Daniel Wolf Posted December 13, 2020 Posted December 13, 2020 Hi there, I recently upgraded my test-install to version 4.5.4 and started installing my previously purchased apps and plugins. If I understood correctly, starting with version 4.5 there are no manual downloads from the marketplace from this site, I have to use the marketplace-integration in the acp of my forum. But how can I review the code that is now running on my server? I have to know what it does to the server and to the data of the users. Somebody has to be responsible in the end and IPS states clearly that they are not responsible for any damages. A quote from the acp: "IPS IS NOT RESPONSIBLE FOR AND YOU AGREE TO HOLD IPS HARMLESS FOR ANY POSSIBLE ISSUES CAUSED BY FILES DOWNLOADED FROM IPS MARKETPLACE. ? Well - that is okay. But someone has to be responsible. In the end, it's me. How can I bring myself into a position where I can say "yes, I have seen all the files from that extension and I will take the responsibility" ? I have found new sub-folders in "/applications/" and "/plugins/". Is it guaranteed that all the files from apps and plugins are there and nowhere else? What are your guidelines/recommendations for code-reviews of plugins and apps? Best regards, Dany Steph40 and CoffeeCake 1 1
Fast Lane! Posted December 13, 2020 Posted December 13, 2020 1 hour ago, Daniel Wolf said: Hi there, I recently upgraded my test-install to version 4.5.4 and started installing my previously purchased apps and plugins. If I understood correctly, starting with version 4.5 there are no manual downloads from the marketplace from this site, I have to use the marketplace-integration in the acp of my forum. But how can I review the code that is now running on my server? I have to know what it does to the server and to the data of the users. Somebody has to be responsible in the end and IPS states clearly that they are not responsible for any damages. A quote from the acp: "IPS IS NOT RESPONSIBLE FOR AND YOU AGREE TO HOLD IPS HARMLESS FOR ANY POSSIBLE ISSUES CAUSED BY FILES DOWNLOADED FROM IPS MARKETPLACE. ? Well - that is okay. But someone has to be responsible. In the end, it's me. How can I bring myself into a position where I can say "yes, I have seen all the files from that extension and I will take the responsibility" ? I have found new sub-folders in "/applications/" and "/plugins/". Is it guaranteed that all the files from apps and plugins are there and nowhere else? What are your guidelines/recommendations for code-reviews of plugins and apps? Best regards, Dany This is a very fair point. Very fair. Steph40 1
CoffeeCake Posted December 13, 2020 Posted December 13, 2020 A very fair point indeed, and one which we discussed a while back. The short answer is if this is important to you, to not purchase things via the marketplace and instead work with developers that can provide the files to you directly for inspection. You can retrieve files after install looking at the directories you mentioned, yet doing so requires installing them. This requires an internet accessible test install.
bfarber Posted December 14, 2020 Posted December 14, 2020 In short, yes you can look at the folders create under /applications and /plugins to review the code.
Daniel Wolf Posted December 14, 2020 Author Posted December 14, 2020 Okay. Thank you all for the answers.
Recommended Posts