Page 1 of 1

concern about NSS bug

Posted: 2018-04-28, 21:53
by joe04
I've enjoyed following development on GitHub, but now I'm concerned about issue #265, the breaking of Content Permissions (and perhaps other things) by upstream refactoring for NSS 3.35

To be honest, this is the biggest concern I've had about the viability of Moonchild's fork since switching to Pale Moon 2.5 years ago. If, as he wrote, "Mozilla simply doesn't give a shit" about the bug he filed, that's a serious cause for concern.

So I'm making this post to get a realistic appraisal of this situation.

1) How long can UXP safely remain on NSS 3.32.1? (I'm assuming that it too gets security patches, like the rest of Mozilla's C++ code.)

2) Will a stagnant NSS become another item of website incompatibility? (3.32.1 works fine in Pale Moon currently, and I'm unaware of any problems related to it, but what about a year from now? Or two years?)

3) Moonchild, is this a problem you can fix yourself? And assuming you do and upstream ignores your patch, are you willing to maintain a forked, backported version of NSS yourself?

Re: concern about NSS bug

Posted: 2018-04-29, 10:52
by Sajadi
That NSS stuff seems to be related to TLS - and as long as TLS 1.2 is still valid, there is no reason to be concerned. Pretty sure that it keeps staying relevant for the next couple of years to come.

But still, the question is, how to make NSS compatible with Pale Moon/Basilisk to allow TLS 1.3 to be implemented?

Re: concern about NSS bug

Posted: 2018-04-29, 15:28
by New Tobin Paradigm
TLS 1.3 is in there just not the latest draft..i suppose we do it manually.

Re: concern about NSS bug

Posted: 2018-04-29, 19:58
by Moonchild
So, let me get this right... because NSS was not just refactored but made unstable that we tickle somehow (in one of the three applications but not the others), and as a result we have to back it out because stability has gone out the window, suddenly the whole viability of Pale Moon and UXP is questioned. You know, I'm getting mighty sick and tired of people with that attitude. No, I won't go spend tons of time explaining what exactly is going on with NSS. If you want to know, check the upstream bug I filed at bugzilla.

If you have so little trust in what we do that you immediately have to question everything the moment something hits a little bump in the road, then what are you even doing here? Go use something else that 400 million a year to spend to "ensure there are no bugs" -- oh wait, that's not true either. :P

Re: concern about NSS bug

Posted: 2018-04-29, 22:19
by joe04
I must've touched a nerve. Didn't expect this level of spin from you, Moonchild. Your snippy attitude confirms the severity of the NSS problem - pretty serious. That does indeed undermine my confidence in the UXP codebase.

I'm already moving on. I've spent a few hours getting Firefox 59 setup, including porting some of my uBO modifications (aka xBA) to the WebExtension version; those are very important to me, and thankfully I'll be able to retain them. So instead of transitioning from a backported 38 ESR fork to a backported 52 ESR fork, like I assumed I'd be up until this NSS problem arose, I'll be tranisitioning to 60 ESR next month.

There will be specifics I'll miss from XUL add-ons, but overall I'll be alright. The benefits of not having to worry about items of utmost significance, like the viability of NSS, are definitely worth it to me. Peace of mind counts for a whole lot.

I've had a good 14 year run with XUL add-ons, and I appreciate my time on Pale Moon (which will continue on v27 for some time as I gradually transition).

Re: concern about NSS bug

Posted: 2018-04-30, 00:12
by New Tobin Paradigm

Re: concern about NSS bug

Posted: 2018-04-30, 00:20
by Moonchild
Well, I guess no matter what my response would have been, you could and clearly would spin it to the same conclusion.

You didn't hit a nerve. My response was one of genuine disbelief. But I guess your mind was already made up. :D

"In science, proving one's own theory never proves anything - instead, trying to disprove one's theory and failing is the proof one truly seeks."