We don't use the builder so we'll need to repack and then submit for review. But let me make sure I understand something here. If there are other add-ons that are impacted by this bug then FF10 will be released and knowingly break them? Check out this ticket:
with several comments such as:
"Tracking for Firefox 10. We don't want to ship something that breaks add-on SDK consumers."
and
"However, the above behavior is thus not a bug, but very much intentional. This is a bit problematic, since we can't just back out the changes introduced by this commit, but leaving them in could break compatibility with existing add-ons."
and
"In my previous comment I said that the behavior we're seeing is intentional, but what is not clear to me is why being able to check the type of an object defined in a script with chrome privileges from a script with content privileges is a security risk. If we are going to end up breaking existing add-ons with this, I would at least like to see a very strong case why we absolutely need to disallow checking the type of an object that is passed into a compartments. Could anybody shed some light on this?"
I just want to make sure the scope of this issue is understood. It seems like this "break" could be avoided if an automatic repack were to happen since I've verified that SDK 1.4 fixes the issue. I realize the Jetpack tests are passing, but doesn't that mean there isn't coverage related to this issue?
We spent a lot of time rewriting our add-on with the SDK and I want to make sure we thoroughly understand the ins and outs of this process.
Thanks.