ubuntu-appstore-developers team mailing list archive

Thread
Date

Re: Summary: Planning going live

To: Rick Spencer <rick.spencer@xxxxxxxxxxxxx>
From: Martin Albisetti <martin.albisetti@xxxxxxxxxxxxx>
Date: Tue, 20 Aug 2013 19:11:12 -0300
Cc: Dave Morley <davmor@xxxxxxxxxxxxx>, Ubuntu Appstore Developers <ubuntu-appstore-developers@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAMghm0r4zacwd1gb6pBwoHyvJfo-YSsPsacvSMY+39tfEOr=JQ@mail.gmail.com>

On Fri, Aug 16, 2013 at 9:30 AM, Rick Spencer
<rick.spencer@xxxxxxxxxxxxx> wrote:
> Oops, I accidentally did a reply just to Dave instead of to all. So ...
>
> anyway, I think that we need an automated system that punishes
> spammers or what not who upload via bots or however, instead of
> punishing reviewers and bona fide developers by over-complicating the
> system. Our reviews should be sufficiently automated that a spammer
> gets filtered out. Our reviews should be sufficiently consistent that
> notes from a previous rejection should not be necessary, either it is
> suitable to pass or it's not, the history of the discussion for
> getting it there should not be relevant.
>
> We really really really need to make this as highly consistent and
> efficient system for reviewers, for developers, and users. Any manual
> interventions at this stage should be considered 100% temporary until
> we figure out a way to automate them out.
>
> From the developers point of view, I think every app submission should
> be accepted or rejected. If it was rejected, they can resubmit with
> whatever fix (to the description or to the permissions for the most
> part, since that is primarily what will be reviewed). The next
> reviewer doesn't need to do anything but review the current
> submission. The history of submissions should be irrelevant.

Absolutely.

So, I think we'll have a few layers to peel until it's automated, and
this is how I see it:

Phase 1 (today!):
Manual reviews using a script that checks most things, manually
checking others. This will be the biggest learning process for us and
is mostly all hands on deck.

Phase 2:
The script runs automatically and auto-rejects most common cases
without manual intervention. Only a small amount of manual
intervention involved in approving apps.

Phase 3:
A certain category of apps get auto-approved (for example, apps that
don't ask for extra permissions), some remain with minimal manual
inspection.

Phase 4:
The majority (90%+) of the apps submission don't involve a human (this
involves us having some level of anti-malware/virus, inspection for
certain common abuses, etc)

Phase 5:
Human intervention is very much exceptional, and mostly looking into
reports of abusive apps that have already been submitted.

I want us to tread carefully so as to not create a reputation that the
Ubuntu ecosystem is a haven for malware, and learn iteratively.

-- 
Martin

References

Summary: Planning going live
From: Daniel Holbach, 2013-08-13
Re: Summary: Planning going live
From: Michael Hall, 2013-08-15
Re: Summary: Planning going live
From: Dave Morley, 2013-08-15
Re: Summary: Planning going live
From: Rick Spencer, 2013-08-15
Re: Summary: Planning going live
From: Dave Morley, 2013-08-16
Re: Summary: Planning going live
From: Dave Morley, 2013-08-16
Re: Summary: Planning going live
From: Rick Spencer, 2013-08-16