ubuntu-appstore-developers team mailing list archive

[Dave Morley <davmor@xxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/08/13 17:07, Daniel Holbach wrote:
> Hello everybody,
> 
> we just had a brief call about review requirements for click
> packages. What was discussed was based on the plan to open the
> appstore for alpha use soon and earlier discussions, mostly:
> 
> -
> https://lists.launchpad.net/ubuntu-appstore-developers/msg00096.html
>
> 
(very early on, ideas based on other review processes we had in
> place in the past) -
> https://wiki.ubuntu.com/AppStore/Decisions/ReviewRequirements
> 
> Here's a brief summary of what was discussed:
> 
> - Alpha stage will help learning more about what we might want to 
> check and automate. - There should be a click-lint tool, which
> could be run client- and server-side. - This tool could check the
> security bits (needs input from security team who already started
> work on a lint tool for this). - In terms of namespace checks, this
> tool could check `bzr launchpad-login` and see if it matches. - On
> the server-end we could probably auto-whitelist 
> net.launchpad.user.* namespace entries. - Client installation tools
> (app scope) should have landed (in semi-final form) at end of
> August. - Question: How easy will app updates for the submitter
> be? Currently: fill out same form again. Would be nice if this was 
> easier. - Question: Who can review apps? Just app submitter and
> review team. - Question: Do we have URLs already? Not in production
> yet. - Question: Will we have howto videos? Martin wanted to look 
> into this. - Observation: The more security permissions are going
> to be requested, the more work it's going to be for the review team
> to make sure what the app wants to do. - TODO: Collect list of
> people who want to help out with apps review during the very early
> non-automated stage. Raise hands please! - TODO: Figure out if
> there will be a policy on Canonical-only app reviewers.
> 
> If this sparks any questions, please speak up. If anything is wrong
> in here, do the same! :-)
> 
> Have a great weekend everyone and thanks for all the hard work you
> put into this effort! Daniel
> 

One thing I would like to see tested at least the first time round
would be handling of the apps during a phone update.  The last thing
we want when upgrading the phone images is all the users installed
apps being removed or still being installed but not visible in the
apps lens.  With regards phone updates rather than app updates.

With regard to app updates I'm assuming that unless the dev is
changing text, images etc that then can just click edit on the click
package and upload the new package.

For the initial manual review process to have a detailed example of
what to look for/at would be good, or a video/hangout so we can see a
review in progress.  Monkey see monkey do learning and all that.

One last thing would be a prior art check unless we are leaving that
to the abuse reporting mechanism? I'm assuming it will be easy enough
to check that an app that is published via click won't allow an app
with the same name to be submitted.

- -- 
You make it, I'll break it!

I love my job :)
http://www.ubuntu.com
http://www.canonical.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlH73gQACgkQT5xqyT+h3OhJFQCfRgiDJQuSZIajifC8Xn9yW9jh
64EAoJ6yjJah7BZSSteslq/Ie54NLx/1
=A9U8
-----END PGP SIGNATURE-----