Comment 8 for bug 267382

extensions are rare to have security issues. our goal is to have a semi-automated way to update extensions to the latest upstream version through -backports/-proposed. Until that is done we update extensions that are known to have security issues. However, to be fair, I wouldn't claim that we actively research or search for eventual security issues.

Couldnt you exclude them from the "normal" view, but display them when we run them with the mime type filter?