You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Today, we have only the rating to see how carefully an add-on can affect the Host system (not the ecosystem itself).
However, we have no way to show bad actors or show users which add-on comes from a trusted source which is not part of the rating.
Decision
We create a new badge on the add-on front view and show a mdi:certificate in the corner and color based on the verified state. We have new API attributes for add-ons verified they can hold 4 states: owner, none, malware, full. Full is for the internal preinstalled repository only.
We create a new file on our fetch URL: store_verification.json:
Context
Today, we have only the rating to see how carefully an add-on can affect the Host system (not the ecosystem itself).
However, we have no way to show bad actors or show users which add-on comes from a trusted source which is not part of the rating.
Decision
We create a new badge on the add-on front view and show a
mdi:certificate
in the corner and color based on theverified
state. We have new API attributes for add-onsverified
they can hold 4 states:owner
,none
,malware
,full
. Full is for the internal preinstalled repository only.We create a new file on our fetch URL:
store_verification.json
:The repository field work as a matcher and doesn't need the full URL to the repository.
We only add stores to the verified owner list, if they are:
Malware stores get listed if there exists a risk that people destroy their installation or data get leaked.
This list is part of the codebase and can be updated over CF.
The text was updated successfully, but these errors were encountered: