Angular.js: Feature Request: Make Angular safe to use in Firefox Addon

Created on 19 Oct 2016  路  7Comments  路  Source: angular/angular.js

We are developing a quite large Browser Extension/Addon for Chrome, Firefox and Outlook based on AngularJS.

For our last release we got this feedback from the Firefox Addon Reviewers:

As stated in previous reviews, Angular 1.x is no longer approved. I will not reject this version as it will disable your entire listing. Please retract this submission on your own, this will avoid disabling the entire listing, and your old version will work.

Please use another library (like ReactJS) for your next submission.

Does anybody have information on this? I was not able to get more infofmation about what exactally the problem is.
https://docs.angularjs.org/api/ng/directive/ngCsp seems not to be enough.

We love Angular and moving to another framework would not make sense as we already put in 2 - 3 years developer man years into our application

investigation
Source
picture SebastianMetzger
👍1

Most helpful comment

Sorry, hadn't seen this issue. Yes, I'm working on this. It's not entirely clear whether there's a problem really worth fixing in Angular at this point, but we're working with Mozilla to figure out what's going on.

picture mprobst on 21 Oct 2016
👍4

All 7 comments

Same problem here. We were not yet rejected, but I found this forum post that suggests that we will also be rejected. The post does not add any valuable information on reasons, but they seem to consider Angular 1.x highly insecure, at least in the privileged context that an extension runs in.

strangematter picture strangematter on 19 Oct 2016
👍1

The lead developer from Angular 1 reached out to amo-admins. So discussions are under way! Hopefully they can pin point what it was that got Angular 1 blocked, and if it's no longer an issue, we can restore it.

Noitidart picture Noitidart on 19 Oct 2016
👍4

Lots of activity going on in this topic - https://github.com/mozilla/addons-linter/issues/1000

Noitidart picture Noitidart on 20 Oct 2016
👍1

Update from the Angular team here: https://github.com/mozilla/addons-linter/issues/1000#issuecomment-255269186. @mprobst is working on a fix.

Splaktar picture Splaktar on 21 Oct 2016

Sorry, hadn't seen this issue. Yes, I'm working on this. It's not entirely clear whether there's a problem really worth fixing in Angular at this point, but we're working with Mozilla to figure out what's going on.

mprobst picture mprobst on 21 Oct 2016
👍4

No worries. We are following the updates in the issue linked by @Noitidart and @Splaktar . Thank you all for taking charge of this issue!

strangematter picture strangematter on 21 Oct 2016
👍1

We have released Angular 1.5.9 which fulfills Mozilla's requirements. The linter ban will be lifted on Dec 1st: https://github.com/mozilla/addons-linter/issues/1000#issuecomment-263645094

Narretz picture Narretz on 29 Nov 2016
👍2 🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

awerlang picture awerlang  路  3Comments
butchpeters picture butchpeters  路  3Comments
ceymard picture ceymard  路  3Comments
cmplank picture cmplank  路  3Comments
nosideeffects picture nosideeffects  路  3Comments