Removing the Sandbox

The “Sandbox Model” addons.mozilla.org uses to organize and review add-ons was first announced almost 3 years ago. Since then, we’ve made a number of changes based on user feedback that, in my opinion, have greatly improve the experience of finding and installing add-ons that haven’t been officially reviewed yet.

Today, the main feedback concerning the review and distribution process of add-ons is:

  • developers feel it takes too long for add-ons to be reviewed, and
  • users and developers want to receive updates to add-ons that they have installed that haven’t been reviewed yet

It’s important for us to balance our desire for all add-ons to be discoverable and easy to install with the need for security measures for add-ons that haven’t been reviewed yet.

After taking many of these issues into account, I’ve come up with a proposal for removing the public and sandbox classifications on the site and moving to a more flexible, comprehensive trust system based on everything we know about an add-on. If you’re interested in the review process and distribution of add-ons, please read the proposal and give us your feedback, preferably in this newsgroup thread.

5 comments on “Removing the Sandbox”

  1. Jay Meattle wrote on

    Justin, I like the general idea of automating the queue as much as possible. My suggestion is to start with generating and publishing the proposed “Trust Score” in the add-ons dashboard asap to get developers used to it, and to start getting feedback.

  2. ap21 wrote on

    I think this is a bad idea. It will just lead to more crappy addons than there are already, and/or let developers drop their standards more. It’s fact that there are many out there that are just lazy and just want to make a quick buck or get a big userbase quickly, no matter the consequences, the sandbox can buffer this. If someone always wants to be bleeding edge or try sandbox stuff, they can always register for it.

  3. Good Idea, but review/rate/delete the 3rd party’s too… wrote on

    I love everything about this idea, but…

    “…however these add-ons would not be treated or ranked the same as hosted add-ons, as this would bypass our review/trust process.”

    …the 3rd party addons (not hosted on AMO) should be open to scrutiny too…they should be reviewed/rated & banned/deleted if they are bad…think “3rd party toolbar” anyone? AMO should not even link to bad 3rd party addons…

    Also, besides being completely/officially banned from AMO, people should be able to hide/ignore either an addon or an addon author from their own view…as a way to get rid of an addon before it’s completely banned…

    It should also be possible to be hosted on AMO & hosted 3rd party at the same time…but I think part of that draft said that.

    I can’t reply to that newsgroup, cuz I’d need to signup, feel free to repost this to the newsgroup tho…

  4. Marcio wrote on

    Justin, related to the AddonRanking trust criteria, I think under the Support ( Support Information – does the author provide a support URL or e-mail address? ) it could also have a social support channel. Sometimes an end-user may discover a problem that can be checked by someoneelse ( like a dup bug ) or can be valid/invalid – so if addon X receives a “public/social/open comment” that could go to an eco-system that is open, to get additional checks and other folks to see and confirm etc. This would not prevent the Developer to see, just expose the Support questions in a more social way and more granular control over the states of the support question. Sort of an integrated bugzilla but maybe more lightweight and something that goes more with the flow ( of the app addons users etc )

  5. Phill wrote on

    If the sandbox has been discontinued, why is one of the most useful add ons (Contacts Add BCC) still listed as being in there? And if it is wherte can I get something I have been using and installing on systems I’ve set up for others for the last two years?