From 5f1126b87595a6e91d11d7f47f1ab717aa1ad1f8 Mon Sep 17 00:00:00 2001 From: Jos Poortvliet Date: Sat, 28 Mar 2015 20:08:51 +0100 Subject: [PATCH 1/6] add app store publishing process for 8.1 --- developer_manual/general/index.rst | 1 + developer_manual/general/publishing.rst | 129 ++++++++++++++++++++++++ 2 files changed, 130 insertions(+) create mode 100644 developer_manual/general/publishing.rst diff --git a/developer_manual/general/index.rst b/developer_manual/general/index.rst index a3573c518..ed6dad31e 100644 --- a/developer_manual/general/index.rst +++ b/developer_manual/general/index.rst @@ -12,3 +12,4 @@ General Contributor Guidelines performance debugging backporting + publishing diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst new file mode 100644 index 000000000..66ba36196 --- /dev/null +++ b/developer_manual/general/publishing.rst @@ -0,0 +1,129 @@ +==================== +App store publishing +==================== + +.. sectionauthor:: Jos Poortvliet + +The ownCloud App Store +====================== +The ownCloud app store is build into ownCloud to allow you to get your apps to users as easily and safely as possible. The app store and the process of publishing apps aims to be: + +* secure +* transparent +* welcoming +* fair +* easy to maintain + +Apps in the store are divided in three 'levels' of trust: + +* Official +* Approved +* Experimental + +With each level come requirements and a position in the store. + +Official +-------- +Official apps are developed by and within the ownCloud community and its github repository and offer functionality central to ownCloud. They are ready for serious use. + +Requirements: + +* developed in ownCloud github repo +* minimum of 2 active maintainers and contributions from others +* security audited and design reviewed +* app is at least 6 months old and has seen regular releases +* app is signed, identity verified +* follows app guidelines + +App store: + +* available in Apps page in separate category +* sorted first in all overviews, 'Official' tag +* shown as featured, on owncloud.org etc +* major releases optionally featured on owncloud.org and send to owncloud-announce list +* new versions/updates approved by at least one other person + +note: +Official apps include those part of the release tarball. We'd like to keep the tarball minimal so most official apps are not part of the standard installation. + +Approved +-------- +Approved apps are developed by trusted developers and have passed a cursory security check. They are actively maintained in an open code repository and their maintainers deem them to be stable for casual to normal use. + +Requirements: + +* code is developed in an open and version-managed code repository, ideally github with git but other scm/hosting is OK. +* minimum of one active developer/maintainer +* minimum 5 ratings, average score 60/100 or better +* app is at least 3 months old +* developer trust: + * developer is known in community; + * app is subject to unannounced security audits + * in practice this means that at least some of the code of this developer has been audited; either through another app by the same developer or with an earlier version of the app. And that the attitude of the developer towards these audits has been positive. +* follows app guidelines +* app is signed, at least domain verified + +App store: + +* visible in app store by default +* sorted above experimental apps +* search results sorted by ratings +* developer can directly push new versions to the store +* warning shows for security/stability risks + +Experimental +------------ +Apps which have not been checked at all for security and are new or known to be unstable and under heavy development but are considered usable for casual use or experimentation. + +Requirements: + +* no malicious intent found from this developer at any time +* 0 confirmed security problems +* less than 3 unconfirmed 'security flags' +* rating over 20/100 +* app is signed but no verification has to be done + +App store: + +* show up in Apps page provided user has enabled "allow installation of experimental apps" in the settings. +* Warning about security and stability risks show for app +* sorted below all others. + +Getting an app approved +======================= +If you want your app to be approved, make sure you fulfill all the requirements and send an email to XXXX. A team of core ownCloud developers will review your application. + +Losing a rating +--------------- +Apps can lose their rating when: + +* they are found to no longer satisfy the requirements +* when security/malicious intent issues are found +* when developer requests so + +App guidelines +============== +These are the app guidelines an app has to comply with to have a chance to be approved. + +Legal and security +* Apps can not use 'ownCloud' in their name +* Irregular and unannounced security audits of all apps can and will take place. If ever any indication of malicious intent is found, the developer(s) can count on a minimum 2 year ban from any ownCloud app infrastructure. Malicious intent includes deliberate spying on users by leaking user data to a third party system, ... (lukas, help out, man! what is evil?) +* Apps do not violate any laws; it has to comply with copyright- and trademark law. +* App authors have to respond timely to security concerns and not make ownCloud more vulnerable to attack. + +Be technically sound +* Apps can only use the public ownCloud API +* At time of the release of an app it can only be configured to be compatible with the latest ownCloud release +1 +* Apps should not cause ownCloud to break, consume excessive memory or slow ownCloud down +* Apps should not hamper functionality of ownCloud unless that is explicitly the goal of the app + +Respect the users + +* Apps have to follow design and HTML/CSS layout guidelines - https://doc.owncloud.org/server/8.0/developer_manual/app/css.html +* Apps correctly clean up after themselves on uninstall and correctly handle up- and downgrades +* Apps clearly communicate their intended purpose and active features, including features introduced through updates. +* Apps respect the users' choices and do not make unexpected changes, or limit users' ability to revert them. For example, they do not remove other apps or disable settings. +* Apps must respect user privacy. IF user data is send anywhere, this must be clearly explained and be kept to a minimum for the functioning of an app. Use proper security measures when needed. +* App authors must provide means to contact them, be it through a bug tracker, forum or mail. + +Apps which break the guidelines will lose their 'approved' or 'official' state; and might be blocked from the app store altogether. This also has repercussions for the author, especially in case of security concerns, he/she might find themselves blocked from submitting applications. From cebbcf0833b4d0b0a03e13ccbfeda37e5eac13d8 Mon Sep 17 00:00:00 2001 From: Jos Poortvliet Date: Sat, 28 Mar 2015 20:14:10 +0100 Subject: [PATCH 2/6] style fixes --- developer_manual/general/publishing.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst index 66ba36196..9e3e4c6e3 100644 --- a/developer_manual/general/publishing.rst +++ b/developer_manual/general/publishing.rst @@ -106,12 +106,14 @@ App guidelines These are the app guidelines an app has to comply with to have a chance to be approved. Legal and security + * Apps can not use 'ownCloud' in their name * Irregular and unannounced security audits of all apps can and will take place. If ever any indication of malicious intent is found, the developer(s) can count on a minimum 2 year ban from any ownCloud app infrastructure. Malicious intent includes deliberate spying on users by leaking user data to a third party system, ... (lukas, help out, man! what is evil?) * Apps do not violate any laws; it has to comply with copyright- and trademark law. * App authors have to respond timely to security concerns and not make ownCloud more vulnerable to attack. Be technically sound + * Apps can only use the public ownCloud API * At time of the release of an app it can only be configured to be compatible with the latest ownCloud release +1 * Apps should not cause ownCloud to break, consume excessive memory or slow ownCloud down @@ -119,7 +121,7 @@ Be technically sound Respect the users -* Apps have to follow design and HTML/CSS layout guidelines - https://doc.owncloud.org/server/8.0/developer_manual/app/css.html +* Apps have to follow design and `HTML/CSS layout guidelines `_ * Apps correctly clean up after themselves on uninstall and correctly handle up- and downgrades * Apps clearly communicate their intended purpose and active features, including features introduced through updates. * Apps respect the users' choices and do not make unexpected changes, or limit users' ability to revert them. For example, they do not remove other apps or disable settings. From e9f136fa78f6c4a275315283436dea16315a7480 Mon Sep 17 00:00:00 2001 From: Jos Poortvliet Date: Sat, 28 Mar 2015 20:16:02 +0100 Subject: [PATCH 3/6] one more fix --- developer_manual/general/publishing.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst index 9e3e4c6e3..bc432ee72 100644 --- a/developer_manual/general/publishing.rst +++ b/developer_manual/general/publishing.rst @@ -121,7 +121,7 @@ Be technically sound Respect the users -* Apps have to follow design and `HTML/CSS layout guidelines `_ +* Apps have to follow design and `HTML/CSS layout guidelines <../app/css.html>`_ * Apps correctly clean up after themselves on uninstall and correctly handle up- and downgrades * Apps clearly communicate their intended purpose and active features, including features introduced through updates. * Apps respect the users' choices and do not make unexpected changes, or limit users' ability to revert them. For example, they do not remove other apps or disable settings. From 7614a226cdaa55764cf270bee5e19f1810c88041 Mon Sep 17 00:00:00 2001 From: Jos Poortvliet Date: Thu, 2 Apr 2015 14:23:08 +0200 Subject: [PATCH 4/6] implement feedback from Lukas, clean up style, add links --- developer_manual/general/publishing.rst | 31 ++++++++++++++++++------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst index bc432ee72..efb9e0bf1 100644 --- a/developer_manual/general/publishing.rst +++ b/developer_manual/general/publishing.rst @@ -24,9 +24,10 @@ With each level come requirements and a position in the store. Official -------- -Official apps are developed by and within the ownCloud community and its github repository and offer functionality central to ownCloud. They are ready for serious use. +Official apps are developed by and within the ownCloud community and its `Github `_ repository and offer functionality central to ownCloud. They are ready for serious use. Requirements: +^^^^^^^^^^^^^ * developed in ownCloud github repo * minimum of 2 active maintainers and contributions from others @@ -36,6 +37,7 @@ Requirements: * follows app guidelines App store: +^^^^^^^^^^ * available in Apps page in separate category * sorted first in all overviews, 'Official' tag @@ -51,20 +53,22 @@ Approved Approved apps are developed by trusted developers and have passed a cursory security check. They are actively maintained in an open code repository and their maintainers deem them to be stable for casual to normal use. Requirements: +^^^^^^^^^^^^^ * code is developed in an open and version-managed code repository, ideally github with git but other scm/hosting is OK. * minimum of one active developer/maintainer * minimum 5 ratings, average score 60/100 or better * app is at least 3 months old -* developer trust: - * developer is known in community; - * app is subject to unannounced security audits - * in practice this means that at least some of the code of this developer has been audited; either through another app by the same developer or with an earlier version of the app. And that the attitude of the developer towards these audits has been positive. * follows app guidelines * app is signed, at least domain verified +* the developer is trusted +* app is subject to unannounced security audits + +.. note:: **Developer trust**: The developer(s) is/are known in community; he/she has/have been active for a while, have met others at events and/or worked with others in various areas. +.. note:: **security audits**: in practice this means that at least some of the code of this developer has been audited; either through another app by the same developer or with an earlier version of the app. And that the attitude of the developer towards these audits has been positive. App store: - +^^^^^^^^^^ * visible in app store by default * sorted above experimental apps * search results sorted by ratings @@ -73,9 +77,10 @@ App store: Experimental ------------ -Apps which have not been checked at all for security and are new or known to be unstable and under heavy development but are considered usable for casual use or experimentation. +Apps which have not been checked at all for security and/or are new, known to be unstable or under heavy development. Requirements: +^^^^^^^^^^^^^ * no malicious intent found from this developer at any time * 0 confirmed security problems @@ -84,6 +89,7 @@ Requirements: * app is signed but no verification has to be done App store: +^^^^^^^^^^ * show up in Apps page provided user has enabled "allow installation of experimental apps" in the settings. * Warning about security and stability risks show for app @@ -91,7 +97,7 @@ App store: Getting an app approved ======================= -If you want your app to be approved, make sure you fulfill all the requirements and send an email to XXXX. A team of core ownCloud developers will review your application. +If you want your app to be approved, make sure you fulfill all the requirements and send an email to the ownCloud `development mailing list `_. A team of core ownCloud developers will review your application. Losing a rating --------------- @@ -106,13 +112,19 @@ App guidelines These are the app guidelines an app has to comply with to have a chance to be approved. Legal and security +^^^^^^^^^^^^^^^^^^ * Apps can not use 'ownCloud' in their name -* Irregular and unannounced security audits of all apps can and will take place. If ever any indication of malicious intent is found, the developer(s) can count on a minimum 2 year ban from any ownCloud app infrastructure. Malicious intent includes deliberate spying on users by leaking user data to a third party system, ... (lukas, help out, man! what is evil?) +* Irregular and unannounced security audits of all apps can and will take place. +* If any indication of malicious intend or bad fait is found the developer(s) in question can count on a minimum 2 year ban from any ownCloud infrastructure. + * Malicious intent includes deliberate spying on users by leaking user data to a third party system or adding a back door (like a hard-coded user account) to ownCloud. An unintentional security bug that gets fixed in time won't be considered bad faith. * Apps do not violate any laws; it has to comply with copyright- and trademark law. * App authors have to respond timely to security concerns and not make ownCloud more vulnerable to attack. +.. note:: distributing malicious or illegal applications can have legal consequences including, but not limited to ownCloud or affected users taking legal action. + Be technically sound +^^^^^^^^^^^^^^^^^^^^ * Apps can only use the public ownCloud API * At time of the release of an app it can only be configured to be compatible with the latest ownCloud release +1 @@ -120,6 +132,7 @@ Be technically sound * Apps should not hamper functionality of ownCloud unless that is explicitly the goal of the app Respect the users +^^^^^^^^^^^^^^^^^ * Apps have to follow design and `HTML/CSS layout guidelines <../app/css.html>`_ * Apps correctly clean up after themselves on uninstall and correctly handle up- and downgrades From da55594b733899949edd523c17021de247e80402 Mon Sep 17 00:00:00 2001 From: Jos Poortvliet Date: Wed, 22 Apr 2015 20:46:03 +0200 Subject: [PATCH 5/6] signing won't be in 8.1 so commented out for now --- developer_manual/general/publishing.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst index efb9e0bf1..fc245d164 100644 --- a/developer_manual/general/publishing.rst +++ b/developer_manual/general/publishing.rst @@ -33,8 +33,8 @@ Requirements: * minimum of 2 active maintainers and contributions from others * security audited and design reviewed * app is at least 6 months old and has seen regular releases -* app is signed, identity verified * follows app guidelines +.. * app is signed, identity verified App store: ^^^^^^^^^^ @@ -60,9 +60,9 @@ Requirements: * minimum 5 ratings, average score 60/100 or better * app is at least 3 months old * follows app guidelines -* app is signed, at least domain verified * the developer is trusted * app is subject to unannounced security audits +.. * app is signed, at least domain verified .. note:: **Developer trust**: The developer(s) is/are known in community; he/she has/have been active for a while, have met others at events and/or worked with others in various areas. .. note:: **security audits**: in practice this means that at least some of the code of this developer has been audited; either through another app by the same developer or with an earlier version of the app. And that the attitude of the developer towards these audits has been positive. @@ -86,7 +86,7 @@ Requirements: * 0 confirmed security problems * less than 3 unconfirmed 'security flags' * rating over 20/100 -* app is signed but no verification has to be done +.. * app is signed but no verification has to be done App store: ^^^^^^^^^^ From 6f617e60c047000311696db278b03f921062e51d Mon Sep 17 00:00:00 2001 From: jospoortvliet Date: Fri, 8 May 2015 08:59:00 +0200 Subject: [PATCH 6/6] implement changes from feedback Carla --- developer_manual/general/publishing.rst | 26 ++++++++++++------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/developer_manual/general/publishing.rst b/developer_manual/general/publishing.rst index fc245d164..a2d56c544 100644 --- a/developer_manual/general/publishing.rst +++ b/developer_manual/general/publishing.rst @@ -5,7 +5,7 @@ App store publishing .. sectionauthor:: Jos Poortvliet The ownCloud App Store -====================== +---------------------- The ownCloud app store is build into ownCloud to allow you to get your apps to users as easily and safely as possible. The app store and the process of publishing apps aims to be: * secure @@ -23,21 +23,20 @@ Apps in the store are divided in three 'levels' of trust: With each level come requirements and a position in the store. Official --------- +^^^^^^^^ Official apps are developed by and within the ownCloud community and its `Github `_ repository and offer functionality central to ownCloud. They are ready for serious use. Requirements: -^^^^^^^^^^^^^ * developed in ownCloud github repo * minimum of 2 active maintainers and contributions from others * security audited and design reviewed * app is at least 6 months old and has seen regular releases * follows app guidelines + .. * app is signed, identity verified App store: -^^^^^^^^^^ * available in Apps page in separate category * sorted first in all overviews, 'Official' tag @@ -49,11 +48,10 @@ note: Official apps include those part of the release tarball. We'd like to keep the tarball minimal so most official apps are not part of the standard installation. Approved --------- +^^^^^^^^ Approved apps are developed by trusted developers and have passed a cursory security check. They are actively maintained in an open code repository and their maintainers deem them to be stable for casual to normal use. Requirements: -^^^^^^^^^^^^^ * code is developed in an open and version-managed code repository, ideally github with git but other scm/hosting is OK. * minimum of one active developer/maintainer @@ -62,13 +60,14 @@ Requirements: * follows app guidelines * the developer is trusted * app is subject to unannounced security audits + .. * app is signed, at least domain verified .. note:: **Developer trust**: The developer(s) is/are known in community; he/she has/have been active for a while, have met others at events and/or worked with others in various areas. .. note:: **security audits**: in practice this means that at least some of the code of this developer has been audited; either through another app by the same developer or with an earlier version of the app. And that the attitude of the developer towards these audits has been positive. App store: -^^^^^^^^^^ + * visible in app store by default * sorted above experimental apps * search results sorted by ratings @@ -76,31 +75,30 @@ App store: * warning shows for security/stability risks Experimental ------------- +^^^^^^^^^^^^ Apps which have not been checked at all for security and/or are new, known to be unstable or under heavy development. Requirements: -^^^^^^^^^^^^^ * no malicious intent found from this developer at any time * 0 confirmed security problems * less than 3 unconfirmed 'security flags' * rating over 20/100 + .. * app is signed but no verification has to be done App store: -^^^^^^^^^^ * show up in Apps page provided user has enabled "allow installation of experimental apps" in the settings. * Warning about security and stability risks show for app * sorted below all others. Getting an app approved -======================= +----------------------- If you want your app to be approved, make sure you fulfill all the requirements and send an email to the ownCloud `development mailing list `_. A team of core ownCloud developers will review your application. Losing a rating ---------------- +^^^^^^^^^^^^^^^ Apps can lose their rating when: * they are found to no longer satisfy the requirements @@ -108,7 +106,7 @@ Apps can lose their rating when: * when developer requests so App guidelines -============== +-------------- These are the app guidelines an app has to comply with to have a chance to be approved. Legal and security @@ -117,7 +115,7 @@ Legal and security * Apps can not use 'ownCloud' in their name * Irregular and unannounced security audits of all apps can and will take place. * If any indication of malicious intend or bad fait is found the developer(s) in question can count on a minimum 2 year ban from any ownCloud infrastructure. - * Malicious intent includes deliberate spying on users by leaking user data to a third party system or adding a back door (like a hard-coded user account) to ownCloud. An unintentional security bug that gets fixed in time won't be considered bad faith. + * Malicious intent includes deliberate spying on users by leaking user data to a third party system or adding a back door (like a hard-coded user account) to ownCloud. An unintentional security bug that gets fixed in time won't be considered bad faith. * Apps do not violate any laws; it has to comply with copyright- and trademark law. * App authors have to respond timely to security concerns and not make ownCloud more vulnerable to attack.