cpp
@@ -165,17 +165,17 @@ AndroidNativeWindowTextureData::FillInfo
   aInfo.supportsMoz2D = true;
   aInfo.canExposeMappedData = false;
   aInfo.canConcurrentlyReadLock = false;
 }
 
 bool
 AndroidNativeWindowTextureData::Serialize(SurfaceDescriptor& aOutDescriptor)
 {
-  aOutDescriptor = SurfaceTextureDescriptor(mSurface->GetImageHandle(),
+  aOutDescriptor = SurfaceTextureDescriptor(mSurface->GetHandle(),
                                             mSize,
                                             mFormat,
                                             false /* not continuous */,
                                             true /* ignore transform */);
   return true;
 }
 
 bool
--- a/gfx/layers/wr/ClipManager.cpp
+++ b/gfx/layers/wr/ClipManager.cpp
@@ -12,18 +12,22 @@
 #include "mozilla/layers/StackingContextHelper.h"
 #include "mozilla/layers/WebRenderLayerManager.h"
 #include "mozilla/webrender/WebRenderAPI.h"
 #include "nsDisplayList.h"
 #include "nsStyleStructInlines.h"
 #include "UnitTransforms.h"
 
 #define CLIP_LOG(...)
-//#define CLIP_LOG(...) printf_stderr("CLIP: " __VA_ARGS__)
-//#define CLIP_LOG(...) if (XRE_IsContentProcess()) printf_stderr("CLIP: " __VA_ARGS__)
+/*
+#define CLIP_LOG(...) printf_stderr("CLIP: " __VA_ARGS__)
+#define CLIP_LOG(...) if (XRE_IsContentProcess()) {         \
+                        printf_stderr("CLIP: " __VA_ARGS__) \
+                      }
+*/
 
 namespace mozilla {
 namespace layers {
 
 ClipManager::ClipManager()
   : mManager(nullptr)
   , mBuilder(nullptr)
 {
--- a/gfx/layers/wr/WebRenderCommandBuilder.cpp
+++ b/gfx/layers/wr/WebRenderCommandBuilder.cpp
@@ -280,17 +280,18 @@ UpdateContainerLayerPropertiesAndDetectC
     case DisplayItemType::TYPE_TRANSFORM: {
       auto transformItem = static_cast<nsDisplayTransform*>(aItem);
       Matrix4x4Flagged trans = transformItem->GetTransform();
       changed = aData->mTransform != trans;
 
       if (changed) {
         std::stringstream ss;
         //ss << trans << ' ' << aData->mTransform;
-        //GP("UpdateContainerLayerPropertiesAndDetectChange Matrix %d %s\n", changed, ss.str().c_str());
+        //GP("UpdateContainerLayerPropertiesAndDetectChange Matrix %d %s\n",
+        //   changed, ss.str().c_str());
       }
 
       aData->mTransform = trans;
       break;
     }
     case DisplayItemType::TYPE_OPACITY: {
       auto opacityItem = static_cast<nsDisplayOpacity*>(aItem);
       float opacity = opacityItem->GetOpacity();
@@ -432,19 +433,23 @@ struct DIGroup
       GP("mRect %d %d %d %d\n", aData->mRect.x, aData->mRect.y, aData->mRect.width, aData->mRect.height);
       InvalidateRect(aData->mRect);
       aData->mInvalid = true;
     } else if (aData->mInvalid || /* XXX: handle image load invalidation */ (aItem->IsInvalid(invalid) && invalid.IsEmpty())) {
       MOZ_RELEASE_ASSERT(mLayerBounds.TopLeft() == aData->mGroupOffset);
       UniquePtr<nsDisplayItemGeometry> geometry(aItem->AllocateGeometry(aBuilder));
       /* Instead of doing this dance, let's just invalidate the old rect and the
        * new rect.
-      combined = aData->mClip.ApplyNonRoundedIntersection(aData->mGeometry->ComputeInvalidationRegion());
+      combined =
+        aData->mClip.ApplyNonRoundedIntersection(
+          aData->mGeometry->ComputeInvalidationRegion());
       combined.MoveBy(shift);
-      combined.Or(combined, clip.ApplyNonRoundedIntersection(geometry->ComputeInvalidationRegion()));
+      combined.Or(combined,
+                  clip.ApplyNonRoundedIntersection(
+                    geometry->ComputeInvalidationRegion()));
       aData->mGeometry = std::move(geometry);
       */
       combined = clip.ApplyNonRoundedIntersection(geometry->ComputeInvalidationRegion());
       aData->mGeometry = std::move(geometry);
 
       GP("matrix: %f %f\n", aMatrix._31, aMatrix._32);
       GP("frame invalid invalidate: %s\n", aItem->Name());
       GP("old rect: %d %d %d %d\n",
@@ -673,17 +678,19 @@ struct DIGroup
     bool empty = aStartItem == aEndItem;
     if (empty) {
       ClearImageKey(aWrManager, true);
       return;
     }
 
     PaintItemRange(aGrouper, aStartItem, aEndItem, context, recorder);
 
-    // XXX: set this correctly perhaps using aItem->GetOpaqueRegion(aDisplayListBuilder, &snapped).Contains(paintBounds);?
+    // XXX: set this correctly perhaps using
+    // aItem->GetOpaqueRegion(aDisplayListBuilder, &snapped).
+    //   Contains(paintBounds);?
     wr::OpacityType opacity = wr::OpacityType::HasAlphaChannel;
 
     TakeExternalSurfaces(recorder, mExternalSurfaces, aWrManager, aResources);
     bool hasItems = recorder->Finish();
     GP("%d Finish\n", hasItems);
     Range<uint8_t> bytes((uint8_t*)recorder->mOutputStream.mData, recorder->mOutputStream.mLength);
     if (!mKey) {
       if (!hasItems) // we don't want to send a new image that doesn't have any items in it
--- a/gfx/src/nsRect.h
+++ b/gfx/src/nsRect.h
@@ -137,18 +137,20 @@ struct nsRect :
     nsRect result;
     if (mozilla::gfx::Factory::HasSSE4()) {
       __m128i rect1 = _mm_loadu_si128((__m128i*)&aRect); // x1, y1, w1, h1
       __m128i rect2 = _mm_loadu_si128((__m128i*)this); // x2, y2, w2, h2
 
       __m128i resultRect = _mm_max_epi32(rect1, rect2); // xr, yr, zz, zz
 
 
-      // result.width = std::min<int32_t>(x - result.x + width, aRect.x - result.x + aRect.width);
-      // result.height = std::min<int32_t>(y - result.y + height, aRect.y - result.y + aRect.height);
+      // result.width = std::min<int32_t>(x - result.x + width,
+      //                                  aRect.x - result.x + aRect.width);
+      // result.height = std::min<int32_t>(y - result.y + height,
+      //                                   aRect.y - result.y + aRect.height);
       __m128i widthheight = _mm_min_epi32(_mm_add_epi32(_mm_sub_epi32(rect1, resultRect), _mm_srli_si128(rect1, 8)),
                                           _mm_add_epi32(_mm_sub_epi32(rect2, resultRect), _mm_srli_si128(rect2, 8))); // w, h, zz, zz
       widthheight = _mm_slli_si128(widthheight, 8); // 00, 00, wr, hr
 
       resultRect = _mm_blend_epi16(resultRect, widthheight, 0xF0); // xr, yr, wr, hr
 
       if ((_mm_movemask_ps(_mm_castsi128_ps(_mm_cmplt_epi32(resultRect, _mm_setzero_si128()))) & 0xC) != 0) {
         // It's potentially more efficient to store all 0s. But the non SSE4 code leaves x/y intact
@@ -173,18 +175,20 @@ struct nsRect :
 
   bool IntersectRect(const nsRect& aRect1, const nsRect& aRect2)
   {
     if (mozilla::gfx::Factory::HasSSE4()) {
       __m128i rect1 = _mm_loadu_si128((__m128i*)&aRect1); // x1, y1, w1, h1
       __m128i rect2 = _mm_loadu_si128((__m128i*)&aRect2); // x2, y2, w2, h2
 
       __m128i resultRect = _mm_max_epi32(rect1, rect2); // xr, yr, zz, zz
-      // result.width = std::min<int32_t>(x - result.x + width, aRect.x - result.x + aRect.width);
-      // result.height = std::min<int32_t>(y - result.y + height, aRect.y - result.y + aRect.height);
+      // result.width = std::min<int32_t>(x - result.x + width,
+      //                                  aRect.x - result.x + aRect.width);
+      // result.height = std::min<int32_t>(y - result.y + height,
+      //                                   aRect.y - result.y + aRect.height);
       __m128i widthheight = _mm_min_epi32(_mm_add_epi32(_mm_sub_epi32(rect1, resultRect), _mm_srli_si128(rect1, 8)),
                                           _mm_add_epi32(_mm_sub_epi32(rect2, resultRect), _mm_srli_si128(rect2, 8))); // w, h, zz, zz
       widthheight = _mm_slli_si128(widthheight, 8); // 00, 00, wr, hr
 
       resultRect = _mm_blend_epi16(resultRect, widthheight, 0xF0); // xr, yr, wr, hr
 
       if ((_mm_movemask_ps(_mm_castsi128_ps(_mm_cmpgt_epi32(resultRect, _mm_setzero_si128()))) & 0xC) != 0xC) {
         // It's potentially more efficient to store all 0s. But the non SSE4 code leaves x/y intact
@@ -390,31 +394,34 @@ nsRect::ScaleToOutsidePixels(float aXSca
 
   __m128i rectPacked = _mm_loadu_si128((__m128i*)this); // x, y, w, h
   __m128i topLeft = _mm_slli_si128(rectPacked, 8); // 0, 0, x, y
 
   rectPacked = _mm_add_epi32(rectPacked, topLeft); // X, Y, XMost(), YMost()
 
   __m128 rectFloat = _mm_cvtepi32_ps(rectPacked);
 
-  // Scale i.e. ([ x y xmost ymost ] / aAppUnitsPerPixel) * [ aXScale aYScale aXScale aYScale ]
+  // Scale i.e. ([ x y xmost ymost ] / aAppUnitsPerPixel) *
+  //             [ aXScale aYScale aXScale aYScale ]
   rectFloat = _mm_mul_ps(_mm_div_ps(rectFloat, appUnitsPacked), scalesPacked);
   rectPacked = ceil_ps2epi32(rectFloat); // xx, xx, XMost(), YMost()
   __m128i tmp = floor_ps2epi32(rectFloat); // x, y, xx, xx
 
   // _mm_move_sd is 1 cycle method of getting the blending we want.
   rectPacked = _mm_castpd_si128(_mm_move_sd(_mm_castsi128_pd(rectPacked), _mm_castsi128_pd(tmp))); // x, y, XMost(), YMost()
 
   topLeft = _mm_slli_si128(rectPacked, 8); // 0, 0, r.x, r.y
   rectPacked = _mm_sub_epi32(rectPacked, topLeft); // r.x, r.y, r.w, r.h
 
   // Avoid negative width/height due to overflow.
   __m128i mask = _mm_or_si128(_mm_cmpgt_epi32(rectPacked, _mm_setzero_si128()),
                               _mm_set_epi32(0, 0, 0xFFFFFFFF, 0xFFFFFFFF));
+  // clang-format off
   // Mask will now contain [ 0xFFFFFFFF 0xFFFFFFFF (width <= 0 ? 0 : 0xFFFFFFFF) (height <= 0 ? 0 : 0xFFFFFFFF) ]
+  // clang-format on
   rectPacked = _mm_and_si128(rectPacked, mask);
 
   _mm_storeu_si128((__m128i*)&rect, rectPacked);
 #else
   rect.SetNonEmptyBox(NSToIntFloor(NSAppUnitsToFloatPixels(x,
                                    float(aAppUnitsPerPixel)) * aXScale),
                       NSToIntFloor(NSAppUnitsToFloatPixels(y,
                                    float(aAppUnitsPerPixel)) * aYScale),
--- a/gfx/src/nsRegion.cpp
+++ b/gfx/src/nsRegion.cpp
@@ -336,17 +336,18 @@ void nsRegion::VisitEdges (visit_fn visi
         const int TouchedByTop = 1;
         const int TouchedByBottom = 2;
         // We always start with nothing.
         int oldState = TouchedByNothing;
         // Last state change, adjusted by -1 if the last state change was
         // a change away from 0.
         int lastX = std::min(topStrip->left, bottomStrip->left) - 1;
 
-        // Current edge being considered for top and bottom, 0 - left, 1 - right.
+        // Current edge being considered for top and bottom,
+        // 0 - left, 1 - right.
         bool topEdgeIsLeft = true;
         bool bottomEdgeIsLeft = true;
         while (topStrip != std::end(topBand.mStrips) && bottomStrip != std::end(bottomBand.mStrips)) {
           int topPos;
           int bottomPos;
           if (topEdgeIsLeft) {
             topPos = topStrip->left;
           } else {
@@ -723,17 +724,18 @@ nsIntRegion nsRegion::ScaleToInsidePixel
 // Phase3 = function (G, A, m, n) {
 //   let (t,b,l,r,_) = MaxSum2D(A,m,n)
 //   return rect(G[t],G[l],G[r],G[b]);
 // }
 // MaxSum2D = function (A, m, n) {
 //   S = array(m+1,n+1)
 //   S[0][i] = 0 for i in [0,n]
 //   S[j][0] = 0 for j in [0,m]
-//   S[j][i] = (if A[j-1][i-1] = 0 then some large negative value else A[j-1][i-1])
+//   S[j][i] = (if A[j-1][i-1] = 0 then some large negative value
+//                                 else A[j-1][i-1])
 //           + S[j-1][n] + S[j][i-1] - S[j-1][i-1]
 //
 //   // top, bottom, left, right, area
 //   var maxRect = (-1, -1, -1, -1, 0);
 //
 //   for all (m',m'') in [0, m]^2 {
 //     let B = { S[m'][i] - S[m''][i] | 0 <= i <= n }
 //     let ((l,r),area) = MaxSum1D(B,n+1)
--- a/gfx/thebes/gfxASurface.cpp
+++ b/gfx/thebes/gfxASurface.cpp
@@ -108,17 +108,18 @@ gfxASurface::Release(void)
         return 0;
     }
     return mFloatingRefs;
 }
 
 void
 gfxASurface::SurfaceDestroyFunc(void *data) {
     gfxASurface *surf = (gfxASurface*) data;
-    // fprintf (stderr, "Deleting wrapper for %p (wrapper: %p)\n", surf->mSurface, data);
+    // fprintf (stderr, "Deleting wrapper for %p (wrapper: %p)\n", surf->mSurface,
+    //          data);
     delete surf;
 }
 
 gfxASurface*
 gfxASurface::GetSurfaceWrapper(cairo_surface_t *csurf)
 {
     if (!csurf)
         return nullptr;
--- a/gfx/thebes/gfxAlphaRecovery.h
+++ b/gfx/thebes/gfxAlphaRecovery.h
@@ -84,27 +84,28 @@ public:
      */
 
     static inline uint32_t
     RecoverPixel(uint32_t black, uint32_t white)
     {
         const uint32_t GREEN_MASK = 0x0000FF00;
         const uint32_t ALPHA_MASK = 0xFF000000;
 
-        /* |diff| here is larger when the source image pixel is more transparent.
-           If both renderings are from the same source image composited with OVER,
-           then the color values on white will always be greater than those on
-           black, so |diff| would not overflow.  However, overflow may happen, for
-           example, when a plugin plays a video and the image is rapidly changing.
-           If there is overflow, then behave as if we limit to the difference to
+        /* |diff| here is larger when the source image pixel is more
+           transparent.  If both renderings are from the same source image
+           composited with OVER, then the color values on white will always be
+           greater than those on black, so |diff| would not overflow.  However,
+           overflow may happen, for example, when a plugin plays a video and
+           the image is rapidly changing.  If there is overflow, then behave as
+           if we limit to the difference to
            >= 0, which will make the rendering opaque.  (Without this overflow
            will make the rendering transparent.) */
         uint32_t diff = (white & GREEN_MASK) - (black & GREEN_MASK);
-        /* |diff| is 0xFFFFxx00 on overflow and 0x0000xx00 otherwise, so use this
-            to limit the transparency. */
+        /* |diff| is 0xFFFFxx00 on overflow and 0x0000xx00 otherwise, so use
+           this to limit the transparency. */
         uint32_t limit = diff & ALPHA_MASK;
         /* The alpha bits of the result */
         uint32_t alpha = (ALPHA_MASK - (diff << 16)) | limit;
 
         return alpha | (black & ~ALPHA_MASK);
     }
 };
 
--- a/gfx/thebes/gfxBlur.h
+++ b/gfx/thebes/gfxBlur.h
@@ -154,18 +154,20 @@ public:
      * and calling paint. Do not call Init() if using this method.
      *
      * @param aDestinationCtx     The destination to blur to.
      * @param aDestinationRect    The destination rect in device pixels
      * @param aShadowClipRect     The destiniation inner rect of the
      *                            inset path in device pixels.
      * @param aBlurRadius         The standard deviation of the blur.
      * @param aShadowColor        The color of the blur.
-     * @param aInnerClipRadii     Corner radii for the inside rect if it is a rounded rect.
-     * @param aSkipRect           An area in device pixels we don't have to paint in.
+     * @param aInnerClipRadii     Corner radii for the inside rect if it is a
+     *                            rounded rect.
+     * @param aSkipRect           An area in device pixels we don't have to
+     *                            paint in.
      */
     void BlurInsetBox(gfxContext* aDestinationCtx,
                       const mozilla::gfx::Rect& aDestinationRect,
                       const mozilla::gfx::Rect& aShadowClipRect,
                       const mozilla::gfx::IntSize& aBlurRadius,
                       const mozilla::gfx::Color& aShadowColor,
                       const RectCornerRadii* aInnerClipRadii,
                       const mozilla::gfx::Rect& aSkipRect,
--- a/gfx/thebes/gfxCoreTextShaper.cpp
+++ b/gfx/thebes/gfxCoreTextShaper.cpp
@@ -247,18 +247,20 @@ gfxCoreTextShaper::SetGlyphsFromRun(gfxS
     if (numGlyphs == 0) {
         return NS_OK;
     }
 
     int32_t wordLength = aLength;
 
     // character offsets get really confusing here, as we have to keep track of
     // (a) the text in the actual textRun we're constructing
-    // (c) the string that was handed to CoreText, which contains the text of the font run
-    // (d) the CTRun currently being processed, which may be a sub-run of the CoreText line
+    // (c) the string that was handed to CoreText, which contains the text of
+    // the font run
+    // (d) the CTRun currently being processed, which may be a sub-run of the
+    // CoreText line
 
     // get the source string range within the CTLine's text
     CFRange stringRange = ::CTRunGetStringRange(aCTRun);
     // skip the run if it is entirely outside the actual range of the font run
     if (stringRange.location + stringRange.length <= 0 ||
         stringRange.location >= wordLength) {
         return NS_OK;
     }
--- a/gfx/thebes/gfxFont.cpp
+++ b/gfx/thebes/gfxFont.cpp
@@ -3896,17 +3896,18 @@ gfxFont::SanitizeMetrics(gfxFont::Metric
     }
 
     /**
      * Some CJK fonts have bad underline offset. Therefore, if this is such font,
      * we need to lower the underline offset to bottom of *em* descent.
      * However, if this is system font, we should not do this for the rendering compatibility with
      * another application's UI on the platform.
      * XXX Should not use this hack if the font size is too small?
-     *     Such text cannot be read, this might be used for tight CSS rendering? (E.g., Acid2)
+     *     Such text cannot be read, this might be used for tight CSS
+     *     rendering? (E.g., Acid2)
      */
     if (!mStyle.systemFont && aIsBadUnderlineFont) {
         // First, we need 2 pixels between baseline and underline at least. Because many CJK characters
         // put their glyphs on the baseline, so, 1 pixel is too close for CJK characters.
         aMetrics->underlineOffset = std::min(aMetrics->underlineOffset, -2.0);
 
         // Next, we put the underline to bottom of below of the descent space.
         if (aMetrics->internalLeading + aMetrics->externalLeading > aMetrics->underlineSize) {
--- a/gfx/thebes/gfxFontUtils.cpp
+++ b/gfx/thebes/gfxFontUtils.cpp
@@ -265,17 +265,18 @@ gfxFontUtils::ReadCMAPTableFormat4(const
                                                           endCount));
             }
             if (skipCode < endCount) {
                 aCharacterMap.SetRange(std::max<uint16_t>(startCount,
                                                           skipCode + 1),
                                        endCount);
             }
         } else {
-            // const uint16_t idDelta = ReadShortAt16(idDeltas, i); // Unused: self-documenting.
+            // Unused: self-documenting.
+            // const uint16_t idDelta = ReadShortAt16(idDeltas, i);
             for (uint32_t c = startCount; c <= endCount; ++c) {
                 if (c == 0xFFFF)
                     break;
 
                 const uint16_t *gdata = (idRangeOffset/2
                                          + (c - startCount)
                                          + &idRangeOffsets[i]);
 
--- a/gfx/thebes/gfxLineSegment.h
+++ b/gfx/thebes/gfxLineSegment.h
@@ -12,17 +12,19 @@
 struct gfxLineSegment {
   gfxLineSegment(const gfxPoint &aStart, const gfxPoint &aEnd) 
     : mStart(aStart)
     , mEnd(aEnd)
   {}
 
   bool PointsOnSameSide(const gfxPoint& aOne, const gfxPoint& aTwo)
   {
-    // Solve the equation y - mStart.y - ((mEnd.y - mStart.y)/(mEnd.x - mStart.x))(x - mStart.x) for both points 
+    // Solve the equation
+    // y - mStart.y - ((mEnd.y - mStart.y)/(mEnd.x - mStart.x))(x - mStart.x)
+    // for both points 
   
     gfxFloat deltaY = (mEnd.y - mStart.y);
     gfxFloat deltaX = (mEnd.x - mStart.x);
   
     gfxFloat one = deltaX * (aOne.y - mStart.y) - deltaY * (aOne.x - mStart.x);
     gfxFloat two = deltaX * (aTwo.y - mStart.y) - deltaY * (aTwo.x - mStart.x);
 
     // If both results have the same sign, then we're on the correct side of the line.
--- a/gfx/thebes/gfxPlatform.cpp
+++ b/gfx/thebes/gfxPlatform.cpp
@@ -2257,19 +2257,19 @@ gfxPlatform::GetCMSOutputProfileData(voi
 
 void
 gfxPlatform::CreateCMSOutputProfile()
 {
     if (!gCMSOutputProfile) {
         /* Determine if we're using the internal override to force sRGB as
            an output profile for reftests. See Bug 452125.
 
-           Note that we don't normally (outside of tests) set a
-           default value of this preference, which means nsIPrefBranch::GetBoolPref
-           will typically throw (and leave its out-param untouched).
+           Note that we don't normally (outside of tests) set a default value
+           of this preference, which means nsIPrefBranch::GetBoolPref will
+           typically throw (and leave its out-param untouched).
          */
         if (Preferences::GetBool(GFX_PREF_CMS_FORCE_SRGB, false)) {
             gCMSOutputProfile = GetCMSsRGBProfile();
         }
 
         if (!gCMSOutputProfile) {
             void* mem = nullptr;
             size_t size = 0;
@@ -2877,20 +2877,23 @@ WebRenderHardwareQualificationStatus(boo
 void
 gfxPlatform::InitWebRenderConfig()
 {
   bool prefEnabled = WebRenderPrefEnabled();
   bool envvarEnabled = WebRenderEnvvarEnabled();
 
   // On Nightly:
   //   WR? WR+   => means WR was enabled via gfx.webrender.all.qualified
-  //   WR! WR+   => means WR was enabled via gfx.webrender.{all,enabled} or envvar
+  //   WR! WR+   => means WR was enabled via gfx.webrender.{all,enabled} or
+  //                envvar
   // On Beta/Release:
-  //   WR? WR+   => means WR was enabled via gfx.webrender.all.qualified on qualified hardware
-  //   WR! WR+   => means WR was enabled via envvar, possibly on unqualified hardware.
+  //   WR? WR+   => means WR was enabled via gfx.webrender.all.qualified on
+  //                qualified hardware
+  //   WR! WR+   => means WR was enabled via envvar, possibly on unqualified
+  //                hardware.
   // In all cases WR- means WR was not enabled, for one of many possible reasons.
   ScopedGfxFeatureReporter reporter("WR", prefEnabled || envvarEnabled);
   if (!XRE_IsParentProcess()) {
     // Force-disable WebRender in recording/replaying child processes, which
     // have their own compositor.
     if (recordreplay::IsRecordingOrReplaying()) {
       gfxVars::SetUseWebRender(false);
     }
@@ -3181,17 +3184,18 @@ gfxPlatform::ContentUsesTiling() const
     (gfxPrefs::LayersTilesEnabledIfSkiaPOMTP() &&
       contentUsesSkia &&
       contentUsesPOMTP);
 }
 
 /***
  * The preference "layout.frame_rate" has 3 meanings depending on the value:
  *
- * -1 = Auto (default), use hardware vsync or software vsync @ 60 hz if hw vsync fails.
+ * -1 = Auto (default), use hardware vsync or software vsync @ 60 hz if hw
+ *      vsync fails.
  *  0 = ASAP mode - used during talos testing.
  *  X = Software vsync at a rate of X times per second.
  */
 already_AddRefed<mozilla::gfx::VsyncSource>
 gfxPlatform::CreateHardwareVsyncSource()
 {
   RefPtr<mozilla::gfx::VsyncSource> softwareVsync = new SoftwareVsyncSource();
   return softwareVsync.forget();
--- a/gfx/thebes/gfxPrefs.h
+++ b/gfx/thebes/gfxPrefs.h
@@ -280,19 +280,21 @@ private:
     T GetLiveValue() const {
       return BaseClass::GetLiveValueByName(Prefname());
     }
     bool HasDefaultValue() const override {
       return this->mValue == Default();
     }
   };
 
-  // This is where DECL_GFX_PREF for each of the preferences should go.
-  // We will keep these in an alphabetical order to make it easier to see if
-  // a method accessing a pref already exists. Just add yours in the list.
+  // clang-format off
+
+  // This is where DECL_GFX_PREF for each of the preferences should go.  We
+  // will keep these in an alphabetical order to make it easier to see if a
+  // method accessing a pref already exists. Just add yours in the list.
 
   DECL_GFX_PREF(Live, "accessibility.browsewithcaret", AccessibilityBrowseWithCaret, bool, false);
 
   // The apz prefs are explained in AsyncPanZoomController.cpp
   DECL_GFX_PREF(Live, "apz.allow_checkerboarding",             APZAllowCheckerboarding, bool, true);
   DECL_GFX_PREF(Live, "apz.allow_double_tap_zooming",          APZAllowDoubleTapZooming, bool, true);
   DECL_GFX_PREF(Live, "apz.allow_immediate_handoff",           APZAllowImmediateHandoff, bool, true);
   DECL_GFX_PREF(Live, "apz.allow_zooming",                     APZAllowZooming, bool, false);
@@ -809,19 +811,22 @@ private:
   DECL_GFX_PREF(Live, "webgl.perf.max-warnings",                    WebGLMaxPerfWarnings, int32_t, 0);
   DECL_GFX_PREF(Live, "webgl.perf.max-acceptable-fb-status-invals", WebGLMaxAcceptableFBStatusInvals, int32_t, 0);
   DECL_GFX_PREF(Live, "webgl.perf.spew-frame-allocs",          WebGLSpewFrameAllocs, bool, true);
 
 
   DECL_GFX_PREF(Live, "widget.window-transforms.disabled",     WindowTransformsDisabled, bool, false);
 
   // WARNING:
-  // Please make sure that you've added your new preference to the list above in alphabetical order.
+  // Please make sure that you've added your new preference to the list above
+  // in alphabetical order.
   // Please do not just append it to the end of the list.
 
+  // clang-format on
+
 public:
   // Manage the singleton:
   static gfxPrefs& GetSingleton()
   {
     return sInstance ? *sInstance : CreateAndInitializeSingleton();
   }
   static void DestroySingleton();
   static bool SingletonExists();
--- a/gfx/thebes/gfxTextRun.cpp
+++ b/gfx/thebes/gfxTextRun.cpp
@@ -1124,18 +1124,20 @@ gfxTextRun::BreakAndMeasureText(uint32_t
     }
 
     if (!aborted) {
         width += advance;
     }
 
     // There are three possibilities:
     // 1) all the text fit (width <= aWidth)
-    // 2) some of the text fit up to a break opportunity (width > aWidth && lastBreak >= 0)
-    // 3) none of the text fits before a break opportunity (width > aWidth && lastBreak < 0)
+    // 2) some of the text fit up to a break opportunity (width > aWidth &&
+    //    lastBreak >= 0)
+    // 3) none of the text fits before a break opportunity (width > aWidth &&
+    //    lastBreak < 0)
     uint32_t charsFit;
     bool usedHyphenation = false;
     if (width - trimmableAdvance <= aWidth) {
         charsFit = aMaxLength;
     } else if (lastBreak >= 0) {
         if (lastCandidateBreak >= 0 && lastCandidateBreak != lastBreak) {
             lastBreak = lastCandidateBreak;
             lastBreakTrimmableChars = lastCandidateBreakTrimmableChars;
@@ -3089,17 +3091,18 @@ gfxFontGroup::FindFontForChar(uint32_t a
     // 2. search pref fonts
     gfxFont* font = WhichPrefFontSupportsChar(aCh, aNextCh);
     if (font) {
         *aMatchType = gfxTextRange::MatchType::kPrefsFallback;
         return font;
     }
 
     // 3. use fallback fonts
-    // -- before searching for something else check the font used for the previous character
+    // -- before searching for something else check the font used for the
+    //    previous character
     if (aPrevMatchedFont && aPrevMatchedFont->HasCharacter(aCh)) {
         *aMatchType = gfxTextRange::MatchType::kSystemFallback;
         return aPrevMatchedFont;
     }
 
     // for known "space" characters, don't do a full system-fallback search;
     // we'll synthesize appropriate-width spaces instead of missing-glyph boxes
     if (GetGeneralCategory(aCh) ==
--- a/gfx/thebes/gfxTextRun.h
+++ b/gfx/thebes/gfxTextRun.h
@@ -376,28 +376,34 @@ public:
                                   HyphenationState* aWordState);
 
     /**
      * Finds the longest substring that will fit into the given width.
      * Uses GetHyphenationBreaks and GetSpacing from aProvider.
      * Guarantees the following:
      * -- 0 <= result <= aMaxLength
      * -- result is the maximal value of N such that either
-     *       N < aMaxLength && line break at N && GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
-     *   OR  N < aMaxLength && hyphen break at N && GetAdvanceWidth(Range(aStart, N), aProvider) + GetHyphenWidth() <= aWidth
-     *   OR  N == aMaxLength && GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
+     *       N < aMaxLength && line break at N &&
+     *       GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
+     *   OR  N < aMaxLength && hyphen break at N &&
+     *       GetAdvanceWidth(Range(aStart, N), aProvider) +
+     *       GetHyphenWidth() <= aWidth
+     *   OR  N == aMaxLength &&
+     *       GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
      * where GetAdvanceWidth assumes the effect of
-     * SetLineBreaks(Range(aStart, N), aLineBreakBefore, N < aMaxLength, aProvider)
+     * SetLineBreaks(Range(aStart, N),
+     *               aLineBreakBefore, N < aMaxLength, aProvider)
      * -- if no such N exists, then result is the smallest N such that
      *       N < aMaxLength && line break at N
      *   OR  N < aMaxLength && hyphen break at N
      *   OR  N == aMaxLength
      *
      * The call has the effect of
-     * SetLineBreaks(Range(aStart, result), aLineBreakBefore, result < aMaxLength, aProvider)
+     * SetLineBreaks(Range(aStart, result), aLineBreakBefore,
+     *               result < aMaxLength, aProvider)
      * and the returned metrics and the invariants above reflect this.
      *
      * @param aMaxLength this can be UINT32_MAX, in which case the length used
      * is up to the end of the string
      * @param aLineBreakBefore set to true if and only if there is an actual
      * line break at the start of this string.
      * @param aSuppressBreak what break should be suppressed.
      * @param aTrimWhitespace if non-null, then we allow a trailing run of
@@ -411,21 +417,25 @@ public:
      * @param aMetrics if non-null, we fill this in for the returned substring.
      * If a hyphenation break was used, the hyphen is NOT included in the returned metrics.
      * @param aBoundingBoxType whether to make the bounding box in aMetrics tight
      * @param aDrawTargetForTightBoundingbox a reference DrawTarget to get the
      * tight bounding box, if requested
      * @param aUsedHyphenation if non-null, records if we selected a hyphenation break
      * @param aLastBreak if non-null and result is aMaxLength, we set this to
      * the maximal N such that
-     *       N < aMaxLength && line break at N && GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
-     *   OR  N < aMaxLength && hyphen break at N && GetAdvanceWidth(Range(aStart, N), aProvider) + GetHyphenWidth() <= aWidth
+     *       N < aMaxLength && line break at N &&
+     *       GetAdvanceWidth(Range(aStart, N), aProvider) <= aWidth
+     *   OR  N < aMaxLength && hyphen break at N &&
+     *       GetAdvanceWidth(Range(aStart, N), aProvider) +
+     *         GetHyphenWidth() <= aWidth
      * or UINT32_MAX if no such N exists, where GetAdvanceWidth assumes
      * the effect of
-     * SetLineBreaks(Range(aStart, N), aLineBreakBefore, N < aMaxLength, aProvider)
+     * SetLineBreaks(Range(aStart, N), aLineBreakBefore,
+     *               N < aMaxLength, aProvider)
      *
      * @param aCanWordWrap true if we can break between any two grapheme
      * clusters. This is set by overflow-wrap|word-wrap: break-word
      *
      * @param aBreakPriority in/out the priority of the break opportunity
      * saved in the line. If we are prioritizing break opportunities, we will
      * not set a break with a lower priority. @see gfxBreakPriority.
      *
--- a/gfx/thebes/gfxTypes.h
+++ b/gfx/thebes/gfxTypes.h
@@ -19,18 +19,19 @@ typedef void (*thebes_destroy_func_t) (v
  */
 typedef double gfxFloat;
 
 /**
  * Priority of a line break opportunity.
  *
  * eNoBreak       The line has no break opportunities
  * eWordWrapBreak The line has a break opportunity only within a word. With
- *                overflow-wrap|word-wrap: break-word we will break at this point only if
- *                there are no other break opportunities in the line.
+ *                overflow-wrap|word-wrap: break-word we will break at this
+ *                point only if there are no other break opportunities in the
+ *                line.
  * eNormalBreak   The line has a break opportunity determined by the standard
  *                line-breaking algorithm.
  *
  * Future expansion: split eNormalBreak into multiple priorities, e.g.
  *                    punctuation break and whitespace break (bug 389710).
  *                   As and when we implement it, text-wrap: unrestricted will
  *                    mean that priorities are ignored and all line-break
  *                    opportunities are equal.
--- a/gfx/vr/external_api/moz_external_vr.h
+++ b/gfx/vr/external_api/moz_external_vr.h
@@ -271,17 +271,19 @@ struct VRDisplayState
 
   // When true, indicates that the VR service has shut down
   bool shutdown;
   // Minimum number of milliseconds to wait before attempting
   // to start the VR service again
   uint32_t mMinRestartInterval;
   char mDisplayName[kVRDisplayNameMaxLen];
   // eight byte character code identifier
-  // LSB first, so "ABCDEFGH" -> ('H'<<56) + ('G'<<48) + ('F'<<40) + ('E'<<32) + ('D'<<24) + ('C'<<16) + ('B'<<8) + 'A').
+  // LSB first, so "ABCDEFGH" -> ('H'<<56) + ('G'<<48) + ('F'<<40) +
+  //                             ('E'<<32) + ('D'<<24) + ('C'<<16) +
+  //                             ('B'<<8) + 'A').
   uint64_t mEightCC;
   VRDisplayCapabilityFlags mCapabilityFlags;
   VRFieldOfView mEyeFOV[VRDisplayState::NumEyes];
   Point3D_POD mEyeTranslation[VRDisplayState::NumEyes];
   IntSize_POD mEyeResolution;
   bool mSuppressFrames;
   bool mIsConnected;
   bool mIsMounted;
--- a/gfx/webrender_bindings/RenderCompositorANGLE.cpp
+++ b/gfx/webrender_bindings/RenderCompositorANGLE.cpp
@@ -158,17 +158,18 @@ RenderCompositorANGLE::Initialize()
 
     DXGI_SWAP_CHAIN_DESC1 desc{};
     desc.Width = 0;
     desc.Height = 0;
     desc.Format = DXGI_FORMAT_B8G8R8A8_UNORM;
     desc.SampleDesc.Count = 1;
     desc.SampleDesc.Quality = 0;
     desc.BufferUsage = DXGI_USAGE_RENDER_TARGET_OUTPUT;
-    // Do not use DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL, since it makes HWND unreusable.
+    // Do not use DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL, since it makes HWND
+    // unreusable.
     //desc.BufferCount = 2;
     //desc.SwapEffect = DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL;
     desc.BufferCount = 1;
     desc.SwapEffect = DXGI_SWAP_EFFECT_SEQUENTIAL;
     desc.Scaling = DXGI_SCALING_NONE;
     desc.Flags = 0;
 
     hr = dxgiFactory2->CreateSwapChainForHwnd(mDevice, hwnd, &desc,
--- a/gfx/webrender_bindings/WebRenderAPI.cpp
+++ b/gfx/webrender_bindings/WebRenderAPI.cpp
@@ -12,18 +12,22 @@
 #include "mozilla/gfx/gfxVars.h"
 #include "mozilla/layers/CompositorThread.h"
 #include "mozilla/webrender/RenderCompositor.h"
 #include "mozilla/widget/CompositorWidget.h"
 #include "mozilla/layers/SynchronousTask.h"
 #include "TextDrawTarget.h"
 
 #define WRDL_LOG(...)
-//#define WRDL_LOG(...) printf_stderr("WRDL(%p): " __VA_ARGS__)
-//#define WRDL_LOG(...) if (XRE_IsContentProcess()) printf_stderr("WRDL(%p): " __VA_ARGS__)
+/*
+#define WRDL_LOG(...) printf_stderr("WRDL(%p): " __VA_ARGS__)
+#define WRDL_LOG(...) if (XRE_IsContentProcess()) {              \
+                        printf_stderr("WRDL(%p): " __VA_ARGS__); \
+                      }
+*/
 
 namespace mozilla {
 namespace wr {
 
 using layers::Stringify;
 
 MOZ_DEFINE_MALLOC_SIZE_OF(WebRenderMallocSizeOf)
 
--- a/image/Decoder.h
+++ b/image/Decoder.h
@@ -129,17 +129,18 @@ public:
    * Decodes, reading all data currently available in the SourceBuffer.
    *
    * If more data is needed and @aOnResume is non-null, Decode() will schedule
    * @aOnResume to be called when more data is available.
    *
    * @return a LexerResult which may indicate:
    *   - the image has been successfully decoded (TerminalState::SUCCESS), or
    *   - the image has failed to decode (TerminalState::FAILURE), or
-   *   - the decoder is yielding until it gets more data (Yield::NEED_MORE_DATA), or
+   *   - the decoder is yielding until it gets more data
+   *     (Yield::NEED_MORE_DATA), or
    *   - the decoder is yielding to allow the caller to access intermediate
    *     output (Yield::OUTPUT_AVAILABLE).
    */
   LexerResult Decode(IResumable* aOnResume = nullptr);
 
   /**
    * Terminate this decoder in a failure state, just as if the decoder
    * implementation had returned TerminalState::FAILURE from DoDecode().
--- a/image/RasterImage.h
+++ b/image/RasterImage.h
@@ -183,19 +183,19 @@ public:
   /**
    * Sends the provided progress notifications to ProgressTracker.
    *
    * Main-thread only.
    *
    * @param aProgress    The progress notifications to send.
    * @param aInvalidRect An invalidation rect to send.
    * @param aFrameCount  If Some(), an updated count of the number of frames of
-   *                     animation the decoder has finished decoding so far. This
-   *                     is a lower bound for the total number of animation
-   *                     frames this image has.
+   *                     animation the decoder has finished decoding so far.
+   *                     This is a lower bound for the total number of
+   *                     animation frames this image has.
    * @param aDecoderFlags The decoder flags used by the decoder that generated
    *                      these notifications, or DefaultDecoderFlags() if the
    *                      notifications don't come from a decoder.
    * @param aSurfaceFlags The surface flags used by the decoder that generated
    *                      these notifications, or DefaultSurfaceFlags() if the
    *                      notifications don't come from a decoder.
    */
   void NotifyProgress(Progress aProgress,
--- a/image/SurfaceCache.h
+++ b/image/SurfaceCache.h
@@ -282,18 +282,18 @@ struct SurfaceCache
    * FAILURE if it failed to insert the cache entry, which could happen because
    * of capacity reasons, or because it was already freed by the OS. If the
    * cache entry isn't associated with a locked image, checking for SUCCESS or
    * FAILURE is useless: the entry might expire immediately after being
    * inserted, even though Insert() returned SUCCESS. Thus, many callers do not
    * need to check the result of Insert() at all.
    *
    * @param aProvider    The new cache entry to insert into the cache.
-   * @return SUCCESS if the cache entry was inserted successfully. (But see above
-   *           for more information about when you should check this.)
+   * @return SUCCESS if the cache entry was inserted successfully. (But see
+   *           above for more information about when you should check this.)
    *         FAILURE if the cache entry could not be inserted, e.g. for capacity
    *           reasons. (But see above for more information about when you
    *           should check this.)
    *         FAILURE_ALREADY_PRESENT if an entry with the same ImageKey and
    *           SurfaceKey already exists in the cache.
    */
   static InsertOutcome Insert(NotNull<ISurfaceProvider*> aProvider);
 
--- a/intl/unicharutil/util/nsBidiUtils.h
+++ b/intl/unicharutil/util/nsBidiUtils.h
@@ -83,37 +83,46 @@ typedef enum nsCharType nsCharType;
 
 #define CHARTYPE_IS_RTL(val) ( ( (val) == eCharType_RightToLeft) || ( (val) == eCharType_RightToLeftArabic) )
 
 #define CHARTYPE_IS_WEAK(val) ( ( (val) == eCharType_EuropeanNumberSeparator)    \
                            || ( (val) == eCharType_EuropeanNumberTerminator) \
                            || ( ( (val) > eCharType_ArabicNumber) && ( (val) != eCharType_RightToLeftArabic) ) )
 
   /**
-   * Inspects a Unichar, converting numbers to Arabic or Hindi forms and returning them
+   * Inspects a Unichar, converting numbers to Arabic or Hindi forms and
+   * returning them
    * @param aChar is the character
-   * @param aPrevCharArabic is true if the previous character in the string is an Arabic char
+   * @param aPrevCharArabic is true if the previous character in the string is
+   *        an Arabic char
    * @param aNumFlag specifies the conversion to perform:
    *        IBMBIDI_NUMERAL_NOMINAL:      don't do any conversion
-   *        IBMBIDI_NUMERAL_HINDI:        convert to Hindi forms (Unicode 0660-0669)
-   *        IBMBIDI_NUMERAL_ARABIC:       convert to Arabic forms (Unicode 0030-0039)
-   *        IBMBIDI_NUMERAL_HINDICONTEXT: convert numbers in Arabic text to Hindi, otherwise to Arabic
+   *        IBMBIDI_NUMERAL_HINDI:        convert to Hindi forms
+   *                                        (Unicode 0660-0669)
+   *        IBMBIDI_NUMERAL_ARABIC:       convert to Arabic forms
+   *                                        (Unicode 0030-0039)
+   *        IBMBIDI_NUMERAL_HINDICONTEXT: convert numbers in Arabic text to
+   *                                      Hindi, otherwise to Arabic
    * @return the converted Unichar
    */
   char16_t HandleNumberInChar(char16_t aChar, bool aPrevCharArabic, uint32_t aNumFlag);
 
   /**
-   * Scan a Unichar string, converting numbers to Arabic or Hindi forms in place
+   * Scan a Unichar string, converting numbers to Arabic or Hindi forms in
+   * place
    * @param aBuffer is the string
    * @param aSize is the size of aBuffer
    * @param aNumFlag specifies the conversion to perform:
    *        IBMBIDI_NUMERAL_NOMINAL:      don't do any conversion
-   *        IBMBIDI_NUMERAL_HINDI:        convert to Hindi forms (Unicode 0660-0669)
-   *        IBMBIDI_NUMERAL_ARABIC:       convert to Arabic forms (Unicode 0030-0039)
-   *        IBMBIDI_NUMERAL_HINDICONTEXT: convert numbers in Arabic text to Hindi, otherwise to Arabic
+   *        IBMBIDI_NUMERAL_HINDI:        convert to Hindi forms
+   *                                        (Unicode 0660-0669)
+   *        IBMBIDI_NUMERAL_ARABIC:       convert to Arabic forms
+   *                                        (Unicode 0030-0039)
+   *        IBMBIDI_NUMERAL_HINDICONTEXT: convert numbers in Arabic text to
+   *                                      Hindi, otherwise to Arabic
    */
   nsresult HandleNumbers(char16_t* aBuffer, uint32_t aSize, uint32_t  aNumFlag);
 
   /**
    * Give a UTF-32 codepoint
    * return true if the codepoint is a Bidi control character (LRM, RLM, ALM;
    * LRE, RLE, PDF, LRO, RLO; LRI, RLI, FSI, PDI).
    * Return false, otherwise
--- a/intl/unicharutil/util/nsUnicodeProperties.cpp
+++ b/intl/unicharutil/util/nsUnicodeProperties.cpp
@@ -59,16 +59,17 @@ array.
 
 The division of the remaining 16 bits into Page and Char fields is
 adjusted for each property (by experiment using the generation tool)
 to provide the most compact storage, depending on the distribution
 of values.
 */
 
 const nsUGenCategory sDetailedToGeneralCategory[] = {
+  // clang-format off
   /*
    * The order here corresponds to the HB_UNICODE_GENERAL_CATEGORY_* constants
    * of the hb_unicode_general_category_t enum in gfx/harfbuzz/src/hb-unicode.h.
    */
   /* CONTROL */             nsUGenCategory::kOther,
   /* FORMAT */              nsUGenCategory::kOther,
   /* UNASSIGNED */          nsUGenCategory::kOther,
   /* PRIVATE_USE */         nsUGenCategory::kOther,
@@ -93,19 +94,21 @@ const nsUGenCategory sDetailedToGeneralC
   /* OPEN_PUNCTUATION */    nsUGenCategory::kPunctuation,
   /* CURRENCY_SYMBOL */     nsUGenCategory::kSymbol,
   /* MODIFIER_SYMBOL */     nsUGenCategory::kSymbol,
   /* MATH_SYMBOL */         nsUGenCategory::kSymbol,
   /* OTHER_SYMBOL */        nsUGenCategory::kSymbol,
   /* LINE_SEPARATOR */      nsUGenCategory::kSeparator,
   /* PARAGRAPH_SEPARATOR */ nsUGenCategory::kSeparator,
   /* SPACE_SEPARATOR */     nsUGenCategory::kSeparator
+  // clang-format on
 };
 
 const hb_unicode_general_category_t sICUtoHBcategory[U_CHAR_CATEGORY_COUNT] = {
+  // clang-format off
   HB_UNICODE_GENERAL_CATEGORY_UNASSIGNED, // U_GENERAL_OTHER_TYPES = 0,
   HB_UNICODE_GENERAL_CATEGORY_UPPERCASE_LETTER, // U_UPPERCASE_LETTER = 1,
   HB_UNICODE_GENERAL_CATEGORY_LOWERCASE_LETTER, // U_LOWERCASE_LETTER = 2,
   HB_UNICODE_GENERAL_CATEGORY_TITLECASE_LETTER, // U_TITLECASE_LETTER = 3,
   HB_UNICODE_GENERAL_CATEGORY_MODIFIER_LETTER, // U_MODIFIER_LETTER = 4,
   HB_UNICODE_GENERAL_CATEGORY_OTHER_LETTER, // U_OTHER_LETTER = 5,
   HB_UNICODE_GENERAL_CATEGORY_NON_SPACING_MARK, // U_NON_SPACING_MARK = 6,
   HB_UNICODE_GENERAL_CATEGORY_ENCLOSING_MARK, // U_ENCLOSING_MARK = 7,
@@ -126,16 +129,17 @@ const hb_unicode_general_category_t sICU
   HB_UNICODE_GENERAL_CATEGORY_CONNECT_PUNCTUATION, // U_CONNECTOR_PUNCTUATION = 22,
   HB_UNICODE_GENERAL_CATEGORY_OTHER_PUNCTUATION, // U_OTHER_PUNCTUATION = 23,
   HB_UNICODE_GENERAL_CATEGORY_MATH_SYMBOL, // U_MATH_SYMBOL = 24,
   HB_UNICODE_GENERAL_CATEGORY_CURRENCY_SYMBOL, // U_CURRENCY_SYMBOL = 25,
   HB_UNICODE_GENERAL_CATEGORY_MODIFIER_SYMBOL, // U_MODIFIER_SYMBOL = 26,
   HB_UNICODE_GENERAL_CATEGORY_OTHER_SYMBOL, // U_OTHER_SYMBOL = 27,
   HB_UNICODE_GENERAL_CATEGORY_INITIAL_PUNCTUATION, // U_INITIAL_PUNCTUATION = 28,
   HB_UNICODE_GENERAL_CATEGORY_FINAL_PUNCTUATION, // U_FINAL_PUNCTUATION = 29,
+  // clang-format on
 };
 
 #define DEFINE_BMP_1PLANE_MAPPING_GET_FUNC(prefix_) \
   uint32_t Get##prefix_(uint32_t aCh) \
   { \
     if (aCh >= UNICODE_BMP_LIMIT) { \
       return aCh; \
     } \
--- a/ipc/glue/CrossProcessMutex.h
+++ b/ipc/glue/CrossProcessMutex.h
@@ -19,17 +19,18 @@
 namespace IPC {
 template<typename T>
 struct ParamTraits;
 } // namespace IPC
 
 //
 // Provides:
 //
-//  - CrossProcessMutex, a non-recursive mutex that can be shared across processes
+//  - CrossProcessMutex, a non-recursive mutex that can be shared across
+//    processes
 //  - CrossProcessMutexAutoLock, an RAII class for ensuring that Mutexes are
 //    properly locked and unlocked
 //
 // Using CrossProcessMutexAutoLock/CrossProcessMutexAutoUnlock is MUCH
 // preferred to making bare calls to CrossProcessMutex.Lock and Unlock.
 //
 namespace mozilla {
 #if defined(OS_WIN)
--- a/ipc/glue/GeckoChildProcessHost.cpp
+++ b/ipc/glue/GeckoChildProcessHost.cpp
@@ -776,17 +776,18 @@ GeckoChildProcessHost::PerformAsyncLaunc
       mLaunchOptions->fds_to_remap
         .push_back(std::pair<int,int>(childCrashFd, childCrashRemapFd));
       // "true" == crash reporting enabled
       childArgv.push_back("true");
     } else {
       // "false" == crash reporting disabled
       childArgv.push_back("false");
     }
-#elif defined(MOZ_WIDGET_COCOA) // defined(OS_LINUX) || defined(OS_BSD) || defined(OS_SOLARIS)
+#elif defined(MOZ_WIDGET_COCOA) /* defined(OS_LINUX) || defined(OS_BSD) || \
+                                   defined(OS_SOLARIS) */
     childArgv.push_back(CrashReporter::GetChildNotificationPipe());
 #endif  // defined(OS_LINUX) || defined(OS_BSD) || defined(OS_SOLARIS)
   }
 
   int fd = PR_FileDesc2NativeHandle(crashAnnotationWritePipe);
   mLaunchOptions->fds_to_remap.push_back(
     std::make_pair(fd, CrashReporter::GetAnnotationTimeCrashFd()));
 
--- a/ipc/glue/MessageChannel.cpp
+++ b/ipc/glue/MessageChannel.cpp
@@ -1725,18 +1725,19 @@ MessageChannel::Call(Message* aMsg, Mess
 
 #ifdef OS_WIN
         // We need to limit the scoped of neuteredRgn to this spot in the code.
         // Window neutering can't be enabled during some plugin calls because
         // we then risk the neutered window procedure being subclassed by a
         // plugin.
         {
             NeuteredWindowRegion neuteredRgn(mFlags & REQUIRE_DEFERRED_MESSAGE_PROTECTION);
-            /* We should pump messages at this point to ensure that the IPC peer
-               does not become deadlocked on a pending inter-thread SendMessage() */
+            /* We should pump messages at this point to ensure that the IPC
+               peer does not become deadlocked on a pending inter-thread
+               SendMessage() */
             neuteredRgn.PumpOnce();
         }
 #endif
 
         // Now might be the time to process a message deferred because of race
         // resolution.
         MaybeUndeferIncall();
 
@@ -1923,18 +1924,18 @@ MessageChannel::ShouldRunMessage(const M
     }
 
     // If we've timed out a message and we're awaiting the reply to the timed
     // out message, we have to be careful what messages we process. Here's what
     // can go wrong:
     // 1. child sends a NOT_NESTED sync message S
     // 2. parent sends a NESTED_INSIDE_SYNC sync message H at the same time
     // 3. parent times out H
-    // 4. child starts processing H and sends a NESTED_INSIDE_SYNC message H' nested
-    //    within the same transaction
+    // 4. child starts processing H and sends a NESTED_INSIDE_SYNC message H'
+    //    nested within the same transaction
     // 5. parent dispatches S and sends reply
     // 6. child asserts because it instead expected a reply to H'.
     //
     // To solve this, we refuse to process S in the parent until we get a reply
     // to H. More generally, let the timed out message be M. We don't process a
     // message unless the child would need the response to that message in order
     // to process M. Those messages are the ones that have a higher nested level
     // than M or that are part of the same transaction as M.
--- a/ipc/glue/MessageChannel.h
+++ b/ipc/glue/MessageChannel.h
@@ -752,22 +752,23 @@ private:
     // in-msg.
     //
     // The second case is |C<|, an Interrupt in-call; the other side must be blocked.
     // (There's a subtlety here: this in-call might have raced with an
     // out-call, but we detect that with the mechanism below,
     // |mRemoteStackDepth|, and races don't matter to the queue.)
     //
     // Final case, the other side replied to our most recent out-call |R<|.
-    // If that was the *only* out-call on our stack, |?{mInterruptStack.size() == 1}|,
-    // then other side "finished with us," and went back to its own business.
-    // That business might have included sending any number of async message
-    // |A<*| until sending a blocking message |(S< | C<)|.  If we had more than
-    // one Interrupt call on our stack, the other side *better* not have sent us
-    // another blocking message, because it's blocked on a reply from us.
+    // If that was the *only* out-call on our stack,
+    // |?{mInterruptStack.size() == 1}|, then other side "finished with us,"
+    // and went back to its own business.  That business might have included
+    // sending any number of async message |A<*| until sending a blocking
+    // message |(S< | C<)|.  If we had more than one Interrupt call on our
+    // stack, the other side *better* not have sent us another blocking
+    // message, because it's blocked on a reply from us.
     //
     MessageQueue mPending;
 
     // The number of messages in mPending for which IsAlwaysDeferred is false
     // (i.e., the number of messages that might not be deferred, depending on
     // context).
     size_t mMaybeDeferredPendingCount;
 
--- a/js/src/jit/VMFunctions.h
+++ b/js/src/jit/VMFunctions.h
@@ -93,17 +93,17 @@ enum MaybeTailCall : bool {
 //
 // Different JIT compilers in SpiderMonkey have their own implementations of
 // callVM to consume VMFunctions. However, the general shape of them is that
 // arguments that don't include the JIT Context or trailing out-param are pushed
 // on to the stack from right to left (rightmost argument is pushed first).
 //
 // Regardless of return value protocol being used (final outParam, or return
 // value) the generated trampolines ensure the return value ends up in
-// JSReturnReg, ReturnReg or ReturnDoubleReg.
+// JSReturnOperand, ReturnReg or ReturnDoubleReg.
 //
 // Example:
 //
 // The details will differ slightly between the different compilers in
 // SpiderMonkey, but the general shape of our usage looks like this:
 //
 // Suppose we have a function Foo:
 //
--- a/js/xpconnect/loader/AutoMemMap.h
+++ b/js/xpconnect/loader/AutoMemMap.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef loader_AutoMemMap_h
 #define loader_AutoMemMap_h
 
 #include "mozilla/FileUtils.h"
--- a/js/xpconnect/loader/PrecompiledScript.h
+++ b/js/xpconnect/loader/PrecompiledScript.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2; -*- */
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef mozilla_dom_PrecompiledScript_h
 #define mozilla_dom_PrecompiledScript_h
 
 #include "mozilla/dom/BindingDeclarations.h"
--- a/js/xpconnect/loader/ScriptCacheActors.h
+++ b/js/xpconnect/loader/ScriptCacheActors.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef ScriptCache_h
 #define ScriptCache_h
 
 #include "mozilla/ScriptPreloader.h"
--- a/js/xpconnect/loader/ScriptPreloader-inl.h
+++ b/js/xpconnect/loader/ScriptPreloader-inl.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef ScriptPreloader_inl_h
 #define ScriptPreloader_inl_h
 
 #include "mozilla/Attributes.h"
--- a/js/xpconnect/loader/ScriptPreloader.h
+++ b/js/xpconnect/loader/ScriptPreloader.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef ScriptPreloader_h
 #define ScriptPreloader_h
 
 #include "mozilla/CheckedInt.h"
--- a/js/xpconnect/loader/URLPreloader.h
+++ b/js/xpconnect/loader/URLPreloader.h
@@ -1,9 +1,9 @@
-/* -*-  Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef URLPreloader_h
 #define URLPreloader_h
 
 #include "mozilla/FileLocation.h"
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@@ -303,22 +303,24 @@ private:
 
 /***************************************************************************/
 
 // In the current xpconnect system there can only be one XPCJSContext.
 // So, xpconnect can only be used on one JSContext within the process.
 
 class WatchdogManager;
 
+// clang-format off
 MOZ_DEFINE_ENUM(WatchdogTimestampCategory, (
     TimestampWatchdogWakeup,
     TimestampWatchdogHibernateStart,
     TimestampWatchdogHibernateStop,
     TimestampContextStateChange
 ));
+// clang-format on
 
 class AsyncFreeSnowWhite;
 
 class XPCJSContext final : public mozilla::CycleCollectedJSContext
                          , public mozilla::LinkedListElement<XPCJSContext>
 {
 public:
     static void InitTLS();
--- a/js/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/xpconnect/wrappers/XrayWrapper.cpp
@@ -758,22 +758,24 @@ JSXrayTraits::defineProperty(JSContext* 
 {
     *defined = false;
     RootedObject holder(cx, ensureHolder(cx, wrapper));
     if (!holder) {
         return false;
     }
 
 
-    // Object and Array instances are special. For those cases, we forward property
-    // definitions to the underlying object if the following conditions are met:
+    // Object and Array instances are special. For those cases, we forward
+    // property definitions to the underlying object if the following
+    // conditions are met:
     // * The property being defined is a value-prop.
-    // * The property being defined is either a primitive or subsumed by the target.
-    // * As seen from the Xray, any existing property that we would overwrite is an
-    //   |own| value-prop.
+    // * The property being defined is either a primitive or subsumed by the
+    //   target.
+    // * As seen from the Xray, any existing property that we would overwrite
+    //   is an |own| value-prop.
     //
     // To avoid confusion, we disallow expandos on Object and Array instances, and
     // therefore raise an exception here if the above conditions aren't met.
     JSProtoKey key = getProtoKey(holder);
     bool isInstance = !isPrototype(holder);
     bool isObjectOrArray = (key == JSProto_Object || key == JSProto_Array);
     if (isObjectOrArray && isInstance) {
         RootedObject target(cx, getTargetObject(wrapper));
--- a/media/gmp-clearkey/0.1/WMFH264Decoder.cpp
+++ b/media/gmp-clearkey/0.1/WMFH264Decoder.cpp
@@ -269,17 +269,18 @@ WMFH264Decoder::GetOutputSample(IMFSampl
   CComPtr<IMFSample> sample;
   hr = CreateOutputSample(&sample);
   ENSURE(SUCCEEDED(hr), hr);
 
   output.pSample = sample;
 
   DWORD status = 0;
   hr = mDecoder->ProcessOutput(0, 1, &output, &status);
-  //LOG(L"WMFH264Decoder::GetOutputSample() ProcessOutput returned 0x%x\n", hr);
+  // LOG(L"WMFH264Decoder::GetOutputSample() ProcessOutput returned 0x%x\n",
+  //     hr);
   CComPtr<IMFCollection> events = output.pEvents; // Ensure this is released.
 
   if (hr == MF_E_TRANSFORM_STREAM_CHANGE) {
     // Type change. Probably geometric apperature change.
     hr = SetDecoderOutputType();
     ENSURE(SUCCEEDED(hr), hr);
 
     return GetOutputSample(aOutSample);
--- a/media/webrtc/signaling/src/common/Wrapper.h
+++ b/media/webrtc/signaling/src/common/Wrapper.h
@@ -6,38 +6,48 @@
 
 /*
  * Wrapper - Helper class for wrapper objects.
  *
  * This helps to construct a shared_ptr object which wraps access to an underlying handle.
  * (The handle could be a pointer to some low-level type, a conventional C handle, an int ID, a GUID, etc.)
  *
  * Usage:
- *   To obtain a FooPtr from a foo_handle_t, call FooPtr Foo::wrap(foo_handle_t);
+ *   To obtain a FooPtr from a foo_handle_t, call
+ *     FooPtr Foo::wrap(foo_handle_t);
  *
- * To implement Foo using Wrapper, Foo needs to include this macro in its class definition:
+ * To implement Foo using Wrapper, Foo needs to include this macro in its class
+ * definition:
  *   CSF_DECLARE_WRAP(Foo, foo_handle_t);
- * It also needs to include this in the cpp file, to provide the wrap() implementation and define the static Wrapper.
+ * It also needs to include this in the cpp file, to provide the wrap()
+ * implementation and define the static Wrapper.
  *   CSF_IMPLEMENT_WRAP(Foo, foo_handle_t);
- * These are all declared in common/Wrapper.h - Foo.h needs to include this too.
- * The client needs to declare Foo(foo_handle_t) as private, and provide a suitable implementation, as well as
- *   implementing wrappers for any other functions to be exposed.
+ * These are all declared in common/Wrapper.h - Foo.h needs to include this
+ * too.
+ * The client needs to declare Foo(foo_handle_t) as private, and provide a
+ * suitable implementation, as well as implementing wrappers for any other
+ * functions to be exposed.
  * The client needs to implement ~Foo() to perform any cleanup as usual.
  *
- * wrap() will always return the same FooPtr for a given foo_handle_t, it will not construct additional objects
- *        if a suitable one already exists.
- * changeHandle() is used in rare cases where the underlying handle is changed, but the wrapper object is intended
- *                to remain.  This is the case for the "fake" CC_DPCall generated on CC_DPLine::CreateCall(), where
- *                the correct IDPCall* is provided later.
- * reset() is a cleanup step to wipe the handle map and allow memory to be reclaimed.
+ * wrap() will always return the same FooPtr for a given foo_handle_t, it will
+ * not construct additional objects if a suitable one already exists.
+ * changeHandle() is used in rare cases where the underlying handle is changed,
+ *                but the wrapper object is intended to remain.  This is the
+ *                case for the "fake" CC_DPCall generated on
+ *                CC_DPLine::CreateCall(), where the correct IDPCall* is
+ *                provided later.
+ * reset() is a cleanup step to wipe the handle map and allow memory to be
+ * reclaimed.
  *
  * Future enhancements:
- * - For now, objects remain in the map forever.  Better would be to add a releaseHandle() function which would
- *   allow the map to be emptied as underlying handles expired.  While we can't force the client to give up its
- *   shared_ptr<Foo> objects, we can remove our own copy, for instance on a call ended event.
+ * - For now, objects remain in the map forever.  Better would be to add a
+ *   releaseHandle() function which would allow the map to be emptied as
+ *   underlying handles expired.  While we can't force the client to give up
+ *   its shared_ptr<Foo> objects, we can remove our own copy, for instance on a
+ *   call ended event.
  */
 
 #include <map>
 #include "prlock.h"
 #include "mozilla/Assertions.h"
 
 /*
  * Wrapper has its own autolock class because the instances are declared
--- a/media/webrtc/signaling/src/media-conduit/AudioConduit.h
+++ b/media/webrtc/signaling/src/media-conduit/AudioConduit.h
@@ -94,53 +94,62 @@ public:
    * Register External Transport to this Conduit. RTP and RTCP frames from the VoiceEngine
    * shall be passed to the registered transport for transporting externally.
    */
   MediaConduitErrorCode SetTransmitterTransport(RefPtr<TransportInterface> aTransport) override;
 
   MediaConduitErrorCode SetReceiverTransport(RefPtr<TransportInterface> aTransport) override;
 
   /**
-   * Function to deliver externally captured audio sample for encoding and transport
+   * Function to deliver externally captured audio sample for encoding and
+   * transport
    * @param audioData [in]: Pointer to array containing a frame of audio
-   * @param lengthSamples [in]: Length of audio frame in samples in multiple of 10 milliseconds
-   *                             Ex: Frame length is 160, 320, 440 for 16, 32, 44 kHz sampling rates
-                                    respectively.
-                                    audioData[] should be of lengthSamples in size
-                                    say, for 16kz sampling rate, audioData[] should contain 160
-                                    samples of 16-bits each for a 10m audio frame.
-   * @param samplingFreqHz [in]: Frequency/rate of the sampling in Hz ( 16000, 32000 ...)
-   * @param capture_delay [in]:  Approx Delay from recording until it is delivered to VoiceEngine
-                                 in milliseconds.
-   * NOTE: ConfigureSendMediaCodec() SHOULD be called before this function can be invoked
-   *       This ensures the inserted audio-samples can be transmitted by the conduit
-   *
+   * @param lengthSamples [in]: Length of audio frame in samples in multiple of
+   *                             10 milliseconds
+   *                             Ex: Frame length is 160, 320, 440 for 16, 32,
+   *                             44 kHz sampling rates respectively.
+   *                             audioData[] should be of lengthSamples in
+   *                             size say, for 16kz sampling rate,
+   *                             audioData[] should contain 160 samples of
+   *                             16-bits each for a 10m audio frame.
+   * @param samplingFreqHz [in]: Frequency/rate of the sampling in Hz
+   *                             ( 16000, 32000 ...)
+   * @param capture_delay [in]:  Approx Delay from recording until it is
+   *                             delivered to VoiceEngine in milliseconds.
+   * NOTE: ConfigureSendMediaCodec() SHOULD be called before this function can
+   * be invoked. This ensures the inserted audio-samples can be transmitted by
+   * the conduit
    */
   MediaConduitErrorCode SendAudioFrame(const int16_t speechData[],
                                        int32_t lengthSamples,
                                        int32_t samplingFreqHz,
                                        uint32_t channels,
                                        int32_t capture_time) override;
 
   /**
-   * Function to grab a decoded audio-sample from the media engine for rendering
-   * / playoutof length 10 milliseconds.
+   * Function to grab a decoded audio-sample from the media engine for
+   * rendering / playoutof length 10 milliseconds.
    *
-   * @param speechData [in]: Pointer to a array to which a 10ms frame of audio will be copied
-   * @param samplingFreqHz [in]: Frequency of the sampling for playback in Hertz (16000, 32000,..)
-   * @param capture_delay [in]: Estimated Time between reading of the samples to rendering/playback
+   * @param speechData [in]: Pointer to a array to which a 10ms frame of audio
+   *                         will be copied
+   * @param samplingFreqHz [in]: Frequency of the sampling for playback in
+   *                             Hertz (16000, 32000,..)
+   * @param capture_delay [in]: Estimated Time between reading of the samples
+   *                            to rendering/playback
    * @param lengthSamples [in]: Contain maximum length of speechData array.
-   * @param lengthSamples [out]: Will contain length of the audio frame in samples at return.
-                                 Ex: A value of 160 implies 160 samples each of 16-bits was copied
-                                     into speechData
+   * @param lengthSamples [out]: Will contain length of the audio frame in
+   *                             samples at return.
+   *                             Ex: A value of 160 implies 160 samples each of
+   *                             16-bits was copied into speechData
    * NOTE: This function should be invoked every 10 milliseconds for the best
-   *          peformance
-   * NOTE: ConfigureRecvMediaCodec() SHOULD be called before this function can be invoked
-   *       This ensures the decoded samples are ready for reading and playout is enabled.
-   *
+   * peformance
+   * NOTE: ConfigureRecvMediaCodec() SHOULD be called before this function can
+   * be invoked
+   * This ensures the decoded samples are ready for reading and playout is
+   * enabled.
    */
    MediaConduitErrorCode GetAudioFrame(int16_t speechData[],
                                        int32_t samplingFreqHz,
                                        int32_t capture_delay,
                                        int& lengthSamples) override;
 
 
   /**
--- a/media/webrtc/signaling/src/media-conduit/MediaConduitInterface.h
+++ b/media/webrtc/signaling/src/media-conduit/MediaConduitInterface.h
@@ -199,17 +199,18 @@ public:
   virtual std::vector<unsigned int> GetLocalSSRCs() = 0;
 
   /**
   * Adds negotiated RTP header extensions to the the conduit. Unknown extensions
   * are ignored.
   * @param aDirection the local direction to set the RTP header extensions for
   * @param aExtensions the RTP header extensions to set
   * @return if all extensions were set it returns a success code,
-  *         if an extension fails to set it may immediately return an error code
+  *         if an extension fails to set it may immediately return an error
+  *         code
   * TODO webrtc.org 64 update: make return type void again
   */
   virtual MediaConduitErrorCode
   SetLocalRTPExtensions(MediaSessionConduitLocalDirection aDirection,
                         const RtpExtList& aExtensions) = 0;
 
   virtual bool GetRemoteSSRC(unsigned int* ssrc) = 0;
   virtual bool SetRemoteSSRC(unsigned int ssrc) = 0;
@@ -452,29 +453,30 @@ public:
   virtual MediaConduitErrorCode SendVideoFrame(
     const webrtc::VideoFrame& frame) = 0;
 
   virtual MediaConduitErrorCode ConfigureCodecMode(webrtc::VideoCodecMode) = 0;
 
   /**
    * Function to configure send codec for the video session
    * @param sendSessionConfig: CodecConfiguration
-   * @result: On Success, the video engine is configured with passed in codec for send
-   *          On failure, video engine transmit functionality is disabled.
-   * NOTE: This API can be invoked multiple time. Invoking this API may involve restarting
-   *        transmission sub-system on the engine
+   * @result: On Success, the video engine is configured with passed in codec
+   *          for send. On failure, video engine transmit functionality is
+   *          disabled.
+   * NOTE: This API can be invoked multiple time. Invoking this API may involve
+   *       restarting transmission sub-system on the engine
    *
    */
   virtual MediaConduitErrorCode ConfigureSendMediaCodec(const VideoCodecConfig* sendSessionConfig) = 0;
 
   /**
    * Function to configurelist of receive codecs for the video session
    * @param sendSessionConfig: CodecConfiguration
-   * NOTE: This API can be invoked multiple time. Invoking this API may involve restarting
-   *        reception sub-system on the engine
+   * NOTE: This API can be invoked multiple time. Invoking this API may involve
+   *       restarting reception sub-system on the engine
    *
    */
   virtual MediaConduitErrorCode ConfigureRecvMediaCodecs(
       const std::vector<UniquePtr<VideoCodecConfig>>& recvCodecConfigList) = 0;
 
   /**
     * These methods allow unit tests to double-check that the
     * rtcp-fb settings are as expected.
@@ -525,51 +527,60 @@ public:
   virtual ~AudioSessionConduit() {}
 
   Type type() const override { return AUDIO; }
 
   MediaConduitErrorCode
   SetLocalRTPExtensions(MediaSessionConduitLocalDirection aDirection,
                         const RtpExtList& extensions) override = 0;
   /**
-   * Function to deliver externally captured audio sample for encoding and transport
+   * Function to deliver externally captured audio sample for encoding and
+   * transport
    * @param audioData [in]: Pointer to array containing a frame of audio
-   * @param lengthSamples [in]: Length of audio frame in samples in multiple of 10 milliseconds
-  *                             Ex: Frame length is 160, 320, 440 for 16, 32, 44 kHz sampling rates
-                                    respectively.
-                                    audioData[] is lengthSamples in size
-                                    say, for 16kz sampling rate, audioData[] should contain 160
-                                    samples of 16-bits each for a 10m audio frame.
-   * @param samplingFreqHz [in]: Frequency/rate of the sampling in Hz ( 16000, 32000 ...)
-   * @param capture_delay [in]:  Approx Delay from recording until it is delivered to VoiceEngine
-                                 in milliseconds.
-   * NOTE: ConfigureSendMediaCodec() SHOULD be called before this function can be invoked
-   *       This ensures the inserted audio-samples can be transmitted by the conduit
+   * @param lengthSamples [in]: Length of audio frame in samples in multiple of
+   *                            10 milliseconds
+   *                            Ex: Frame length is 160, 320, 440 for 16, 32,
+   *                                44 kHz sampling rates respectively.
+   *                                audioData[] is lengthSamples in size
+   *                                say, for 16kz sampling rate, audioData[]
+   *                                should contain 160 samples of 16-bits each
+   *                                for a 10m audio frame.
+   * @param samplingFreqHz [in]: Frequency/rate of the sampling in Hz ( 16000,
+   *                             32000 ...)
+   * @param capture_delay [in]:  Approx Delay from recording until it is
+   *                             delivered to VoiceEngine in milliseconds.
+   * NOTE: ConfigureSendMediaCodec() SHOULD be called before this function can
+   * be invoked. This ensures the inserted audio-samples can be transmitted by
+   * the conduit.
    *
    */
   virtual MediaConduitErrorCode SendAudioFrame(const int16_t audioData[],
                                                int32_t lengthSamples,
                                                int32_t samplingFreqHz,
                                                uint32_t channels,
                                                int32_t capture_delay) = 0;
 
   /**
    * Function to grab a decoded audio-sample from the media engine for rendering
    * / playoutof length 10 milliseconds.
    *
-   * @param speechData [in]: Pointer to a array to which a 10ms frame of audio will be copied
-   * @param samplingFreqHz [in]: Frequency of the sampling for playback in Hertz (16000, 32000,..)
-   * @param capture_delay [in]: Estimated Time between reading of the samples to rendering/playback
-   * @param lengthSamples [out]: Will contain length of the audio frame in samples at return.
-                                 Ex: A value of 160 implies 160 samples each of 16-bits was copied
-                                     into speechData
+   * @param speechData [in]: Pointer to a array to which a 10ms frame of audio
+   *                         will be copied
+   * @param samplingFreqHz [in]: Frequency of the sampling for playback in
+   *                             Hertz (16000, 32000,..)
+   * @param capture_delay [in]: Estimated Time between reading of the samples
+   *                            to rendering/playback
+   * @param lengthSamples [out]: Will contain length of the audio frame in
+   *                             samples at return.
+   *                             Ex: A value of 160 implies 160 samples each of
+   *                                 16-bits was copied into speechData
    * NOTE: This function should be invoked every 10 milliseconds for the best
-   *          peformance
-   * NOTE: ConfigureRecvMediaCodec() SHOULD be called before this function can be invoked
-   *       This ensures the decoded samples are ready for reading.
+   * peformance
+   * NOTE: ConfigureRecvMediaCodec() SHOULD be called before this function can
+   * be invoked. This ensures the decoded samples are ready for reading.
    *
    */
   virtual MediaConduitErrorCode GetAudioFrame(int16_t speechData[],
                                               int32_t samplingFreqHz,
                                               int32_t capture_delay,
                                               int& lengthSamples) = 0;
 
   /**
--- a/media/webrtc/signaling/src/media-conduit/VideoConduit.h
+++ b/media/webrtc/signaling/src/media-conduit/VideoConduit.h
@@ -120,31 +120,33 @@ public:
   /**
    * Function to configure sending codec mode for different content
    */
   MediaConduitErrorCode ConfigureCodecMode(webrtc::VideoCodecMode) override;
 
    /**
    * Function to configure send codec for the video session
    * @param sendSessionConfig: CodecConfiguration
-   * @result: On Success, the video engine is configured with passed in codec for send
+   * @result: On Success, the video engine is configured with passed in codec
+   *          for send
    *          On failure, video engine transmit functionality is disabled.
-   * NOTE: This API can be invoked multiple time. Invoking this API may involve restarting
-   *        transmission sub-system on the engine.
+   * NOTE: This API can be invoked multiple time. Invoking this API may involve
+   * restarting transmission sub-system on the engine.
    */
   MediaConduitErrorCode ConfigureSendMediaCodec(const VideoCodecConfig* codecInfo) override;
 
   /**
    * Function to configure list of receive codecs for the video session
    * @param sendSessionConfig: CodecConfiguration
-   * @result: On Success, the video engine is configured with passed in codec for send
+   * @result: On Success, the video engine is configured with passed in codec
+   *          for send
    *          Also the playout is enabled.
    *          On failure, video engine transmit functionality is disabled.
-   * NOTE: This API can be invoked multiple time. Invoking this API may involve restarting
-   *        transmission sub-system on the engine.
+   * NOTE: This API can be invoked multiple time. Invoking this API may involve
+   * restarting transmission sub-system on the engine.
    */
    MediaConduitErrorCode ConfigureRecvMediaCodecs(
        const std::vector<UniquePtr<VideoCodecConfig>>& codecConfigList) override;
 
   /**
    * Register Transport for this Conduit. RTP and RTCP frames from the VideoEngine
    * shall be passed to the registered transport for transporting externally.
    */
--- a/media/webrtc/signaling/src/mediapipeline/RtpLogger.h
+++ b/media/webrtc/signaling/src/mediapipeline/RtpLogger.h
@@ -10,17 +10,18 @@
 #include "webrtc/modules/rtp_rtcp/include/rtp_header_parser.h"
 #include "mtransport/mediapacket.h"
 
 namespace mozilla {
 
 /* This class logs RTP and RTCP packets in hex in a format compatible to
  * text2pcap.
  * Example to convert the MOZ log file into a PCAP file:
- *   egrep '(RTP_PACKET|RTCP_PACKET)' moz.log | text2pcap -D -n -l 1 -i 17 -u 1234,1235 -t '%H:%M:%S.' - rtp.pcap
+ *   egrep '(RTP_PACKET|RTCP_PACKET)' moz.log | \
+ *     text2pcap -D -n -l 1 -i 17 -u 1234,1235 -t '%H:%M:%S.' - rtp.pcap
  */
 class RtpLogger {
 public:
   static bool IsPacketLoggingOn();
   static void LogPacket(const MediaPacket& packet, bool input,
                         std::string desc);
 };
 
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionCtx.cpp
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionCtx.cpp
@@ -182,17 +182,18 @@ void PeerConnectionCtx::Destroy() {
   }
 
   StopWebRtcLog();
 }
 
 // Telemetry reporting every second after start of first call.
 // The threading model around the media pipelines is weird:
 // - The pipelines are containers,
-// - containers that are only safe on main thread, with members only safe on STS,
+// - containers that are only safe on main thread, with members only safe on
+//   STS,
 // - hence the there and back again approach.
 
 static auto
 FindId(const Sequence<RTCInboundRTPStreamStats>& aArray,
        const nsString &aId) -> decltype(aArray.Length()) {
   for (decltype(aArray.Length()) i = 0; i < aArray.Length(); i++) {
     if (aArray[i].mId.Value() == aId) {
       return i;
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp
@@ -1210,17 +1210,18 @@ PeerConnectionImpl::CreateDataChannel(co
 //
 // Without it, each weak-ref call in this file would look like this:
 //
 //  nsCOMPtr<nsISupportsWeakReference> tmp = do_QueryReferent(mPCObserver);
 //  if (!tmp) {
 //    return;
 //  }
 //  RefPtr<nsSupportsWeakReference> tmp2 = do_QueryObject(tmp);
-//  RefPtr<PeerConnectionObserver> pco = static_cast<PeerConnectionObserver*>(&*tmp2);
+//  RefPtr<PeerConnectionObserver> pco =
+//    static_cast<PeerConnectionObserver*>(&*tmp2);
 
 static already_AddRefed<PeerConnectionObserver>
 do_QueryObjectReferent(nsIWeakReference* aRawPtr) {
   nsCOMPtr<nsISupportsWeakReference> tmp = do_QueryReferent(aRawPtr);
   if (!tmp) {
     return nullptr;
   }
   RefPtr<nsSupportsWeakReference> tmp2 = do_QueryObject(tmp);
--- a/mfbt/Attributes.h
+++ b/mfbt/Attributes.h
@@ -567,18 +567,18 @@
  *   a new expression (unless placement new is being used). If a member of
  *   another class uses this class, or if another class inherits from this
  *   class, then it is considered to be a stack class as well, although this
  *   attribute need not be provided in such cases.
  * MOZ_NONHEAP_CLASS: Applies to all classes. Any class with this annotation is
  *   expected to live on the stack or in static storage, so it is a compile-time
  *   error to use it, or an array of such objects, as the type of a new
  *   expression. If a member of another class uses this class, or if another
- *   class inherits from this class, then it is considered to be a non-heap class
- *   as well, although this attribute need not be provided in such cases.
+ *   class inherits from this class, then it is considered to be a non-heap
+ *   class as well, although this attribute need not be provided in such cases.
  * MOZ_HEAP_CLASS: Applies to all classes. Any class with this annotation is
  *   expected to live on the heap, so it is a compile-time error to use it, or
  *   an array of such objects, as the type of a variable declaration, or as a
  *   temporary object. If a member of another class uses this class, or if
  *   another class inherits from this class, then it is considered to be a heap
  *   class as well, although this attribute need not be provided in such cases.
  * MOZ_NON_TEMPORARY_CLASS: Applies to all classes. Any class with this
  *   annotation is expected not to live in a temporary. If a member of another
@@ -632,46 +632,48 @@
  *   validating the usage of pointers otherwise.
  *
  *   Example uses include owned pointers inside of unions, and pointers stored
  *   in POD types where a using a smart pointer class would make the object
  *   non-POD.
  * MOZ_NON_OWNING_REF: Applies to declarations of pointers to reference counted
  *   types.  This attribute tells the compiler that the raw pointer is a weak
  *   reference, which is ensured to be valid by a guarantee that the reference
- *   will be nulled before the pointer becomes invalid.  This can make the compiler
- *   ignore these pointers when validating the usage of pointers otherwise.
+ *   will be nulled before the pointer becomes invalid.  This can make the
+ *   compiler ignore these pointers when validating the usage of pointers
+ *   otherwise.
  *
  *   Examples include an mOwner pointer, which is nulled by the owning class's
  *   destructor, and is null-checked before dereferencing.
- * MOZ_UNSAFE_REF: Applies to declarations of pointers to reference counted types.
- *   Occasionally there are non-owning references which are valid, but do not take
- *   the form of a MOZ_NON_OWNING_REF.  Their safety may be dependent on the behaviour
- *   of API consumers.  The string argument passed to this macro documents the safety
- *   conditions.  This can make the compiler ignore these pointers when validating
- *   the usage of pointers elsewhere.
+ * MOZ_UNSAFE_REF: Applies to declarations of pointers to reference counted
+ *   types.  Occasionally there are non-owning references which are valid, but
+ *   do not take the form of a MOZ_NON_OWNING_REF.  Their safety may be
+ *   dependent on the behaviour of API consumers.  The string argument passed
+ *   to this macro documents the safety conditions.  This can make the compiler
+ *   ignore these pointers when validating the usage of pointers elsewhere.
  *
- *   Examples include an nsAtom* member which is known at compile time to point to a
- *   static atom which is valid throughout the lifetime of the program, or an API which
- *   stores a pointer, but doesn't take ownership over it, instead requiring the API
- *   consumer to correctly null the value before it becomes invalid.
+ *   Examples include an nsAtom* member which is known at compile time to point
+ *   to a static atom which is valid throughout the lifetime of the program, or
+ *   an API which stores a pointer, but doesn't take ownership over it, instead
+ *   requiring the API consumer to correctly null the value before it becomes
+ *   invalid.
  *
- *   Use of this annotation is discouraged when a strong reference or one of the above
- *   two annotations can be used instead.
+ *   Use of this annotation is discouraged when a strong reference or one of
+ *   the above two annotations can be used instead.
  * MOZ_NO_ADDREF_RELEASE_ON_RETURN: Applies to function declarations.  Makes it
  *   a compile time error to call AddRef or Release on the return value of a
  *   function.  This is intended to be used with operator->() of our smart
  *   pointer classes to ensure that the refcount of an object wrapped in a
  *   smart pointer is not manipulated directly.
  * MOZ_MUST_USE_TYPE: Applies to type declarations.  Makes it a compile time
  *   error to not use the return value of a function which has this type.  This
  *   is intended to be used with types which it is an error to not use.
  * MOZ_NEEDS_NO_VTABLE_TYPE: Applies to template class declarations.  Makes it
- *   a compile time error to instantiate this template with a type parameter which
- *   has a VTable.
+ *   a compile time error to instantiate this template with a type parameter
+ *   which has a VTable.
  * MOZ_NON_MEMMOVABLE: Applies to class declarations for types that are not safe
  *   to be moved in memory using memmove().
  * MOZ_NEEDS_MEMMOVABLE_TYPE: Applies to template class declarations where the
  *   template arguments are required to be safe to move in memory using
  *   memmove().  Passing MOZ_NON_MEMMOVABLE types to these templates is a
  *   compile time error.
  * MOZ_NEEDS_MEMMOVABLE_MEMBERS: Applies to class declarations where each member
  *   must be safe to move in memory using memmove().  MOZ_NON_MEMMOVABLE types
@@ -686,31 +688,32 @@
  *   function. This annotation can be used in those cases.
  * MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS: Applies to template class
  *   declarations where an instance of the template should be considered, for
  *   static analysis purposes, to inherit any type annotations (such as
  *   MOZ_MUST_USE_TYPE and MOZ_STACK_CLASS) from its template arguments.
  * MOZ_INIT_OUTSIDE_CTOR: Applies to class member declarations. Occasionally
  *   there are class members that are not initialized in the constructor,
  *   but logic elsewhere in the class ensures they are initialized prior to use.
- *   Using this attribute on a member disables the check that this member must be
- *   initialized in constructors via list-initialization, in the constructor body,
- *   or via functions called from the constructor body.
+ *   Using this attribute on a member disables the check that this member must
+ *   be initialized in constructors via list-initialization, in the constructor
+ *   body, or via functions called from the constructor body.
  * MOZ_IS_CLASS_INIT: Applies to class method declarations. Occasionally the
- *   constructor doesn't initialize all of the member variables and another function
- *   is used to initialize the rest. This marker is used to make the static analysis
- *   tool aware that the marked function is part of the initialization process
- *   and to include the marked function in the scan mechanism that determines which
- *   member variables still remain uninitialized.
+ *   constructor doesn't initialize all of the member variables and another
+ *   function is used to initialize the rest. This marker is used to make the
+ *   static analysis tool aware that the marked function is part of the
+ *   initialization process and to include the marked function in the scan
+ *   mechanism that determines which member variables still remain
+ *   uninitialized.
  * MOZ_NON_PARAM: Applies to types. Makes it compile time error to use the type
  *   in parameter without pointer or reference.
- * MOZ_NON_AUTOABLE: Applies to class declarations. Makes it a compile time error to
- *   use `auto` in place of this type in variable declarations.  This is intended to
- *   be used with types which are intended to be implicitly constructed into other
- *   other types before being assigned to variables.
+ * MOZ_NON_AUTOABLE: Applies to class declarations. Makes it a compile time
+ *   error to use `auto` in place of this type in variable declarations.  This
+ *   is intended to be used with types which are intended to be implicitly
+ *   constructed into other other types before being assigned to variables.
  * MOZ_REQUIRED_BASE_METHOD: Applies to virtual class method declarations.
  *   Sometimes derived classes override methods that need to be called by their
  *   overridden counterparts. This marker indicates that the marked method must
  *   be called by the method that it overrides.
  * MOZ_MUST_RETURN_FROM_CALLER: Applies to function or method declarations.
  *   Callers of the annotated function/method must return from that function
  *   within the calling block using an explicit `return` statement.
  *   Only calls to Constructors, references to local and member variables,
--- a/mfbt/Move.h
+++ b/mfbt/Move.h
@@ -132,17 +132,18 @@ namespace mozilla {
  *   C::C(X&& x, Y&  y) : x(std::move(x)), y(y)       { }
  *   C::C(X&& x, Y&& y) : x(std::move(x)), y(std::move(y)) { }
  *
  * To avoid this, C++11 has tweaks to make it possible to write what you mean.
  * The four constructor overloads above can be written as one constructor
  * template like so[0]:
  *
  *   template <typename XArg, typename YArg>
- *   C::C(XArg&& x, YArg&& y) : x(std::forward<XArg>(x)), y(std::forward<YArg>(y)) { }
+ *   C::C(XArg&& x, YArg&& y) : x(std::forward<XArg>(x)),
+ *                              y(std::forward<YArg>(y)) { }
  *
  * ("'Don't Repeat Yourself'? What's that?")
  *
  * This takes advantage of two new rules in C++11:
  *
  * - First, when a function template takes an argument that is an rvalue
  *   reference to a template argument (like 'XArg&& x' and 'YArg&& y' above),
  *   then when the argument is applied to an lvalue, the template argument
--- a/mfbt/Span.h
+++ b/mfbt/Span.h
@@ -443,18 +443,21 @@ public:
   using const_iterator =
     span_details::span_iterator<Span<ElementType, Extent>, true>;
   using reverse_iterator = std::reverse_iterator<iterator>;
   using const_reverse_iterator = std::reverse_iterator<const_iterator>;
 
   constexpr static const index_type extent = Extent;
 
   // [Span.cons], Span constructors, copy, assignment, and destructor
-  // "Dependent" is needed to make "span_details::enable_if_t<(Dependent || Extent == 0 || Extent == mozilla::MaxValue<size_t>::value)>" SFINAE,
-  // since "span_details::enable_if_t<(Extent == 0 || Extent == mozilla::MaxValue<size_t>::value)>" is ill-formed when Extent is neither of the extreme values.
+  // "Dependent" is needed to make "span_details::enable_if_t<(Dependent ||
+  //   Extent == 0 || Extent == mozilla::MaxValue<size_t>::value)>" SFINAE,
+  // since "span_details::enable_if_t<(Extent == 0 || Extent ==
+  //   mozilla::MaxValue<size_t>::value)>" is ill-formed when Extent is neither
+  //   of the extreme values.
   /**
    * Constructor with no args.
    */
   template<
     bool Dependent = false,
     class = span_details::enable_if_t<
       (Dependent || Extent == 0 || Extent == mozilla::MaxValue<size_t>::value)>>
   constexpr Span()
--- a/mfbt/ThreadSafeWeakPtr.h
+++ b/mfbt/ThreadSafeWeakPtr.h
@@ -38,17 +38,18 @@
  *   {
  *     RefPtr<C> strong = new C;
  *     if (strong) {
  *       strong->doStuff();
  *     }
  *     // Make a new weak reference to the object from the strong reference.
  *     weak = strong;
  *   }
- *   MOZ_ASSERT(!bool(weak), "Weak pointers are cleared after all strong references are released.");
+ *   MOZ_ASSERT(!bool(weak), "Weak pointers are cleared after all "
+ *                           "strong references are released.");
  *
  *   // Convert the weak reference to a strong reference for usage.
  *   RefPtr<C> other(weak);
  *   if (other) {
  *     other->doStuff();
  *   }
  */
 
--- a/mfbt/WrappingOperations.h
+++ b/mfbt/WrappingOperations.h
@@ -137,19 +137,22 @@ public:
  *   WrappingAdd(uint32_t(42), uint32_t(17)) is 59 (59 mod 2**32);
  *   WrappingAdd(uint8_t(240), uint8_t(20)) is 4 (260 mod 2**8).
  *
  * Unsigned WrappingAdd acts exactly like C++ unsigned addition.
  *
  * For N-bit signed integer types, this is equivalent to adding the two numbers
  * wrapped to unsigned, then wrapping the sum mod 2**N to the signed range:
  *
- *   WrappingAdd(int16_t(32767), int16_t(3)) is -32766 ((32770 mod 2**16) - 2**16);
- *   WrappingAdd(int8_t(-128), int8_t(-128)) is 0 (256 mod 2**8);
- *   WrappingAdd(int32_t(-42), int32_t(-17)) is -59 ((8589934533 mod 2**32) - 2**32).
+ *   WrappingAdd(int16_t(32767), int16_t(3)) is
+ *     -32766 ((32770 mod 2**16) - 2**16);
+ *   WrappingAdd(int8_t(-128), int8_t(-128)) is
+ *     0 (256 mod 2**8);
+ *   WrappingAdd(int32_t(-42), int32_t(-17)) is
+ *     -59 ((8589934533 mod 2**32) - 2**32).
  *
  * There's no equivalent to this operation in C++, as C++ signed addition that
  * overflows has undefined behavior.  But it's how such addition *tends* to
  * behave with most compilers, unless an optimization or similar -- quite
  * permissibly -- triggers different behavior.
  */
 template<typename T>
 constexpr T
@@ -248,17 +251,18 @@ public:
  * So it's especially important to use WrappingMultiply for wraparound math with
  * uint16_t.  That quirk aside, this function acts like you *thought* C++
  * unsigned multiplication always worked.
  *
  * For N-bit signed integer types, this is equivalent to multiplying the two
  * numbers wrapped to unsigned, then wrapping the product mod 2**N to the signed
  * range:
  *
- *   WrappingMultiply(int16_t(-456), int16_t(123)) is 9448 ((-56088 mod 2**16) + 2**16);
+ *   WrappingMultiply(int16_t(-456), int16_t(123)) is
+ *     9448 ((-56088 mod 2**16) + 2**16);
  *   WrappingMultiply(int32_t(-7), int32_t(-9)) is 63 (63 mod 2**32);
  *   WrappingMultiply(int8_t(16), int8_t(24)) is -128 ((384 mod 2**8) - 2**8);
  *   WrappingMultiply(int8_t(16), int8_t(255)) is -16 ((4080 mod 2**8) - 2**8).
  *
  * There's no equivalent to this operation in C++, as C++ signed
  * multiplication that overflows has undefined behavior.  But it's how such
  * multiplication *tends* to behave with most compilers, unless an optimization
  * or similar -- quite permissibly -- triggers different behavior.
--- a/mfbt/tests/TestDefineEnum.cpp
+++ b/mfbt/tests/TestDefineEnum.cpp
@@ -30,29 +30,31 @@ static_assert(kTestEnum2Count == 3, "Inc
 //       correct underlying types. To do this, we need an |UnderlyingType|
 //       type trait, which needs compiler support (recent versions of
 //       compilers in the GCC family provide an |__underlying_type| builtin
 //       for this purpose.
 
 // Sanity test for MOZ_DEFINE_ENUM[_CLASS]_AT_CLASS_SCOPE.
 
 struct TestClass {
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     TestEnum3, (
       EnumeratorA,
       EnumeratorB,
       EnumeratorC
   ));
 
   MOZ_DEFINE_ENUM_CLASS_AT_CLASS_SCOPE(
     TestEnum4, (
       A,
       B,
       C
   ));
+  // clang-format on
 
   static_assert(EnumeratorA == 0, "Unexpected enumerator value");
   static_assert(EnumeratorB == 1, "Unexpected enumerator value");
   static_assert(EnumeratorC == 2, "Unexpected enumerator value");
   static_assert(sHighestTestEnum3 == EnumeratorC, "Incorrect highest value");
   static_assert(sTestEnum3Count == 3, "Incorrect enumerator count");
 
   static_assert(TestEnum4::A == TestEnum4(0), "Unexpected enumerator value");
--- a/mobile/android/geckoview/src/main/aidl/org/mozilla/gecko/gfx/ISurfaceAllocator.aidl
+++ b/mobile/android/geckoview/src/main/aidl/org/mozilla/gecko/gfx/ISurfaceAllocator.aidl
@@ -1,15 +1,12 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 package org.mozilla.gecko.gfx;
 
 import org.mozilla.gecko.gfx.GeckoSurface;
-import org.mozilla.gecko.gfx.SyncConfig;
 
 interface ISurfaceAllocator {
     GeckoSurface acquireSurface(in int width, in int height, in boolean singleBufferMode);
     void releaseSurface(in int handle);
-    void configureSync(in SyncConfig config);
-    void sync(in int handle);
 }
deleted file mode 100644
--- a/mobile/android/geckoview/src/main/aidl/org/mozilla/gecko/gfx/SyncConfig.aidl
+++ /dev/null
@@ -1,7 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-package org.mozilla.gecko.gfx;
-
-parcelable SyncConfig;
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/GeckoSurface.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/GeckoSurface.java
@@ -5,52 +5,51 @@
 
 package org.mozilla.gecko.gfx;
 
 import android.graphics.SurfaceTexture;
 
 import android.os.Parcel;
 import android.os.Parcelable;
 import android.view.Surface;
+import android.util.Log;
+
+import java.util.HashMap;
 
 import org.mozilla.gecko.annotation.WrapForJNI;
 
-import static org.mozilla.geckoview.BuildConfig.DEBUG_BUILD;
-
 public final class GeckoSurface extends Surface {
     private static final String LOGTAG = "GeckoSurface";
 
+    private static final HashMap<Integer, GeckoSurfaceTexture> sSurfaceTextures = new HashMap<Integer, GeckoSurfaceTexture>();
+
     private int mHandle;
     private boolean mIsSingleBuffer;
     private volatile boolean mIsAvailable;
     private boolean mOwned = true;
 
-    private int mMyPid;
-    // Locally allocated surface/texture. Do not pass it over IPC.
-    private GeckoSurface mSyncSurface;
-
+    @WrapForJNI(exceptionMode = "nsresult")
     public GeckoSurface(GeckoSurfaceTexture gst) {
         super(gst);
         mHandle = gst.getHandle();
         mIsSingleBuffer = gst.isSingleBuffer();
         mIsAvailable = true;
-        mMyPid = android.os.Process.myPid();
     }
 
     public GeckoSurface(Parcel p, SurfaceTexture dummy) {
         // A no-arg constructor exists, but is hidden in the SDK. We need to create a dummy
         // SurfaceTexture here in order to create the instance. This is used to transfer the
         // GeckoSurface across binder.
         super(dummy);
 
         readFromParcel(p);
         mHandle = p.readInt();
         mIsSingleBuffer = p.readByte() == 1 ? true : false;
         mIsAvailable = (p.readByte() == 1 ? true : false);
-        mMyPid = p.readInt();
+
         dummy.release();
     }
 
     public static final Parcelable.Creator<GeckoSurface> CREATOR = new Parcelable.Creator<GeckoSurface>() {
         public GeckoSurface createFromParcel(Parcel p) {
             return new GeckoSurface(p, new SurfaceTexture(0));
         }
 
@@ -60,65 +59,34 @@ public final class GeckoSurface extends 
     };
 
     @Override
     public void writeToParcel(Parcel out, int flags) {
         super.writeToParcel(out, flags);
         out.writeInt(mHandle);
         out.writeByte((byte) (mIsSingleBuffer ? 1 : 0));
         out.writeByte((byte) (mIsAvailable ? 1 : 0));
-        out.writeInt(mMyPid);
+
         mOwned = false;
     }
 
     @Override
     public void release() {
-        if (mSyncSurface != null) {
-            mSyncSurface.release();
-            GeckoSurfaceTexture gst = GeckoSurfaceTexture.lookup(mSyncSurface.getHandle());
-            if (gst != null) {
-                gst.decrementUse();
-            }
-            mSyncSurface = null;
-        }
-
         if (mOwned) {
             super.release();
         }
     }
 
     @WrapForJNI
-    public int getImageHandle() {
-        return mSyncSurface == null ? mHandle : mSyncSurface.getHandle();
+    public int getHandle() {
+        return mHandle;
     }
 
     @WrapForJNI
     public boolean getAvailable() {
         return mIsAvailable;
     }
 
     @WrapForJNI
     public void setAvailable(boolean available) {
         mIsAvailable = available;
     }
-
-    /* package */ boolean inProcess() {
-        return android.os.Process.myPid() == mMyPid;
-    }
-
-    /* package */ int getHandle() {
-        return mHandle;
-    }
-
-    /* package */ SyncConfig initSyncSurface(int width, int height) {
-        if (DEBUG_BUILD) {
-            if (inProcess()) {
-                throw new AssertionError("no need for sync when allocated in process");
-            }
-        }
-        GeckoSurfaceTexture texture = GeckoSurfaceTexture.acquire(false);
-        texture.setDefaultBufferSize(width, height);
-        texture.track(mHandle);
-        mSyncSurface = new GeckoSurface(texture);
-
-        return new SyncConfig(mHandle, mSyncSurface, width, height);
-    }
 }
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/GeckoSurfaceTexture.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/GeckoSurfaceTexture.java
@@ -9,17 +9,16 @@ import android.graphics.SurfaceTexture;
 import android.os.Build;
 import android.util.Log;
 
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.HashMap;
 import java.util.LinkedList;
 
 import org.mozilla.gecko.annotation.WrapForJNI;
-import org.mozilla.gecko.mozglue.JNIObject;
 
 /* package */ final class GeckoSurfaceTexture extends SurfaceTexture {
     private static final String LOGTAG = "GeckoSurfaceTexture";
     private static final int MAX_SURFACE_TEXTURES = 200;
     private static volatile int sNextHandle = 1;
     private static final HashMap<Integer, GeckoSurfaceTexture> sSurfaceTextures = new HashMap<Integer, GeckoSurfaceTexture>();
 
 
@@ -31,19 +30,16 @@ import org.mozilla.gecko.mozglue.JNIObje
 
     private long mAttachedContext;
     private int mTexName;
 
     private GeckoSurfaceTexture.Callbacks mListener;
     private AtomicInteger mUseCount;
     private boolean mFinalized;
 
-    private int mUpstream;
-    private NativeGLBlitHelper mBlitter;
-
     private GeckoSurfaceTexture(int handle) {
         super(0);
         init(handle, false);
     }
 
     private GeckoSurfaceTexture(int handle, boolean singleBufferMode) {
         super(0, singleBufferMode);
         init(handle, singleBufferMode);
@@ -108,34 +104,27 @@ import org.mozilla.gecko.mozglue.JNIObje
     public boolean isSingleBuffer() {
         return mIsSingleBuffer;
     }
 
     @Override
     @WrapForJNI
     public synchronized void updateTexImage() {
         try {
-            if (mUpstream != 0) {
-                SurfaceAllocator.sync(mUpstream);
-            }
             super.updateTexImage();
             if (mListener != null) {
                 mListener.onUpdateTexImage();
             }
         } catch (Exception e) {
             Log.w(LOGTAG, "updateTexImage() failed", e);
         }
     }
 
     @Override
     public synchronized void release() {
-        mUpstream = 0;
-        if (mBlitter != null) {
-            mBlitter.disposeNative();
-        }
         try {
             super.release();
             synchronized (sSurfaceTextures) {
                 sSurfaceTextures.remove(mHandle);
             }
         } catch (Exception e) {
             Log.w(LOGTAG, "release() failed", e);
         }
@@ -280,37 +269,13 @@ import org.mozilla.gecko.mozglue.JNIObje
 
     @WrapForJNI
     public static GeckoSurfaceTexture lookup(int handle) {
         synchronized (sSurfaceTextures) {
             return sSurfaceTextures.get(handle);
         }
     }
 
-    /* package */ void track(int upstream) {
-        mUpstream = upstream;
-    }
-
-    /* package */ synchronized void configureSnapshot(GeckoSurface target, int width, int height) {
-        mBlitter = NativeGLBlitHelper.create(mHandle, target, width, height);
-    }
-
-    /* package */ synchronized void takeSnapshot() {
-        mBlitter.blit();
-    }
-
     public interface Callbacks {
         void onUpdateTexImage();
         void onReleaseTexImage();
     }
-
-    @WrapForJNI
-    public static final class NativeGLBlitHelper extends JNIObject {
-        public native static NativeGLBlitHelper create(int textureHandle,
-                                                       GeckoSurface targetSurface,
-                                                       int width,
-                                                       int height);
-        public native void blit();
-
-        @Override
-        protected native void disposeNative();
-    }
 }
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SurfaceAllocator.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SurfaceAllocator.java
@@ -5,19 +5,22 @@
 
 package org.mozilla.gecko.gfx;
 
 import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
 import android.content.ServiceConnection;
 
+import android.graphics.SurfaceTexture;
 import android.os.IBinder;
+import android.os.Process;
 import android.os.RemoteException;
 import android.util.Log;
+import android.view.Surface;
 
 import org.mozilla.gecko.annotation.WrapForJNI;
 import org.mozilla.gecko.GeckoAppShell;
 
 /* package */ final class SurfaceAllocator {
     private static final String LOGTAG = "SurfaceAllocator";
 
     private static SurfaceAllocatorConnection sConnection;
@@ -41,22 +44,18 @@ import org.mozilla.gecko.GeckoAppShell;
     @WrapForJNI
     public static GeckoSurface acquireSurface(int width, int height, boolean singleBufferMode) {
         try {
             ensureConnection();
 
             if (singleBufferMode && !GeckoSurfaceTexture.isSingleBufferSupported()) {
                 return null;
             }
-            ISurfaceAllocator allocator = sConnection.getAllocator();
-            GeckoSurface surface = allocator.acquireSurface(width, height, singleBufferMode);
-            if (surface != null && !surface.inProcess()) {
-                allocator.configureSync(surface.initSyncSurface(width, height));
-            }
-            return surface;
+
+            return sConnection.getAllocator().acquireSurface(width, height, singleBufferMode);
         } catch (Exception e) {
             Log.w(LOGTAG, "Failed to acquire GeckoSurface", e);
             return null;
         }
     }
 
     @WrapForJNI
     public static void disposeSurface(GeckoSurface surface) {
@@ -77,32 +76,16 @@ import org.mozilla.gecko.GeckoAppShell;
         // And now our Surface
         try {
             surface.release();
         } catch (Exception e) {
             Log.w(LOGTAG, "Failed to release surface", e);
         }
     }
 
-    public static void sync(int upstream) {
-        try {
-            ensureConnection();
-        } catch (Exception e) {
-            Log.w(LOGTAG, "Failed to sync texture, no connection");
-            return;
-        }
-
-        // Release the SurfaceTexture on the other side
-        try {
-            sConnection.getAllocator().sync(upstream);
-        } catch (RemoteException e) {
-            Log.w(LOGTAG, "Failed to sync texture", e);
-        }
-    }
-
     private static final class SurfaceAllocatorConnection implements ServiceConnection {
         private ISurfaceAllocator mAllocator;
 
         public synchronized ISurfaceAllocator getAllocator() {
             while (mAllocator == null) {
                 try {
                     this.wait();
                 } catch (InterruptedException e) { }
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SurfaceAllocatorService.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SurfaceAllocatorService.java
@@ -4,16 +4,18 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 package org.mozilla.gecko.gfx;
 
 import android.app.Service;
 import android.content.Intent;
 import android.os.Binder;
 import android.os.IBinder;
+import android.os.RemoteException;
+import android.util.Log;
 
 public final class SurfaceAllocatorService extends Service {
 
     private static final String LOGTAG = "SurfaceAllocatorService";
 
     public int onStartCommand(final Intent intent, final int flags, final int startId) {
         return Service.START_STICKY;
     }
@@ -34,30 +36,16 @@ public final class SurfaceAllocatorServi
         }
 
         public void releaseSurface(int handle) {
             final GeckoSurfaceTexture gst = GeckoSurfaceTexture.lookup(handle);
             if (gst != null) {
                 gst.decrementUse();
             }
         }
-
-        public void configureSync(SyncConfig config) {
-            final GeckoSurfaceTexture gst = GeckoSurfaceTexture.lookup(config.sourceTextureHandle);
-            if (gst != null) {
-                gst.configureSnapshot(config.targetSurface, config.width, config.height);
-            }
-        }
-
-        public void sync(int handle) {
-            final GeckoSurfaceTexture gst = GeckoSurfaceTexture.lookup(handle);
-            if (gst != null) {
-                gst.takeSnapshot();
-            }
-        }
     };
 
     public IBinder onBind(final Intent intent) {
         return mBinder;
     }
 
     public boolean onUnbind(Intent intent) {
         return false;
deleted file mode 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/gfx/SyncConfig.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package org.mozilla.gecko.gfx;
-
-import android.os.Parcel;
-import android.os.Parcelable;
-
-/* package */ final class SyncConfig implements Parcelable {
-    final int sourceTextureHandle;
-    final GeckoSurface targetSurface;
-    final int width;
-    final int height;
-
-    /* package */ SyncConfig(int sourceTextureHandle,
-                             GeckoSurface targetSurface,
-                             int width,
-                             int height) {
-        this.sourceTextureHandle = sourceTextureHandle;
-        this.targetSurface = targetSurface;
-        this.width = width;
-        this.height = height;
-    }
-
-    public static final Creator<SyncConfig> CREATOR =
-        new Creator<SyncConfig>() {
-            @Override
-            public SyncConfig createFromParcel(Parcel parcel) {
-                return new SyncConfig(parcel);
-            }
-
-            @Override
-            public SyncConfig[] newArray(int i) {
-                return new SyncConfig[i];
-            }
-        };
-
-    private SyncConfig(Parcel parcel) {
-        sourceTextureHandle = parcel.readInt();
-        targetSurface = GeckoSurface.CREATOR.createFromParcel(parcel);
-        width = parcel.readInt();
-        height = parcel.readInt();
-    }
-
-    @Override
-    public int describeContents() {
-        return 0;
-    }
-
-    @Override
-    public void writeToParcel(Parcel parcel, int flags) {
-        parcel.writeInt(sourceTextureHandle);
-        targetSurface.writeToParcel(parcel, flags);
-        parcel.writeInt(width);
-        parcel.writeInt(height);
-    }
-}
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/mozglue/SharedMemory.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/mozglue/SharedMemory.java
@@ -50,17 +50,17 @@ public class SharedMemory implements Par
         @Override
         public SharedMemory[] newArray(int size) {
             return new SharedMemory[size];
         }
     };
 
     @Override
     public int describeContents() {
-        return CONTENTS_FILE_DESCRIPTOR;
+        return 0;
     }
 
     @Override
     public void writeToParcel(Parcel dest, int flags) {
         // We don't want ParcelFileDescriptor.writeToParcel() to close the fd.
         dest.writeFileDescriptor(mDescriptor.getFileDescriptor());
         dest.writeInt(mSize);
         dest.writeInt(mId);
new file mode 100644
--- /dev/null
+++ b/python/l10n/fluent_migrations/bug_1498448_certificateManager.py
@@ -0,0 +1,404 @@
+# coding=utf8
+
+# Any copyright is dedicated to the Public Domain.
+# http://creativecommons.org/publicdomain/zero/1.0/
+
+from __future__ import absolute_import
+import fluent.syntax.ast as FTL
+from fluent.migrate.helpers import transforms_from
+from fluent.migrate import COPY
+from fluent.migrate import REPLACE
+from fluent.migrate import CONCAT
+from fluent.migrate.helpers import VARIABLE_REFERENCE
+from fluent.migrate.helpers import TERM_REFERENCE
+from fluent.migrate.helpers import MESSAGE_REFERENCE
+
+def migrate(ctx):
+    """Bug 1498448 - Migrate Certificate Manager Dialog to use fluent for localization, part {index}."""
+
+    ctx.add_transforms(
+        "security/manager/security/certificates/certManager.ftl",
+        "security/manager/security/certificates/certManager.ftl",
+        transforms_from(
+"""
+certmgr-title =
+    .title = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.title") }
+
+certmgr-tab-mine =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.tab.mine") }
+
+certmgr-tab-people =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.tab.others2") }
+
+certmgr-tab-servers =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.tab.websites3") }
+
+certmgr-tab-ca =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.tab.ca") }
+
+certmgr-mine = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.mine2") }
+certmgr-people = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.others2") }
+certmgr-servers = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.websites3") }
+certmgr-ca = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.cas2") }
+
+certmgr-detail-general-tab-title =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.detail.general_tab.title") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.detail.general_tab.accesskey") }
+
+certmgr-detail-pretty-print-tab-title =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.detail.prettyprint_tab.title") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.detail.prettyprint_tab.accesskey") }
+
+certmgr-pending-label =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.pending.label") }
+
+certmgr-subject-info-label =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.subjectinfo.label") }
+
+certmgr-issuer-info-label =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.issuerinfo.label") }
+
+certmgr-period-of-validity-label =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.periodofvalidity.label") }
+
+certmgr-fingerprints-label =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.fingerprints.label") }
+
+certmgr-cert-detail =
+    .title = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.title") }
+    .buttonlabelaccept = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.close.label") }
+    .buttonaccesskeyaccept = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.close.accesskey") }
+
+certmgr-cert-detail-cn =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.cn") }
+
+certmgr-cert-detail-o =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.o") }
+
+certmgr-cert-detail-ou =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.ou") }
+
+certmgr-cert-detail-serialnumber =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.serialnumber") }
+
+certmgr-cert-detail-sha256-fingerprint =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.sha256fingerprint") }
+
+certmgr-cert-detail-sha1-fingerprint =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certdetail.sha1fingerprint") }
+
+certmgr-edit-cert-edit-trust = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.editcert.edittrust") }
+
+certmgr-edit-cert-trust-ssl =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.editcert.trustssl") }
+
+certmgr-edit-cert-trust-email =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.editcert.trustemail") }
+
+certmgr-cert-name =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certname") }
+
+certmgr-cert-server =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.certserver") }
+
+certmgr-override-lifetime
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.override_lifetime") }
+
+certmgr-token-name =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.tokenname") }
+
+certmgr-begins-label =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.begins") }
+
+certmgr-expires-label =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.expires") }
+
+certmgr-email =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.email") }
+
+certmgr-serial =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.serial") }
+
+certmgr-view =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.view2.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.view2.accesskey") }
+
+certmgr-edit =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.edit3.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.edit3.accesskey") }
+
+certmgr-export =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.export.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.export.accesskey") }
+
+certmgr-delete =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.delete2.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.delete2.accesskey") }
+
+certmgr-delete-builtin =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.delete_builtin.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.delete_builtin.accesskey") }
+
+certmgr-backup =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.backup2.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.backup2.accesskey") }
+
+certmgr-backup-all =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.backupall2.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.backupall2.accesskey") }
+
+certmgr-restore =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.restore2.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.restore2.accesskey") }
+
+certmgr-details =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.details.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.details.accesskey") }
+
+certmgr-fields=
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.fields.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.fields.accesskey") }
+
+certmgr-hierarchy =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.hierarchy.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.hierarchy.accesskey2") }
+
+certmgr-add-exception =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.addException.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "certmgr.addException.accesskey") }
+
+exception-mgr =
+    .title = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.title") }
+
+exception-mgr-extra-button =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.exceptionButton.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.exceptionButton.accesskey") }
+
+exception-mgr-supplemental-warning = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.supplementalWarning") }
+
+exception-mgr-cert-location-url =
+    .value = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.certlocation.url") }
+
+exception-mgr-cert-location-download =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.certlocation.download") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.certlocation.accesskey") }
+
+exception-mgr-cert-status-view-cert =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.certstatus.viewCert") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.certstatus.accesskey") }
+
+exception-mgr-permanent =
+    .label = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.permanent.label") }
+    .accesskey = { COPY("security/manager/chrome/pippki/certManager.dtd", "exceptionMgr.permanent.accesskey") }
+
+pk11-bad-password = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PK11BadPassword") }
+pkcs12-decode-err = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12DecodeErr") }
+pkcs12-unknown-err-restore = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12UnknownErrRestore") }
+pkcs12-unknown-err-backup = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12UnknownErrBackup") }
+pkcs12-unknown-err = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12UnknownErr") }
+pkcs12-info-no-smartcard-backup = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12InfoNoSmartcardBackup") }
+pkcs12-dup-data = { COPY("security/manager/chrome/pipnss/pipnss.properties", "PKCS12DupData") }
+
+choose-p12-backup-file-dialog = { COPY("security/manager/chrome/pippki/pippki.properties", "chooseP12BackupFileDialog") }
+file-browse-pkcs12-spec = { COPY("security/manager/chrome/pippki/pippki.properties", "file_browse_PKCS12_spec") }
+choose-p12-restore-file-dialog = { COPY("security/manager/chrome/pippki/pippki.properties", "chooseP12RestoreFileDialog2") }
+file-browse-certificate-spec = { COPY("security/manager/chrome/pippki/pippki.properties", "file_browse_Certificate_spec") }
+import-ca-certs-prompt = { COPY("security/manager/chrome/pippki/pippki.properties", "importCACertsPrompt") }
+import-email-cert-prompt = { COPY("security/manager/chrome/pippki/pippki.properties", "importEmailCertPrompt") }
+
+delete-user-cert-title =
+    .title = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteUserCertTitle") }
+
+delete-ssl-cert-title =
+    .title = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteSslCertTitle3") }
+
+delete-ca-cert-title =
+    .title = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteCaCertTitle2") }
+
+delete-email-cert-title =
+    .title = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteEmailCertTitle") }
+
+delete-user-cert-confirm = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteUserCertConfirm") }
+delete-user-cert-impact = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteUserCertImpact") }
+delete-ssl-cert-confirm = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteSslCertConfirm3") }
+delete-ssl-cert-impact = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteSslCertImpact3") }
+delete-ca-cert-confirm = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteCaCertConfirm2") }
+delete-ca-cert-impact = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteCaCertImpactX2") }
+delete-email-cert-confirm = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteEmailCertConfirm") }
+delete-email-cert-impact = { COPY("security/manager/chrome/pippki/pippki.properties", "deleteEmailCertImpactDesc") }
+
+cert-verified = { COPY("security/manager/chrome/pippki/pippki.properties", "certVerified") }
+
+not-present =
+    .value = { COPY("security/manager/chrome/pippki/pippki.properties", "notPresent") }
+
+verify-ssl-client =
+    .value = { COPY("security/manager/chrome/pipnss/pipnss.properties", "VerifySSLClient") }
+
+verify-ssl-server =
+    .value = { COPY("security/manager/chrome/pipnss/pipnss.properties", "VerifySSLServer") }
+
+verify-ssl-ca =
+    .value = { COPY("security/manager/chrome/pipnss/pipnss.properties", "VerifySSLCA") }
+
+verify-email-signer =
+    .value = { COPY("security/manager/chrome/pipnss/pipnss.properties", "VerifyEmailSigner") }
+
+verify-email-recip =
+    .value = { COPY("security/manager/chrome/pipnss/pipnss.properties", "VerifyEmailRecip") }
+
+cert-not-verified-cert-revoked = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_CertRevoked") }
+cert-not-verified-cert-expired = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_CertExpired") }
+cert-not-verified-cert-not-trusted = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_CertNotTrusted") }
+cert-not-verified-issuer-not-trusted = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_IssuerNotTrusted") }
+cert-not-verified-issuer-unknown = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_IssuerUnknown") }
+cert-not-verified-ca-invalid = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_CAInvalid") }
+cert-not-verified_algorithm-disabled = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_AlgorithmDisabled") }
+cert-not-verified-unknown = { COPY("security/manager/chrome/pippki/pippki.properties", "certNotVerified_Unknown") }
+
+add-exception-invalid-header = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionInvalidHeader") }
+add-exception-domain-mismatch-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionDomainMismatchShort") }
+add-exception-domain-mismatch-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionDomainMismatchLong2") }
+add-exception-expired-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionExpiredShort") }
+add-exception-expired-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionExpiredLong2") }
+add-exception-unverified-or-bad-signature-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionUnverifiedOrBadSignatureShort") }
+add-exception-unverified-or-bad-signature-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionUnverifiedOrBadSignatureLong2") }
+add-exception-valid-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionValidShort") }
+add-exception-valid-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionValidLong") }
+add-exception-checking-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionCheckingShort") }
+add-exception-checking-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionCheckingLong2") }
+add-exception-no-cert-short = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionNoCertShort") }
+add-exception-no-cert-long = { COPY("security/manager/chrome/pippki/pippki.properties", "addExceptionNoCertLong2") }
+""")
+)
+
+    ctx.add_transforms(
+    "security/manager/security/certificates/certManager.ftl",
+    "security/manager/security/certificates/certManager.ftl",
+    [
+        FTL.Message(
+            id=FTL.Identifier("edit-trust-ca"),
+            value=REPLACE(
+                "security/manager/chrome/pippki/pippki.properties",
+                "editTrustCA",
+                {
+                    "%S": VARIABLE_REFERENCE("certName")
+                },
+            )
+        ),
+
+            FTL.Message(
+                id=FTL.Identifier("cert-with-serial"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("value"),
+                        value=REPLACE(
+                            "security/manager/chrome/pippki/pippki.properties",
+                            "certWithSerial",
+                            {
+                                "%1$S": VARIABLE_REFERENCE("serialNumber")
+                            },
+                        )
+                    )
+                ]
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("cert-viewer-title"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("title"),
+                        value=REPLACE(
+                            "security/manager/chrome/pippki/pippki.properties",
+                            "certViewerTitle",
+                            {
+                                "%1$S": VARIABLE_REFERENCE("certName")
+                            },
+                        )
+                    )
+                ]
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("add-exception-branded-warning"),
+                value=REPLACE(
+                    "security/manager/chrome/pippki/pippki.properties",
+                    "addExceptionBrandedWarning2",
+                    {
+                        "%S": TERM_REFERENCE("-brand-short-name")
+                    },
+                )
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("certmgr-edit-ca-cert"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("title"),
+                        value=COPY(
+                                "security/manager/chrome/pippki/certManager.dtd",
+                                "certmgr.editcacert.title",
+                            )
+                        ),
+                    FTL.Attribute(
+                        id=FTL.Identifier("style"),
+                        value=CONCAT(
+                            FTL.TextElement("width: 48em;"),
+                        )
+                    )
+                ]
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("certmgr-delete-cert"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("title"),
+                        value=COPY(
+                                "security/manager/chrome/pippki/certManager.dtd",
+                                "certmgr.deletecert.title",
+                            )
+                        ),
+                    FTL.Attribute(
+                        id=FTL.Identifier("style"),
+                        value=CONCAT(
+                            FTL.TextElement("width: 48em; height: 24em;"),
+                        )
+                    )
+                ]
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("certmgr-begins-value"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("value"),
+                        value=FTL.Pattern(
+                            elements=[
+                                FTL.Placeable(
+                                    expression=MESSAGE_REFERENCE("certmgr-begins-label.label")
+                                )
+                            ]
+                        )
+                    )
+                ]
+            ),
+
+            FTL.Message(
+                id=FTL.Identifier("certmgr-expires-value"),
+                attributes=[
+                    FTL.Attribute(
+                        id=FTL.Identifier("value"),
+                        value=FTL.Pattern(
+                            elements=[
+                                FTL.Placeable(
+                                    expression=MESSAGE_REFERENCE("certmgr-expires-label.label")
+                                )
+                            ]
+                        )
+                    )
+                ]
+            ),
+        ]
+    )
+
rename from python/mozrelease/test/data/Firefox-62.0b11.update.json
rename to python/mozrelease/test/data/Firefox-64.0b13.update.json
--- a/python/mozrelease/test/data/Firefox-62.0b11.update.json
+++ b/python/mozrelease/test/data/Firefox-64.0b13.update.json
@@ -1,9 +1,9 @@
 [
     {
         "fields": {
-            "detailsURL": "https://www.mozilla.org/%LOCALE%/firefox/62.0b11/releasenotes/",
+            "detailsURL": "https://www.mozilla.org/%LOCALE%/firefox/64.0/releasenotes/",
             "type": "minor"
         },
         "for": {}
     }
 ]
--- a/python/mozrelease/test/test_balrog.py
+++ b/python/mozrelease/test/test_balrog.py
@@ -22,18 +22,18 @@ DATA_PATH = Path(__file__).parent.joinpa
     ({
         'release-type': 'release',
         'product': 'firefox',
         'version': GeckoVersion.parse('62.0.3'),
     }, 'whatsnew-62.0.3.yml', 'Firefox-62.0.3.update.json'),
     ({
         'release-type': 'beta',
         'product': 'firefox',
-        'version': GeckoVersion.parse('62.0b11'),
-    }, 'whatsnew-62.0.3.yml', 'Firefox-62.0b11.update.json'),
+        'version': GeckoVersion.parse('64.0'),
+    }, 'whatsnew-62.0.3.yml', 'Firefox-64.0b13.update.json'),
 ])
 def test_update_properties(context, config_file, output_file):
     with DATA_PATH.joinpath(config_file).open('r', encoding='utf-8') as f:
         config = yaml_load(f)
 
     update_line = generate_update_properties(context, config)
 
     assert update_line == json.load(DATA_PATH.joinpath(output_file).open('r', encoding='utf-8'))
--- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
@@ -52,21 +52,16 @@ PrivateSlotDescription=PSM Private Keys
 # conversion to UTF-8.
 # length_limit = 32 bytes
 Fips140TokenDescription=Software Security Device (FIPS)
 # LOCALIZATION NOTE (Fips140SlotDescription): string limit is 64 bytes after
 # conversion to UTF-8.
 # length_limit = 64 bytes
 Fips140SlotDescription=FIPS 140 Cryptographic, Key and Certificate Services
 
-VerifySSLClient=SSL Client Certificate
-VerifySSLServer=SSL Server Certificate
-VerifySSLCA=SSL Certificate Authority
-VerifyEmailSigner=Email Signer Certificate
-VerifyEmailRecip=Email Recipient Certificate
 HighGrade=High Grade
 MediumGrade=Medium Grade
 # LOCALIZATION NOTE (nick_template): $1s is the common name from a cert (e.g. "Mozilla"), $2s is the CA name (e.g. VeriSign)
 nick_template=%1$s’s %2$s ID
 #These are the strings set for the ASN1 objects in a certificate.
 CertDumpCertificate=Certificate
 CertDumpVersion=Version
 # LOCALIZATION NOTE (CertDumpVersionValue): %S is a version number (e.g. "3" in "Version 3")
@@ -248,23 +243,16 @@ CertDumpECsect233r1=SECG elliptic curve 
 CertDumpECsect239k1=SECG elliptic curve sect239k1
 CertDumpECsect283k1=SECG elliptic curve sect283k1 (aka NIST K-283)
 CertDumpECsect283r1=SECG elliptic curve sect283r1 (aka NIST B-283)
 CertDumpECsect409k1=SECG elliptic curve sect409k1 (aka NIST K-409)
 CertDumpECsect409r1=SECG elliptic curve sect409r1 (aka NIST B-409)
 CertDumpECsect571k1=SECG elliptic curve sect571k1 (aka NIST K-571)
 CertDumpECsect571r1=SECG elliptic curve sect571r1 (aka NIST B-571)
 CertDumpRawBytesHeader=Size: %S Bytes / %S Bits
-PK11BadPassword=The password entered was incorrect.
-PKCS12DecodeErr=Failed to decode the file.  Either it is not in PKCS #12 format, has been corrupted, or the password you entered was incorrect.
-PKCS12UnknownErrRestore=Failed to restore the PKCS #12 file for unknown reasons.
-PKCS12UnknownErrBackup=Failed to create the PKCS #12 backup file for unknown reasons.
-PKCS12UnknownErr=The PKCS #12 operation failed for unknown reasons.
-PKCS12InfoNoSmartcardBackup=It is not possible to back up certificates from a hardware security device such as a smart card.
-PKCS12DupData=The certificate and private key already exist on the security device.
 AVATemplate=%S = %S
 
 PSMERR_SSL_Disabled=Can’t connect securely because the SSL protocol has been disabled.
 PSMERR_SSL2_Disabled=Can’t connect securely because the site uses an older, insecure version of the SSL protocol.
 PSMERR_HostReusedIssuerSerial=You have received an invalid certificate.  Please contact the server administrator or email correspondent and give them the following information:\n\nYour certificate contains the same serial number as another certificate issued by the certificate authority.  Please get a new certificate containing a unique serial number.
 
 # LOCALIZATION NOTE (SSLConnectionErrorPrefix2): %1$S is the host string, %2$S is more detailed information (localized as well).
 SSLConnectionErrorPrefix2=An error occurred during a connection to %1$S. %2$S\n
deleted file mode 100644
--- a/security/manager/locales/en-US/chrome/pippki/certManager.dtd
+++ /dev/null
@@ -1,88 +0,0 @@
-<!-- This Source Code Form is subject to the terms of the Mozilla Public
-   - License, v. 2.0. If a copy of the MPL was not distributed with this
-   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
-
-<!ENTITY certmgr.title                       "Certificate Manager">
-
-<!ENTITY certmgr.tab.mine                     "Your Certificates">
-<!ENTITY certmgr.tab.others2                  "People">
-<!ENTITY certmgr.tab.websites3                "Servers">
-<!ENTITY certmgr.tab.ca                       "Authorities">
-
-<!ENTITY certmgr.mine2                        "You have certificates from these organizations that identify you">
-<!ENTITY certmgr.others2                      "You have certificates on file that identify these people">
-<!ENTITY certmgr.websites3                    "You have certificates on file that identify these servers">
-<!ENTITY certmgr.cas2                         "You have certificates on file that identify these certificate authorities">
-
-<!ENTITY certmgr.detail.general_tab.title     "General">
-<!ENTITY certmgr.detail.general_tab.accesskey "G">
-<!ENTITY certmgr.detail.prettyprint_tab.title "Details">
-<!ENTITY certmgr.detail.prettyprint_tab.accesskey "D">
-
-<!ENTITY certmgr.pending.label                "Currently verifying certificate…">
-<!ENTITY certmgr.subjectinfo.label            "Issued To">
-<!ENTITY certmgr.issuerinfo.label             "Issued By">
-<!ENTITY certmgr.periodofvalidity.label       "Period of Validity" >
-<!ENTITY certmgr.fingerprints.label           "Fingerprints">
-<!ENTITY certmgr.certdetail.title             "Certificate Detail">
-<!ENTITY certmgr.certdetail.cn                "Common Name (CN)">
-<!ENTITY certmgr.certdetail.o                 "Organization (O)">
-<!ENTITY certmgr.certdetail.ou                "Organizational Unit (OU)">
-<!ENTITY certmgr.certdetail.serialnumber      "Serial Number">
-<!ENTITY certmgr.certdetail.sha256fingerprint "SHA-256 Fingerprint">
-<!ENTITY certmgr.certdetail.sha1fingerprint   "SHA1 Fingerprint">
-
-<!ENTITY certmgr.editcacert.title             "Edit CA certificate trust settings">
-<!ENTITY certmgr.editcert.edittrust           "Edit trust settings:">
-<!ENTITY certmgr.editcert.trustssl            "This certificate can identify websites.">
-<!ENTITY certmgr.editcert.trustemail          "This certificate can identify mail users.">
-
-<!ENTITY certmgr.deletecert.title             "Delete Certificate">
-
-<!ENTITY certmgr.certname                     "Certificate Name">
-<!ENTITY certmgr.certserver                   "Server">
-<!ENTITY certmgr.override_lifetime            "Lifetime">
-<!ENTITY certmgr.tokenname                    "Security Device">
-<!ENTITY certmgr.begins                       "Begins On">
-<!ENTITY certmgr.expires                      "Expires On">
-<!ENTITY certmgr.email                        "E-Mail Address">
-<!ENTITY certmgr.serial                       "Serial Number">
-
-<!ENTITY certmgr.close.label                  "Close">
-<!ENTITY certmgr.close.accesskey              "C">
-<!ENTITY certmgr.view2.label                  "View…">
-<!ENTITY certmgr.view2.accesskey              "V">
-<!ENTITY certmgr.edit3.label                  "Edit Trust…">
-<!ENTITY certmgr.edit3.accesskey              "E">
-<!ENTITY certmgr.export.label                 "Export…">
-<!ENTITY certmgr.export.accesskey             "x">
-<!ENTITY certmgr.delete2.label                "Delete…">
-<!ENTITY certmgr.delete2.accesskey            "D">
-<!ENTITY certmgr.delete_builtin.label         "Delete or Distrust…">
-<!ENTITY certmgr.delete_builtin.accesskey     "D">
-<!ENTITY certmgr.backup2.label                "Backup…">
-<!ENTITY certmgr.backup2.accesskey            "B">
-<!ENTITY certmgr.backupall2.label             "Backup All…">
-<!ENTITY certmgr.backupall2.accesskey         "k">
-<!ENTITY certmgr.restore2.label               "Import…">
-<!ENTITY certmgr.restore2.accesskey           "m">
-<!ENTITY certmgr.details.label                "Certificate Fields">
-<!ENTITY certmgr.details.accesskey            "F">
-<!ENTITY certmgr.fields.label                 "Field Value">
-<!ENTITY certmgr.fields.accesskey             "V">
-<!ENTITY certmgr.hierarchy.label              "Certificate Hierarchy">
-<!ENTITY certmgr.hierarchy.accesskey2         "H">
-<!ENTITY certmgr.addException.label           "Add Exception…">
-<!ENTITY certmgr.addException.accesskey       "x">
-
-<!ENTITY exceptionMgr.title                   "Add Security Exception">
-<!ENTITY exceptionMgr.exceptionButton.label   "Confirm Security Exception">
-<!ENTITY exceptionMgr.exceptionButton.accesskey "C">
-<!ENTITY exceptionMgr.supplementalWarning     "Legitimate banks, stores, and other public sites will not ask you to do this.">
-<!ENTITY exceptionMgr.certlocation.url        "Location:">
-<!ENTITY exceptionMgr.certlocation.download   "Get Certificate">
-<!ENTITY exceptionMgr.certlocation.accesskey  "G">
-<!ENTITY exceptionMgr.certstatus.viewCert     "View…">
-<!ENTITY exceptionMgr.certstatus.accesskey    "V">
-<!ENTITY exceptionMgr.permanent.label         "Permanently store this exception">
-<!ENTITY exceptionMgr.permanent.accesskey     "P">
--- a/security/manager/locales/en-US/chrome/pippki/pippki.properties
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@@ -1,59 +1,21 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
-# LOCALIZATION NOTE(certWithSerial): Used for semi-uniquely representing a cert.
-# %1$S is the serial number of the cert in AA:BB:CC hex format.
-certWithSerial=Certificate with serial number: %1$S
-
 # Download Cert dialog
 # LOCALIZATION NOTE(newCAMessage1):
 # %S is a string representative of the certificate being downloaded/imported.
 newCAMessage1=Do you want to trust “%S” for the following purposes?
 unnamedCA=Certificate Authority (unnamed)
 
-# For editing cert trust
-editTrustCA=The certificate “%S” represents a Certificate Authority.
-
-# For Deleting Certificates
-deleteSslCertConfirm3=Are you sure you want to delete these server exceptions?
-deleteSslCertImpact3=If you delete a server exception, you restore the usual security checks for that server and require it uses a valid certificate.
-deleteSslCertTitle3=Delete Server Certificate Exceptions
-
-deleteUserCertConfirm=Are you sure you want to delete these certificates?
-deleteUserCertImpact=If you delete one of your own certificates, you can no longer use it to identify yourself.
-deleteUserCertTitle=Delete your Certificates
-
-deleteCaCertConfirm2=You have requested to delete these CA certificates. For built-in certificates all trust will be removed, which has the same effect. Are you sure you want to delete or distrust?
-deleteCaCertImpactX2=If you delete or distrust a certificate authority (CA) certificate, this application will no longer trust any certificates issued by that CA.
-deleteCaCertTitle2=Delete or Distrust CA Certificates
-
-deleteEmailCertConfirm=Are you sure you want to delete these people’s e-mail certificates?
-deleteEmailCertImpactDesc=If you delete a person’s e-mail certificate, you will no longer be able to send encrypted e-mail to that person.
-deleteEmailCertTitle=Delete E-Mail Certificates
-
 # PKCS#12 file dialogs
-chooseP12RestoreFileDialog2=Certificate File to Import
-chooseP12BackupFileDialog=File Name to Backup
-file_browse_PKCS12_spec=PKCS12 Files
 getPKCS12FilePasswordMessage=Please enter the password that was used to encrypt this certificate backup:
 
-# Cert verification
-certVerified=This certificate has been verified for the following uses:
-certNotVerified_CertRevoked=Could not verify this certificate because it has been revoked.
-certNotVerified_CertExpired=Could not verify this certificate because it has expired.
-certNotVerified_CertNotTrusted=Could not verify this certificate because it is not trusted.
-certNotVerified_IssuerNotTrusted=Could not verify this certificate because the issuer is not trusted.
-certNotVerified_IssuerUnknown=Could not verify this certificate because the issuer is unknown.
-certNotVerified_CAInvalid=Could not verify this certificate because the CA certificate is invalid.
-certNotVerified_AlgorithmDisabled=Could not verify this certificate because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
-certNotVerified_Unknown=Could not verify this certificate for unknown reasons.
-
 # Client auth
 clientAuthRemember=Remember this decision
 # LOCALIZATION NOTE(clientAuthNickAndSerial): Represents a single cert when the
 # user is choosing from a list of certificates.
 # %1$S is the nickname of the cert.
 # %2$S is the serial number of the cert in AA:BB:CC hex format.
 clientAuthNickAndSerial=%1$S [%2$S]
 # LOCALIZATION NOTE(clientAuthHostnameAndPort):
@@ -103,63 +65,36 @@ pageInfo_EncryptionWithBitsAndProtocol=C
 pageInfo_BrokenEncryption=Broken Encryption (%1$S, %2$S bit keys, %3$S)
 pageInfo_Privacy_Encrypted1=The page you are viewing was encrypted before being transmitted over the Internet.
 pageInfo_Privacy_Encrypted2=Encryption makes it difficult for unauthorized people to view information traveling between computers. It is therefore unlikely that anyone read this page as it traveled across the network.
 pageInfo_MixedContent=Connection Partially Encrypted
 pageInfo_MixedContent2=Parts of the page you are viewing were not encrypted before being transmitted over the Internet.
 pageInfo_WeakCipher=Your connection to this website uses weak encryption and is not private. Other people can view your information or modify the website’s behavior.
 pageInfo_CertificateTransparency_Compliant=This website complies with the Certificate Transparency policy.
 
-# Cert Viewer
-# LOCALIZATION NOTE(certViewerTitle): Title used for the Certificate Viewer.
-# %1$S is a string representative of the certificate being viewed.
-certViewerTitle=Certificate Viewer: “%1$S”
-notPresent=<Not Part Of Certificate>
-
 # Token Manager
 password_not_set=(not set)
 failed_pw_change=Unable to change Master Password.
 incorrect_pw=You did not enter the correct current Master Password. Please try again.
 pw_change_ok=Master Password successfully changed.
 pw_erased_ok=Warning! You have deleted your Master Password. 
 pw_not_wanted=Warning! You have decided not to use a Master Password.
 pw_empty_warning=Your stored web and email passwords, form data, and private keys will not be protected.
 pw_change2empty_in_fips_mode=You are currently in FIPS mode. FIPS requires a non-empty Master Password.
 enable_fips=Enable FIPS
 disable_fips=Disable FIPS
 
 resetPasswordConfirmationTitle=Reset Master Password
 resetPasswordConfirmationMessage=Your password has been reset.
 
-# Import certificate(s) file dialog
-importEmailCertPrompt=Select File containing somebody’s Email certificate to import
-importCACertsPrompt=Select File containing CA certificate(s) to import
-file_browse_Certificate_spec=Certificate Files
-
 # Cert export
 SaveCertAs=Save Certificate To File
 CertFormatBase64=X.509 Certificate (PEM)
 CertFormatBase64Chain=X.509 Certificate with chain (PEM)
 CertFormatDER=X.509 Certificate (DER)
 CertFormatPKCS7=X.509 Certificate (PKCS#7)
 CertFormatPKCS7Chain=X.509 Certificate with chain (PKCS#7)
 writeFileFailure=File Error
 writeFileFailed=Can’t write to file %S:\n%S.
 writeFileAccessDenied=Access denied
 writeFileIsLocked=File is locked
 writeFileNoDeviceSpace=No space left on device
 writeFileUnknownError=Unknown error
-
-# Add Security Exception dialog
-addExceptionBrandedWarning2=You are about to override how %S identifies this site.
-addExceptionInvalidHeader=This site attempts to identify itself with invalid information.
-addExceptionDomainMismatchShort=Wrong Site
-addExceptionDomainMismatchLong2=The certificate belongs to a different site, which could mean that someone is trying to impersonate this site.
-addExceptionExpiredShort=Outdated Information
-addExceptionExpiredLong2=The certificate is not currently valid. It may have been stolen or lost, and could be used by someone to impersonate this site.
-addExceptionUnverifiedOrBadSignatureShort=Unknown Identity
-addExceptionUnverifiedOrBadSignatureLong2=The certificate is not trusted because it hasn’t been verified as issued by a trusted authority using a secure signature.
-addExceptionValidShort=Valid Certificate
-addExceptionValidLong=This site provides valid, verified identification.  There is no need to add an exception.
-addExceptionCheckingShort=Checking Information
-addExceptionCheckingLong2=Attempting to identify this site…
-addExceptionNoCertShort=No Information Available
-addExceptionNoCertLong2=Unable to obtain identification status for this site.
new file mode 100644
--- /dev/null
+++ b/security/manager/locales/en-US/security/certificates/certManager.ftl
@@ -0,0 +1,300 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+certmgr-title =
+    .title = Certificate Manager
+
+certmgr-tab-mine =
+    .label = Your Certificates
+
+certmgr-tab-people =
+    .label = People
+
+certmgr-tab-servers =
+    .label = Servers
+
+certmgr-tab-ca =
+    .label = Authorities
+
+certmgr-mine = You have certificates from these organizations that identify you
+certmgr-people = You have certificates on file that identify these people
+certmgr-servers = You have certificates on file that identify these servers
+certmgr-ca = You have certificates on file that identify these certificate authorities
+
+certmgr-detail-general-tab-title =
+    .label = General
+    .accesskey = G
+
+certmgr-detail-pretty-print-tab-title =
+    .label = Details
+    .accesskey = D
+
+certmgr-pending-label =
+    .value = Currently verifying certificate…
+
+certmgr-subject-info-label =
+    .value = Issued To
+
+certmgr-issuer-info-label =
+    .value = Issued By
+
+certmgr-period-of-validity-label =
+    .value = Period of Validity
+
+certmgr-fingerprints-label =
+    .value = Fingerprints
+
+certmgr-cert-detail =
+    .title = Certificate Detail
+    .buttonlabelaccept = Close
+    .buttonaccesskeyaccept = C
+
+certmgr-cert-detail-cn =
+    .value = Common Name (CN)
+
+certmgr-cert-detail-o =
+    .value = Organization (O)
+
+certmgr-cert-detail-ou =
+    .value = Organizational Unit (OU)
+
+certmgr-cert-detail-serialnumber =
+    .value = Serial Number
+
+certmgr-cert-detail-sha256-fingerprint =
+    .value = SHA-256 Fingerprint
+
+certmgr-cert-detail-sha1-fingerprint =
+    .value = SHA1 Fingerprint
+
+certmgr-edit-ca-cert =
+    .title = Edit CA certificate trust settings
+    .style = width: 48em;
+
+certmgr-edit-cert-edit-trust = Edit trust settings:
+
+certmgr-edit-cert-trust-ssl =
+    .label = This certificate can identify websites.
+
+certmgr-edit-cert-trust-email =
+    .label = This certificate can identify mail users.
+
+certmgr-delete-cert =
+    .title = Delete Certificate
+    .style = width: 48em; height: 24em;
+
+certmgr-cert-name =
+    .label = Certificate Name
+
+certmgr-cert-server =
+    .label = Server
+
+certmgr-override-lifetime =
+    .label = Lifetime
+
+certmgr-token-name =
+    .label = Security Device
+
+certmgr-begins-label =
+    .label = Begins On
+
+certmgr-begins-value =
+    .value = { certmgr-begins-label.label }
+
+certmgr-expires-label =
+    .label = Expires On
+
+certmgr-expires-value =
+    .value = { certmgr-expires-label.label }
+
+certmgr-email =
+    .label = E-Mail Address
+
+certmgr-serial =
+    .label = Serial Number
+
+certmgr-view =
+    .label = View…
+    .accesskey = V
+
+certmgr-edit =
+    .label = Edit Trust…
+    .accesskey = E
+
+certmgr-export =
+    .label = Export…
+    .accesskey = x
+
+certmgr-delete =
+    .label = Delete…
+    .accesskey = D
+
+certmgr-delete-builtin =
+    .label = Delete or Distrust…
+    .accesskey = D
+
+certmgr-backup =
+    .label = Backup…
+    .accesskey = B
+
+certmgr-backup-all =
+    .label = Backup All…
+    .accesskey = k
+
+certmgr-restore =
+    .label = Import…
+    .accesskey = m
+
+certmgr-details =
+    .value = Certificate Fields
+    .accesskey = F
+
+certmgr-fields =
+    .value = Field Value
+    .accesskey = V
+
+certmgr-hierarchy =
+    .value = Certificate Hierarchy
+    .accesskey = H
+
+certmgr-add-exception =
+    .label = Add Exception…
+    .accesskey = x
+
+exception-mgr =
+    .title = Add Security Exception
+
+exception-mgr-extra-button =
+    .label = Confirm Security Exception
+    .accesskey = C
+
+exception-mgr-supplemental-warning = Legitimate banks, stores, and other public sites will not ask you to do this.
+
+exception-mgr-cert-location-url =
+    .value = Location:
+
+exception-mgr-cert-location-download =
+    .label = Get Certificate
+    .accesskey = G
+
+exception-mgr-cert-status-view-cert =
+    .label = View…
+    .accesskey = V
+
+exception-mgr-permanent =
+    .label = Permanently store this exception
+    .accesskey = P
+
+pk11-bad-password = The password entered was incorrect.
+pkcs12-decode-err = Failed to decode the file. Either it is not in PKCS #12 format, has been corrupted, or the password you entered was incorrect.
+pkcs12-unknown-err-restore = Failed to restore the PKCS #12 file for unknown reasons.
+pkcs12-unknown-err-backup = Failed to create the PKCS #12 backup file for unknown reasons.
+pkcs12-unknown-err = The PKCS #12 operation failed for unknown reasons.
+pkcs12-info-no-smartcard-backup = It is not possible to back up certificates from a hardware security device such as a smart card.
+pkcs12-dup-data = The certificate and private key already exist on the security device.
+
+## PKCS#12 file dialogs
+choose-p12-backup-file-dialog = File Name to Backup
+file-browse-pkcs12-spec = PKCS12 Files
+choose-p12-restore-file-dialog = Certificate File to Import
+
+## Import certificate(s) file dialog
+file-browse-certificate-spec = Certificate Files
+import-ca-certs-prompt = Select File containing CA certificate(s) to import
+import-email-cert-prompt = Select File containing somebody’s Email certificate to import
+
+## For editing certificates trust
+
+# Variables:
+#   $certName: the name of certificate
+edit-trust-ca = The certificate “{ $certName }” represents a Certificate Authority.
+
+## For Deleting Certificates
+
+delete-user-cert-title =
+    .title = Delete your Certificates
+delete-user-cert-confirm = Are you sure you want to delete these certificates?
+delete-user-cert-impact = If you delete one of your own certificates, you can no longer use it to identify yourself.
+
+
+delete-ssl-cert-title =
+    .title = Delete Server Certificate Exceptions
+delete-ssl-cert-confirm = Are you sure you want to delete these server exceptions?
+delete-ssl-cert-impact = If you delete a server exception, you restore the usual security checks for that server and require it uses a valid certificate.
+
+delete-ca-cert-title =
+    .title = Delete or Distrust CA Certificates
+delete-ca-cert-confirm = You have requested to delete these CA certificates. For built-in certificates all trust will be removed, which has the same effect. Are you sure you want to delete or distrust?
+delete-ca-cert-impact = If you delete or distrust a certificate authority (CA) certificate, this application will no longer trust any certificates issued by that CA.
+
+
+delete-email-cert-title =
+    .title = Delete E-Mail Certificates
+delete-email-cert-confirm = Are you sure you want to delete these people’s e-mail certificates?
+delete-email-cert-impact = If you delete a person’s e-mail certificate, you will no longer be able to send encrypted e-mail to that person.
+
+# Used for semi-uniquely representing a cert.
+#
+# Variables:
+#   $serialNumber : the serial number of the cert in AA:BB:CC hex format.
+cert-with-serial =
+    .value = Certificate with serial number: { $serialNumber }
+
+## Cert Viewer
+
+# Title used for the Certificate Viewer.
+#
+# Variables:
+#   $certificate : a string representative of the certificate being viewed.
+cert-viewer-title =
+    .title = Certificate Viewer: “{ $certName }”
+
+not-present =
+    .value = <Not Part Of Certificate>
+
+# Cert verification
+cert-verified = This certificate has been verified for the following uses:
+
+# Add usage
+verify-ssl-client =
+    .value = SSL Client Certificate
+
+verify-ssl-server =
+    .value = SSL Server Certificate
+
+verify-ssl-ca =
+    .value = SSL Certificate Authority
+
+verify-email-signer =
+    .value = Email Signer Certificate
+
+verify-email-recip =
+    .value = Email Recipient Certificate
+
+# Cert verification
+cert-not-verified-cert-revoked = Could not verify this certificate because it has been revoked.
+cert-not-verified-cert-expired = Could not verify this certificate because it has expired.
+cert-not-verified-cert-not-trusted = Could not verify this certificate because it is not trusted.
+cert-not-verified-issuer-not-trusted = Could not verify this certificate because the issuer is not trusted.
+cert-not-verified-issuer-unknown = Could not verify this certificate because the issuer is unknown.
+cert-not-verified-ca-invalid = Could not verify this certificate because the CA certificate is invalid.
+cert-not-verified_algorithm-disabled = Could not verify this certificate because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
+cert-not-verified-unknown = Could not verify this certificate for unknown reasons.
+
+## Add Security Exception dialog
+add-exception-branded-warning = You are about to override how { -brand-short-name } identifies this site.
+add-exception-invalid-header = This site attempts to identify itself with invalid information.
+add-exception-domain-mismatch-short = Wrong Site
+add-exception-domain-mismatch-long = The certificate belongs to a different site, which could mean that someone is trying to impersonate this site.
+add-exception-expired-short = Outdated Information
+add-exception-expired-long = The certificate is not currently valid. It may have been stolen or lost, and could be used by someone to impersonate this site.
+add-exception-unverified-or-bad-signature-short = Unknown Identity
+add-exception-unverified-or-bad-signature-long = The certificate is not trusted because it hasn’t been verified as issued by a trusted authority using a secure signature.
+add-exception-valid-short = Valid Certificate
+add-exception-valid-long = This site provides valid, verified identification.  There is no need to add an exception.
+add-exception-checking-short = Checking Information
+add-exception-checking-long = Attempting to identify this site…
+add-exception-no-cert-short = No Information Available
+add-exception-no-cert-long = Unable to obtain identification status for this site.
+
--- a/security/manager/locales/jar.mn
+++ b/security/manager/locales/jar.mn
@@ -8,9 +8,8 @@
 
 @AB_CD@.jar:
 % locale pipnss @AB_CD@ %locale/@AB_CD@/pipnss/
 % locale pippki @AB_CD@ %locale/@AB_CD@/pippki/
   locale/@AB_CD@/pipnss/pipnss.properties     (%chrome/pipnss/pipnss.properties)
   locale/@AB_CD@/pipnss/nsserrors.properties  (%chrome/pipnss/nsserrors.properties)
   locale/@AB_CD@/pippki/pippki.dtd            (%chrome/pippki/pippki.dtd)
   locale/@AB_CD@/pippki/pippki.properties     (%chrome/pippki/pippki.properties)
-  locale/@AB_CD@/pippki/certManager.dtd       (%chrome/pippki/certManager.dtd)
--- a/security/manager/pki/resources/content/certManager.js
+++ b/security/manager/pki/resources/content/certManager.js
@@ -16,18 +16,16 @@ const nsCertTree = "@mozilla.org/securit
 
 const gCertFileTypes = "*.p7b; *.crt; *.cert; *.cer; *.pem; *.der";
 
 var { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm", {});
 
 var key;
 
 var certdialogs = Cc[nsCertificateDialogs].getService(nsICertificateDialogs);
-var strbundle = Cc[nsStringBundle].getService(nsIStringBundleService)
-                  .createBundle("chrome://pipnss/locale/pipnss.properties");
 
 /**
  * List of certs currently selected in the active tab.
  * @type nsIX509Cert[]
  */
 var selected_certs = [];
 var selected_tree_items = [];
 var selected_index = [];
@@ -206,43 +204,43 @@ function nothingOrContainerSelected(cert
         return true;
       }
     }
   }
 
   return false;
 }
 
-function promptError(aErrorCode) {
+async function promptError(aErrorCode) {
   if (aErrorCode != Ci.nsIX509CertDB.Success) {
-    let msgName = "PKCS12UnknownErr";
+    let msgName = "pkcs12-unknown-err";
     switch (aErrorCode) {
       case Ci.nsIX509CertDB.ERROR_PKCS12_NOSMARTCARD_EXPORT:
-        msgName = "PKCS12InfoNoSmartcardBackup";
+        msgName = "pkcs12-info-no-smartcard-backup";
         break;
       case Ci.nsIX509CertDB.ERROR_PKCS12_RESTORE_FAILED:
-        msgName = "PKCS12UnknownErrRestore";
+        msgName = "pkcs12-unknown-err-restore";
         break;
       case Ci.nsIX509CertDB.ERROR_PKCS12_BACKUP_FAILED:
-        msgName = "PKCS12UnknownErrBackup";
+        msgName = "pkcs12-unknown-err-backup";
         break;
       case Ci.nsIX509CertDB.ERROR_PKCS12_CERT_COLLISION:
       case Ci.nsIX509CertDB.ERROR_PKCS12_DUPLICATE_DATA:
-        msgName = "PKCS12DupData";
+        msgName = "pkcs12-dup-data";
         break;
       case Ci.nsIX509CertDB.ERROR_BAD_PASSWORD:
-        msgName = "PK11BadPassword";
+        msgName = "pk11-bad-password";
         break;
       case Ci.nsIX509CertDB.ERROR_DECODE_ERROR:
-        msgName = "PKCS12DecodeErr";
+        msgName = "pkcs12-decode-err";
         break;
       default:
         break;
     }
-    let message = strbundle.GetStringFromName(msgName);
+    let [message] = await document.l10n.formatValues([{id: msgName}]);
     let prompter = Services.ww.getNewPrompter(window);
     prompter.alert(null, message);
   }
 }
 
 /**
  * Enables or disables buttons corresponding to a cert tree depending on what
  * is selected in the cert tree.
@@ -291,30 +289,30 @@ function email_enableButtons() {
   let idList = [
     "email_viewButton",
     "email_exportButton",
     "email_deleteButton",
   ];
   enableButtonsForCertTree(emailTreeView, idList);
 }
 
-function backupCerts() {
+async function backupCerts() {
   getSelectedCerts();
   var numcerts = selected_certs.length;
   if (numcerts == 0) {
     return;
   }
 
-  var bundle = document.getElementById("pippki_bundle");
   var fp = Cc[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.getString("chooseP12BackupFileDialog"),
-          nsIFilePicker.modeSave);
-  fp.appendFilter(bundle.getString("file_browse_PKCS12_spec"),
-                  "*.p12");
+  let [backupFileDialog, filePkcs12Spec] = await document.l10n.formatValues([
+    {id: "choose-p12-backup-file-dialog"},
+    {id: "file-browse-pkcs12-spec"},
+  ]);
+  fp.init(window, backupFileDialog, nsIFilePicker.modeSave);
+  fp.appendFilter(filePkcs12Spec, "*.p12");
   fp.appendFilters(nsIFilePicker.filterAll);
   fp.defaultExtension = "p12";
   fp.open(rv => {
     if (rv == nsIFilePicker.returnOK || rv == nsIFilePicker.returnReplace) {
       let password = {};
       if (certdialogs.setPKCS12FilePassword(window, password)) {
         let errorCode = certdb.exportPKCS12File(fp.file, selected_certs.length,
                                                 selected_certs, password.value);
@@ -334,26 +332,26 @@ function editCerts() {
   getSelectedCerts();
 
   for (let cert of selected_certs) {
     window.openDialog("chrome://pippki/content/editcacert.xul", "",
                       "chrome,centerscreen,modal", cert);
   }
 }
 
-function restoreCerts() {
-  var bundle = document.getElementById("pippki_bundle");
+async function restoreCerts() {
   var fp = Cc[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.getString("chooseP12RestoreFileDialog2"),
-          nsIFilePicker.modeOpen);
-  fp.appendFilter(bundle.getString("file_browse_PKCS12_spec"),
-                  "*.p12; *.pfx");
-  fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
-                  gCertFileTypes);
+  let [restoreFileDialog, filePkcs12Spec, fileCertSpec] = await document.l10n.formatValues([
+    {id: "choose-p12-restore-file-dialog"},
+    {id: "file-browse-pkcs12-spec"},
+    {id: "file-browse-certificate-spec"},
+  ]);
+  fp.init(window, restoreFileDialog, nsIFilePicker.modeOpen);
+  fp.appendFilter(filePkcs12Spec, "*.p12; *.pfx");
+  fp.appendFilter(fileCertSpec, gCertFileTypes);
   fp.appendFilters(nsIFilePicker.filterAll);
   fp.open(rv => {
     if (rv != nsIFilePicker.returnOK) {
       return;
     }
 
     // If this is an X509 user certificate, import it as one.
 
@@ -465,42 +463,42 @@ function deleteCerts() {
 function viewCerts() {
   getSelectedCerts();
 
   for (let cert of selected_certs) {
     viewCertHelper(window, cert);
   }
 }
 
-function addCACerts() {
-  var bundle = document.getElementById("pippki_bundle");
+async function addCACerts() {
   var fp = Cc[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.getString("importCACertsPrompt"),
-          nsIFilePicker.modeOpen);
-  fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
-                  gCertFileTypes);
+  let [importCa, fileCertSpec] = await document.l10n.formatValues([
+    {id: "import-ca-certs-prompt"},
+    {id: "file-browse-certificate-spec"},
+  ]);
+  fp.init(window, importCa, nsIFilePicker.modeOpen);
+  fp.appendFilter(fileCertSpec, gCertFileTypes);
   fp.appendFilters(nsIFilePicker.filterAll);
   fp.open(rv => {
     if (rv == nsIFilePicker.returnOK) {
       certdb.importCertsFromFile(fp.file, nsIX509Cert.CA_CERT);
       caTreeView.loadCerts(nsIX509Cert.CA_CERT);
       caTreeView.selection.clearSelection();
     }
   });
 }
 
-function addEmailCert() {
-  var bundle = document.getElementById("pippki_bundle");
+async function addEmailCert() {
   var fp = Cc[nsFilePicker].createInstance(nsIFilePicker);
-  fp.init(window,
-          bundle.getString("importEmailCertPrompt"),
-          nsIFilePicker.modeOpen);
-  fp.appendFilter(bundle.getString("file_browse_Certificate_spec"),
-                  gCertFileTypes);
+  let [importEmail, fileCertSpec] = await document.l10n.formatValues([
+    {id: "import-email-cert-prompt"},
+    {id: "file-browse-certificate-spec"},
+  ]);
+  fp.init(window, importEmail, nsIFilePicker.modeOpen);
+  fp.appendFilter(fileCertSpec, gCertFileTypes);
   fp.appendFilters(nsIFilePicker.filterAll);
   fp.open(rv => {
     if (rv == nsIFilePicker.returnOK) {
       certdb.importCertsFromFile(fp.file, nsIX509Cert.EMAIL_CERT);
       var certcache = certdb.getCerts();
       emailTreeView.loadCertsFromCache(certcache, nsIX509Cert.EMAIL_CERT);
       emailTreeView.selection.clearSelection();
       caTreeView.loadCertsFromCache(certcache, nsIX509Cert.CA_CERT);
--- a/security/manager/pki/resources/content/certManager.xul
+++ b/security/manager/pki/resources/content/certManager.xul
@@ -1,207 +1,191 @@
 <?xml version="1.0"?>
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
 
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
+<!DOCTYPE dialog>
 
 <dialog id="certmanager"
 	windowtype="mozilla:certmanager"
 	xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-        title="&certmgr.title;"
+        data-l10n-id="certmgr-title"
         onload="LoadCerts();"
         buttons="accept"
         style="width: 63em; height: 32em;"
         persist="screenX screenY width height">
 
-  <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
+  <linkset>
+    <link rel="localization" href="security/certificates/certManager.ftl"/>
+  </linkset>
 
   <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
   <script type="application/javascript" src="chrome://pippki/content/certManager.js"/>
 
   <vbox flex="1">
     <tabbox id="certmanagertabs" flex="1" style="margin:5px" persist="selectedIndex">
       <tabs id="certMgrTabbox">
-        <tab id="mine_tab" label="&certmgr.tab.mine;"/>
-        <tab id="others_tab" label="&certmgr.tab.others2;"/>
-        <tab id="websites_tab" label="&certmgr.tab.websites3;"/>
-        <tab id="ca_tab" label="&certmgr.tab.ca;" selected="true"/>
+        <tab id="mine_tab" data-l10n-id="certmgr-tab-mine"/>
+        <tab id="others_tab" data-l10n-id="certmgr-tab-people"/>
+        <tab id="websites_tab" data-l10n-id="certmgr-tab-servers"/>
+        <tab id="ca_tab" data-l10n-id="certmgr-tab-ca" selected="true"/>
       </tabs>
       <tabpanels flex="1">
         <vbox id="myCerts" flex="1">
-          <description>&certmgr.mine2;</description>
+          <description data-l10n-id="certmgr-mine"></description>
           <separator class="thin"/>
           <tree id="user-tree" flex="1" enableColumnDrag="true"
                     onselect="mine_enableButtons()">
             <treecols>
-              <treecol id="certcol" label="&certmgr.certname;" primary="true"
+              <treecol id="certcol" data-l10n-id="certmgr-cert-name" primary="true"
                            persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="tokencol" label="&certmgr.tokenname;"
+              <treecol id="tokencol" data-l10n-id="certmgr-token-name"
                            persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="serialnumcol" label="&certmgr.serial;"
+              <treecol id="serialnumcol" data-l10n-id="certmgr-serial"
                            persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="issuedcol" label="&certmgr.begins;"
+              <treecol id="issuedcol" data-l10n-id="certmgr-begins-label"
                            hidden="true" persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="expiredcol" label="&certmgr.expires;"
+              <treecol id="expiredcol" data-l10n-id="certmgr-expires-label"
                            persist="hidden width ordinal" flex="1"/>
             </treecols>
             <treechildren ondblclick="viewCerts();"/>
           </tree>
 
           <separator class="thin"/>
 
           <hbox>
              <button id="mine_viewButton" class="normal"
-                     label="&certmgr.view2.label;"
-                     accesskey="&certmgr.view2.accesskey;"
+                     data-l10n-id="certmgr-view"
                      disabled="true" oncommand="viewCerts();"/>
              <button id="mine_backupButton" class="normal"
-                     label="&certmgr.backup2.label;"
-                     accesskey="&certmgr.backup2.accesskey;"
+                     data-l10n-id="certmgr-backup"
                      disabled="true" oncommand="backupCerts();"/>
              <button id="mine_backupAllButton" class="normal"
-                     label="&certmgr.backupall2.label;"
-                     accesskey="&certmgr.backupall2.accesskey;"
+                     data-l10n-id="certmgr-backup-all"
                      oncommand="backupAllCerts();"/>
              <button id="mine_restoreButton" class="normal"
-                     label="&certmgr.restore2.label;"
-                     accesskey="&certmgr.restore2.accesskey;"
+                     data-l10n-id="certmgr-restore"
                      oncommand="restoreCerts();"/>
              <button id="mine_deleteButton" class="normal"
-                     label="&certmgr.delete2.label;"
-                     accesskey="&certmgr.delete2.accesskey;"
+                     data-l10n-id="certmgr-delete"
                      disabled="true" oncommand="deleteCerts();"/>
           </hbox>
         </vbox>
         <vbox id="othersCerts" flex="1">
-          <description>&certmgr.others2;</description>
+          <description data-l10n-id="certmgr-people"></description>
           <separator class="thin"/>
           <tree id="email-tree" flex="1"
                     onselect="email_enableButtons()">
             <treecols>
-              <treecol id="certcol" label="&certmgr.certname;" primary="true"
+              <treecol id="certcol" data-l10n-id="certmgr-cert-name" primary="true"
                            flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="emailcol" label="&certmgr.email;"
+              <treecol id="emailcol" data-l10n-id="certmgr-email"
                            flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="expiredcol" label="&certmgr.expires;"
+              <treecol id="expiredcol" data-l10n-id="certmgr-expires-label"
                        flex="1"/>
             </treecols>
             <treechildren flex="1" ondblclick="viewCerts();"/>
           </tree>
 
           <separator class="thin"/>
 
           <hbox>
             <button id="email_viewButton"
-                    label="&certmgr.view2.label;"
-                    accesskey="&certmgr.view2.accesskey;"
+                    data-l10n-id="certmgr-view"
                     disabled="true" oncommand="viewCerts();"/>
             <button id="email_addButton"
-                    label="&certmgr.restore2.label;"
-                    accesskey="&certmgr.restore2.accesskey;"
+                    data-l10n-id="certmgr-restore"
                     oncommand="addEmailCert();"/>
             <button id="email_exportButton"
-                    label="&certmgr.export.label;"
-                    accesskey="&certmgr.export.accesskey;"
+                    data-l10n-id="certmgr-export"
                     disabled="true" oncommand="exportCerts();"/>
             <button id="email_deleteButton"
-                    label="&certmgr.delete2.label;"
-                    accesskey="&certmgr.delete2.accesskey;"
+                    data-l10n-id="certmgr-delete"
                     disabled="true" oncommand="deleteCerts();"/>
           </hbox>
         </vbox>
         <vbox id="webCerts" flex="1">
-          <description>&certmgr.websites3;</description>
+          <description data-l10n-id="certmgr-servers"></description>
           <separator class="thin"/>
           <tree id="server-tree" flex="1" enableColumnDrag="true"
                     onselect="websites_enableButtons()">
             <treecols>
-              <treecol id="certcol" label="&certmgr.certname;" primary="true"
+              <treecol id="certcol" data-l10n-id="certmgr-cert-name" primary="true"
                            persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="sitecol" label="&certmgr.certserver;"
+              <treecol id="sitecol" data-l10n-id="certmgr-cert-server"
                        persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="lifetimecol" label="&certmgr.override_lifetime;"
+              <treecol id="lifetimecol" data-l10n-id="certmgr-override-lifetime"
                        persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="expiredcol" label="&certmgr.expires;"
+              <treecol id="expiredcol" data-l10n-id="certmgr-expires-label"
                        persist="hidden width ordinal" flex="1"/>
             </treecols>
             <treechildren ondblclick="viewCerts();"/>
           </tree>
 
           <separator class="thin"/>
 
           <hbox>
             <button id="websites_viewButton"
-                    label="&certmgr.view2.label;"
-                    accesskey="&certmgr.view2.accesskey;"
+                    data-l10n-id="certmgr-view"
                     disabled="true" oncommand="viewCerts();"/>
             <button id="websites_exportButton"
-                    label="&certmgr.export.label;"
-                    accesskey="&certmgr.export.accesskey;"
+                    data-l10n-id="certmgr-export"
                     disabled="true" oncommand="exportCerts();"/>
             <button id="websites_deleteButton"
-                    label="&certmgr.delete2.label;"
-                    accesskey="&certmgr.delete2.accesskey;"
+                    data-l10n-id="certmgr-delete"
                     disabled="true" oncommand="deleteCerts();"/>
             <button id="websites_exceptionButton"
-                    label="&certmgr.addException.label;"
-                    accesskey="&certmgr.addException.accesskey;"
+                    data-l10n-id="certmgr-add-exception"
                     oncommand="addException();"/>
           </hbox>
         </vbox>
         <vbox id="CACerts" flex="1">
-          <description>&certmgr.cas2;</description>
+          <description data-l10n-id="certmgr-ca"></description>
           <separator class="thin"/>
           <tree id="ca-tree" flex="1" enableColumnDrag="true"
                     onselect="ca_enableButtons()">
             <treecols>
-              <treecol id="certcol" label="&certmgr.certname;" primary="true"
+              <treecol id="certcol" data-l10n-id="certmgr-cert-name" primary="true"
                            persist="hidden width ordinal" flex="1"/>
               <splitter class="tree-splitter"/>
-              <treecol id="tokencol" label="&certmgr.tokenname;"
+              <treecol id="tokencol" data-l10n-id="certmgr-token-name"
                            persist="hidden width ordinal" flex="1"/>
             </treecols>
             <treechildren ondblclick="viewCerts();"/>
           </tree>
 
           <separator class="thin"/>
 
           <hbox>
             <button id="ca_viewButton"
-                    label="&certmgr.view2.label;"
-                    accesskey="&certmgr.view2.accesskey;"
+                    data-l10n-id="certmgr-view"
                     disabled="true" oncommand="viewCerts();"/>
             <button id="ca_editButton"
-                    label="&certmgr.edit3.label;"
-                    accesskey="&certmgr.edit3.accesskey;"
+                    data-l10n-id="certmgr-edit"
                     disabled="true" oncommand="editCerts();"/>
             <button id="ca_addButton"
-                    label="&certmgr.restore2.label;"
-                    accesskey="&certmgr.restore2.accesskey;"
+                    data-l10n-id="certmgr-restore"
                     oncommand="addCACerts();"/>
             <button id="ca_exportButton"
-                    label="&certmgr.export.label;"
-                    accesskey="&certmgr.export.accesskey;"
+                    data-l10n-id="certmgr-export"
                     disabled="true" oncommand="exportCerts();"/>
             <button id="ca_deleteButton"
-                    label="&certmgr.delete_builtin.label;"
-                    accesskey="&certmgr.delete_builtin.accesskey;"
+                    data-l10n-id="certmgr-delete-builtin"
                     disabled="true" oncommand="deleteCerts();"/>
           </hbox>
         </vbox>
       </tabpanels>
     </tabbox>
 
   </vbox>
 
--- a/security/manager/pki/resources/content/certViewer.js
+++ b/security/manager/pki/resources/content/certViewer.js
@@ -18,18 +18,16 @@ const nsIX509CertDB = Ci.nsIX509CertDB;
 const nsPK11TokenDB = "@mozilla.org/security/pk11tokendb;1";
 const nsIPK11TokenDB = Ci.nsIPK11TokenDB;
 const nsIASN1Object = Ci.nsIASN1Object;
 const nsIASN1Sequence = Ci.nsIASN1Sequence;
 const nsIASN1PrintableItem = Ci.nsIASN1PrintableItem;
 const nsIASN1Tree = Ci.nsIASN1Tree;
 const nsASN1Tree = "@mozilla.org/security/nsASN1Tree;1";
 
-var bundle;
-
 /**
  * Fills out the "Certificate Hierarchy" tree of the cert viewer "Details" tab.
  *
  * @param {tree} node
  *        Parent tree node to append to.
  * @param {Array} chain
  *        An array of nsIX509Cert where cert n is issued by cert n + 1.
  */
@@ -49,35 +47,33 @@ function AddCertChain(node, chain) {
     let addTwistie = i != 0;
     child = addChildrenToTree(child, displayValue, currCert.dbKey, addTwistie);
   }
 }
 
 /**
  * Adds a "verified usage" of a cert to the "General" tab of the cert viewer.
  *
- * @param {String} usage
- *        Verified usage to add.
+ * @param {String} l10nId
+ *        l10nId of verified usage to add.
  */
-function AddUsage(usage) {
+function AddUsage(l10nId) {
   let verifyInfoBox = document.getElementById("verify_info_box");
   let text = document.createXULElement("textbox");
-  text.setAttribute("value", usage);
+  document.l10n.setAttributes(text, l10nId);
+  text.setAttribute("data-l10n-attrs", "value");
   text.setAttribute("style", "margin: 2px 5px");
   text.setAttribute("readonly", "true");
   text.setAttribute("class", "scrollfield");
   verifyInfoBox.appendChild(text);
 }
 
 function setWindowName() {
-  bundle = document.getElementById("pippki_bundle");
-
   let cert = window.arguments[0].QueryInterface(Ci.nsIX509Cert);
-  document.title = bundle.getFormattedString("certViewerTitle",
-                                             [cert.displayName]);
+  window.document.l10n.setAttributes(window.document.documentElement, "cert-viewer-title", {certName: cert.displayName});
 
   //
   //  Set the cert attributes for viewing
   //
 
   // Set initial dummy chain of just the cert itself. A more complete chain (if
   // one can be found), will be set when the promise chain beginning at
   // asyncDetermineUsages finishes.
@@ -85,21 +81,21 @@ function setWindowName() {
   DisplayGeneralDataFromCert(cert);
   BuildPrettyPrint(cert);
 
   asyncDetermineUsages(cert).then(displayUsages);
 }
 
 // Map of certificate usage name to localization identifier.
 const certificateUsageToStringBundleName = {
-  certificateUsageSSLClient: "VerifySSLClient",
-  certificateUsageSSLServer: "VerifySSLServer",
-  certificateUsageSSLCA: "VerifySSLCA",
-  certificateUsageEmailSigner: "VerifyEmailSigner",
-  certificateUsageEmailRecipient: "VerifyEmailRecip",
+  certificateUsageSSLClient: "verify-ssl-client",
+  certificateUsageSSLServer: "verify-ssl-server",
+  certificateUsageSSLCA: "verify-ssl-ca",
+  certificateUsageEmailSigner: "verify-email-signer",
+  certificateUsageEmailRecipient: "verify-email-recip",
 };
 
 const SEC_ERROR_BASE = Ci.nsINSSErrorsService.NSS_SEC_ERROR_BASE;
 const SEC_ERROR_EXPIRED_CERTIFICATE                     = SEC_ERROR_BASE + 11;
 const SEC_ERROR_REVOKED_CERTIFICATE                     = SEC_ERROR_BASE + 12;
 const SEC_ERROR_UNKNOWN_ISSUER                          = SEC_ERROR_BASE + 13;
 const SEC_ERROR_UNTRUSTED_ISSUER                        = SEC_ERROR_BASE + 20;
 const SEC_ERROR_UNTRUSTED_CERT                          = SEC_ERROR_BASE + 21;
@@ -120,60 +116,56 @@ const SEC_ERROR_CERT_SIGNATURE_ALGORITHM
  */
 function displayUsages(results) {
   document.getElementById("verify_pending").setAttribute("hidden", "true");
   let verified = document.getElementById("verified");
   let someSuccess = results.some(result =>
     result.errorCode == PRErrorCodeSuccess
   );
   if (someSuccess) {
-    let verifystr = bundle.getString("certVerified");
-    verified.textContent = verifystr;
-    let pipnssBundle = Services.strings.createBundle(
-      "chrome://pipnss/locale/pipnss.properties");
+    document.l10n.setAttributes(verified, "cert-verified");
     results.forEach(result => {
       if (result.errorCode != PRErrorCodeSuccess) {
         return;
       }
-      let bundleName = certificateUsageToStringBundleName[result.usageString];
-      let usage = pipnssBundle.GetStringFromName(bundleName);
-      AddUsage(usage);
+      let usageL10nId = certificateUsageToStringBundleName[result.usageString];
+      AddUsage(usageL10nId);
     });
     AddCertChain("treesetDump", getBestChain(results));
   } else {
     const errorRankings = [
       { error: SEC_ERROR_REVOKED_CERTIFICATE,
-        bundleString: "certNotVerified_CertRevoked" },
+        bundleString: "cert-not-verified-cert-revoked" },
       { error: SEC_ERROR_UNTRUSTED_CERT,
-        bundleString: "certNotVerified_CertNotTrusted" },
+        bundleString: "cert-not-verified-cert-not-trusted" },
       { error: SEC_ERROR_UNTRUSTED_ISSUER,
-        bundleString: "certNotVerified_IssuerNotTrusted" },
+        bundleString: "cert-not-verified-issuer-not-trusted" },
       { error: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED,
-        bundleString: "certNotVerified_AlgorithmDisabled" },
+        bundleString: "cert-not-verified_algorithm-disabled" },
       { error: SEC_ERROR_EXPIRED_CERTIFICATE,
-        bundleString: "certNotVerified_CertExpired" },
+        bundleString: "cert-not-verified-cert-expired" },
       { error: SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE,
-        bundleString: "certNotVerified_CAInvalid" },
+        bundleString: "cert-not-verified-ca-invalid" },
       { error: SEC_ERROR_UNKNOWN_ISSUER,
-        bundleString: "certNotVerified_IssuerUnknown" },
+        bundleString: "cert-not-verified-issuer-unknown" },
     ];
-    let verifystr;
+    let errorPresentFlag = false;
     for (let errorRanking of errorRankings) {
       let errorPresent = results.some(result =>
         result.errorCode == errorRanking.error
       );
       if (errorPresent) {
-        verifystr = bundle.getString(errorRanking.bundleString);
+        document.l10n.setAttributes(verified, errorRanking.bundleString);
+        errorPresentFlag = true;
         break;
       }
     }
-    if (!verifystr) {
-      verifystr = bundle.getString("certNotVerified_Unknown");
+    if (!errorPresentFlag) {
+      document.l10n.setAttributes(verified, "cert-not-verified-unknown");
     }
-    verified.textContent = verifystr;
   }
   // Notify that we are done determining the certificate's valid usages (this
   // should be treated as an implementation detail that enables tests to run
   // efficiently - other code in the browser probably shouldn't rely on this).
   Services.obs.notifyObservers(window, "ViewCertDetails:CertUsagesDone");
 }
 
 function addChildrenToTree(parentTree, label, value, addTwistie) {
@@ -220,17 +212,18 @@ function BuildPrettyPrint(cert) {
                           createInstance(nsIASN1Tree);
   certDumpTree.loadASN1Structure(cert.ASN1Structure);
   document.getElementById("prettyDumpTree").view = certDumpTree;
 }
 
 function addAttributeFromCert(nodeName, value) {
   var node = document.getElementById(nodeName);
   if (!value) {
-    value = bundle.getString("notPresent");
+    document.l10n.setAttributes(node, "not-present");
+    return;
   }
   node.setAttribute("value", value);
 }
 
 /**
  * Displays information about a cert in the "General" tab of the cert viewer.
  *
  * @param {nsIX509Cert} cert
--- a/security/manager/pki/resources/content/certViewer.xul
+++ b/security/manager/pki/resources/content/certViewer.xul
@@ -1,160 +1,156 @@
 <?xml version="1.0"?>
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
 
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
+<!DOCTYPE dialog>
 
 <dialog id="certDetails"
-  title="&certmgr.certdetail.title;"
+  data-l10n-id="certmgr-cert-detail"
+  data-l10n-attrs="buttonlabelaccept, buttonaccesskeyaccept"
   xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
   buttons="accept"
-  buttonlabelaccept="&certmgr.close.label;"
-  buttonaccesskeyaccept="&certmgr.close.accesskey;"
   onload="setWindowName();">
 
-<stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
+
+<linkset>
+  <link rel="localization" href="security/certificates/certManager.ftl"/>
+</linkset>
 
 <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
 <script type="application/javascript"
         src="chrome://pippki/content/certViewer.js"/>
 
   <tabbox flex="1">
     <tabs>
-      <tab id="general_tab" label="&certmgr.detail.general_tab.title;"
-           accesskey="&certmgr.detail.general_tab.accesskey;"/>
-      <tab id="prettyprint_tab" label="&certmgr.detail.prettyprint_tab.title;"
-           accesskey="&certmgr.detail.prettyprint_tab.accesskey;"/>
+      <tab id="general_tab" data-l10n-id="certmgr-detail-general-tab-title"/>
+      <tab id="prettyprint_tab" data-l10n-id="certmgr-detail-pretty-print-tab-title"/>
     </tabs>
     <tabpanels flex="1">
       <vbox class="box-padded" id="general_info">
         <vbox id="verify_info_box">
-          <label id="verify_pending" value="&certmgr.pending.label;"/>
+          <label id="verify_pending" data-l10n-id="certmgr-pending-label"/>
           <label class="header" id="verified"/>
         </vbox>
         <separator class="groove"/>
         <vbox flex="1">
           <grid>
             <columns>
               <column/>
               <column flex="1"/>
             </columns>
             <rows>
               <row>
-                <label class="header" value="&certmgr.subjectinfo.label;"/>
+                <label class="header" data-l10n-id="certmgr-subject-info-label"/>
                 <spacer/>
                 <spacer/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.cn;"/>
+                <label data-l10n-id="certmgr-cert-detail-cn"/>
                 <textbox id="commonname" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.o;"/>
+                <label data-l10n-id="certmgr-cert-detail-o"/>
                 <textbox id="organization" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.ou;"/>
+                <label data-l10n-id="certmgr-cert-detail-ou"/>
                 <textbox id="orgunit" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.serialnumber;"/>
+                <label data-l10n-id="certmgr-cert-detail-serialnumber"/>
                 <textbox id="serialnumber" class="plain" readonly="true"/>
               </row>
               <row>
                 <separator class="thin"/>
                 <spacer/>
               </row>
               <row>
-                <label class="header" value="&certmgr.issuerinfo.label;"/>
+                <label class="header" data-l10n-id="certmgr-issuer-info-label"/>
                 <spacer/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.cn;"/>
+                <label data-l10n-id="certmgr-cert-detail-cn"/>
                 <textbox id="issuercommonname" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.o;"/>
+                <label data-l10n-id="certmgr-cert-detail-o"/>
                 <textbox id="issuerorganization" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.ou;"/>
+                <label data-l10n-id="certmgr-cert-detail-ou"/>
                 <textbox id="issuerorgunit" class="plain" readonly="true"/>
               </row>
               <row>
                 <separator class="thin"/>
                 <spacer/>
               </row>
               <row>
-                <label class ="header" value="&certmgr.periodofvalidity.label;"/>
+                <label class ="header" data-l10n-id="certmgr-period-of-validity-label"/>
                 <spacer/>
               </row>
               <row>
-                <label value="&certmgr.begins;"/>
+                <label data-l10n-id="certmgr-begins-value"/>
                 <textbox id="validitystart" class="plain" readonly="true"/>
               </row>
               <row>
-                <label value="&certmgr.expires;"/>
+                <label data-l10n-id="certmgr-expires-value"/>
                 <textbox id="validityend" class="plain" readonly="true"/>
               </row>
               <row>
                 <separator class="thin"/>
                 <spacer/>
               </row>
               <row>
-                <label class="header" value="&certmgr.fingerprints.label;"/>
+                <label class="header" data-l10n-id="certmgr-fingerprints-label"/>
                 <spacer/>
               </row>
               <row>
-                <label value="&certmgr.certdetail.sha256fingerprint;"/>
+                <label data-l10n-id="certmgr-cert-detail-sha256-fingerprint"/>
                 <hbox>
                   <textbox id="sha256fingerprint" class="plain" readonly="true" multiline="true"
                            style="height: 6ex; width: 48ch; font-family: monospace;"/>
                 </hbox>
               </row>
               <row>
-                <label value="&certmgr.certdetail.sha1fingerprint;"/>
+                <label data-l10n-id="certmgr-cert-detail-sha1-fingerprint"/>
                 <textbox id="sha1fingerprint" class="plain" readonly="true" style="min-width:34em;"/>
               </row>
             </rows>
           </grid>
         </vbox>
       </vbox>
       <vbox class="box-padded" id="certPrettyPrint" flex="1">
-        <label class="header" value="&certmgr.hierarchy.label;"
-               control="treesetDump" accesskey="&certmgr.hierarchy.accesskey2;"/>
+        <label class="header" data-l10n-id="certmgr-hierarchy" control="treesetDump"/>
         <tree id="treesetDump" onselect="updateCertDump();" flex="1"
               hidecolumnpicker="true" style="height: 8em;">
           <treecols>
             <treecol id="dumpCol" flex="1" primary="true" hideheader="true"/>
           </treecols>
         </tree>
 
-        <label class="header" value="&certmgr.details.label;"
-               control="prettyDumpTree" accesskey="&certmgr.details.accesskey;"/>
+        <label class="header" data-l10n-id="certmgr-details" control="prettyDumpTree"/>
         <tree id="prettyDumpTree" style="height: 15em" treelines="true" flex="1"
                   onselect="displaySelected();" hidecolumnpicker="true">
           <treecols>
             <treecol flex="1" id="certDataCol" primary="true" hideheader="true"/>
           </treecols>
           <treechildren/>
         </tree>
 
-        <label class="header" value="&certmgr.fields.label;"
-               control="certDumpVal" accesskey="&certmgr.fields.accesskey;"/>
+        <label class="header" data-l10n-id="certmgr-fields" control="certDumpVal"/>
         <textbox id="certDumpVal" multiline="true" flex="1"
                  readonly="true" style="height: 11em; font-family: -moz-fixed;"/>
 
         <separator class="thin"/>
         <hbox>
-          <button id="export_cert" class="normal" label="&certmgr.export.label;"
-                  accesskey="&certmgr.export.accesskey;"
+          <button id="export_cert" class="normal" data-l10n-id="certmgr-export"
                   oncommand="exportToFile(window, getCurrentCert());"/>
         </hbox>
       </vbox>
     </tabpanels>
   </tabbox>
 
 </dialog>
--- a/security/manager/pki/resources/content/deletecert.js
+++ b/security/manager/pki/resources/content/deletecert.js
@@ -19,94 +19,84 @@
  * @typedef DeleteCertReturnValues
  * @type Object
  * @property {Boolean} deleteConfirmed
  *           Set to true if the user confirmed deletion of the given certs,
  *           false otherwise.
  */
 
 /**
- * Returns the most appropriate string to represent the given nsICertTreeItem.
+ * Returns the element to represent the given nsICertTreeItem.
  * @param {nsICertTreeItem} certTreeItem
  *        The item to represent.
- * @returns {String}
- *          A representative string.
+ * @returns {Element}
+ *          A element of each cert tree item.
  */
-function certTreeItemToString(certTreeItem) {
+function getLabelForCertTreeItem(certTreeItem) {
+  let element = document.createXULElement("label");
   let cert = certTreeItem.cert;
   if (!cert) {
-    return certTreeItem.hostPort;
+    element.setAttribute("value", certTreeItem.hostPort);
+    return element;
   }
 
   const attributes = [
     cert.commonName,
     cert.organizationalUnit,
     cert.organization,
     cert.subjectName,
   ];
   for (let attribute of attributes) {
     if (attribute) {
-      return attribute;
+      element.setAttribute("value", attribute);
+      return element;
     }
   }
 
-  let bundle = document.getElementById("pippki_bundle");
-  return bundle.getFormattedString("certWithSerial", [cert.serialNumber]);
+  document.l10n.setAttributes(element, "cert-with-serial", { serialNumber: cert.serialNumber});
+  return element;
 }
 
 /**
  * onload() handler.
  */
 function onLoad() {
   let typeFlag = window.arguments[0];
-  let bundle = document.getElementById("pippki_bundle");
-  let title;
-  let confirm;
-  let impact;
-
+  let confirm = document.getElementById("confirm");
+  let impact = document.getElementById("impact");
+  let prefixForType;
   switch (typeFlag) {
     case "mine_tab":
-      title = bundle.getString("deleteUserCertTitle");
-      confirm = bundle.getString("deleteUserCertConfirm");
-      impact = bundle.getString("deleteUserCertImpact");
+      prefixForType = "delete-user-cert-";
       break;
     case "websites_tab":
-      title = bundle.getString("deleteSslCertTitle3");
-      confirm = bundle.getString("deleteSslCertConfirm3");
-      impact = bundle.getString("deleteSslCertImpact3");
+      prefixForType = "delete-ssl-cert-";
       break;
     case "ca_tab":
-      title = bundle.getString("deleteCaCertTitle2");
-      confirm = bundle.getString("deleteCaCertConfirm2");
-      impact = bundle.getString("deleteCaCertImpactX2");
+      prefixForType = "delete-ca-cert-";
       break;
     case "others_tab":
-      title = bundle.getString("deleteEmailCertTitle");
-      confirm = bundle.getString("deleteEmailCertConfirm");
-      impact = bundle.getString("deleteEmailCertImpactDesc");
+      prefixForType = "delete-email-cert-";
       break;
     default:
       return;
   }
 
-  document.title = title;
-
-  setText("confirm", confirm);
+  document.l10n.setAttributes(document.documentElement, prefixForType + "title");
+  document.l10n.setAttributes(confirm, prefixForType + "confirm");
+  document.l10n.setAttributes(impact, prefixForType + "impact");
 
   let box = document.getElementById("certlist");
   let certTreeItems = window.arguments[1];
   for (let certTreeItem of certTreeItems) {
     let listItem = document.createXULElement("richlistitem");
-    let label = document.createXULElement("label");
-    label.setAttribute("value", certTreeItemToString(certTreeItem));
+    let label = getLabelForCertTreeItem(certTreeItem);
     listItem.appendChild(label);
     box.appendChild(listItem);
   }
-
-  setText("impact", impact);
 }
 
 /**
  * ondialogaccept() handler.
  *
  * @returns {Boolean} true to make the dialog close, false otherwise.
  */
 function onDialogAccept() {
--- a/security/manager/pki/resources/content/deletecert.xul
+++ b/security/manager/pki/resources/content/deletecert.xul
@@ -1,26 +1,29 @@
 <?xml version="1.0"?>
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
 
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
+<!DOCTYPE dialog>
 
 <dialog id="deleteCertificate"
-  title="&certmgr.deletecert.title;"
+  data-l10n-id="certmgr-delete-cert"
+  data-l10n-attrs="style"
   xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
   onload="onLoad();"
   buttons="accept,cancel"
   ondialogaccept="return onDialogAccept();"
   ondialogcancel="return onDialogCancel();">
 
-  <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
+  <linkset>
+    <link rel="localization" href="security/certificates/certManager.ftl"/>
+  </linkset>
 
   <script type="application/javascript" src="pippki.js" />
   <script type="application/javascript" src="chrome://pippki/content/deletecert.js"/>
 
   <description id="confirm" style="width: 400px;"/>
   <richlistbox id="certlist" class="box-padded" flex="1"
                style="min-height: 8em; height: 8em; min-width: 35em;"/>
   <description id="impact" style="width: 400px;"/>
--- a/security/manager/pki/resources/content/editcacert.js
+++ b/security/manager/pki/resources/content/editcacert.js
@@ -13,19 +13,18 @@ var gCertDB = Cc["@mozilla.org/security/
 var gCert;
 
 /**
  * onload() handler.
  */
 function onLoad() {
   gCert = window.arguments[0];
 
-  let bundle = document.getElementById("pippki_bundle");
-  setText("certmsg",
-          bundle.getFormattedString("editTrustCA", [gCert.commonName]));
+  let certMsg = document.getElementById("certmsg");
+  document.l10n.setAttributes(certMsg, "edit-trust-ca", { certName: gCert.commonName});
 
   let sslCheckbox = document.getElementById("trustSSL");
   sslCheckbox.checked = gCertDB.isCertTrusted(gCert, Ci.nsIX509Cert.CA_CERT,
                                               Ci.nsIX509CertDB.TRUSTED_SSL);
 
   let emailCheckbox = document.getElementById("trustEmail");
   emailCheckbox.checked = gCertDB.isCertTrusted(gCert, Ci.nsIX509Cert.CA_CERT,
                                                 Ci.nsIX509CertDB.TRUSTED_EMAIL);
--- a/security/manager/pki/resources/content/editcacert.xul
+++ b/security/manager/pki/resources/content/editcacert.xul
@@ -1,34 +1,36 @@
 <?xml version="1.0"?>
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
 
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
+<!DOCTYPE dialog>
 
 <dialog id="editCaCert"
-        title="&certmgr.editcacert.title;"
+        data-l10n-id="certmgr-edit-ca-cert"
+        data-l10n-attrs="style"
         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
         buttons="accept,cancel"
         ondialogaccept="return onDialogAccept();"
-        onload="onLoad();"
->
+        onload="onLoad();">
 
-  <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
+  <linkset>
+    <link rel="localization" href="security/certificates/certManager.ftl"/>
+  </linkset>
 
   <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
   <script type="application/javascript"
           src="chrome://pippki/content/editcacert.js"/>
 
   <description id="certmsg"/>
   <separator/>
-  <description>&certmgr.editcert.edittrust;</description>
+  <description data-l10n-id="certmgr-edit-cert-edit-trust"></description>
   <vbox align="start">
-    <checkbox label="&certmgr.editcert.trustssl;"
+    <checkbox data-l10n-id="certmgr-edit-cert-trust-ssl"
               id="trustSSL"/>
-    <checkbox label="&certmgr.editcert.trustemail;"
+    <checkbox data-l10n-id="certmgr-edit-cert-trust-email"
               id="trustEmail"/>
   </vbox>
 
 </dialog>
--- a/security/manager/pki/resources/content/exceptionDialog.js
+++ b/security/manager/pki/resources/content/exceptionDialog.js
@@ -1,39 +1,32 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /* import-globals-from pippki.js */
 "use strict";
 
 var gDialog;
-var gBundleBrand;
-var gPKIBundle;
 var gSecInfo;
 var gCert;
 var gChecking;
 var gBroken;
 var gNeedReset;
 var gSecHistogram;
 var gNsISecTel;
 
 ChromeUtils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
 
 function initExceptionDialog() {
   gNeedReset = false;
   gDialog = document.documentElement;
-  gBundleBrand = document.getElementById("brand_bundle");
-  gPKIBundle = document.getElementById("pippki_bundle");
   gSecHistogram = Services.telemetry.getHistogramById("SECURITY_UI");
   gNsISecTel = Ci.nsISecurityUITelemetry;
-
-  var brandName = gBundleBrand.getString("brandShortName");
-  setText("warningText",
-          gPKIBundle.getFormattedString("addExceptionBrandedWarning2",
-                                        [brandName]));
+  let warningText = document.getElementById("warningText");
+  document.l10n.setAttributes(warningText, "add-exception-branded-warning");
   gDialog.getButton("extra1").disabled = true;
 
   var args = window.arguments;
   if (args && args[0]) {
     if (args[0].location) {
       // We were pre-seeded with a location.
       document.getElementById("locationTextBox").value = args[0].location;
       document.getElementById("checkCertButton").disabled = false;
@@ -172,22 +165,22 @@ function updateCertStatus() {
   var shortDesc, longDesc;
   var shortDesc2, longDesc2;
   var shortDesc3, longDesc3;
   var use2 = false;
   var use3 = false;
   let bucketId = gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_BASE;
   if (gCert) {
     if (gBroken) {
-      var mms = "addExceptionDomainMismatchShort";
-      var mml = "addExceptionDomainMismatchLong2";
-      var exs = "addExceptionExpiredShort";
-      var exl = "addExceptionExpiredLong2";
-      var uts = "addExceptionUnverifiedOrBadSignatureShort";
-      var utl = "addExceptionUnverifiedOrBadSignatureLong2";
+      var mms = "add-exception-domain-mismatch-short";
+      var mml = "add-exception-domain-mismatch-long";
+      var exs = "add-exception-expired-short";
+      var exl = "add-exception-expired-long";
+      var uts = "add-exception-unverified-or-bad-signature-short";
+      var utl = "add-exception-unverified-or-bad-signature-long";
       var use1 = false;
       if (gSecInfo.isDomainMismatch) {
         bucketId += gNsISecTel.WARNING_BAD_CERT_TOP_ADD_EXCEPTION_FLAG_DOMAIN;
         use1 = true;
         shortDesc = mms;
         longDesc  = mml;
       }
       if (gSecInfo.isNotValidAtThisTime) {
@@ -227,62 +220,67 @@ function updateCertStatus() {
       // If the Private Browsing service is available and the mode is active,
       // don't store permanent exceptions, since they would persist after
       // private browsing mode was disabled.
       var inPrivateBrowsing = inPrivateBrowsingMode();
       var pe = document.getElementById("permanent");
       pe.disabled = inPrivateBrowsing;
       pe.checked = !inPrivateBrowsing;
 
-      setText("headerDescription",
-              gPKIBundle.getString("addExceptionInvalidHeader"));
+      let headerDescription = document.getElementById("headerDescription");
+      document.l10n.setAttributes(headerDescription, "add-exception-invalid-header");
     } else {
-      shortDesc = "addExceptionValidShort";
-      longDesc  = "addExceptionValidLong";
+      shortDesc = "add-exception-valid-short";
+      longDesc  = "add-exception-valid-long";
       gDialog.getButton("extra1").disabled = true;
       document.getElementById("permanent").disabled = true;
     }
 
     // We're done checking the certificate, so allow the user to check it again.
     document.getElementById("checkCertButton").disabled = false;
     document.getElementById("viewCertButton").disabled = false;
 
     // Notify observers about the availability of the certificate
     Services.obs.notifyObservers(null, "cert-exception-ui-ready");
   } else if (gChecking) {
-    shortDesc = "addExceptionCheckingShort";
-    longDesc  = "addExceptionCheckingLong2";
+    shortDesc = "add-exception-checking-short";
+    longDesc  = "add-exception-checking-long";
     // We're checking the certificate, so we disable the Get Certificate
     // button to make sure that the user can't interrupt the process and
     // trigger another certificate fetch.
     document.getElementById("checkCertButton").disabled = true;
     document.getElementById("viewCertButton").disabled = true;
     gDialog.getButton("extra1").disabled = true;
     document.getElementById("permanent").disabled = true;
   } else {
-    shortDesc = "addExceptionNoCertShort";
-    longDesc  = "addExceptionNoCertLong2";
+    shortDesc = "add-exception-no-cert-short";
+    longDesc  = "add-exception-no-cert-long";
     // We're done checking the certificate, so allow the user to check it again.
     document.getElementById("checkCertButton").disabled = false;
     document.getElementById("viewCertButton").disabled = true;
     gDialog.getButton("extra1").disabled = true;
     document.getElementById("permanent").disabled = true;
   }
-
-  setText("statusDescription", gPKIBundle.getString(shortDesc));
-  setText("statusLongDescription", gPKIBundle.getString(longDesc));
+  let statusDescription = document.getElementById("statusDescription");
+  let statusLongDescription = document.getElementById("statusLongDescription");
+  document.l10n.setAttributes(statusDescription, shortDesc);
+  document.l10n.setAttributes(statusLongDescription, longDesc);
 
   if (use2) {
-    setText("status2Description", gPKIBundle.getString(shortDesc2));
-    setText("status2LongDescription", gPKIBundle.getString(longDesc2));
+    let status2Description = document.getElementById("status2Description");
+    let status2LongDescription = document.getElementById("status2LongDescription");
+    document.l10n.setAttributes(status2Description, shortDesc2);
+    document.l10n.setAttributes(status2LongDescription, longDesc2);
   }
 
   if (use3) {
-    setText("status3Description", gPKIBundle.getString(shortDesc3));
-    setText("status3LongDescription", gPKIBundle.getString(longDesc3));
+    let status3Description = document.getElementById("status3Description");
+    let status3LongDescription = document.getElementById("status3LongDescription");
+    document.l10n.setAttributes(status3Description, shortDesc3);
+    document.l10n.setAttributes(status3LongDescription, longDesc3);
   }
 
   window.sizeToContent();
   gNeedReset = true;
 }
 
 /**
  * Handle user request to display certificate details
--- a/security/manager/pki/resources/content/exceptionDialog.xul
+++ b/security/manager/pki/resources/content/exceptionDialog.xul
@@ -1,33 +1,32 @@
 <?xml version="1.0"?>
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
 
-<!DOCTYPE dialog SYSTEM "chrome://pippki/locale/certManager.dtd">
+<!DOCTYPE dialog>
 
 <dialog id="exceptiondialog"
         windowtype="mozilla:exceptiondialog"
         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
-        title="&exceptionMgr.title;"
+        data-l10n-id="exception-mgr"
+        buttonidextra1="exception-mgr-extra-button"
         buttons="cancel,extra1,extra2"
-        buttonlabelextra1="&exceptionMgr.exceptionButton.label;"
-        buttonaccesskeyextra1="&exceptionMgr.exceptionButton.accesskey;"
         onload="initExceptionDialog();"
         ondialogextra1="addException();"
         ondialogextra2="checkCert();"
         defaultButton="extra2">
 
-  <stringbundleset id="stringbundleset">
-    <stringbundle id="pippki_bundle" src="chrome://pippki/locale/pippki.properties"/>
-    <stringbundle id="brand_bundle" src="chrome://branding/locale/brand.properties"/>
-  </stringbundleset>
+  <linkset>
+    <link rel="localization" href="security/certificates/certManager.ftl"/>
+    <link rel="localization" href="branding/brand.ftl"/>
+  </linkset>
 
   <script type="application/javascript" src="chrome://pippki/content/pippki.js"/>
   <script type="application/javascript" src="chrome://pippki/content/exceptionDialog.js"/>
 
   <hbox>
     <vbox>
 #ifdef MOZ_WIDGET_GTK
       <image src="moz-icon://stock/gtk-dialog-warning?size=dialog"/>
@@ -38,42 +37,39 @@
     </vbox>
     <vbox flex="1">
       <!-- Note that because of the styling, there must be no whitespace within
       the description tags -->
       <description id="warningText"
                    style="white-space: pre-wrap"/>
       <description id="warningSupplemental"
                    style="font-weight: bold; white-space: pre-wrap;"
-                   >&exceptionMgr.supplementalWarning;</description>
+                   data-l10n-id="exception-mgr-supplemental-warning"></description>
     </vbox>
   </hbox>
 
   <hbox align="center">
-    <label control="locationTextBox" value="&exceptionMgr.certlocation.url;"/>
+    <label control="locationTextBox" data-l10n-id="exception-mgr-cert-location-url"/>
     <textbox id="locationTextBox" flex="1" oninput="handleTextChange();"
              value="https://" class="uri-element"/>
     <button id="checkCertButton" disabled="true" dlgtype="extra2"
-            accesskey="&exceptionMgr.certlocation.accesskey;"
-            label="&exceptionMgr.certlocation.download;"/>
+            data-l10n-id="exception-mgr-cert-location-download"/>
   </hbox>
 
   <hbox align="center">
     <description id="headerDescription" style="white-space: pre-wrap;"
                  flex="1"/>
-    <button id="viewCertButton" label="&exceptionMgr.certstatus.viewCert;"
-            accesskey="&exceptionMgr.certstatus.accesskey;"
+    <button id="viewCertButton" data-l10n-id="exception-mgr-cert-status-view-cert"
             disabled="true" oncommand="viewCertButtonClick();"/>
   </hbox>
   <description id="statusDescription"
                style="font-weight: bold; padding-bottom: 1em;"/>
   <description id="statusLongDescription" style="white-space: pre-wrap;"/>
   <description id="status2Description"
                style="font-weight: bold; padding-bottom: 1em;"/>
   <description id="status2LongDescription" style="white-space: pre-wrap;"/>
   <description id="status3Description"
                style="font-weight: bold; padding-bottom: 1em;"/>
   <description id="status3LongDescription" style="white-space: pre-wrap;"/>
   <spacer flex="1"/>
   <checkbox id="permanent" disabled="true"
-            label="&exceptionMgr.permanent.label;"
-            accesskey="&exceptionMgr.permanent.accesskey;"/>
+            data-l10n-id="exception-mgr-permanent"/>
 </dialog>
--- a/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_certViewer.js
@@ -8,104 +8,95 @@
 // certificates are valid for or what errors prevented the certificates from
 // being verified.
 
 var { OS } = ChromeUtils.import("resource://gre/modules/osfile.jsm", {});
 
 add_task(async function testCAandTitle() {
   let cert = await readCertificate("ca.pem", "CTu,CTu,CTu");
   let win = await displayCertificate(cert);
-  checkUsages(win, ["SSL Certificate Authority"]);
+  checkUsages(win, [{id: "verify-ssl-ca"}]);
   checkDetailsPane(win, ["ca"]);
 
   // There's no real need to test the title for every cert, so we just test it
   // once here.
-  Assert.equal(win.document.title, "Certificate Viewer: \u201Cca\u201D",
+  Assert.deepEqual(win.document.l10n.getAttributes(win.document.documentElement),
+                {args: { certName: "ca"}, id: "cert-viewer-title"},
                "Actual and expected title should match");
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testSSLEndEntity() {
   let cert = await readCertificate("ssl-ee.pem", ",,");
   let win = await displayCertificate(cert);
-  checkUsages(win, ["SSL Server Certificate", "SSL Client Certificate"]);
+  checkUsages(win, [{id: "verify-ssl-server"}, {id: "verify-ssl-client"}]);
   checkDetailsPane(win, ["ca", "ssl-ee"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testEmailEndEntity() {
   let cert = await readCertificate("email-ee.pem", ",,");
   let win = await displayCertificate(cert);
-  checkUsages(win, ["Email Recipient Certificate", "Email Signer Certificate"]);
+  checkUsages(win, [{id: "verify-email-recip"}, {id: "verify-email-signer"}]);
   checkDetailsPane(win, ["ca", "email-ee"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testCodeSignEndEntity() {
   let cert = await readCertificate("code-ee.pem", ",,");
   let win = await displayCertificate(cert);
-  checkError(win, "Could not verify this certificate for unknown reasons.");
+  checkError(win, {id: "cert-not-verified-unknown"});
   checkDetailsPane(win, ["code-ee"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testExpired() {
   let cert = await readCertificate("expired-ca.pem", ",,");
   let win = await displayCertificate(cert);
-  checkError(win, "Could not verify this certificate because it has expired.");
+  checkError(win, {id: "cert-not-verified-cert-expired"});
   checkDetailsPane(win, ["expired-ca"]);
   await BrowserTestUtils.closeWindow(win);
 
   // These tasks may run in any order, so we run this additional testcase in the
   // same task.
   let eeCert = await readCertificate("ee-from-expired-ca.pem", ",,");
   let eeWin = await displayCertificate(eeCert);
-  checkError(eeWin,
-             "Could not verify this certificate because the CA certificate " +
-             "is invalid.");
+  checkError(eeWin, {id: "cert-not-verified-ca-invalid"});
   checkDetailsPane(eeWin, ["ee-from-expired-ca"]);
   await BrowserTestUtils.closeWindow(eeWin);
 });
 
 add_task(async function testUnknownIssuer() {
   let cert = await readCertificate("unknown-issuer.pem", ",,");
   let win = await displayCertificate(cert);
-  checkError(win,
-             "Could not verify this certificate because the issuer is " +
-             "unknown.");
+  checkError(win, {id: "cert-not-verified-issuer-unknown"});
   checkDetailsPane(win, ["unknown-issuer"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testInsecureAlgo() {
   let cert = await readCertificate("md5-ee.pem", ",,");
   let win = await displayCertificate(cert);
-  checkError(win,
-             "Could not verify this certificate because it was signed using " +
-             "a signature algorithm that was disabled because that algorithm " +
-             "is not secure.");
+  checkError(win, {id: "cert-not-verified_algorithm-disabled"});
   checkDetailsPane(win, ["md5-ee"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testUntrusted() {
   let cert = await readCertificate("untrusted-ca.pem", "p,p,p");
   let win = await displayCertificate(cert);
-  checkError(win,
-             "Could not verify this certificate because it is not trusted.");
+  checkError(win, {id: "cert-not-verified-cert-not-trusted"});
   checkDetailsPane(win, ["untrusted-ca"]);
   await BrowserTestUtils.closeWindow(win);
 
   // These tasks may run in any order, so we run this additional testcase in the
   // same task.
   let eeCert = await readCertificate("ee-from-untrusted-ca.pem", ",,");
   let eeWin = await displayCertificate(eeCert);
-  checkError(eeWin,
-             "Could not verify this certificate because the issuer is not " +
-             "trusted.");
+  checkError(eeWin, {id: "cert-not-verified-issuer-not-trusted"});
   checkDetailsPane(eeWin, ["ee-from-untrusted-ca"]);
   await BrowserTestUtils.closeWindow(eeWin);
 });
 
 add_task(async function testRevoked() {
   // Note that there's currently no way to un-do this. This should only be a
   // problem if another test re-uses a certificate with this same key (perhaps
   // likely) and subject (less likely).
@@ -114,30 +105,29 @@ add_task(async function testRevoked() {
   certBlocklist.revokeCertBySubjectAndPubKey(
     "MBIxEDAOBgNVBAMMB3Jldm9rZWQ=", // CN=revoked
     "VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8="); // hash of the shared key
   let cert = await readCertificate("revoked.pem", ",,");
   let win = await displayCertificate(cert);
   // As of bug 1312827, OneCRL only applies to TLS web server certificates, so
   // this certificate will actually verify successfully for every end-entity
   // usage except TLS web server.
-  checkUsages(win, ["Email Recipient Certificate", "Email Signer Certificate",
-                    "SSL Client Certificate"]);
+  checkUsages(win, [{id: "verify-email-recip"}, {id: "verify-email-signer"}, {id: "verify-ssl-client"}]);
   checkDetailsPane(win, ["ca", "revoked"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testInvalid() {
   // This certificate has a keyUsage extension asserting cRLSign and
   // keyCertSign, but it doesn't have a basicConstraints extension. This
   // shouldn't be valid for any usage. Sadly, we give a pretty lame error
   // message in this case.
   let cert = await readCertificate("invalid.pem", ",,");
   let win = await displayCertificate(cert);
-  checkError(win, "Could not verify this certificate for unknown reasons.");
+  checkError(win, {id: "cert-not-verified-unknown"});
   checkDetailsPane(win, ["invalid"]);
   await BrowserTestUtils.closeWindow(win);
 });
 
 add_task(async function testLongOID() {
   // This certificate has a certificatePolicies extension with a policy with a
   // very long OID. This tests that we don't crash when looking at it.
   let cert = await readCertificate("longOID.pem", ",,");
@@ -166,86 +156,87 @@ function displayCertificate(certificate)
 }
 
 /**
  * Given a certificate viewer window, finds the usages the certificate is valid
  * for.
  *
  * @param {window} win
  *        The certificate viewer window.
- * @return {String[]}
- *         An array of strings describing the usages the certificate is valid
- *         for.
+ * @return {Object[]}
+ *         An array of objects including the L10n Ids of strings describing
+ *         the usages the certificate is valid for.
  */
 function getUsages(win) {
   let determinedUsages = [];
   let verifyInfoBox = win.document.getElementById("verify_info_box");
   Array.from(verifyInfoBox.children).forEach(child => {
     if (child.getAttribute("hidden") != "true" &&
         child.getAttribute("id") != "verified") {
-      determinedUsages.push(child.getAttribute("value"));
+      determinedUsages.push(win.document.l10n.getAttributes(child));
     }
   });
-  return determinedUsages.sort();
+  return determinedUsages.sort(compareL10Ids);
 }
 
 /**
  * Given a certificate viewer window, returns the error string describing a
  * failure encountered when determining the certificate's usages. It will be
  * "This certificate has been verified for the following uses:" when the
  * certificate has successfully verified for at least one usage.
  *
  * @param {window} win
  *        The certificate viewer window.
- * @return {String}
- *         A string describing the error encountered, or the success message if
- *         the certificate is valid for at least one usage.
+ * @return {Object}
+ *         A object with L10n id of the string describing the error encountered,
+ *        or the success message if the certificate is valid for at least one usage.
  */
 function getError(win) {
-  return win.document.getElementById("verified").textContent;
+  let verified = win.document.getElementById("verified");
+  return win.document.l10n.getAttributes(verified);
 }
 
 /**
- * Given a certificate viewer window and an array of expected usage
+ * Given a certificate viewer window and an array of l10n ids of expected usage
  * descriptions, verifies that the window is actually showing that the
  * certificate has validated for those usages.
  *
  * @param {window} win
  *        The certificate viewer window.
- * @param {String[]} usages
- *        An array of expected usage descriptions.
+ * @param {Object[]} usagesL10nIds
+ *        An array of object with l10n ids of expected usage descriptions.
  */
-function checkUsages(win, usages) {
-  Assert.equal(getError(win),
-               "This certificate has been verified for the following uses:",
+function checkUsages(win, usagesL10nIds) {
+  Assert.deepEqual(getError(win),
+               { id: "cert-verified" },
                "should have successful verification message");
   let determinedUsages = getUsages(win);
-  usages.sort();
-  Assert.equal(determinedUsages.length, usages.length,
+  usagesL10nIds.sort(compareL10Ids);
+  Assert.deepEqual(determinedUsages.length, usagesL10nIds.length,
                "number of usages as determined by cert viewer should be equal");
-  while (usages.length > 0) {
-    Assert.equal(determinedUsages.pop(), usages.pop(),
+  while (usagesL10nIds.length > 0) {
+    Assert.deepEqual(determinedUsages.pop(), usagesL10nIds.pop(),
                  "usages as determined by cert viewer should be equal");
   }
 }
 
 /**
- * Given a certificate viewer window and an expected error, verifies that the
+ * Given a certificate viewer window and l10n id of an expected error, verifies that the
  * window is actually showing that error.
  *
  * @param {window} win
  *        The certificate viewer window.
- * @param {String} error
- *        The expected error message.
+ * @param {Object} errorL10nId
+ *        The object with l10n id of expected error message.
  */
-function checkError(win, error) {
+function checkError(win, errorL10nId) {
   let determinedUsages = getUsages(win);
   Assert.equal(determinedUsages.length, 0,
                "should not have any successful usages in error case");
-  Assert.equal(getError(win), error,
+  Assert.deepEqual(getError(win), errorL10nId,
                "determined error should be the same as expected error");
 }
 
 /**
  * Given a certificate viewer window and an expected list of certificate names,
  * verifies that the certificate details pane of the viewer shows the expected
  * certificates in the expected order.
  *
@@ -259,8 +250,27 @@ function checkDetailsPane(win, names) {
   let nodes = tree.querySelectorAll("treecell");
   Assert.equal(nodes.length, names.length,
                "details pane: should have the expected number of cert names");
   for (let i = 0; i < names.length; i++) {
     Assert.equal(nodes[i].getAttribute("label"), names[i],
                  "details pain: should have expected cert name");
   }
 }
+
+/**
+ * Given two objects with l10n id, compare them by l10n id for sorting.
+ *
+ * @param {Objects} ida,idb
+ *        The objects with l10n id.
+ * @param {integer}
+ *        An integer representing true of false.
+ */
+
+function compareL10Ids(ida, idb) {
+  if (ida.id < idb.id) {
+    return -1;
+  } else if (ida.id > idb.id) {
+    return 1;
+  }
+  return 0;
+}
+
--- a/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_deleteCert_ui.js
@@ -21,35 +21,43 @@ const FAKE_HOST_PORT = "Fake host and po
  * @typedef {TestCase}
  * @type Object
  * @property {String} certFilename
  *           Filename of the cert, or null if we don't want to import a cert for
  *           this test case (i.e. we expect the hostPort attribute of
  *           nsICertTreeItem to be used).
  * @property {String} expectedDisplayString
  *           The string we expect the UI to display to represent the given cert.
+ * @property {String} expectedSerialNumber
+ *           The serial number we expect the UI to display if it exists.
  */
 
 /**
  * A list of test cases representing certs that get "deleted".
  * @type TestCase[]
  */
 const TEST_CASES = [
   { certFilename: null,
-    expectedDisplayString: FAKE_HOST_PORT },
+    expectedDisplayString: FAKE_HOST_PORT,
+    expectedSerialNumber: null},
   { certFilename: "has-cn.pem",
-    expectedDisplayString: "Foo" },
+    expectedDisplayString: "Foo",
+    expectedSerialNumber: null},
   { certFilename: "has-ou.pem",
-    expectedDisplayString: "Bar" },
+    expectedDisplayString: "Bar",
+    expectedSerialNumber: null},
   { certFilename: "has-o.pem",
-    expectedDisplayString: "Baz" },
+    expectedDisplayString: "Baz",
+    expectedSerialNumber: null},
   { certFilename: "has-non-empty-subject.pem",
-    expectedDisplayString: "C=US" },
+    expectedDisplayString: "C=US",
+    expectedSerialNumber: null},
   { certFilename: "has-empty-subject.pem",
-    expectedDisplayString: "Certificate with serial number: 0A" },
+    expectedDisplayString: "Certificate with serial number: 0A",
+    expectedSerialNumber: "0A"},
 ];
 
 /**
  * Opens the cert delete confirmation dialog.
  *
  * @param {String} tabID
  *        The ID of the cert category tab the certs to delete belong to.
  * @returns {Promise}
@@ -86,98 +94,94 @@ add_task(async function setup() {
   }
 });
 
 /**
  * Test helper for the below test cases.
  *
  * @param {String} tabID
  *        ID of the cert category tab the certs to delete belong to.
- * @param {String} expectedTitle
- *        Title the dialog is expected to have.
- * @param {String} expectedConfirmMsg
- *        Confirmation message the dialog is expected to show.
- * @param {String} expectedImpact
- *        Impact the dialog is expected to show.
+ * @param {String} expectedTitleL10nId
+ *        The L10nId of title the dialog is expected to have.
+ * @param {String} expectedConfirmL10nId
+ *        The l10n id of confirmation message the dialog expected to show.
+ * @param {String} expectedImpactL10nId
+ *        The l10n id of impact the dialog expected to show.
  */
-async function testHelper(tabID, expectedTitle, expectedConfirmMsg, expectedImpact) {
+async function testHelper(tabID, expectedTitleL10nId, expectedConfirmL10nId, expectedImpactL10nId) {
   let [win] = await openDeleteCertConfirmDialog(tabID);
   let certList = win.document.getElementById("certlist");
 
-  Assert.equal(win.document.title, expectedTitle,
+  Assert.deepEqual(win.document.l10n.getAttributes(win.document.documentElement), expectedTitleL10nId,
                `Actual and expected titles should match for ${tabID}`);
-  Assert.equal(win.document.getElementById("confirm").textContent,
-               expectedConfirmMsg,
+  let confirm = win.document.getElementById("confirm");
+  Assert.deepEqual(win.document.l10n.getAttributes(confirm),
+               expectedConfirmL10nId,
                `Actual and expected confirm message should match for ${tabID}`);
-  Assert.equal(win.document.getElementById("impact").textContent,
-               expectedImpact,
+  let impact = win.document.getElementById("impact");
+  Assert.deepEqual(win.document.l10n.getAttributes(impact),
+               expectedImpactL10nId,
                `Actual and expected impact should match for ${tabID}`);
 
   Assert.equal(certList.itemCount, TEST_CASES.length,
                `No. of certs displayed should match for ${tabID}`);
   for (let i = 0; i < certList.itemCount; i++) {
-    Assert.equal(certList.getItemAtIndex(i).label,
+    let item = certList.getItemAtIndex(i);
+    if (TEST_CASES[i].expectedSerialNumber == null) {
+      Assert.equal(item.label,
                  TEST_CASES[i].expectedDisplayString,
                  "Actual and expected display string should match for " +
                  `index ${i} for ${tabID}`);
+    } else {
+    Assert.deepEqual(win.document.l10n.getAttributes(item.children[0]),
+                 {id: "cert-with-serial", args: { serialNumber: TEST_CASES[i].expectedSerialNumber }},
+                 "Actual and expected display string should match for " +
+                 `index ${i} for ${tabID}`);
+    }
   }
 
   await BrowserTestUtils.closeWindow(win);
 }
 
 // Test deleting certs from the "Your Certificates" tab.
 add_task(async function testDeletePersonalCerts() {
-  const expectedTitle = "Delete your Certificates";
-  const expectedConfirmMsg =
-    "Are you sure you want to delete these certificates?";
-  const expectedImpact =
-    "If you delete one of your own certificates, you can no longer use it to " +
-    "identify yourself.";
-  await testHelper("mine_tab", expectedTitle, expectedConfirmMsg,
-                    expectedImpact);
+  const expectedTitleL10nId = {id: "delete-user-cert-title"};
+  const expectedConfirmL10nId = {id: "delete-user-cert-confirm"};
+  const expectedImpactL10nId = {id: "delete-user-cert-impact"};
+  await testHelper("mine_tab", expectedTitleL10nId, expectedConfirmL10nId,
+                    expectedImpactL10nId);
 });
 
 // Test deleting certs from the "People" tab.
 add_task(async function testDeleteOtherPeopleCerts() {
-  const expectedTitle = "Delete E-Mail Certificates";
+  const expectedTitleL10nId = {id: "delete-email-cert-title"};
   // ’ doesn't seem to work when embedded in the following literals, which is
   // why escape codes are used instead.
-  const expectedConfirmMsg =
-    "Are you sure you want to delete these people\u2019s e-mail certificates?";
-  const expectedImpact =
-    "If you delete a person\u2019s e-mail certificate, you will no longer be " +
-    "able to send encrypted e-mail to that person.";
-  await testHelper("others_tab", expectedTitle, expectedConfirmMsg,
-                    expectedImpact);
+  const expectedConfirmL10nId = {id: "delete-email-cert-confirm"};
+  const expectedImpactL10nId = {id: "delete-email-cert-impact"};
+  await testHelper("others_tab", expectedTitleL10nId, expectedConfirmL10nId,
+                    expectedImpactL10nId);
 });
 
 // Test deleting certs from the "Servers" tab.
 add_task(async function testDeleteServerCerts() {
-  const expectedTitle = "Delete Server Certificate Exceptions";
-  const expectedConfirmMsg =
-    "Are you sure you want to delete these server exceptions?";
-  const expectedImpact =
-    "If you delete a server exception, you restore the usual security checks " +
-    "for that server and require it uses a valid certificate.";
-  await testHelper("websites_tab", expectedTitle, expectedConfirmMsg,
-                    expectedImpact);
+  const expectedTitleL10nId = {id: "delete-ssl-cert-title"};
+  const expectedConfirmL10nId = {id: "delete-ssl-cert-confirm"};
+  const expectedImpactL10nId = {id: "delete-ssl-cert-impact"};
+  await testHelper("websites_tab", expectedTitleL10nId, expectedConfirmL10nId,
+                    expectedImpactL10nId);
 });
 
 // Test deleting certs from the "Authorities" tab.
 add_task(async function testDeleteCACerts() {
-  const expectedTitle = "Delete or Distrust CA Certificates";
-  const expectedConfirmMsg =
-    "You have requested to delete these CA certificates. For built-in " +
-    "certificates all trust will be removed, which has the same effect. Are " +
-    "you sure you want to delete or distrust?";
-  const expectedImpact =
-    "If you delete or distrust a certificate authority (CA) certificate, " +
-    "this application will no longer trust any certificates issued by that CA.";
-  await testHelper("ca_tab", expectedTitle, expectedConfirmMsg,
-                    expectedImpact);
+  const expectedTitleL10nId = {id: "delete-ca-cert-title"};
+  const expectedConfirmL10nId = {id: "delete-ca-cert-confirm"};
+  const expectedImpactL10nId = {id: "delete-ca-cert-impact"};
+  await testHelper("ca_tab", expectedTitleL10nId, expectedConfirmL10nId,
+                    expectedImpactL10nId);
 });
 
 // Test that the right values are returned when the dialog is accepted.
 add_task(async function testAcceptDialogReturnValues() {
   let [win, retVals] = await openDeleteCertConfirmDialog("ca_tab" /* arbitrary */);
   info("Accepting dialog");
   win.document.getElementById("deleteCertificate").acceptDialog();
   await BrowserTestUtils.windowClosed(win);
--- a/security/manager/ssl/tests/unit/test_pkcs11_module.js
+++ b/security/manager/ssl/tests/unit/test_pkcs11_module.js
@@ -53,18 +53,17 @@ function checkTestModuleExists() {
 function checkModuleTelemetry(additionalExpectedModule = undefined) {
   let expectedModules = [
     "NSS Internal PKCS #11 Module",
   ];
   if (additionalExpectedModule) {
     expectedModules.push(additionalExpectedModule);
   }
   expectedModules.sort();
-  let telemetry = Services.telemetry.snapshotKeyedScalars(
-    Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTOUT).parent;
+  let telemetry = Services.telemetry.getSnapshotForKeyedScalars("main", false).parent;
   let moduleTelemetry = telemetry["security.pkcs11_modules_loaded"];
   let actualModules = [];
   Object.keys(moduleTelemetry).forEach((key) => {
     ok(moduleTelemetry[key], "each keyed scalar should be true");
     actualModules.push(key);
   });
   actualModules.sort();
   equal(actualModules.length, expectedModules.length,
--- a/services/sync/modules-testing/utils.js
+++ b/services/sync/modules-testing/utils.js
@@ -284,12 +284,11 @@ var sumHistogram = function(name, option
       sum = snapshot.sum;
     }
   }
   histogram.clear();
   return sum;
 };
 
 var getLoginTelemetryScalar = function() {
-  let dataset = Services.telemetry.DATASET_RELEASE_CHANNEL_OPTOUT;
-  let snapshot = Services.telemetry.snapshotKeyedScalars(dataset, true);
+  let snapshot = Services.telemetry.getSnapshotForKeyedScalars("main", true);
   return snapshot.parent ? snapshot.parent["services.sync.sync_login_state_transitions"] : {};
 };
--- a/taskcluster/docker/funsize-update-generator/Pipfile.lock
+++ b/taskcluster/docker/funsize-update-generator/Pipfile.lock
@@ -138,37 +138,37 @@
         "construct": {
             "hashes": [
                 "sha256:2271a0efd0798679dea825ff47e22a4c550456a5db0ba8baa82f7eae0af0118c"
             ],
             "version": "==2.9.45"
         },
         "cryptography": {
             "hashes": [
-                "sha256:02915ee546b42ce513e8167140e9937fc4c81a06a82216e086ccce51f347948a",
-                "sha256:03cc8bc5a69ae3d44acf1a03facdb7c10a94c67907862c563e10efe72b737977",
-                "sha256:07f76bde6815c55195f3b3812d35769cc7c765144c0bb71ae45e02535d078591",
-                "sha256:13eac1c477b9af7e9a9024369468d08aead6ad78ed599d163ad046684474364b",
-                "sha256:179bfb585c5efc87ae0e665770e4896727b92dbc1f810c761b1ebf8363e2fec8",
-                "sha256:414af0ba308e74c1f8bc5b11befc86cb66b10be8959547786f64258830d2096f",
-                "sha256:41a1ca14f255df8c44dd22c6006441d631d1589104045ec7263cc47e9772f41a",
-                "sha256:54947eb98bc4eef99ddf49f45d2694ea5a3929ab3edc9806ad01967368594d82",
-                "sha256:5bac7a2abda07d0c3c8429210349bb54149ad8940dc7bcffedcd56519b410a3c",
-                "sha256:7f41af8c586bed9f59cfe8832d818b3b75c860d7025da9cd2db76875a72ff785",
-                "sha256:8004fae1b3cb2dbd90a011ad972e49a7e78a871b89c70cc7213cf4ebd2532bcb",
-                "sha256:8e0eccadc3b465e12c50a5b8fb4d39cf401b44d7bb9936c70fddb5e5aaf740d5",
-                "sha256:95b4741722269cfdc134fec23b7ae6503ee2aea83d0924cfee6d6ec54cd42d8e",
-                "sha256:a06f5aa6d7a94531dfe82eb2972e669258c452fe9cf88f76116610de4c789785",
-                "sha256:b0833d27c7eb536bc27323a1e8e22cb39ebac78c4ef3be0167ba40f447344808",
-                "sha256:b72dec675bc59a01edc96616cd48ec465b714481caa0938c8bbca5d18f17d5df",
-                "sha256:c800ddc23b5206ce025f23225fdde89cdc0e64016ad914d5be32d1f602ce9495",
-                "sha256:c980c8c313a5e014ae12e2245e89e7b30427e5a98cbb88afe478ecae85f3abaa",
-                "sha256:e85b410885addaeb31a867eabcefc9ef4a7e904ad45eac9e60a763a54b244626"
+                "sha256:05a6052c6a9f17ff78ba78f8e6eb1d777d25db3b763343a1ae89a7a8670386dd",
+                "sha256:0eb83a24c650a36f68e31a6d0a70f7ad9c358fa2506dc7b683398b92e354a038",
+                "sha256:0ff4a3d6ea86aa0c9e06e92a9f986de7ee8231f36c4da1b31c61a7e692ef3378",
+                "sha256:1699f3e916981df32afdd014fb3164db28cdb61c757029f502cb0a8c29b2fdb3",
+                "sha256:1b1f136d74f411f587b07c076149c4436a169dc19532e587460d9ced24adcc13",
+                "sha256:21e63dd20f5e5455e8b34179ac43d95b3fb1ffa54d071fd2ed5d67da82cfe6dc",
+                "sha256:2454ada8209bbde97065453a6ca488884bbb263e623d35ba183821317a58b46f",
+                "sha256:3cdc5f7ca057b2214ce4569e01b0f368b3de9d8ee01887557755ccd1c15d9427",
+                "sha256:418e7a5ec02a7056d3a4f0c0e7ea81df374205f25f4720bb0e84189aa5fd2515",
+                "sha256:471a097076a7c4ab85561d7fa9a1239bd2ae1f9fd0047520f13d8b340bf3210b",
+                "sha256:5ecaf9e7db3ca582c6de6229525d35db8a4e59dc3e8a40a331674ed90e658cbf",
+                "sha256:63b064a074f8dc61be81449796e2c3f4e308b6eba04a241a5c9f2d05e882c681",
+                "sha256:6afe324dfe6074822ccd56d80420df750e19ac30a4e56c925746c735cf22ae8b",
+                "sha256:70596e90398574b77929cd87e1ac6e43edd0e29ba01e1365fed9c26bde295aa5",
+                "sha256:70c2b04e905d3f72e2ba12c58a590817128dfca08949173faa19a42c824efa0b",
+                "sha256:8908f1db90be48b060888e9c96a0dee9d842765ce9594ff6a23da61086116bb6",
+                "sha256:af12dfc9874ac27ebe57fc28c8df0e8afa11f2a1025566476b0d50cdb8884f70",
+                "sha256:b4fc04326b2d259ddd59ed8ea20405d2e695486ab4c5e1e49b025c484845206e",
+                "sha256:da5b5dda4aa0d5e2b758cc8dfc67f8d4212e88ea9caad5f61ba132f948bab859"
             ],
-            "version": "==2.4.1"
+            "version": "==2.4.2"
         },
         "datadog": {
             "hashes": [
                 "sha256:ed60b5f6058cd1706ab4da0dcde336d6851bf52f64206d3063fe30a7f0022b9c"
             ],
             "index": "pypi",
             "version": "==0.24.0"
         },
@@ -238,47 +238,47 @@
             "hashes": [
                 "sha256:b3f85ffa93a5c7d2f9cc591246ef9f8ac4a9fa716bfd5bae0377699a2d89d78c",
                 "sha256:e98b331d9fa9ece7b8be26094cbe2d57613ae882133cc755167268a984bc0ab3"
             ],
             "version": "==0.3.4"
         },
         "multidict": {
             "hashes": [
-                "sha256:05eeab69bf2b0664644c62bd92fabb045163e5b8d4376a31dfb52ce0210ced7b",
-                "sha256:0c85880efa7cadb18e3b5eef0aa075dc9c0a3064cbbaef2e20be264b9cf47a64",
-                "sha256:136f5a4a6a4adeacc4dc820b8b22f0a378fb74f326e259c54d1817639d1d40a0",
-                "sha256:14906ad3347c7d03e9101749b16611cf2028547716d0840838d3c5e2b3b0f2d3",
-                "sha256:1ade4a3b71b1bf9e90c5f3d034a87fe4949c087ef1f6cd727fdd766fe8bbd121",
-                "sha256:22939a00a511a59f9ecc0158b8db728afef57975ce3782b3a265a319d05b9b12",
-                "sha256:2b86b02d872bc5ba5b3a4530f6a7ba0b541458ab4f7c1429a12ac326231203f7",
-                "sha256:3c11e92c3dfc321014e22fb442bc9eb70e01af30d6ce442026b0c35723448c66",
-                "sha256:4ba3bd26f282b201fdbce351f1c5d17ceb224cbedb73d6e96e6ce391b354aacc",
-                "sha256:4c6e78d042e93751f60672989efbd6a6bc54213ed7ff695fff82784bbb9ea035",
-                "sha256:4d80d1901b89cc935a6cf5b9fd89df66565272722fe2e5473168927a9937e0ca",
-                "sha256:4fcf71d33178a00cc34a57b29f5dab1734b9ce0f1c97fb34666deefac6f92037",
-                "sha256:52f7670b41d4b4d97866ebc38121de8bcb9813128b7c4942b07794d08193c0ab",
-                "sha256:5368e2b7649a26b7253c6c9e53241248aab9da49099442f5be238fde436f18c9",
-                "sha256:5bb65fbb48999044938f0c0508e929b14a9b8bf4939d8263e9ea6691f7b54663",
-                "sha256:60672bb5577472800fcca1ac9dae232d1461db9f20f055184be8ce54b0052572",
-                "sha256:669e9be6d148fc0283f53e17dd140cde4dc7c87edac8319147edd5aa2a830771",
-                "sha256:6a0b7a804e8d1716aa2c72e73210b48be83d25ba9ec5cf52cf91122285707bb1",
-                "sha256:79034ea3da3cf2a815e3e52afdc1f6c1894468c98bdce5d2546fa2342585497f",
-                "sha256:79247feeef6abcc11137ad17922e865052f23447152059402fc320f99ff544bb",
-                "sha256:81671c2049e6bf42c7fd11a060f8bc58f58b7b3d6f3f951fc0b15e376a6a5a98",
-                "sha256:82ac4a5cb56cc9280d4ae52c2d2ebcd6e0668dd0f9ef17f0a9d7c82bd61e24fa",
-                "sha256:9436267dbbaa49dad18fbbb54f85386b0f5818d055e7b8e01d219661b6745279",
-                "sha256:94e4140bb1343115a1afd6d84ebf8fca5fb7bfb50e1c2cbd6f2fb5d3117ef102",
-                "sha256:a2cab366eae8a0ffe0813fd8e335cf0d6b9bb6c5227315f53bb457519b811537",
-                "sha256:a596019c3eafb1b0ae07db9f55a08578b43c79adb1fe1ab1fd818430ae59ee6f",
-                "sha256:e8848ae3cd6a784c29fae5055028bee9bffcc704d8bcad09bd46b42b44a833e2",
-                "sha256:e8a048bfd7d5a280f27527d11449a509ddedf08b58a09a24314828631c099306",
-                "sha256:f6dd28a0ac60e2426a6918f36f1b4e2620fc785a0de7654cd206ba842eee57fd"
+                "sha256:013eb6591ab95173fd3deb7667d80951abac80100335b3e97b5fa778c1bb4b91",
+                "sha256:0bffbbbb48db35f57dfb4733e943ac8178efb31aab5601cb7b303ee228ce96af",
+                "sha256:1a34aab1dfba492407c757532f665ba3282ec4a40b0d2f678bda828ef422ebb7",
+                "sha256:1b4b46a33f459a2951b0fd26c2d80639810631eb99b3d846d298b02d28a3e31d",
+                "sha256:1d616d80c37a388891bf760d64bc50cac7c61dbb7d7013f2373aa4b44936e9f0",
+                "sha256:225aefa7befbe05bd0116ef87e8cd76cbf4ac39457a66faf7fb5f3c2d7bea19a",
+                "sha256:2c9b28985ef7c830d5c7ea344d068bcdee22f8b6c251369dea98c3a814713d44",
+                "sha256:39e0600f8dd72acb011d09960da560ba3451b1eca8de5557c15705afc9d35f0e",
+                "sha256:3c642c40ea1ca074397698446893a45cd6059d5d071fc3ba3915c430c125320f",
+                "sha256:42357c90b488fac38852bcd7b31dcd36b1e2325413960304c28b8d98e6ff5fd4",
+                "sha256:6ac668f27dbdf8a69c31252f501e128a69a60b43a44e43d712fb58ce3e5dfcca",
+                "sha256:713683da2e3f1dd81a920c995df5dda51f1fff2b3995f5864c3ee782fcdcb96c",
+                "sha256:73b6e7853b6d3bc0eac795044e700467631dff37a5a33d3230122b03076ac2f9",
+                "sha256:77534c1b9f4a5d0962392cad3f668d1a04036b807618e3357eb2c50d8b05f7f7",
+                "sha256:77b579ef57e27457064bb6bb4c8e5ede866af071af60fe3576226136048c6dfa",
+                "sha256:82cf28f18c935d66c15a6f82fda766a4138d21e78532a1946b8ec603019ba0b8",
+                "sha256:937e8f12f9edc0d2e351c09fc3e7335a65eefb75406339d488ee46ef241f75d8",
+                "sha256:985dbf59e92f475573a04598f9a00f92b4fdb64fc41f1df2ea6f33b689319537",
+                "sha256:9c4fab7599ba8c0dbf829272c48c519625c2b7f5630b49925802f1af3a77f1f4",
+                "sha256:9e8772be8455b49a85ad6dbf6ce433da7856ba481d6db36f53507ae540823b15",
+                "sha256:a06d6d88ce3be4b54deabd078810e3c077a8b2e20f0ce541c979b5dd49337031",
+                "sha256:a1da0cdc3bc45315d313af976dab900888dbb477d812997ee0e6e4ea43d325e5",
+                "sha256:a6652466a4800e9fde04bf0252e914fff5f05e2a40ee1453db898149624dfe04",
+                "sha256:a7f23523ea6a01f77e0c6da8aae37ab7943e35630a8d2eda7e49502f36b51b46",
+                "sha256:a87429da49f4c9fb37a6a171fa38b59a99efdeabffb34b4255a7a849ffd74a20",
+                "sha256:c26bb81d0d19619367a96593a097baec2d5a7b3a0cfd1e3a9470277505a465c2",
+                "sha256:d4f4545edb4987f00fde44241cef436bf6471aaac7d21c6bbd497cca6049f613",
+                "sha256:daabc2766a2b76b3bec2086954c48d5f215f75a335eaee1e89c8357922a3c4d5",
+                "sha256:f08c1dcac70b558183b3b755b92f1135a76fd1caa04009b89ddea57a815599aa"
             ],
-            "version": "==4.4.2"
+            "version": "==4.5.1"
         },
         "pexpect": {
             "hashes": [
                 "sha256:2a8e88259839571d1251d278476f3eec5db26deb73a70be5ed5dc5435e418aba",
                 "sha256:3fbd41d4caf27fa4a377bfd16fef87271099463e6fa73e92a52f92dfee5d425b"
             ],
             "version": "==4.6.0"
         },
--- a/taskcluster/taskgraph/transforms/balrog_toplevel.py
+++ b/taskcluster/taskgraph/transforms/balrog_toplevel.py
@@ -24,20 +24,23 @@ transforms = TransformSequence()
 def generate_update_line(config, jobs):
     """Resolve fields that can be keyed by platform, etc."""
     release_config = get_release_config(config)
     for job in jobs:
         config_file = job.pop('whats-new-config')
         with open(config_file, "rb") as f:
             update_config = yaml.safe_load(f)
 
+        product = job['shipping-product']
+        if product == 'devedition':
+            product = 'firefox'
         job['worker']['update-line'] = {}
         for blob_type, suffix in [('wnp', ''), ('no-wnp', '-No-WNP')]:
             context = {
                 'release-type': config.params['release_type'],
-                'product': job['shipping-product'],
-                'version': GeckoVersion.parse(release_config['version']),
+                'product': product,
+                'version': GeckoVersion.parse(release_config['appVersion']),
                 'blob-type': blob_type,
             }
             job['worker']['update-line'][suffix] = generate_update_properties(
                 context, update_config)
 
         yield job
--- a/toolkit/components/extensions/test/xpcshell/head_telemetry.js
+++ b/toolkit/components/extensions/test/xpcshell/head_telemetry.js
@@ -9,48 +9,44 @@ ChromeUtils.defineModuleGetter(this, "Co
 
 const IS_OOP = Services.prefs.getBoolPref("extensions.webextensions.remote");
 
 function valueSum(arr) {
   return Object.values(arr).reduce((a, b) => a + b, 0);
 }
 
 function clearHistograms() {
-  Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                        true /* clear */);
-  Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                             true /* clear */);
+  Services.telemetry.getSnapshotForHistograms("main", true /* clear */);
+  Services.telemetry.getSnapshotForKeyedHistograms("main", true /* clear */);
 }
 
 function getSnapshots(process) {
-  return Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                               false /* clear */)[process];
+  return Services.telemetry.getSnapshotForHistograms("main", false /* clear */)[process];
 }
 
 function getKeyedSnapshots(process) {
-  return Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                    false /* clear */)[process];
+  return Services.telemetry.getSnapshotForKeyedHistograms("main", false /* clear */)[process];
 }
 
 // TODO Bug 1357509: There is no good way to make sure that the parent received
 // the histogram entries from the extension and content processes.  Let's stick
 // to the ugly, spinning the event loop until we have a good approach.
 function promiseTelemetryRecorded(id, process, expectedCount) {
   let condition = () => {
-    let snapshot = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                         false /* clear */)[process][id];
+    let snapshot = Services.telemetry.getSnapshotForHistograms("main",
+                                                               false /* clear */)[process][id];
     return snapshot && valueSum(snapshot.values) >= expectedCount;
   };
   return ContentTaskUtils.waitForCondition(condition);
 }
 
 function promiseKeyedTelemetryRecorded(id, process, expectedKey, expectedCount) {
   let condition = () => {
-    let snapshot = Services.telemetry.snapshotKeyedHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                              false /* clear */)[process][id];
+    let snapshot = Services.telemetry.getSnapshotForKeyedHistograms("main",
+                                                                    false /* clear */)[process][id];
     return snapshot && snapshot[expectedKey] && valueSum(snapshot[expectedKey].values) >= expectedCount;
   };
   return ContentTaskUtils.waitForCondition(condition);
 }
 
 function assertHistogramSnapshot(histogramId, {keyed, processSnapshot, expectedValue}, msg) {
   let histogram;
 
--- a/toolkit/components/extensions/test/xpcshell/test_ext_telemetry.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_telemetry.js
@@ -38,17 +38,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
     await run({
       backgroundScript: async () => {
         await browser.telemetry.scalarAdd("telemetry.test.unsigned_int_kind", 1);
         browser.test.notifyPass("scalar_add");
       },
       doneSignal: "scalar_add",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.parent["telemetry.test.unsigned_int_kind"], 1);
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_scalar_add_unknown_name() {
     let {messages} = await promiseConsoleOutput(async () => {
       await run({
@@ -99,17 +99,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
     await run({
       backgroundScript: async () => {
         await browser.telemetry.scalarSet("telemetry.test.boolean_kind", true);
         browser.test.notifyPass("scalar_set");
       },
       doneSignal: "scalar_set",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.parent["telemetry.test.boolean_kind"], true);
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_scalar_set_unknown_name() {
     let {messages} = await promiseConsoleOutput(async function() {
       await run({
@@ -131,17 +131,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
     await run({
       backgroundScript: async () => {
         await browser.telemetry.scalarSetMaximum("telemetry.test.unsigned_int_kind", 123);
         browser.test.notifyPass("scalar_set_maximum");
       },
       doneSignal: "scalar_set_maximum",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.parent["telemetry.test.unsigned_int_kind"], 123);
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_scalar_set_maximum_unknown_name() {
     let {messages} = await promiseConsoleOutput(async function() {
       await run({
@@ -203,17 +203,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
           },
         });
         await browser.telemetry.scalarSet("telemetry.test.dynamic.webext_string", "hello");
         browser.test.notifyPass("register_scalars_string");
       },
       doneSignal: "register_scalars_string",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.dynamic["telemetry.test.dynamic.webext_string"], "hello");
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_register_scalars_multiple() {
     Services.telemetry.clearScalars();
 
@@ -233,17 +233,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
         });
         await browser.telemetry.scalarSet("telemetry.test.dynamic.webext_string", "hello");
         await browser.telemetry.scalarSet("telemetry.test.dynamic.webext_string_too", "world");
         browser.test.notifyPass("register_scalars_multiple");
       },
       doneSignal: "register_scalars_multiple",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.dynamic["telemetry.test.dynamic.webext_string"], "hello");
     equal(scalars.dynamic["telemetry.test.dynamic.webext_string_too"], "world");
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_register_scalars_boolean() {
     Services.telemetry.clearScalars();
@@ -258,17 +258,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
           },
         });
         await browser.telemetry.scalarSet("telemetry.test.dynamic.webext_boolean", true);
         browser.test.notifyPass("register_scalars_boolean");
       },
       doneSignal: "register_scalars_boolean",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.dynamic["telemetry.test.dynamic.webext_boolean"], true);
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_register_scalars_count() {
     Services.telemetry.clearScalars();
 
@@ -282,17 +282,17 @@ if (AppConstants.MOZ_BUILD_APP === "brow
           },
         });
         await browser.telemetry.scalarSet("telemetry.test.dynamic.webext_count", 123);
         browser.test.notifyPass("register_scalars_count");
       },
       doneSignal: "register_scalars_count",
     });
 
-    const scalars = Services.telemetry.snapshotScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN);
+    const scalars = Services.telemetry.getSnapshotForScalars("main", false);
     equal(scalars.dynamic["telemetry.test.dynamic.webext_count"], 123);
 
     Services.telemetry.clearScalars();
   });
 
   add_task(async function test_telemetry_register_events() {
     Services.telemetry.clearEvents();
 
--- a/toolkit/components/osfile/tests/xpcshell/test_telemetry.js
+++ b/toolkit/components/osfile/tests/xpcshell/test_telemetry.js
@@ -22,42 +22,38 @@ function getCount(histogram) {
 }
 
 // Ensure that launching the OS.File worker adds data to the relevant
 // histograms
 add_task(async function test_startup() {
   let LAUNCH = "OSFILE_WORKER_LAUNCH_MS";
   let READY = "OSFILE_WORKER_READY_MS";
 
-  let before = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                     false).parent;
+  let before = Services.telemetry.getSnapshotForHistograms("main", false).parent;
 
   // Launch the OS.File worker
   await File.getCurrentDirectory();
 
-  let after = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                    false).parent;
+  let after = Services.telemetry.getSnapshotForHistograms("main", false).parent;
 
 
   info("Ensuring that we have recorded measures for histograms");
   Assert.equal(getCount(after[LAUNCH]), getCount(before[LAUNCH]) + 1);
   Assert.equal(getCount(after[READY]), getCount(before[READY]) + 1);
 
   info("Ensuring that launh <= ready");
   Assert.ok(after[LAUNCH].sum <= after[READY].sum);
 });
 
 // Ensure that calling writeAtomic adds data to the relevant histograms
 add_task(async function test_writeAtomic() {
   let LABEL = "OSFILE_WRITEATOMIC_JANK_MS";
 
-  let before = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                     false).parent;
+  let before = Services.telemetry.getSnapshotForHistograms("main", false).parent;
 
   // Perform a write.
   let path = Path.join(Constants.Path.profileDir, "test_osfile_telemetry.tmp");
   await File.writeAtomic(path, LABEL, { tmpPath: path + ".tmp" } );
 
-  let after = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                    false).parent;
+  let after = Services.telemetry.getSnapshotForHistograms("main", false).parent;
 
   Assert.equal(getCount(after[LABEL]), getCount(before[LABEL]) + 1);
 });
--- a/toolkit/components/telemetry/tests/unit/test_TelemetryScalars.js
+++ b/toolkit/components/telemetry/tests/unit/test_TelemetryScalars.js
@@ -527,17 +527,17 @@ add_task(async function test_keyed_max_k
 
   // Add 100 keys to the keyed exceed scalar and set their initial value.
   valueToSet = 0;
   keyNamesSet2.forEach(keyName2 => {
     Telemetry.keyedScalarSet(KEYED_EXCEED_SCALAR, keyName2, valueToSet++);
   });
 
   // Check that there are exactly 100 keys in KEYED_EXCEED_SCALAR
-  let snapshot = Telemetry.snapshotKeyedScalars(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN, false);
+  let snapshot = Telemetry.getSnapshotForKeyedScalars("main", false);
   Assert.equal(100, Object.keys(snapshot.parent[KEYED_UINT_SCALAR]).length,
              "The keyed scalar must contain all the 100 keys.");
 
   // Check that KEYED_UINT_SCALAR is in keyedScalars and its value equals 3
   Assert.ok((KEYED_UINT_SCALAR in keyedScalars[KEYED_EXCEED_SCALAR]), "The keyed Scalar is in the keyed exceeded scalar");
   Assert.equal(keyedScalars[KEYED_EXCEED_SCALAR][KEYED_UINT_SCALAR], 3, "We have exactly 3 keys over the limit");
 });
 
--- a/toolkit/components/terminator/tests/xpcshell/test_terminator_reload.js
+++ b/toolkit/components/terminator/tests/xpcshell/test_terminator_reload.js
@@ -24,18 +24,18 @@ var HISTOGRAMS = {
 add_task(async function init() {
   do_get_profile();
   PATH = Path.join(Constants.Path.localProfileDir, "ShutdownDuration.json");
 });
 
 add_task(async function test_reload() {
   info("Forging data");
   let data = {};
-  let telemetrySnapshots = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                                 false /* clear */).parent;
+  let telemetrySnapshots = Services.telemetry.getSnapshotForHistograms("main",
+                                                                       false /* clear */).parent;
   let i = 0;
   for (let k of Object.keys(HISTOGRAMS)) {
     let id = HISTOGRAMS[k];
     data[k] = i++;
     Assert.equal(telemetrySnapshots[id] || undefined, undefined, "Histogram " + id + " is empty");
   }
 
 
@@ -56,18 +56,18 @@ add_task(async function test_reload() {
   let tt = Cc["@mozilla.org/toolkit/shutdown-terminator-telemetry;1"].
     createInstance(Ci.nsIObserver);
   tt.observe(null, "profile-after-change", "");
 
   info("Waiting until telemetry is updated");
   // Now wait until Telemetry is updated
   await wait;
 
-  telemetrySnapshots = Services.telemetry.snapshotHistograms(Ci.nsITelemetry.DATASET_RELEASE_CHANNEL_OPTIN,
-                                                             false /* clear */).parent;
+  telemetrySnapshots = Services.telemetry.getSnapshotForHistograms("main",
+                                                                   false /* clear */).parent;
   for (let k of Object.keys(HISTOGRAMS)) {
     let id = HISTOGRAMS[k];
     info("Testing histogram " + id);
     let snapshot = telemetrySnapshots[id];
     let count = 0;
     for (let x of Object.values(snapshot.values)) {
       count += x;
     }
--- a/toolkit/content/widgets/dialog.xml
+++ b/toolkit/content/widgets/dialog.xml
@@ -284,16 +284,18 @@
                 button.setAttribute("label", this.getAttribute("buttonlabel" + dlgtype));
                 if (this.hasAttribute("buttonaccesskey" + dlgtype))
                   button.setAttribute("accesskey", this.getAttribute("buttonaccesskey" + dlgtype));
               } else if (dlgtype != "extra1" && dlgtype != "extra2") {
                 button.setAttribute("label", this.mStrBundle.GetStringFromName("button-" + dlgtype));
                 var accessKey = this.mStrBundle.GetStringFromName("accesskey-" + dlgtype);
                 if (accessKey)
                   button.setAttribute("accesskey", accessKey);
+              } else if (this.hasAttribute("buttonid" + dlgtype)) {
+                document.l10n.setAttributes(button, this.getAttribute("buttonid" + dlgtype));
               }
             }
             // allow specifying alternate icons in the dialog header
             if (!button.hasAttribute("icon")) {
               // if there's an icon specified, use that
               if (this.hasAttribute("buttonicon" + dlgtype))
                 button.setAttribute("icon", this.getAttribute("buttonicon" + dlgtype));
               // otherwise set defaults
--- a/toolkit/recordreplay/ipc/JSControl.h
+++ b/toolkit/recordreplay/ipc/JSControl.h
@@ -32,16 +32,17 @@ namespace js {
 
 // Identification for a position where a breakpoint can be installed in a child
 // process. Breakpoint positions describe all places between checkpoints where
 // the child process can pause and be inspected by the middleman. A particular
 // BreakpointPosition can be reached any number of times during execution of
 // the process.
 struct BreakpointPosition
 {
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(Kind, (
     Invalid,
 
     // Break at a script offset. Requires script/offset.
     Break,
 
     // Break for an on-step handler within a frame.
     // Requires script/offset/frameIndex.
@@ -58,16 +59,17 @@ struct BreakpointPosition
     NewScript,
 
     // Break when a message is logged to the web console.
     ConsoleMessage,
 
     // Break when NewTimeWarpTarget() is called.
     WarpTarget
   ));
+  // clang-format on
 
   Kind mKind;
 
   // Optional information associated with the breakpoint.
   uint32_t mScript;
   uint32_t mOffset;
   uint32_t mFrameIndex;
 
--- a/widget/InputData.h
+++ b/widget/InputData.h
@@ -28,26 +28,28 @@ namespace layers {
 class APZInputBridgeChild;
 class PAPZInputBridgeParent;
 }
 
 namespace dom {
 class Touch;
 } // namespace dom
 
+// clang-format off
 MOZ_DEFINE_ENUM(
   InputType, (
     MULTITOUCH_INPUT,
     MOUSE_INPUT,
     PANGESTURE_INPUT,
     PINCHGESTURE_INPUT,
     TAPGESTURE_INPUT,
     SCROLLWHEEL_INPUT,
     KEYBOARD_INPUT
 ));
+// clang-format on
 
 class MultiTouchInput;
 class MouseInput;
 class PanGestureInput;
 class PinchGestureInput;
 class TapGestureInput;
 class ScrollWheelInput;
 class KeyboardInput;
@@ -183,23 +185,25 @@ public:
  * this copying from WidgetTouchEvent functionality can only be used on the main
  * thread.
  *
  * Stores an array of SingleTouchData.
  */
 class MultiTouchInput : public InputData
 {
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     MultiTouchType, (
       MULTITOUCH_START,
       MULTITOUCH_MOVE,
       MULTITOUCH_END,
       MULTITOUCH_CANCEL
   ));
+  // clang-format on
 
   MultiTouchInput(MultiTouchType aType, uint32_t aTime, TimeStamp aTimeStamp,
                   Modifiers aModifiers);
   MultiTouchInput();
   MultiTouchInput(const MultiTouchInput& aOther);
   explicit MultiTouchInput(const WidgetTouchEvent& aTouchEvent);
   // This conversion from WidgetMouseEvent to MultiTouchInput is needed because
   // on the B2G emulator we can only receive mouse events, but we need to be
@@ -231,16 +235,17 @@ class MouseInput : public InputData
 protected:
   friend mozilla::layers::APZInputBridgeChild;
   friend mozilla::layers::PAPZInputBridgeParent;
 
   MouseInput();
 
 public:
 
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     MouseType, (
       MOUSE_NONE,
       MOUSE_MOVE,
       MOUSE_DOWN,
       MOUSE_UP,
       MOUSE_DRAG_START,
       MOUSE_DRAG_END,
@@ -251,16 +256,17 @@ public:
 
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     ButtonType, (
       LEFT_BUTTON,
       MIDDLE_BUTTON,
       RIGHT_BUTTON,
       NONE
   ));
+  // clang-format on
 
   MouseInput(MouseType aType, ButtonType aButtonType, uint16_t aInputSource,
              int16_t aButtons, const ScreenPoint& aPoint, uint32_t aTime,
              TimeStamp aTimeStamp, Modifiers aModifiers);
   explicit MouseInput(const WidgetMouseEventBase& aMouseEvent);
 
   bool IsLeftButton() const;
 
@@ -286,16 +292,17 @@ class PanGestureInput : public InputData
 {
 protected:
   friend mozilla::layers::APZInputBridgeChild;
   friend mozilla::layers::PAPZInputBridgeParent;
 
   PanGestureInput();
 
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     PanGestureType, (
       // MayStart: Dispatched before any actual panning has occurred but when a
       // pan gesture is probably about to start, for example when the user
       // starts touching the touchpad. Should interrupt any ongoing APZ
       // animation and can be used to trigger scrollability indicators (e.g.
       // flashing overlay scrollbars).
       PANGESTURE_MAYSTART,
@@ -331,16 +338,17 @@ public:
       // MomentumPan: The actual momentum motion by mPanDisplacement.
       PANGESTURE_MOMENTUMPAN,
 
       // MomentumEnd: The momentum animation has ended, for example because the
       // momentum velocity has gone below the stopping threshold, or because the
       // user has stopped the animation by putting their fingers on a touchpad.
       PANGESTURE_MOMENTUMEND
   ));
+  // clang-format on
 
   PanGestureInput(PanGestureType aType,
                   uint32_t aTime,
                   TimeStamp aTimeStamp,
                   const ScreenPoint& aPanStartPoint,
                   const ScreenPoint& aPanDisplacement,
                   Modifiers aModifiers);
 
@@ -406,22 +414,24 @@ class PinchGestureInput : public InputDa
 {
 protected:
   friend mozilla::layers::APZInputBridgeChild;
   friend mozilla::layers::PAPZInputBridgeParent;
 
   PinchGestureInput();
 
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     PinchGestureType, (
       PINCHGESTURE_START,
       PINCHGESTURE_SCALE,
       PINCHGESTURE_END
   ));
+  // clang-format on
 
   // Construct a pinch gesture from a Screen point.
   // (Technically, we should take the span values in Screen pixels as well,
   // but that would require also storing them in Screen pixels and then
   // converting them in TransformToLocal() like the focus point. Since pinch
   // gesture events are processed by the root content APZC, the only transform
   // between Screen and ParentLayer pixels should be a translation, which is
   // irrelevant to span values, so we don't bother.)
@@ -489,26 +499,28 @@ class TapGestureInput : public InputData
 {
 protected:
   friend mozilla::layers::APZInputBridgeChild;
   friend mozilla::layers::PAPZInputBridgeParent;
 
   TapGestureInput();
 
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     TapGestureType, (
       TAPGESTURE_LONG,
       TAPGESTURE_LONG_UP,
       TAPGESTURE_UP,
       TAPGESTURE_CONFIRMED,
       TAPGESTURE_DOUBLE,
       TAPGESTURE_SECOND, // See GeckoContentController::TapType::eSecondTap
       TAPGESTURE_CANCEL
   ));
+  // clang-format on
 
   // Construct a tap gesture from a Screen point.
   // mLocalPoint remains (0,0) unless it's set later.
   TapGestureInput(TapGestureType aType, uint32_t aTime, TimeStamp aTimeStamp,
                   const ScreenIntPoint& aPoint, Modifiers aModifiers);
 
   // Construct a tap gesture from a ParentLayer point.
   // mPoint remains (0,0) unless it's set later.
@@ -538,31 +550,33 @@ protected:
   friend mozilla::layers::APZInputBridgeChild;
   friend mozilla::layers::PAPZInputBridgeParent;
 
   typedef mozilla::layers::APZWheelAction APZWheelAction;
 
   ScrollWheelInput();
 
 public:
+  // clang-format off
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     ScrollDeltaType, (
-      // There are three kinds of scroll delta modes in Gecko: "page", "line" and
-      // "pixel".
+      // There are three kinds of scroll delta modes in Gecko: "page", "line"
+      // and "pixel".
       SCROLLDELTA_LINE,
       SCROLLDELTA_PAGE,
       SCROLLDELTA_PIXEL
   ));
 
   MOZ_DEFINE_ENUM_AT_CLASS_SCOPE(
     ScrollMode, (
       SCROLLMODE_INSTANT,
       SCROLLMODE_SMOOTH
     )
   );
+  // clang-format on
 
   ScrollWheelInput(uint32_t aTime, TimeStamp aTimeStamp, Modifiers aModifiers,
                    ScrollMode aScrollMode, ScrollDeltaType aDeltaType,
                    const ScreenPoint& aOrigin, double aDeltaX, double aDeltaY,
                    bool aAllowToOverrideSystemScrollSpeed,
                    WheelDeltaAdjustmentStrategy aWheelDeltaAdjustmentStrategy);
   explicit ScrollWheelInput(const WidgetWheelEvent& aEvent);
 
--- a/widget/android/nsAppShell.cpp
+++ b/widget/android/nsAppShell.cpp
@@ -35,17 +35,16 @@
 #include "mozilla/Hal.h"
 #include "mozilla/dom/TabChild.h"
 #include "mozilla/intl/OSPreferences.h"
 #include "mozilla/widget/ScreenManager.h"
 #include "prenv.h"
 
 #include "AndroidBridge.h"
 #include "AndroidBridgeUtilities.h"
-#include "AndroidSurfaceTexture.h"
 #include "GeneratedJNINatives.h"
 #include <android/log.h>
 #include <pthread.h>
 #include <wchar.h>
 
 #include "GeckoProfiler.h"
 #ifdef MOZ_ANDROID_HISTORY
 #include "nsNetUtil.h"
@@ -434,17 +433,16 @@ nsAppShell::nsAppShell()
         mozilla::GeckoNetworkManager::Init();
         mozilla::GeckoProcessManager::Init();
         mozilla::GeckoScreenOrientation::Init();
         mozilla::GeckoSystemStateListener::Init();
         mozilla::PrefsHelper::Init();
         mozilla::widget::Telemetry::Init();
         mozilla::widget::WebExecutorSupport::Init();
         nsWindow::InitNatives();
-        mozilla::gl::AndroidSurfaceTexture::Init();
 
         if (jni::IsFennec()) {
             BrowserLocaleManagerSupport::Init();
             mozilla::ANRReporter::Init();
             mozilla::MemoryMonitor::Init();
             mozilla::ThumbnailHelper::Init();
         }