> You know perfectly well that point 1 is completely irrelevant in the world of open-source.
Genuinely, why not? Open source projects go through ownership changes (as unlikely as they may be), social engineering, etc. In the unlikely chance something were to happen and anything malicious were to occur, what recourse is a user to have? And we are talking about a web browser here, which will be accessing peoples most sensitive data. I don't think this is an unreasonable stance.
> A UK Ltd. is less transparent than Librewolf, an open-source project run by many volunteers without the incentive to make any money.
Well this UK Ltd is still beholden to English law and UK GDPR. You could argue the merits and teeth that GDPR has, but I don't see why it's not a valid comparison? I can't just start processing personal data without complying with GDPR, for example.
> The risks you are talking about are not inherent to Librewolf, but to Linux and open-source, and thus are not legitimate criticisms of Librewolf.
Linux has the Linux foundation, which AFAIK is going to be beholden to California law? I don't see how that can't also be a criticism of Librewolf (and any OSS in a similar spot?).
> Point 3 is no longer true, the installer comes with the option to enable auto-update and on Linux, it also auto-updates, depending on distro, etc.
It seems to me to still true, because the installer is installing WinUpdater. Which, as it seems, is maintained by an individual developer?
> If you want LibreWolf to be automatically updated (recommended), you can choose to install the LibreWolf WinUpdater[1], which is included in the installer.
Genuinely, why not? Open source projects go through ownership changes (as unlikely as they may be), social engineering, etc. In the unlikely chance something were to happen and anything malicious were to occur, what recourse is a user to have? And we are talking about a web browser here, which will be accessing peoples most sensitive data. I don't think this is an unreasonable stance.
> A UK Ltd. is less transparent than Librewolf, an open-source project run by many volunteers without the incentive to make any money.
Well this UK Ltd is still beholden to English law and UK GDPR. You could argue the merits and teeth that GDPR has, but I don't see why it's not a valid comparison? I can't just start processing personal data without complying with GDPR, for example.
> The risks you are talking about are not inherent to Librewolf, but to Linux and open-source, and thus are not legitimate criticisms of Librewolf.
Linux has the Linux foundation, which AFAIK is going to be beholden to California law? I don't see how that can't also be a criticism of Librewolf (and any OSS in a similar spot?).
> Point 3 is no longer true, the installer comes with the option to enable auto-update and on Linux, it also auto-updates, depending on distro, etc.
It seems to me to still true, because the installer is installing WinUpdater. Which, as it seems, is maintained by an individual developer?
> If you want LibreWolf to be automatically updated (recommended), you can choose to install the LibreWolf WinUpdater[1], which is included in the installer.
[1]: https://codeberg.org/ltguillaume/librewolf-winupdater