On 4/16/26 7:36 AM, Kai Engert wrote:
> Note my previous message was an attempt to help in thinking about
> options for your needs.
>
> From our perspective, I think the intention is to no longer make
> promises about NSPR/MPR APIs remaining available.
This is a foolhardy goal. That ship has sailed, and any way to get back
to it will require a lot of work an patience. I better way is to simply
integrate it back into NSS and keep that ABI requirements. If you need
some additional work you can start a new library that neither depends on.
Now that being said, we can probably look at NSPR and figure what parts
that may be marked as 'not public' and can eventually be phased out. I
know that the IO system is the system that needs to be managed the most
carefully, but suspect it's the one you want to change the most.
>
> Brainstorming again about your needs, maybe it would be more practical
> for you if you took to opposite approach?
>
> You could decide that you keep maintaining the old NSPR libraries, as
> long as you need them, and backport upstream MPR fixes to it, if
> necessary.
The integration of NSS and NSPR is *very tight* shim libraries on a new
API could work, but only if the new API is *stable*. I also think the
shim libraries existence would be a prereq for your plan. It would even
help the transition. You can create the new library with the shims and
then you can transition the base libraries to call the new API directly
in a piece meal way rather than all at once. I doubt we would want make
a huge patch that moves NSS to the new MPR in one go...
>
> And instead of having a shim from NSPR to MPR, maybe you need it the
> other way round?
That might be easier. It provides the same character as the other shims,
but you only add MPR calls as you need them.
>
> Don't use MPR as distributed with NSS, but rather use a shim MPR
> library that maps the new symbol names to the old NSPR symbols?
The shim only works if there isn't another library. NOTE: In our system
this would mean that everything (including firefox) lives on top of the
shim. Firefox must have the same view as NSPR. This means it needs to
run on the shim, which means NSPR will need to have at least the same
functionality and stability as MPR, which means MPR +MPR shim probably
is a non-starter because it you will end up maintaining two libraries
(MPR and NSPR). So I guess long term it isn't easier.
>
> I think the dilemma here is that the Firefox team would like to be
> more flexible and make changes more easily, which isn't easy to align
> with your needs for long term stability.
Yup, though, ironically it's Firefox's 'move' fast plan that has caused
the requirements of freezing the lowest level of the system. The normal
way we handle these things is we just freeze all the code when we ship.
The problem is that we can't freeze a version of Firefox itself, and
thus we need to drop new versions of NSS and NSPR into old versions of
our OS.
Maybe If I knew what it was you wanted to change moving forward. NSPR
has been extremely stable, with only minimal changes to the code base
for a couple of decades. Is it just removing functionality? That can be
done the way we do in NSS. We isolate the functionality and
conditionally compile it. Often (initially) we just conditionally
disable the functionality, but eventually we drop out the actual code.
I think getting to they "wild west" of "let's just rewrite everything
when we feel like it" is really, in the long run, more expensive than
you realize. Moving to a 'here's where we want to go long term, and it's
stable within these parameters' is something we could work with.
bob
>
> Kai
>