You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A collection of reusable modules, APIs and documentation designed to facilitate the cross-browser development and maintenance of privacy and security browser extensions, helping them survive the restrictions imposed by Google's [Manifest V3](https://developer.chrome.com/extensions/migrating_to_manifest_v3) on Chromium-based browser, but in perspective on Firefox-based ones too, should Mozilla be forced to compromise and downgrade their WebExtensions API to some extent for compatibility's sake. Furthermore, it will aid developers porting and/or maintaining extensions on mobile browsers, such as the new Firefox for Android (code-name "Fenix"), which support just a subset of the APIs available on the desktop.
*designed to for****cross-browser****development / maintenance* <br>
13
+
*of privacy / security extensions.*
12
14
13
-
### Why
15
+
---
14
16
15
-
By abstracting the common functionality shared among security and privacy extensions, providing consistent implementations across multiple browser engines and shielding developers from the browser-dependent implementation details (which precisely in the most optimistic scenario, i.e. Firefox keeping its WebExtensions API as powerful as it is, are doomed to diverge dramatically), this library aims to minimize the additional maintenance burden and mitigate the danger of introducing new, insidious bugs and security vulnerabilities due to features mismatches and multiple code paths.
17
+
**⸢ [Issues] ⸥ ⸢ [General Discussions] ⸥**
18
+
19
+
---
20
+
21
+
## Integration
22
+
23
+
- Add this repository as a **[Git Submodule]**
24
+
- Integrate the [`include.sh`][Include] script into your build workflow
25
+
26
+
---
16
27
17
-
Cross-browser issues have a chance to be fixed or worked around in one single place, ideally with the help of multiple developers sharing the same requirements. The solutions will be subject to automated tests to timely catch regressions, especially those caused by further changes in the APIs provided by the different browsers. The residual browser-specific differences, compromises and corner cases which couldn't be addressed at all, or without significant performance penalties, are clearly benchmarked and documented, to make both developers and users well aware of the limitations imposed by each browser and capable of educated decisions, tailored to their security and privacy needs. This transparency should pressure browser vendors into increasing their support level, when they're are publicly shown to be measurably lacking in comparison with their competitors.
28
+
## Why
18
29
19
-
### How
30
+
As **Google** is imposing **[Manifest V3]** on *chromium-based browsers* <br>
31
+
and **Mozilla** may comply and downgrade their **WebExtensions API** <br>
32
+
for compatibility sake as well, developers now have to struggle with <br>
33
+
the limited tool-set that remains.
20
34
21
-
To start using the NSCL, just add this repository as a git [submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules) and integrate the [include.sh](https://github.com/hackademix/nscl/blob/main/include.sh) script in your browser extensions building workflow.
35
+
This library tries to alleviate some of these problems.
22
36
23
-
Please use the [issue tracker](https://github.com/hackademix/nscl/issues) here for bug reports and RFEs, and [this forum](https://forums.informaction.com/viewforum.php?f=27) for general discussion.
This library is also useful in the aspect of porting / maintaining extension <br>
42
+
for mobile browser, such as the `Fenix` Android browser, considering that <br>
43
+
often only a small subset of the desktop **APIs** are supported.
44
+
45
+
---
46
+
47
+
## Details
48
+
49
+
By abstracting the common functionality shared among security and privacy extensions, providing consistent implementations across multiple browser engines and shielding developers from the browser-dependent implementation details (which precisely in the most optimistic scenario, i.e. Firefox keeping its WebExtensions API as powerful as it is, are doomed to diverge dramatically), this library aims to minimize the additional maintenance burden and mitigate the danger of introducing new, insidious bugs and security vulnerabilities due to features mismatches and multiple code paths.
50
+
51
+
Cross-browser issues have a chance to be fixed or worked around in one single place, ideally with the help of multiple developers sharing the same requirements. The solutions will be subject to automated tests to timely catch regressions, especially those caused by further changes in the APIs provided by the different browsers.
52
+
53
+
The residual browser-specific differences, compromises and corner cases which couldn't be addressed at all, or without significant performance penalties, are clearly benchmarked and documented, to make both developers and users well aware of the limitations imposed by each browser and capable of educated decisions, tailored to their security and privacy needs. This transparency should pressure browser vendors into increasing their support level, when they're are publicly shown to be measurably lacking in comparison with their competitors.
26
54
27
55
#### Security reports
28
56
29
57
We strive to fix security sensitive issues in the shortest time possible (hours, ideally) while protecting users.
30
58
If you've find one, please report privately at [security@noscript.net](mailto:security@noscript.net).
31
59
To ensure confidentiality and protect users, please encrypt your report with this __PGP key__:
0 commit comments