Add ability to create json files from issues #8
Conversation
|
Aren't most of these checks already done on the PR validation? To resolve the security issue, can you added the extra check to the PR validation. The extra check is:
Separately, the issue form/template would be convenient for submitters, and should be able to share validation code with the PR validation. |
|
Most checks are already done. We can remove the check for publisher if none should change a sent file, even owners, throwing an error if status of file changed is "modified": https://api.github.com/repos/nvaccess/addon-datastore/pulls/35/files I'l try to do it in the yaml file. Also, I think that something should be done to prevent people to send add-ons compatible with API version not published yet. Even if they don't appear in the NV Access server. |
feerrenrut
force-pushed
the
addonFromIssue
branch
from
2b13928
to
21f513b
Compare
|
Github seems to have closed this when I tried to update the branch. I'm going to open a new PR and progress this. |
The planned procedure to submit add-ons to the addon-datastore repo has security issues, as shown in:
nvaccess/addon-datastore#35
This intends to provide a way to add and validate add-on metadata by creating issues in addon-datastore, which maybe automerged if checks pass.