I have Firefox as default browser and my main concern about the add-ons are the privacy as we don’t have some control over which websites can be accessed like in Chrome and LanguageTool is obviously the type of extensions that need access to everything we type to work, which includes potential sensitive data like login credentials. Even Grammarly had some problems in the past with security.
Currently, LanguageTool is one of the recommended extensions by Mozilla, which gives a lot of trust, but I’m still skeptical because of the source code. If there is a direct contact between the devs from Mozilla and LanguageTool, can you share some details ?
Another way to solve this issue, if I understood everything correctly, would be using the special interface that is already available (Request the right permissions | Firefox Extension Workshop). The development burden could be huge, though.
Also, I would love to hear the details on the decision of abandoning the open-source model.
Mozilla has access to the source code, and it is reviewed manually for each update. Sometimes, the reviewer (it’s not always the same person) has a question and contacts us.
The server part is still Open Source (minus the Premium features), but we cannot Open Source the add-on, as then competitors would just use it without ever contributing anything back, leaving us with all the development effort and cost.
By access to the source code, do you mean a special access with NDA to the codebase you work on (or something equivalent) ? If I remember correctly everyone can access the source of a extension like we can access the “source” of a webpage, which can be obfuscated and etc.
I understand. I just find difficult having to trust blindly in some extension with all these (necessary) permissions when the company is not that large with big customers. 1password is a example of a company with closed-source extension that I trust because we can find a lot of news everywhere when some problem happens, I can’t say the same for LanguageTool.
Anyway, knowing that Mozilla gets to review the code every release would be more than enough for me.
Thanks, and apologies, the intention was not to spam.
(I read, somewhere, first, that the Forum is preferred for bugs. Then read that bugs should be posted either to GitHub, or to the Forum. Then read that GitHub is preferred … then GitHub only.)