Addon permissions

[pbhj]

The permissions on the Thunderbird addons page tells me the following:

Permissions Some add-ons ask for permission to perform certain functions (example: a tab management add-on will ask permission to access your browser’s tab system). Since you’re in control of your Firefox, the choice to grant or deny these requests is yours. Accepting permissions does not inherently compromise your browser’s performance or security, but in some rare cases risk may be involved.

This add-on can: Download files and read and modify the browser’s download history Store unlimited amount of client-side data

But when I select to install, the permissions pop-up says that Qnote will have access to everything in Thunderbird and be able to control my whole computer.

This doesn't give a good impression, the mismatch between the two (the "This add-on can" text and the install pop-up text) suggests something untoward is happening. Is there some way to restrict the power that Qnote has if installed? It appears naively to only need to modify files under the Thunderbird profile.

Perhaps this is a problem of the Thunderbird addon system?

I'd love to use the addon, as a former Xnote++ user, but the permissions are giving me second thoughts.

[mlazdans]

Here I tried to explain: https://github.com/mlazdans/qnote/issues/9#issuecomment-910822854

Basically currently there is no way around it unless add-on is using only Webextension APIs which are very incomplete and QNote can't be implemented using only that API.