On 04/09/2012 02:06 PM, Jan Kratochvil wrote:
Wouldn't it be better to package Mozilla plugins in Fedora so that they are trusted? And then disable Firefox plugins downloads the same way as there is Firefox updater disabled (--disable-updater) as it would conflict/duplicate the rpm packaging of Firefox anyway. (I have here some undebugged packaging of mozilla-remember-passwords so that I already tried to participate.)
Is not upstream, Mozilla in this case, Gnome for shell extensions, Google for Androids apps. etc responsible for conducting security auditing on extensions/addons they host/provide upstream?
And another thing why do we want to package something that works out of the box for the end user like Mozilla and Gnome shell extensions/addons do as opposed to just simply direct users upstream which they would have go anyway for anything we might not ship?
JBG -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
