Here you'll find links to documentation about various Mozilla projects; these are often parts of Firefox or other products, but may also be used in other projects as well.

compare-locales is a python script that helps localizers to check their work without running Firefox or another application.

If you want to run compare-locales on Windows, be sure to first install MozillaBuild.
Crash reporting
Firefox ships with an open-source crash reporting system. This system is combination of projects:
Emscripten is an LLVM to JavaScript compiler. It takes LLVM bytecode (e.g. generated from C/C++ using Clang, or from another language) and compiles that into JavaScript, which can be run on the Web.
L20n lets localizers reach higher levels of free linguistic expression by sharpening the divide between localization and application logic.
L20n lets localizers reach higher levels of free linguistic expression by sharpening the divide between localization and application logic.
Leak Monitor
Leak Monitor is a Firefox extension by L. David Baron that helps extension and chrome developers to find memory leaks. It will pop-up an alert when a window is closed and JavaScript still links to that window (for example, an observer that is not cleared when the window closes).
MailNews stands for "Mail and Newsgroups". MailNews is the back end of the messaging parts of SeaMonkey and Thunderbird. It provides a number of functions and capabilities, including:
McCoy is an application that allows add-on authors to provide secure updates to their users. Applications periodically look for and install updates to their add-ons. It's important that the update information retrieved has not been tampered with since being written by the add-on author. Specifically, it focuses on the process of digitally signing update manifests so the applications can verify the integrity of a manifest retrieved over normally insecure channels.
Technical review completed.
Mochitest is an automated testing framework built on top of the MochiKit JavaScript libraries. It's just one of the automated regression testing frameworks used by Mozilla. Tests report success or failure to the test harness using JavaScript function calls.
Throughout mozmill and other Mozilla python code, checking the underlying platform is done in many different ways. The various checks needed lead to a lot of copy+pasting, leaving the reader to this specific check necessary for (e.g.) an operating system? Because information is not consolidated, checks are not done consistently, nor is it defined what we are checking for.
MozMill is a test tool and framework for writing automated tests for Gecko based applications (Firefox, Thunderbird, Songbird, etc). It is built as a command line client to let you run, and debug tests. MozMill has an extensive API to help you write functional tests that simulate user interactions, as well as a full unit test API.
Necko is a network library that provides a platform-independent API for several layers of networking, ranging from transport to presentation layers. This API is used in many Mozilla-based client applications (including Firefox) and can be used for writing other networking clients.
Network Security Services
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
Netscape Portable Runtime (NSPR) provides a platform-neutral API for system level and libc-like functions. The API is used in the Mozilla clients, many of Red Hat's and Oracle's server applications, and other software offerings.
Personal Security Manager (PSM)
Personal Security Manager (PSM) consists of a set of libraries that perform cryptographic operations on behalf of a client application. These operations include setting up an SSL connection, object signing and signature verification, certificate management (including issuance and revocation), and other common PKI functions.
Pork is a C++ parsing and rewriting tool chain. The core of Pork is a C++ parser that provides exact character positions for the start and end of every AST node, as well as the set of macro expansions that contain any location. This information allows C++ to be automatically rewritten in a precise way. The inputs driving the rewriting would normally be provided by a program-analysis system outside of Pork. (See Dehydra, Treehydra).
Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. It is embedded in J2SE 6 as the default Java scripting engine.
This article will help you understand Shumway — Mozilla's open standards-based Flash renderer — and what it means for the community of developers currently creating the Adobe Flash platform.
Standalone source code releases can be found on the Releases page.
Talos is a python performance testing framework that is usable on Windows, Mac and Linux. Talos is our versatile performance testing framework we use at Mozilla. It was created to serve as a test runner for the existing performance tests that Mozilla was running back in 2007 as well as providing an extensible framework for new tests as they were created.
Thread Sanitizer
Thread Sanitizer (TSan) is a fast data race detector for C/C++ programs. It uses a compile-time instrumentation to check all non-race-free memory access at runtime. Unlike other tools, it understands compiler-builtin atomics and synchronization and therefore provides very accurate results with no real false positives. More information on how TSan works can be found on the Thread Sanitizer wiki.
Tinderbox is a web tool that Mozilla developers previously used to check whether the current source code compiles on various platforms and passes automated test suites. It has been replaced by TBPL Treeherder, and has been completely decommissioned as of 2014-05-16 (see bug 843383).
TPS Tests
TPS is an end to end test for Sync. It's name stands for Testing and Profiling tool for Sync (which is a misnomer, since it doesn't do any profiling), and it should not be confused with the similarly named tests in Talos.
This page describes the design of a project for deterministic web replay in Firefox that started in September 2015.
Zest is an experimental specialized scripting language (also known as a domain-specific language) developed by the Mozilla security team and is intended to be used in web oriented security tools.
The language is written in JSON, but we do not expect people to write Zest in this format - it is designed to be a visual language. The core language does not define any graphical representation - that is expected to be defined by the tools that integrate Zest.
It is completely free, open source and can be included in any tool whether open or closed, free or commercial.

Zest is still at a very early stage of development, but is has been made available so that anyone can play around with it.
All constructive feedback is very welcome.
Anyone can contribute to the onward development of Zest, and teams or individuals who develop security tools are especially welcome to join and help shape Zest's future.

Document Tags and Contributors

 Contributors to this page: Sheppy, evilpie, jswisher
 Last updated by: Sheppy,