Packing XPIs

Lubomir Kundrak lkundrak at redhat.com
Mon Oct 15 09:55:18 UTC 2007


On Mon, 2007-10-15 at 10:08 +0200, Nicolas Mailhot wrote:
> Hi,
> 
> Maybe there's enough firefox extensions to package a SIG dedicated to
> defining extension packaging standards is in order?

I'd prefer if the standard just said "do not do it" :) Imagine the
amount of poor quality extensions that might eventually hit fedora then
(trust me, there's a big amount of them :), which would need continuous
work of ensuring security and compatibility between updates, etc. etc.
Most of them would really be better installed on per-user basis, and
updates done by mozilla's (well, at least firefox does that) built in
update and compatibility check system.

While I am definitely against the idea of a dedicated SIG, some
extensions will still be nice in Fedora. This means some really popular
and well tested ones with good security track, and translations that
posses no security risk by its nature.

Probably if it were a way to convert them easily to RPMs for people that
deploy their own extensions via own repositories it would be superb. I
still do not know. Is this worth filing upstream as a feature request:
"A way to automate extension installation (from commandline)"?

> And while we're at it, handling OO.o extensions would be nice too

I was not even aware that OOo also support extensions :}

-- 
Lubomir Kundrak (Red Hat Security Response Team)




More information about the fedora-devel-list mailing list