Nobody is concerned about that, in my opinion. I'm concerned someone will push malware through Mozilla into Firefox installations. Pushing addon installs should not be possible at all.
Mozilla installing a bunch of addons that look like viruses ends up preventing users from being able to identify actual viruses.
The exception is that an addon can do slightly less damage than a compromised browser itself.
If any software developer would truely respect users, he would offer updates as seperate packages, where users can opt out of non-security ones- and those updates humanity votes with there feet against, vannish into the bin of useless software.
At that point, it’s probably better to just stop feature development and do nothing but security patches, which of course will lead to stagnation and which will also lead to fragmentation as many more incompatible releases of the same software will be out in use.
This will make it even harder for developers to adapt new technologies. Imagine how bad the already messy caniuse.com would look when every single browser version would be supported forever and could be individually configured feature by feature.
Especially as people somewhat versed in technology (I think it’s safe to call HN audience that), I think there is advantage in going with the flow and adapting to new releases and UI paradigms.
Otherwise we'd still be running on DOS and us developers would still have to support it.
Relevant XKCD: https://xkcd.com/1172/
Ie. code spitting and reducing bloat, and speeding up development by providing some features as add-ons...
