[euid]

Oh, yes, it's far from ideal.

I'm reminded of the ArchLinux AUR, which deals with a problem kind of like this. AUR managers show a diff of what changed in a package on each update.

Perhaps one could make extension auditing easier by scripting together a Git repository from extracted xpis, and presenting updates as patches to that repository. This is probably only viable for high-security environments - it's not with it in the common case.

Of course, the real fix would come from Firefox itself: it should provide signed extensions and a way to tie them back to Git repositories with source code, which would eliminate the need for the above automation, and allow people to crowdsource extension auditing.