For the past three years I have maintained a browser extension that I publish to both the Firefox and Chrome web stores.

I recently received an automated email from the Chrome web store overlords who had decided I was violating the “Use of permissions” policy by requesting the cookies permission “without using it”.

Here is a snippet from the manifest.json for my extension:

{
  "permissions": [
    "activeTab",
    "contextMenus",
    "notifications",
    "cookies",
    "https://<SPECIFIC_WEBSITE_RUN_BY_ME>/"
  ]
}

I request the cookies permission for https://<SPECIFIC_WEBSITE_RUN_BY_ME>/ so that I can transparently use the cookie set by that website when the user logs in to send authenticated HTTP requests from the extension. Nothing crazy:

The past month has seen me think a lot about portability in development teams and across environments. The first real development project I worked on last year made use of a utility script which provided a unified development environment interface for all of the developers, a go script. This was something of a revelation, as it really helped with my onboarding and environment setup, and allowed me to be a productive contributor right away.