> bummed to see firefox at version 128
I believe that is because Debian ships Firefox "Extended Support Release" (ESR) as a security precaution, and the firefox-esr package[1] is quite out of date in absolute terms.
If you want the newest Firefox (not ESR), just add Mozilla's own repo instead: https://blog.mozilla.org/en/mozilla/4-reasons-to-try-mozilla...
It’s out of date, feature wise, but should have all the security updates, I believe.
Of course, and it was sloppy of me to call it "out of date", that goes for all serious Linux distributions with official life cycles, the "official" packages provided follow the life cycle of the distribution. This is a very common gripe with security scanners that flag "old" versions of Apache and the like within a supported OS release, they only look at the apparent version of Apache, not what security patches have actually been installed -- because it would, of course, be completely incorrect to increment the actual version of the software for backported fixes.