Thunderbird 78 should refuse to install add-ons with a "legacy" object in the manifest
Categories
(Thunderbird :: Add-Ons: General, defect)
Tracking
(thunderbird_esr78+ affected)
People
(Reporter: TbSync, Unassigned)
References
Details
Search for this add-on in the Thunderbird 78 add-on manager:
"Allow HTML Temp"
You will get:
https://addons.thunderbird.net/addon/allow-html-temp/
which is only marked compatible up to 72.0a1 (marked in the manifest and in ATN itself):
https://addons.thunderbird.net/addon/allow-html-temp/versions/
But it installs just fine. :Sanctus confirmed this in matrix chat and observed, that it looks like a client side issue as there is not even a server check happening.
The same can be observed, if the addon is installed from file.
|
||
Comment 1•5 years ago
|
||
not good.
|
||
Comment 2•5 years ago
|
||
Should be a blocker for 78 release.
|
||
Comment 3•5 years ago
|
||
(In reply to John Bieling (TbSync) from comment #0)
which is only marked compatible up to 72.0a1 (marked in the manifest and in ATN itself):
It's not in the manifest. At least in the version I downloaded.
"version": "5.7.3",
...
"applications": {
"gecko": {
"id": "{532269cf-a10e-4396-8613-b5d9a9a516d4}",
"strict_min_version": "66.0"
}
},
|
Reporter | |
Comment 4•5 years ago
|
||
Oh, Alex? Didn't you say otherwise? I did not recheck that and I am sorry for not having done so. :-(
|
|
Reporter | |
Comment 5•5 years ago
|
||
Putting this aside, TB should still check ATN for version limits setup there, when installing add-ons from the search in the add-on manager, right?
|
|
||
Comment 6•5 years ago
•
|
||
Mhhh, that's weired. Maybe I've removed the strict_max_version out of manifest.json because of complaints from the automatic checks, when uploading new versions to ATN. I actually have this max version specification in Visual Studio Code in the manifest.json in there.
(In reply to John Bieling (TbSync) from comment #5)
Putting this aside, TB should still check ATN for version limits setup there, when installing add-ons from the search in the add-on manager, right?
IMHO this should be honored.
|
||
Comment 7•5 years ago
|
||
There are a bunch of behaviours here that seem like bugs:
- Any web extension with a 'legacy' object should just fail to install in 78, shouldn't it? But it warns and installs anyway. That seems bad, since no such add-on could ever work.
- ATN shouldn't be showing that add-on as compatible with 78. I don't know why it does.
- I thought that every add-on installation hit versioncheck.addons.thunderbird.net to confirm min/max version before allowing the install, but perhaps that logic was removed since Firefox Web Extensions don't normally have strict_max_version at all.
I can look at #2 next week when I'm back.
|
|
||
Comment 8•5 years ago
|
||
Are there any improvements?
|
|
||
Comment 9•5 years ago
|
||
I fixed this add-on and filed https://github.com/thundernest/addons-server/issues/142 for #2 in Comment #7 above. It's a website issue, so I won't further discuss it in this bug.
I think #3 is probably also happening because there's only a check if an add-on has strict_compatibility set, so maybe not an issue.
I do still think that #1 applies as a TB bug: Web extensions with a "legacy" extension need to refuse to install in 78.
|
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
|
|
Reporter | |
Comment 11•5 years ago
•
|
||
Bug 1661216 is making sure to disable such legacy add-ons in TB78, regardless of any set min/max versions in the manifest or on ATN. So it covers #1 in commen t#7
|
||
Comment 12•5 years ago
|
||
I think that's all we need, right? (To reference comments, just write "comment" and number)
|
|
Reporter | |
Comment 13•5 years ago
|
||
Yes, if my bug lands this bug is solved as well. All the ATN related things have been fixed by :sancus.
|
|
||
Updated•5 years ago
|
Description
•