Proposal: Simpler review process for trusted developers (for automatic in-app distribution)
- The extension review process is fairly simple, but can create delays because there are few people doing reviews.
- The depth of our reviews is based on trust
- We also trust that, once an extension is approved, an author will not publish a malicious update.
I hereby propose that we maintain a list of "trusted" extension developers who may fast-track the review process:
- Extension authors would still have to open an issue in the review queue: https://lab.civicrm.org/extensions/extension-review-requests/-/issues/
- Reviewers can use the review criteria to explain why they are approving the extension for automatic distribution, but would not be required to do in-depth testing of the extension or review of the code.
To become a trusted reviewer:
- Open an issue in the review queue: https://lab.civicrm.org/extensions/extension-review-requests/-/issues/
- Explain why you would like to be a trusted developer.
- Approval by EXT-WG leads (who may ask for more information if necessary).
Criteria for trusted developers:
- At least 1 year experience writing CiviCRM extensions or core PRs (provide a link/details)
- and published at least 1 other extensions that has some traction (an extension with over 100 users, according to stats)
- and provides community support for existing extensions (relatively responsive on issue trackers).