[Typo3-dev] Extension reviewing process (request for discussion)

[Robert Lemke]

Hi Michael,

Michael Scharkow wrote:

> +1 for the not-so-quick 2-pass review.

good.

> 1. Quick review of formal stuff (part of which can be automated, as seen
> in the ext evaluator Kasper wrote), like API-Doc, User-Doc,
> XHTML-validity (for a fe-plugin you can just insert it on an otherwise
> valid page and use a validator), maybe DBAL-compat (grep for mysql stuff).

Yes, that kind of things fit well into the first phase.

> 2. Extended and official review of security issues, style, you name it.
> 
> Step 2 must be done or approved by a trusted extension reviewer, but
> step 1 can be done by anyone willing to do so (since it's not official
> until the final review, QA should not matter much and I think the
> core-devs should trust the community a little more...)

Yes, that's totally okay. 

> I really think this can be implemented in a issue tracker (bug-tracker),
> although I have not tried mantis yet. We'd only need a few fields
> (documentation, html-validity, etc) with some categories like done/not
> done and a final rating which is computed from those fields. If all
> basic requirements are fulfilled, the extension's status will be lifted
> to "Basics fulfilled" and maybe the review team is notified.

Hmm, I think we better use the TER for that. 

> PS: I think the extension author should be involved, as he/she should be
> able to mark his work "open for review" because I wouldn't want my
> alpha-status extensions be reviewed without my approval ;)

I agree that the extension author should be involved - that is one of my
major objections against a 1-step quick review. If an extension may be
reviewed or not should depend of the extension's state: If it is marked as
stable, the author cannot reject a review.

-- 
robert