Why XPI

• xpi-extensions are the perfect example of how powerful FreeBSD ports can be
• many extensions on addons.mozilla.org are outdated
• many extensions are not present on addons.mozilla.org
• built-in extension management implements updating and security features which are already present in the ports collection
• built-in extension management sucks:
  • you have to allow each site explicitly to install from it
  • security model is only relevant when using official SSL-protected sites
  • no vulnerabilities tracking (while xpi-extensions can be marked vulnerable in VuXML) - suggested by simon@
  • addons.mozilla.org has been down for many times
  • it's a chore to go to addons.mozilla.org (which goes hard on both client and server CPU's) seek extensions you like and install each one of them separately
  • no means of centralized deployment/updates
• xpi infrastructure can provide hacks for extensions to work with other browsers, etc
• centrally-deployed extensions consume many times less space:
  • 1 extension per deployment vs. 1 extension per user per app per deployment
  • for example with 4 applications and 5 users, you'll consume up to 20 times less space
• FreeBSD users can manage can keep everything up-to-date with portupgrade
  • extensions are not automatically updated by default, while many of them impose security risks and very often bring instability to apps if not updated regularly
• xpi-infrastructure is supported by a number of FreeBSD committers as well as other maintainers
  • Alex Dupre <ale@FreeBSD.org>
  • Andrew Pantyukhin <infofarmer@FreeBSD.org>
  • Thierry Thomas <thierry@FreeBSD.org>
  • Chinsan <chinsan.tw@gmail.com>
  • Lapo Luchini <lapo@lapo.it>
  • Simon Olofsson <simon@olofsson.de>
  • Marcin Wisnicki <mwisnicki+freebsd@gmail.com>
  • Alexander Botero-Lowry <alex@foxybanana.com>
  • Alexander Ribchansky <triosoft@triosoft.com.ua>
• xpi-infrastructure is enjoyed by many users at multiple locations