varjolintu
commented
4 years ago I know few have recommended KeePassXC-Browser to that program, but I have no idea how the progress actually goes.
Open PresGas opened 4 years ago
varjolintu
commented
4 years ago I know few have recommended KeePassXC-Browser to that program, but I have no idea how the progress actually goes.
PresGas
commented
4 years ago I think you could start by reaching out to Caitlin Neiman - Add-ons Community Manager at Mozilla. https://blog.mozilla.org/addons/author/cneimanmozilla-com/
Otherwise, I do feel like they aren't making it too easy to do so. If you are connected with some of the addon developers that DO have Recommended Extensions, you could see what they have to say.
Otherwise, you could do a general query to the Electronic Frontier Foundation. Both Privacy Badger and HTTPS Everywhere are Recommended Extensions and may know the process.
droidmonkey
commented
4 years ago We are recommended by the EFF.
PresGas
commented
4 years ago @droidmonkey yes, you may be recommend by the EFF, but even their addons had to go through whatever Mozilla does to get added to the Recommended Extensions Program...as that is by Mozilla, not the EFF.
Since it is not part of Mozilla's Recommended Extensions Program, your plugin will not likely get added to FF for Android, for example. Additionally, if you look at my initial post, the plugin also gets a special banner at the addons site: " This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing."
hahjortland
commented
3 years ago I guess the most important thing is the security review, so being a Verified Extension is perhaps almost as good as being a Recommended Extension.
From https://support.mozilla.org/en-US/kb/add-on-badges:
Verified extensions are built by third-party developers and are reviewed for security and policy compliance. Developers of Verified extensions pay a fee to have their code reviewed. [...] Participation in this program is currently limited due to our capacity for code reviews, but we may expand in the future if more developers are interested in participating.
PresGas
commented
3 years ago Yes, it is agreed for security that Verified is good. However, if it is to be available on FF for Andriod, it needs Recommended according to Mozilla. This would then put it on par with things like Mozilla's lockwise et al.
droidmonkey
commented
3 years ago There is no reason for this extension on android.
PresGas
commented
3 years ago Possible use case: "Unified" database using syncthing across desktop and android.
What android app would be recommended then?
PresGas
commented
3 years ago Nevertheless for the reasons above, it would be valuable to have it go all the way to Recommended if it was on android or not:
https://github.com/keepassxreboot/keepassxc-browser/issues/1036#issuecomment-706607075
AkechiShiro
commented
10 months ago Is this issue still relevant today ? I don't see the banner anymore that the extension is not recommended however I don't see still that it is recommended @PresGas
PresGas
commented
10 months ago Yes, if it has the banner warning about security and trust it is not Recommended either.
Is extension going through the Mozilla Recommended Extensions Program
https://support.mozilla.org/en-US/kb/recommended-extensions-program
Expected Behavior
Extension should be available and installable on all supported versions of FF including Android
Current Behavior
Extension is not considered "Recommended" and therefore not only gets the banner: "This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing." ...for desktop, but also is not available at all in the recent GeckoView/Android version of Firefox.