addon-datastore
addon-datastore copied to clipboard
nvaccess
### Issue number Fixes issue #3246 ### Summary of the issue VirusTotal may catch malware bundled with add-ons. Also, knowing the sha256 of scanned add-ons, the URL to see results...
PR #35 demonstrates a potential issue with automatic approval of PRs. Data in a prior submission can be changed, pass verification, and potentially auto-merged. In this case the author and...
If someone submits an add-on which fails codeQl analysis, and NV Access merges it manually, the review URL won't be shown in the store.
The scanning implemented in #2660 generally covers cases where an add-on author may not be aware of security risks of an add-on. In general, CodeQL scanning is more designed around...
I submitted an add-on called versionCollector. Then, after `sendJSON` completed, I submitted the same one again, in issue #3262. The same problem can be seen with @nvdaes submission #3258. ###...
### Actual: If the submission validation scripts encounter a failing URL, the error left as a comment on the issue does not specify the URL. The submitter may not therefore...
In issue #2138 a developer re-submitted an add-on with the same version number. In the [action run](https://github.com/nvaccess/addon-datastore/actions/runs/7202745974/job/19621490049#step:3:19) the expected message `Modifications to submitted add-ons will not be auto-approved` is shown,...
Currently, the name of the bot used for add-on review discussions is: ``` github-actions[bot] ``` While this name is standard throughout the add-on management process, I do not think it...
If I am not mistaken, the validation process of the add-on store requires that the submitted add-on have a manifest with "version" field being strings formatted as "X.Y" or "X.Y.Z"...
Regardless of the documentation for a multilingual store, add-ons are translatable and this should be documented ASAP to avoid deletions or regressions, given that they are in fact translated, using...