[OOTB-hive] Inclusion Criteria overview remarks

Tahir Malik tahir.malik at contezza.nl
Thu Feb 5 11:48:19 GMT 2015


I got the mailing working, didn't know what happend but didn't receive 
any ootb-hive mails since a couple of months.

So getting back to  this list: 
https://github.com/OrderOfTheBee/addons/wiki/Inclusion-criteria-overview

I guess there are contradictions stated.......

Like Technical 1 is must "available in package form that either supports 
installing from command line, via build tools or as drop-in, or 
uploading into Alfresco data dictionary at runtime"
Technical 10 is should "source provided with build tooling"
Technical 11 is must "build tooling produces result identical to 
pre-built artifacts for unchanged source"

So in this case if just have an amp file or jar file according to 11 it 
must be build-able by a tool and can't be delivered by as just an amp/jar.

Technical 22 is vage "use runAs() instead of unsecured private service 
beans to execute code with elevated privileges or as substitute for 
other users"
Technical 23 should be a should not instead of must not "require 
existence of super user called "admin" (e.g. runAs(work, "admin"))"
If this is so, then this means you can only do work as yourself instead 
of someone else. Sure this 'might' be a security issue but stating it 
must not is a bit too much.
I use repository webscript as runas System or admin and do stuff a 
normal user can't. Thats inevitable sometimes, like you want to 
move/change something in RM which only admin can do but you as a user 
want for example a report.

Technical 30 is vage muust not "require bytecode instrumentation except 
for experimental features"

I find that the Technical specs go too much in detail. This means we 
need to have the source code in all cases and need to check it 
thoroughly. I wasn't aware that this was our goal.
I guess we should simplify the criteria so we can do a faster check on 
Addons and aren't too strict about stuff.
We are not the people who will voluntarily give a detailed 
development/test report for people who develop Addons. I wish I had a 
group like that who voluntarily checked all my code and give me a report :P.

It's good to have these criteria prior to inclusion, like send/notice 
these criteria to the Addon developers that this is the best practice to 
have you Addon developed.

Best regards,

Contezza
*Tahir Shazad Malik*
*email* 	tahir.malik at contezza.nl <mailto:tahir.malik at contezza.nl>
*mobile* 	+31 (0)6 14 77 50 82
*office* 	+31 (0)848 68 89 02
*website* 	www.contezza.nl <http://www.contezza.nl>

linkedIn <http://nl.linkedin.com/in/tsmalik/> 	Twitter 
<http://twitter.com/tahirshazad/>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.xtreamlab.net/pipermail/ootb-hive/attachments/20150205/5c826b13/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: email_logo_contezza.gif
Type: image/gif
Size: 4470 bytes
Desc: not available
URL: <http://www.xtreamlab.net/pipermail/ootb-hive/attachments/20150205/5c826b13/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: email_social_linkedin.gif
Type: image/gif
Size: 523 bytes
Desc: not available
URL: <http://www.xtreamlab.net/pipermail/ootb-hive/attachments/20150205/5c826b13/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: email_social_twitter.gif
Type: image/gif
Size: 493 bytes
Desc: not available
URL: <http://www.xtreamlab.net/pipermail/ootb-hive/attachments/20150205/5c826b13/attachment-0002.gif>


More information about the OOTB-hive mailing list