The main question is what behavior is being introduced. I haven't researched deeply, but apparently the add-on does nothing until the user opts-in on studies.
Sorry, but I'm uninstalling firefox. They have broken the basic trust I have in them as a user to not push arbitrary code to my machine against my interests.
Do you have any evidence of this?
Assuming their normal processes for SHIELD studies were followed, a _lot_ of different people have to review the plugin before it gets approved: https://wiki.mozilla.org/Firefox/Shield/Shield_Studies#Who_A...
Edit: Also, the contributors list on the plugin's GitHub repo lists exclusively Mozilla employees: https://github.com/gregglind/addon-wr/graphs/contributors
I worked at Mozilla for about four years (2011-2015), on MDN. It's built as a wiki, with wiki features open to everyone. The code is all open source and on GitHub. Its issues and tasks and roadmap are tracked in a public bug tracker. We operated in a public IRC channel. We didn't have to do that. We could have just built something targeted to only be used by the technical writing staff at Mozilla, and never bothered to open it up or make the code available or make it transparent about who wrote articles and when. In fact, it's much more work to do all the things we did (and not just in terms of implementing features, but also in terms of dealing with spammers and trolls and other malicious people who wouldn't have had access in a less open system), but we did it anyway because Mozilla is a radically open and transparent organization. But... in four years, not many people from outside Mozilla ever joined in and got involved with actually contributing (either code or articles or edits to articles or housekeeping or suggesting/arguing for ideas of how to improve MDN).
And I've been doing open source for much longer than that, and I see exactly the same pattern: a handful of folks do all that work, and go to the trouble of being open and transparent and providing ways for people to see what's going on and get involved... but people don't.
And then those same people willingly install the software and use it every single day, and complain that they were never consulted, or never got a chance to review, or never got to provide input. You had chances to look at the source code, to see what was being checked in, to read the referenced Bugzilla bugs on commits, to leave comments on them, to submit alternative ideas. You didn't. You did install Firefox, though (assuming your claim is correct that this was installed on your computer). By installing the software while not participating in the process, you absolutely gave your "review" of it, and your "review" was "just make a browser for me for free and don't bug me about how".
Now, if you want to be involved, go start watching Bugzilla and the Mozilla project wiki pages, and CC yourself on stuff and join mailing lists. Because it's Mozilla. You can do that. If you don't want to do that, or you don't think it's worth your time to do that, then don't do it. But don't then come charging onto HN to complain that nobody consulted you. People practically got on their hands and knees and begged you to join in the process of making Firefox and other open source software, and you decided not to.
Posts are being removed from bugzilla and threads being locked. The code itself comes from a random github repo, not affiliated with mozilla/firefox. (https://github.com/gregglind/addon-wr/)
https://bugzilla.mozilla.org/show_bug.cgi?id=1424977
people here were asking why normal process wasn't followed. No answer or links to resources.
another closed discussion here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1425187
and here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1425171
I appreciate your input as someone who knows the process, but this really wasn't followed this time.
edit: they've changed the repo now. so it's redirected to https://github.com/mozilla/addon-wr