On 05/16/2015 08:33 AM, Narcis Garcia wrote:> El 16/05/15 a les 07:51, Florian Pelz ha escrit: >> On 05/15/2015 09:07 AM, Narcis Garcia wrote: >>> How does Mozilla solve the third-party development of extensions to >>> manage the addition and updates in addons.mozilla.org ? >>> >>> Is it really necessary to be a single website (the official) with the >>> only extensions repository? Similar to app.packages, how about the PPA >>> model apart of main/supported repositories? >>> >> […]
> I was suggesting both cases to give ideas around the problem of checking > all extensions and updates in extensions.gnome.org Mozilla apparently has an add-on approval process where they check the source code [1]. The way I understand it, they also have two categories of add-ons; one reviewed and tested more cautiously and another category where they just glance over the source code, but the browser will display a warning when installing. I don't see how PPAs solve the extension review problem. From a security standpoint, users should not be encouraged to install third-party software that has not been reviewed. Extensions seem to be an easy way to spread malware if unreviewed. Besides, having a central extension repository helps making extensions known. [1] https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews
signature.asc
Description: OpenPGP digital signature
_______________________________________________ gnome-shell-list mailing list gnome-shell-list@gnome.org https://mail.gnome.org/mailman/listinfo/gnome-shell-list