Ludovic Courtès transcribed 0.8K bytes:
> Hi Marius,
> 
> Marius Bakke <mbakke@fastmail.com> skribis:
> 
> > The attached patch adds Spectre mitigation to the current Chromium
> > release.  The patch was pulled from the Chrome 64 branch:
> >
> > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001
> > From: Marius Bakke <mbakke@fastmail.com>
> > Date: Thu, 11 Jan 2018 14:36:47 +0100
> > Subject: [PATCH] gnu: chromium: Add spectre mitigation.
> >
> > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file.
> > * gnu/local.mk (dist_patch_DATA): Register it.
> > * gnu/packages/chromium.scm (chromium)[source]: Use it.
> 
> I didn’t really follow the whole discussion :-), but if what you have is
> now OK from the freedom and security viewpoints (including bundling),
> perhaps you can go ahead?
> 
> Ludo’.
> 

From a usability point of view it's definitely okay, I've been using this
for a while now, no crashes so far.
Coming up with a way to define extensions is just a matter of placing the
Lego blocks in the right position. Gentoo and other systems (maybe Nix) offer
insights.
I'd say to get to a PoC package for an easy extension, under the assumption
that the general integration works, it could be done in a couple of working
weekends.
-- 
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/