Hello,
Are there plans to package a version of Firefox 44 that lets you disable
extension signature checking?
Background: Firefox is shipping with signature checking for addons.
Right now (in Firefox 43), there is an option to disable it if you need
to use an unsigned addon. However, that option
On 2 January 2016 at 20:17, Kyle Terrien wrote:
> Hello,
>
> Are there plans to package a version of Firefox 44 that lets you disable
> extension signature checking?
>
> Background: Firefox is shipping with signature checking for addons.
> Right now (in Firefox 43), there is an option to disable
On 01/02/2016 03:32 PM, Ben Oliver wrote:
On 2 January 2016 at 20:17, Kyle Terrien wrote:
This sounds like something for the AUR. I do not agree with this move from
Mozilla and it would be interesting to see the interest in such a package.
Agree - AUR.
Arch should follow upstream - if
>> This sounds like something for the AUR. I do not agree with this move from
>> Mozilla and it would be interesting to see the interest in such a package.
>>
>
> Agree - AUR.
>
> Arch should follow upstream - if there is a spin off alternative with this
> disenagaged (HigherFox or whatever) ...
>
> This sounds like something for the AUR. I do not agree with this move from
> Mozilla and it would be interesting to see the interest in such a package.
>
If that is Mozilla's plan, I will most definitely use or make an
alternative package. I use Pentadactyl, which is currently unsigned, and I
On Sat, Jan 02, 2016 at 09:01:10PM +, Emil Lundberg wrote:
>
> If that is Mozilla's plan, I will most definitely use or make an
> alternative package. I use Pentadactyl, which is currently unsigned, and I
> will not switch away from it anytime soon. I agree that an alternative
> package would
On Sat, 2 Jan 2016 12:17:52 -0800
Kyle Terrien wrote:
> Hello,
>
> Are there plans to package a version of Firefox 44 that lets you disable
> extension signature checking?
...
> --Kyle Terrien
https://bugs.archlinux.org/task/45900
On 01/02/2016 12:47 PM, Damjan Georgievski wrote:
>> Aside:
>> I don't use firefox - but curious - how would one test developer versions
>> of extensions then? Or is this no longer possible in firefox?
>
> There will be support for that of course
> https://developer.mozilla.org/en-US/Add-ons/Di
On 01/02/2016 01:23 PM, Doug Newgard wrote:
> On Sat, 2 Jan 2016 12:17:52 -0800
> Kyle Terrien wrote:
>
>> Hello,
>>
>> Are there plans to package a version of Firefox 44 that lets you disable
>> extension signature checking?
> ...
>> --Kyle Terrien
>
> https://bugs.archlinux.org/task/45900
Tha
On 16/01/02 14:06, Kyle Terrien wrote:
On 01/02/2016 01:23 PM, Doug Newgard wrote:
On Sat, 2 Jan 2016 12:17:52 -0800
Kyle Terrien wrote:
Hello,
Are there plans to package a version of Firefox 44 that lets you disable
extension signature checking?
...
--Kyle Terrien
https://bugs.archlinux
On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
> Thank you! I was tempted to reopen it, but it looks like the general
> consensus is that an AUR package will be submitted.
You can only request to reopen...
> It looks like sticking to upstream trumps user-centric in this case.
> (A
On Sat, Jan 02, 2016 at 11:25:12PM +0100, Niels Kobschaetzki wrote:
> What about an AUR-package with a pre-compiled binary? Sure I have to
> trust the maintainer.
No, this is a recipe for spreading malware. Also, have you seen the size of
said binary?
> But I also have to with a source-package si
Am 02.01.2016 um 22:52 schrieb Kyle Terrien:
It looks like that is only intended for release-status extensions. If
I want to QA test a developer's beta build, this tells me that the
developer would have to submit each build he wishes me to test to AMO.
Why can't I just package the extension mys
On Sat, 2 Jan 2016 15:35:01 -0700
Leonid Isaev wrote:
> On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
> > Thank you! I was tempted to reopen it, but it looks like the general
> > consensus is that an AUR package will be submitted.
>
> You can only request to reopen...
And tha
On Sat, Jan 02, 2016 at 04:50:06PM -0600, Doug Newgard wrote:
> On Sat, 2 Jan 2016 15:35:01 -0700
> Leonid Isaev wrote:
>
> > On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
> > > Thank you! I was tempted to reopen it, but it looks like the general
> > > consensus is that an AUR pa
On 01/02/2016 02:42 PM, ProgAndy wrote:
> Am 02.01.2016 um 22:52 schrieb Kyle Terrien:
>> It looks like that is only intended for release-status extensions. If I want
>> to QA test a developer's beta build, this tells me that the developer would
>> have to submit each build he wishes me to test t
Leonid Isaev writes:
> On Sat, Jan 02, 2016 at 11:25:12PM +0100, Niels Kobschaetzki wrote:
[..]
>> But I also have to with a source-package since I won't check the
>> sources with each release ;)
>
> Which is plain stupid.
How is that stupid? Do you check the sources with each release? *How*
d
On 01/02/2016 02:50 PM, Doug Newgard wrote:
> On Sat, 2 Jan 2016 15:35:01 -0700
> Leonid Isaev wrote:
>
>> On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
>>> Thank you! I was tempted to reopen it, but it looks like the general
>>> consensus is that an AUR package will be submitted
>
> >> But I also have to with a source-package since I won't check the
> >> sources with each release ;)
> >
> > Which is plain stupid.
>
> How is that stupid? Do you check the sources with each release? *How*
> do you perform those checks?
>
Perhaps there's a misunderstanding here. Not checkin
On Sat, 2 Jan 2016 16:05:52 -0700
Leonid Isaev wrote:
> On Sat, Jan 02, 2016 at 04:50:06PM -0600, Doug Newgard wrote:
> > On Sat, 2 Jan 2016 15:35:01 -0700
> > Leonid Isaev wrote:
> >
> > > On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
> > > > Thank you! I was tempted to re
On Sat, 2 Jan 2016 15:26:59 -0800
Kyle Terrien wrote:
> On 01/02/2016 02:50 PM, Doug Newgard wrote:
> > On Sat, 2 Jan 2016 15:35:01 -0700
> > Leonid Isaev wrote:
> >
> >> On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
> >>> Thank you! I was tempted to reopen it, but it looks
On Sun, Jan 03, 2016 at 12:18:36AM +0100, Magnus Therning wrote:
> How is that stupid? Do you check the sources with each release? *How*
> do you perform those checks?
OK, fact #0 - I only use software whose upstream I trust.
Having said that, I usually pull md5sums and sha*sums in the PKGBUILD
On Sat, Jan 02, 2016 at 05:34:51PM -0600, Doug Newgard wrote:
> Just expanding on your point.
Ah, OK, sorry :)
Also, perhaps one should note that "walled garden" discussions (albeit
justified) belong at Mozilla's bug tracker, not Arch's.
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8
On Sat, Jan 02, 2016 at 03:26:59PM -0800, Kyle Terrien wrote:
> On the other hand, I fully understand why we would want to follow
> upstream--less work for packaging and testing, as well as official
> sanctioning via branding.
It's neither. Mozilla advertises certain level of default security. If
Leonid Isaev writes:
> On Sun, Jan 03, 2016 at 12:18:36AM +0100, Magnus Therning wrote:
>> How is that stupid? Do you check the sources with each release? *How*
>> do you perform those checks?
>
> OK, fact #0 - I only use software whose upstream I trust.
How do you establish that trust?
> Hav
Doug Newgard writes:
> On Sat, 2 Jan 2016 15:26:59 -0800
> Kyle Terrien wrote:
>
>> On 01/02/2016 02:50 PM, Doug Newgard wrote:
>> > On Sat, 2 Jan 2016 15:35:01 -0700
>> > Leonid Isaev wrote:
>> >
>> >> On Sat, Jan 02, 2016 at 02:06:05PM -0800, Kyle Terrien wrote:
>> >>> Thank you! I was tempt
Leonid Isaev writes:
> On Sat, Jan 02, 2016 at 05:34:51PM -0600, Doug Newgard wrote:
>> Just expanding on your point.
>
> Ah, OK, sorry :)
>
> Also, perhaps one should note that "walled garden" discussions (albeit
> justified) belong at Mozilla's bug tracker, not Arch's.
Yes, and no. It should
Le 03/01/2016 02:24, Magnus Therning a écrit :
> Doug Newgard writes:
>
>> On Sat, 2 Jan 2016 15:26:59 -0800
>> Kyle Terrien wrote:
>>
>>> On 01/02/2016 02:50 PM, Doug Newgard wrote:
On Sat, 2 Jan 2016 15:35:01 -0700
Leonid Isaev wrote:
> On Sat, Jan 02, 2016 at 02:06:05PM -080
Le 03/01/2016 02:27, Magnus Therning a écrit :
> Leonid Isaev writes:
>
>> On Sat, Jan 02, 2016 at 05:34:51PM -0600, Doug Newgard wrote:
>>> Just expanding on your point.
>> Ah, OK, sorry :)
>>
>> Also, perhaps one should note that "walled garden" discussions (albeit
>> justified) belong at Mozilla
On 01/02/2016 05:24 PM, Magnus Therning wrote:
> The larger, and very philosophical question is "How user un-friendly can
> upstream make it before Arch decides to *not* package as upstream
> intends?" (Answering this requires keeping in mind that Arch users are
> unlikely to fall squarely into the
On 01/02/2016 07:24 PM, Magnus Therning wrote:
The larger, and very philosophical question is "How user un-friendly
can upstream make it before Arch decides to *not* package as upstream
intends?" (Answering this requires keeping in mind that Arch users are
unlikely to fall squarely into the ta
31 matches
Mail list logo
