On Fri, 21 Apr 2017 09:51:00 +0000 Georg Koppen gk@torproject.org wrote:
We won't disable extension updates by flipping some preference in Tor Browser. Users who install extensions which we don't ship (even though this is strongly discouraged) should get updates. However, it is planned at least since the AMO pinning fiasco we witnessed last year (see #20146) that we essentially prevent all extensions *we* ship from auto-updating. We'll start with doing so for HTTPS-Everywhere (#10394) which is currently blocked on HTTPS-Everywhere getting the ruleset updates disentangled from the extension updates. Once we are done with HTTPS-Everywhere and got some experience what this means for our releases we'll do the same with NoScript.
The sandbox has a different threat model than Tor Browser does, and I don't particularly see a need for behavior to be consistent.
In the future, after none of the built in addons are auto-updated, I may consider re-enabling the addon updater depending on how the user configures the extension directory (if it's read-only, there's no point in doing checks, obviously).
Regards,