Bug 75273 - Other: Prevent users from installing known broken extensions in LO
Summary: Other: Prevent users from installing known broken extensions in LO
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Extensions (show other bugs)
(earliest affected) Master
Hardware: Other All
: medium enhancement
Assignee: Not Assigned
Keywords: difficultyInteresting, easyHack, skillCpp
Depends on:
Blocks: Extension-Manager
  Show dependency treegraph
Reported: 2014-02-20 18:00 UTC by retired
Modified: 2019-08-28 21:30 UTC (History)
5 users (show)

See Also:
Crash report or crash signature:


Note You need to log in before you can comment on or make changes to this bug.
Description retired 2014-02-20 18:00:58 UTC
Problem description: the extension system is great, but currently it's still pretty chaotic. there's an extension website, but it doesn't show how to contact extension-authors. Nor does it display the current state of the extension (broken/working).

Until that is fixed (and maybe even after having that solved) I propose to come up with a system that does the following:

- - - Workflow proposal for broken extensions - - -
Create and maintain a list of broken extensions / plugins. I'm sure each plugin has a unique ID or something similar. Collect those of the broken extensions.

Then if a user wants to install such a broken extension either simply prevent this from happening by showing an informative message that "This extension is not compatible with the current stable release of LO and known to cause big issues."

Softer approach: Display warning and offer "Cancel" "Continue" "Please only click continue if you are absolutely sure of what you are doing. Installing this extension might cause crashes and other huge pains."

Steps to reproduce:
1. install broken extension (e.g. Duden thingy, which is know to be dead - more (in german): https://www.duden.de/support/haeufige-fragen/duden-Rechtschreibpruefung-9-openoffice-libreoffice )
2. LO crashes and users flood the bug tracker with reports

this is both very frustrating and ineffective for the users as well as LO QA.

Current behavior: All extensions can be installed and cause severe issues and waste a lot of precious time of both users and LO QA.

Expected behavior: Once an extension is know to be broken it should no longer be possible to install it.
Operating System: All
Version: Master
Comment 1 Stephan Bergmann 2014-02-20 18:17:27 UTC
a starting point may be DescriptionInfoset::checkBlacklist (desktop/source/deployment/misc/dp_descriptioninfoset.cxx)

related is the "set black list for extension migration" code in MigrationImpl::runServices (desktop/source/migration/migration.cxx) to not migrate certain extensions from a LO 3 -> 4 user installation
Comment 2 Robinson Tryon (qubit) 2015-12-14 06:21:54 UTC Comment hidden (obsolete)
Comment 3 Robinson Tryon (qubit) 2016-02-18 14:51:50 UTC Comment hidden (obsolete)
Comment 4 Björn Michaelsen 2018-10-12 09:38:30 UTC
This seems to be working around the problem instead of fixing the core problem:

If there is an easy feedback channel for an extension where it was downloaded from (like e.g. in app-stores), broken extensions would collect negative comments and self-regulate themselves out of the market.

So the core issue is that there is no obvious and easy way to colllect feedback on extensions.