The future of Firefox ESR

For over a decade we deployed Firefox in a corporate environment without trouble, until out of the blue we got to work one day and the whole company couldn’t do business because of https://bugzilla.mozilla.org/show_bug.cgi?id=1030963

The temporary workaround was the signTextJs addon, but that was first unsigned, and then eventually removed.

The temporary workaround to the temporary workaround became the signTextJsPlus addon, which worked for a while, but then that broke without warning when WebExtenstions was added.

We’ve now tried to update to support the most recent signTextJsPlus with WebExtensions, however this broke in Firefox ESR60 with the following two bugs:


As a workaround we tried to switch to the latest version of Firefox 66, and this broke the signTextJsPlus again because of the workaround required after refusal by Firefox to fix this bug:

After some 5 years of turmoil it’s clear that Firefox is not a stable enough platform to be used for any kind of business use. It appears individuals are able to break whole parts of the Firefox platform without any obvious oversite and without warning.

Given this background I ask what is the future of Firefox ESR?

In theory Firefox ESR is a stable platform that can be replied upon to build a business system on, but in practice it is hopelessly unstable. The support horizon of approximately 1 year is woefully short, and roughly the same as Fedora, the non-enterprise Linux distribution.

Is this ongoing instability something that Firefox is willing to address, or does the Firefox project actively not support business use cases for the Firefox platform?

If I know where Firefox stands on this I can make a decision as to whether to continue investing in Firefox as a platform or whether to drop it for something else.

The intent of the ESR is not to encourage people to use old versions of the browser; it’s to give enterprises a chance to prepare for changes that are coming in future versions of the browser and not deal with major changes every six weeks.

The API you reference was a proprietary function and was never part of any standard. When we decided to remove it in Firefox 34 on December 1, 2014, we didn’t realize the impact and decided to add it back temporarily, but as we made clear at the time (https://groups.google.com/forum/#!topic/mozilla.dev.tech.crypto/hR_bjx9OVJA) that measure was never going to be permanent.

While we won’t continue to ship this API in our product - as you no doubt know, maintaining nonstandard APIS or product functionality is always a larger burden than you’d expect - we are expanding our enterprise efforts to include deployment and configuration tools, as well as support options that we hope our enterprise customers and partners will find valuable.