User:Bhashem/AddonAuditTools:Details

From MozillaWiki
Jump to: navigation, search

Just some more random thoughts regarding add-on audit tools

  • Should structure the tools so that they are rules driven
  • Some of the rule sets that can be active are:
    • ForAMO (e.g. should not include an updateURL)
    • NotForAMO (e.g. secure updates?)
    • IsDictionary (no JS should be included)
    • IsAddon (superset of checks)
    • IsSigned
  • Common/Recursive Operations
    • File exists
    • File contains (or doesn't contain) regex
    • Any file contains
  • One-time operations
    • Unzip/expand add-on contents
    • Build filelist
    • Ignore/remove file patterns