Addon update procedure with new permission

History:
I added to my addon a new permission…

Some of my colleagues at work asked me today why they have not the latest of my addon installed. I advised via phone please check in addon manager and make right to addon and select find updates. Nothing works. No message that there is a update, no popup for new permission, no popup for installing addon. Decided time for a visit. In the office i tried also to trigger the update manually and inspected the console. Again no message no sign that a update is available or in progress, nothing. Take a look to the right corner and found the yellow exclamation mark and set the permission. Voala. The background update search had already added this symbol and was waiting for attention.

If you believe it or not there are users in this world which will not discover such a yellow symbol and will never get such an addon update… They give such an symbol no attention and likely if they see it every day they keep it for normal after some days.

Next one, also at next browser start the symbol is going away and the users would need to wait until next update interval (86400s). In fact there was SEVERAL users since DAYS online without to get the addon update!

What do you think, about this background addon update process for new addon permission?

If you believe it or not there are users in this world which will not discover such a yellow symbol

I totally believe that. Even I wouldn’t claim to notice it immediately. This is the right end of my browsers navbar right now, one more yellow exclamation mark does not really stand out:
(And I don’t even have that may extensions in this profile.)

And that is, in my opinion, not even the worst about the current upgrade UX.
Even if the user clicks on the notice, it just says “Extension X now needs [totally scary permission Y]”, without any way for the developer to explain why that is actually a (and maybe optional) good thing.

I’d like it much better if (maybe optionally managed through a flag in the manifest) the browser would just do the update and start the extension.
Then, once the permission actually gets used, the browser throws (due to the missing permission) or stalls the call and fires an accessDenied event.
The extension can handle that event, explain the change and retry the action, just restart or let the call resume in case it was just stalled.
That way, the user would only get an prompted if and when it actually matters, with an explanation. There is no delay in the update and users could really understand whats going on.
And for the developer, the overhead would be quite low as well (and it would be opt-in).
For new installations, the entire set of permissions would be requested and granted right away, so there is no weird after-installation setup either.

Anyway, I think the best one can do with the current system is to just not ever add permissions. Use optionalPermissions instead and ask for them either after the installation/upgrade or keep track of the permissions you’ve been granted and request them when you first need them.

It should actually be possible to polyfill my approach (at least for API permissions). I think I will do that if I ever need to add a permission to an extension

Thanks. Yes simply to add a permission is a bad idea. But only because they try to do the update silent. Would Mozilla use the way as for direct install via file where the popup appears for that, all would be fine. I was not aware about the optional permissions, but if i want to add a permission in the future i will distribute the XPI simply via email. So every one knows what is to do and they get their popups to confirm.