[Pkg-mozext-maintainers] Bug#919557: Bug#919557: Bug#922944: handling symbolic links in webextensions
Dmitry Smirnov
onlyjob at debian.org
Sat Apr 25 23:49:46 BST 2020
On Sunday, 26 April 2020 8:20:28 AM AEST Ximin Luo wrote:
> As I mentioned on firefox bugzilla [1], I have figured out the exact place
> in the firefox code responsible for this issue.
>
> [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1420286
Without looking into the proposed fix, I think there are few reasons not to
make any alterations:
As much as I like the idea of symlinking resources from webextensions,
incorporating those resources at build-time make packaged addons less
fragile. Frequently synlinked Javascript libraries change/break often enough
on "apt upgrade" and when it happens maintainer have to resort to bundling of
working versions anyway but not before users experience (and report)
breakage.
Diverging from upstream may not be desirable. I'm sure Firefox is difficult
enough to maintain without adding specific logic that have to be tested.
IMHO symlinks sandboxing was done upstream for security reasons. We may not
fully understand implication of changing this behaviour.
I've already discovered and documented working solution to incorporating
resources to webextension packages at build time. Updating packages is easy
enough and should be even possible with binNMUs to refresh their bundled
resources. That approach might be considered "good enough".
--
All the best,
Dmitry Smirnov.
---
The past is whatever the records and the memories agree upon.
-- George Orwell, 1984
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-mozext-maintainers/attachments/20200426/3e92b2b9/attachment.sig>
More information about the Pkg-mozext-maintainers
mailing list