LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Latest Firefox stable in Slackware (https://www.linuxquestions.org/questions/slackware-14/latest-firefox-stable-in-slackware-4175656241/)

arcctgx 06-23-2019 11:19 AM

Latest Firefox stable in Slackware
 
I'm writing this to "test the waters", and check if there are more people in the same situation as me.

It's obvious that using the previous ESR version of Firefox currently available in pasture/ is dangerous. But the current ESR version is still missing some WebExtensions APIs that are required by certain browser extensions (e.g. Simple Tab Groups requires at least Firefox 63). So I have a decision to make - either run the safer, current ESR version and break my workflow because some extensions are still not supported, or continue using my extensions, but opening my system to some attack vectors?

I'm wondering if I'm the only person facing this dilemma?

If it's just me, then I'll try to build the latest version by myself. I have no idea how it will go (up to a few minutes ago I was convinced that -current has the latest stable Firefox, but actually it's on ESR branch as well, so I can't simply use SlackBuild from -current). I guess building from source will be time consuming, and easy to get wrong. And additionally, the updates are quite frequent nowadays.

But if I'm not alone in this, then maybe it would make sense to additionally provide the latest stable version of Firefox (67.0.4 at the time of writing) in extra/? That would certainly be more energy efficient. ;)

The same probably applies to Mozilla Thunderbird, but currently Firefox is my main concern.

What's you opinion on this? Is there some technical reason Firefox stable can't be provided that I'm not aware of?

upnort 06-23-2019 12:12 PM

At home I continue to use ESR 52. I do not lose sleep about using ESR 52. I don't care what the security wannabe fanboys claim about using that version. I always have run Firefox in a way that almost all common exploits can't and won't affect me. Primarily, through NoScript I do not allow Javashit JavaScript except for a very few trusted sites. I long have practiced not accepting cookies of any kind except for a very few sites. I use several security related extensions. I use DNS blocking to avoid nefarious and malicious URLs. I never open email attachments or select links in emails until I first check the email source. Etc., etc.

At work I am responsible for keeping Firefox updated. I have no choice but to use a supported version. We use ESR 60. I find ESR 60 to be frustrating because of the lack of previous extensions. NoScript frustrates and confuses me with the new interface. Mostly I miss Tab Mix Plus and all the beautiful ways that extension makes Firefox more usable for me at home. To replace the venerable Classic Theme Restorer I use the same author's Custom CSS tools.

Somewhat I find Firefox to be classic fuster cluck. The developers dropped the ball by moving forward without properly defined APIs to replace the previous extension framework. The sad part is there is no decent replacement browser. Anything based on Chrome is surveillance software, regardless of what developers claim. Even the default Firefox installation is surveillance software, but Firefox can be configured to overcome those defaults.

tobyl 06-23-2019 12:18 PM

Unless you have a burning desire to build from source, you could try downloading the linux version direct from mozilla.
Extract to a directory that suits you and simply run the firefox executable from there. It's not difficult to make a menu entry that points to this version of firefox.

This is what I have been doing for some time now (I have uninstalled the slackware version, but you don't need to).

In preferences I have "Check for updates but let you choose to install them"

I get prompted for updates when there is a new version, and updates install correctly.

I don't know if there are any downsides to this method, but I haven't found any.

tobyl

LuckyCyborg 06-23-2019 12:35 PM

I have the habit to build and use the latest stable Firefox, using The Little Beast, my "overpowered" main box driven by an AM1 CPU named Athlon x4 5350, with TDP of 25W.

In my humble opinion, what they do (at least for slackware-current), staying on Firefox ESR releases is a mistake. The Firefox ESR is not for home users but for organizations and businesses, as Mozilla claims here: https://www.mozilla.org/en-US/firefox/organizations/
Quote:

What is Mozilla Firefox ESR?

Mozilla will offer an Extended Support Release (ESR) based on a regular release of Firefox for desktop for use by organizations including schools, universities, businesses and others who need extended support for mass deployments.
Quote:

Who should use Mozilla Firefox ESR?

Mozilla Firefox ESR is meant for organizations that manage their client desktops, including schools, businesses and other institutions that want to offer Firefox. Users who want to get the latest features, performance enhancements and technologies in their browsing experience should download Firefox for personal use, as these improvements will only be available to ESR users several development cycles after being made available in Firefox for desktop. If you’re using Firefox for personal use, you can download Firefox from mozilla.org/firefox.

In some cases, ESR is proposed to regular users for unsupported architectures transition. For example, when Windows XP support ended for the release, Firefox ESR has been recommended for these users.
Excuse me? For a distribution which makes a pride from not shipping PAM and Kerberos, sinking from starters any use of it on businesses, organizations and schools, why they would ship an Enterprise Software like Firefox ESR?

If myself I can build casually the latest Firefox with a 25W CPU, then for their Ryzen or i9 driven build boxes is matter of minutes.

individual 06-23-2019 12:48 PM

Quote:

Originally Posted by tobyl (Post 6008253)
Unless you have a burning desire to build from source, you could try downloading the linux version direct from mozilla.
Extract to a directory that suits you and simply run the firefox executable from there. It's not difficult to make a menu entry that points to this version of firefox.

This is what I have been doing for some time now (I have uninstalled the slackware version, but you don't need to).

In preferences I have "Check for updates but let you choose to install them"

I get prompted for updates when there is a new version, and updates install correctly.

I don't know if there are any downsides to this method, but I haven't found any.

tobyl

That's one way to do it. I modified the palemoon-bin SlackBuild to install Firefox Developer Edition.

slackware-current 06-23-2019 01:43 PM

This might help https://addons.mozilla.org/en-US/fir...-on-fix-57-60/

ZhaoLin1457 06-23-2019 02:51 PM

Quote:

Originally Posted by slackware-current (Post 6008268)

I do not think so. That Firefox package is related to an incident happened not so long in the past, where some SSL certificate expiration resulted in disabling all Firefox addons.

However, the fact is that Firefox (and Chrome) evolves quite fast, and that Firefox ESR is something which someone would expect from RHEL and his foster child CentOS, but not from a development tree which jumps on the latest GCC or X.org no questions asked, like a county girl on the lap of first guy who gives her a drink...

Anyway, like the past demonstrated well, even the LTS kernels aren't more stable or safe than latest ones, and about Firefox, oh well... ESR does not saved the shipped Firefox even from that particular stupid incident.

Ironically, the things was fixed first by Mozilla ensuing a new (latest) stable release, and only some days later by patching the "epic" stable ESR.

BTW, I use from long time the latest Mozilla binaries, using that script "latest-firefox" to repackage it before upgrading.

https://gist.github.com/ruario/9672798

arcctgx 06-23-2019 03:26 PM

Quote:

Originally Posted by tobyl (Post 6008253)
Unless you have a burning desire to build from source, you could try downloading the linux version direct from mozilla.

Not really, it's already 30 degrees Celsius here. ;)

Quote:

Originally Posted by ZhaoLin1457 (Post 6008286)
BTW, I use from long time the latest Mozilla binaries, using that script "latest-firefox" to repackage it before upgrading.

https://gist.github.com/ruario/9672798

This looks useful. Thanks for sharing.

Still, I think the best solution would be if latest stable Firefox was available as official Slackware package (even as an optional one).

upnort 06-23-2019 04:47 PM

Quote:

Still, I think the best solution would be if latest stable Firefox was available as official Slackware package (even as an optional one).
Perhaps as a package in /extra?

ttk 06-23-2019 08:50 PM

Quote:

Originally Posted by arcctgx (Post 6008242)
I'm wondering if I'm the only person facing this dilemma?

You're not the only one, no. Firefox went off the rails a few years ago, leaving me only with what seemed like impossible decisions.

I switched to Pale Moon, and that has thus far been the right choice. It might or might not be the right choice for you; YMMV.

hitest 06-23-2019 09:04 PM

I run FF (which comes with -current) on most of my Slackware64-current boxes. I run Google Chrome on one Slackware64-current Thinkpad.

frankbell 06-23-2019 09:12 PM

On my Slackware 14.2, Firefox v. 60.7.2esr is the currently installed browser.

I have had no issues with it.

The add-on snafu was annoying, but the cause of the problem (allowing a cert to expire) was external to the browser itself. I would consider it hyperbole to characterize the Firefox browser itself as "dangerous."

Certainly, it's not so inimical as Chrome.

NakedRider 06-25-2019 11:34 AM

Quote:

Originally Posted by tobyl (Post 6008253)
Unless you have a burning desire to build from source, you could try downloading the linux version direct from mozilla.
Extract to a directory that suits you and simply run the firefox executable from there. It's not difficult to make a menu entry that points to this version of firefox.

This is what I have been doing for some time now (I have uninstalled the slackware version, but you don't need to).

In preferences I have "Check for updates but let you choose to install them"

I get prompted for updates when there is a new version, and updates install correctly.

I don't know if there are any downsides to this method, but I haven't found any.

tobyl

+1 this works for me too.

garpu 06-25-2019 01:22 PM

Problem with just using the pre-compiled version of Firefox is that it doesn't build or default to ALSA, unless you build it yourself. So if you're not using pulse, there won't be any sound.

TheRealGrogan 06-26-2019 11:20 PM

Yes, they sabotaged that a while back. Not only in their official binaries, but it's disabled by default at compile time... I was hellaciously pissed when I didn't realize they turned if off by default and had to redo a build when I had no audio. Yes, I chose the word sabotage and I mean it. It's no skin off their asses to --enable-alsa yet they disable it, and try to default you into disabling it. That's what they do when they want to try to force a change on everyone, but they'd get too much backlash if they removed the option entirely.

I use pulseaudio now, but I still enable ALSA support to fall back on.


All times are GMT -5. The time now is 03:33 PM.