Update on Signed Add-ons proposal https://groups.google.com/forum/?_e...ic/mozilla.addons.user-experience/qIgLq28aTdI Current plans, roughly and AFAICT: All extensions must be signed and must be submitted to Mozilla for approval in order to work with Release builds. Non-AMO developers required to pay and sign an agreement in order to obtain self-signing certs from Mozilla. Unsigned extensions can only be used on Nightly, debug builds of Beta and Release, or the new Developer Edition. As someone who occasionally uses an older, no longer actively maintained extension and also a private extension, I'm concerned about the potential consequences of using the Developer Edition. Such as profile or other restrictions, undesirable for normal use features, reduced configuration options, etc. Is anyone familiar with the Developer Edition of Firefox ( https://www.mozilla.org/en-US/firefox/developer/ )?
Yes sounds like mozilla are continuing to shoot themselves in the foot of late. The endless version march has left some extensions behind. This will make it worse I use firefox because of the extensions otherwise i would be using chrome.
TheWindBringeth, perhaps you know this already; this is FYI for others. The Firefox Developer Edition is the new name for the Aurora Channel. I tried the portable version from PortableApps.com., but it was too buggy (mainly frozen pages) for my taste, so I'm sticking with the portable Beta, and installed Stable releases. Here are the Mozilla Add-on Guidelines, and there's also an Add-on Blog. There's an ongoing thread, with some Developer info: Firefox celebrates 10th Anniversary with special releases.
At some level I associated the current version of Firefox Developer Edition with Aurora. I didn't consciously know that Developer Edition is meant to be the new name for and replace Aurora channel builds. I'm falling behind due to lack of time I think Aurora, and now Developer Edition, highly inappropriate for everyday use. So that isn't a reasonable solution. There needs to be a release build that doesn't require extension signing/approval. Ideally, one that supports: require signing for all extensions except those I have explicitly white-listed.
If I may draw attention to the qualifications (which I think are telegraphing something): Also, Bug 1038068. Specifically, the choice to eliminate (from base code) support for the old XPI signature verification method(s) and go with only one preference to control the new Mozilla-signed checks. I haven't walked the code to verify my interpretation of the comments there and elsewhere, but my impression is that this will leave all applications (including Firefox ESR, SeaMonkey, Thunderbird, and any unbranded builds that may materialize) without support for any other forms of extension signing and without a way to enable/disable the new Mozilla-signed checks on a per-extension basis.