bellini13 Posted April 29, 2015 Share Posted April 29, 2015 I can't help but notice the number of errors that this 'official' module receives from the validator, yet the module is not rejected and is allowed on the addons site. This double standard needs to be addressed. I have complained about this many times in the past and I do not understand why community modules are rejected yet Prestashop and partner modules get exceptions? paypal_validation_20150429.pdf 1 Link to comment Share on other sites More sharing options...
Xavier du Tertre Posted April 29, 2015 Share Posted April 29, 2015 The Validator works on an indicative basis. Some of the warnings that the Validator issues for a module can be ignored if a thorough verification is conducted manually to make sure that whatever triggered the warning is not important. Partners modules are thoroughly reviewed by PrestaShop, but contributors' modules that don't pass the Validator cannot be manually checked, there are hundreds and hundreds of them submitted every week (when you include updates). They need to pass the Validator. Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. But anything new should. Starting with native modules submissions or big updates, don't worry. Thanks for the feedback Link to comment Share on other sites More sharing options...
bellini13 Posted April 29, 2015 Author Share Posted April 29, 2015 Hi Xavier, I appreciate your quick response on this forum topic, but we are still split on this subject. Partners modules are thoroughly reviewed by PrestaShop, but contributors' modules that don't pass the Validator cannot be manually checked, there are hundreds and hundreds of them submitted every week (when you include updates). They need to pass the Validator. Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. But anything new should. But that is the double standard. There is expectation and precedence set where existing community modules are being rejected. Why are they expected to pass where others are not? I personally have to spend hours to update my existing modules every time the validator is "enhanced" to include more tests. Prestashop and Partner developers should as well A security issue is a security issue, either they are severe or they are not severe, it should not matter what the module is, or how long they exist, or who creates them. If some modules are allowed exceptions, it completely undermines the value of having the validation in the first place. Either those "failures" that are being bypassed (ie. Readme,md file) should be removed completely, or enforced 100% across the board. 1 Link to comment Share on other sites More sharing options...
Xavier du Tertre Posted April 29, 2015 Share Posted April 29, 2015 When the Validator displays a security issue warning, it doesn't mean "There's a security issue", it means "There may be a security issue". If native modules show this warning and are still validated, it means we checked, double-checked and triple-checked and there wasn't any security issue. 1 Link to comment Share on other sites More sharing options...
Dh42 Posted April 29, 2015 Share Posted April 29, 2015 @bellini This is the official answer I got when I tried to validate a module that re-used a couple of PrestaShop admins views, http://screencast.com/t/3cNI2U3T43pX Then when I tried to update the module for .14, it was declined because of this. I had to basically fix the views and cast the variables. Link to comment Share on other sites More sharing options...
olea Posted April 29, 2015 Share Posted April 29, 2015 Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. Hi Xavier, This is the same thing for us, as contributor, with our module that exists since many years (I have modules older than partner's ones). We can't change the code in one time. Fabien is aware of this, but sometimes the validator people are not :/ And I agree that all new code/module must follow the standards. When the Validator displays a security issue warning, it doesn't mean "There's a security issue", it means "There may be a security issue". If native modules show this warning and are still validated, it means we checked, double-checked and triple-checked and there wasn't any security issue. Triple-checked -> Are you sure ? 3 Link to comment Share on other sites More sharing options...
bellini13 Posted April 30, 2015 Author Share Posted April 30, 2015 (edited) When the Validator displays a security issue warning, it doesn't mean "There's a security issue", it means "There may be a security issue". If native modules show this warning and are still validated, it means we checked, double-checked and triple-checked and there wasn't any security issue. So the punchline is that a double standard exists, and that only community modules need to strictly adhere to the validator, while partner and native modules do not. This completely undermines what the validator should be doing. The validator should then be updated to remove those unnecessary checks. again, either there is an issue or there is not an issue. it doesn't take double and triple checking, just remove the pointless validator rule then. Edited April 30, 2015 by bellini13 (see edit history) Link to comment Share on other sites More sharing options...
Dh42 Posted April 30, 2015 Share Posted April 30, 2015 @bellini, Run some modules like yotpo or youstice through the validator. Link to comment Share on other sites More sharing options...
bellini13 Posted April 30, 2015 Author Share Posted April 30, 2015 @bellini, Run some modules like yotpo or youstice through the validator. something tells me any native or partner module that I run through the validator is going to fail Link to comment Share on other sites More sharing options...
El Patron Posted May 1, 2015 Share Posted May 1, 2015 I think it's important to note that as PrestaShop team continues to improve module/theme validaton process that modules which may have been approved before may not pass when re-validated because of version change. This seems natural process for me. Happy day, Fred Link to comment Share on other sites More sharing options...
bellini13 Posted May 2, 2015 Author Share Posted May 2, 2015 I think it's important to note that as PrestaShop team continues to improve module/theme validaton process that modules which may have been approved before may not pass when re-validated because of version change. This seems natural process for me. Happy day, Fred That would be fine if the rule applied to everyone. The point of this post is that this rule does not apply to everyone. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now