smdh @ more Firefox BS.

“Firefox was created in 2002 under the codename ‘Phoenix’ by members of the Mozilla community who desired a standalone browser rather than the Mozilla Application Suite bundle.”

Remember those halcyon Phoenix days? I do.

They were all too short lived.

Now even Firefox forks such as @librewolf seem to be sitting on their thumbs, thinking maybe it’s sufficient to merely option out offending lines of code.

Have decades of return to libc exploits meant nothing to developers?!

If you aren’t going to branch to the code, don’t leave it in the source! It is an attack surface laying dormant whether you realize it or not.

Is it more work? Sure.

Do the work!

LibreSSL didn’t rip out tens of thousands of lines from OpenSSL without good reasons.

The dividends have been appreciable.

    • ティージェーグレェ@sfba.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      4 months ago

      @velox_vulnus as an unpaid volunteer maintainer of libre/free open source software myself, I only wish that meant I never had to deal with complaints!

      I am not even sure how many hours (mine & others’) were wasted adding a legacy_dsa variant to MacPorts’ OpenSSH after the 9.8p1 release.

      Even though DSA is going to be deprecated entirely in 2025 & announcements warning against it are much older.

      Who the hell said anything about me feeling entitled?

      Obviously someone has to do the work.

      You seem to be off your rocker if you think that just because a project disclaims donations that absolves them of criticism.

      I’ve never encountered anything that didn’t have room for improvement.

  • ohfp (she/her)@lemmy.ml
    link
    fedilink
    arrow-up
    7
    ·
    4 months ago

    For a moment there, I even foolishly started to type out a long reply, trying to take this in good faith. But the more I think about it, the more more or less everything about this starts getting infuriating.

    So, uh: whatever. Fork it? Send PR / “Do the work!”? Use something else? Go away?

    • ティージェーグレェ@sfba.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      @ohfp yet, you replied.

      How am I supposed to respond?

      PRs would probably be ideal.

      I can’t even get a working build environment locally for LibreWolf.

      They cross compile to macOS in the cloud and don’t have build instructions for macOS, because they apparently don’t use it.

      So the PRs would need to get started on a much more fundamental level.

      How many spoons do I have?