I’ve had it installed before and received the prompt “to install the update of this extension please accept the new telemetry conditions.” I don’t claim every user sees it (maybe I’m a/b tested?). I’ve rejected it, and checking the repo wouldn’t help for that.
The new requested permission, different from the ones previously accepted by me is, if I remember:
"Monitor extension usage and manage themes"
What's that if not a new telemetry? In a privacy-oriented extension!
""Monitor extension usage and manage themes": Required to provide interoperability with other container Add-ons by checking if they have the required permissions."
How about not being required? Older versions really didn't require. Knowing the management (see "Looking Glass"), even if the extension is not using the telemetry at the moment it's just "hey the user already agreed!" Especially troublesome as I haven't agreed anywhere else.
> How about not being required? Older versions really didn't require.
Unfortunately there's no other way for us to check whether an Add-on that tries to access the "API" has the needed "contextualIdentities" permission. I can assure you that it's in no way about telemetry and never will be. If the Multi-Account Features would be a Firefox platform feature then such an API would have the same requirements.
But why "required" to agree? If I know that I don't want other add-ons to call that extension, why can't it use it as it behaved before, that is, without effectively having to "agree" and "accept" telemetry?
I agree that it would be nice to have a way to show that permission prompt only if an external extension wants to use the API - however, that's not possible because such prompts can only be triggered after an explicit user interaction, not from the Add-on itself or external Add-ons.
Also, you didn't effectively "agreed telemetry". The same way you didn't "agreed to sent all website data you visit to the Add-on developers" when you accepted the "Access your data for all websites" permission that the Add-on also requires. If you don't trust the Add-on or its developers, then that permission should scare you more than the "Monitoring extensions" permission. But as you probably know; it's just a wording you have to take with a grain of salt and a lot of Add-ons/Extensions require permissions which would in theory allow them to inject any arbitrary content in websites you visit, or read data from them for that matter. It's how permissions work.
You didn't explain WHY should I'd ever want to allow that every other "external extension" automatically "uses the API" of the extension to which as you properly note I anyway gave a lot of major permissions. And why the extension forces me to allow something to the "other extensions" automatically.
You didn't allow every other Add-on to access the API, but explicitly only the Add-ons with the "contextualIdentities" permission ("Container feature"). Which is the reason the "management" permission ("Monitor extension usage") was needed in the first place - to check if the Add-ons accessing the API have that permission. Also, the API doesn't give external Add-ons access to the permissions you gave the Multi-Account Containers Add-on, but instead only a really specific amount of information; which is whether a specific domain is assigned to a container (you can read about it here https://github.com/mozilla/multi-account-containers/wiki/API).
Now, why "automatically" for Add-ons that have the "contextualIdentities" permission? It's simple, if you grant an Add-on that permission, you already gave your consent that the Add-on can access the Container API; and the Multi-Account Containers Add-on itself being from Mozilla, is just additional Container functionality, but as an Add-on. So if you grant the Container permission, you also get API access to some additional informations from the Add-on; and with that increase interoperability between Container Add-ons.
The new requested permission, different from the ones previously accepted by me is, if I remember:
"Monitor extension usage and manage themes"
What's that if not a new telemetry? In a privacy-oriented extension!
It's explained here:
https://github.com/mozilla/multi-account-containers/wiki/Per...
""Monitor extension usage and manage themes": Required to provide interoperability with other container Add-ons by checking if they have the required permissions."
How about not being required? Older versions really didn't require. Knowing the management (see "Looking Glass"), even if the extension is not using the telemetry at the moment it's just "hey the user already agreed!" Especially troublesome as I haven't agreed anywhere else.