Jump to content

Paypal Europe v3.8.3 fails validtor... again


bellini13

Recommended Posts

I can't help but notice the number of errors that this 'official' module receives from the validator, yet the module is not rejected and is allowed on the addons site.

 

This double standard needs to be addressed.  I have complained about this many times in the past and I do not understand why community modules are rejected yet Prestashop and partner modules get exceptions?

paypal_validation_20150429.pdf

  • Like 1
Link to comment
Share on other sites

The Validator works on an indicative basis.

 

Some of the warnings that the Validator issues for a module can be ignored if a thorough verification is conducted manually to make sure that whatever triggered the warning is not important.

 

Partners modules are thoroughly reviewed by PrestaShop, but contributors' modules that don't pass the Validator cannot be manually checked, there are hundreds and hundreds of them submitted every week (when you include updates). They need to pass the Validator.

 

Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. But anything new should.

 

Starting with native modules submissions or big updates, don't worry. Thanks for the feedback :)

Link to comment
Share on other sites

Hi Xavier, I appreciate your quick response on this forum topic, but we are still split on this subject.

 

Partners modules are thoroughly reviewed by PrestaShop, but contributors' modules that don't pass the Validator cannot be manually checked, there are hundreds and hundreds of them submitted every week (when you include updates). They need to pass the Validator.

 

Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. But anything new should.

 

But that is the double standard.  There is expectation and precedence set where existing community modules are being rejected.  Why are they expected to pass where others are not?  I personally have to spend hours to update my existing modules every time the validator is "enhanced" to include more tests.  Prestashop and Partner developers should as well 

 

A security issue is a security issue, either they are severe or they are not severe, it should not matter what the module is, or how long they exist, or who creates them.  If some modules are allowed exceptions, it completely undermines the value of having the validation in the first place.

 

Either those "failures" that are being bypassed (ie.  Readme,md file) should be removed completely, or enforced 100% across the board.

  • Like 1
Link to comment
Share on other sites

Plus, there's this obvious fact we've explained many times: although PrestaShop's coding standards are now high and demand rigor on everyone's end (yours, ours), there's inertia in the software's development: you can't expect the existing code (core and native modules) to meet the new, higher standards at once. 

Hi Xavier,

 

This is the same thing for us, as contributor, with our module that exists since many years (I have modules older than partner's ones).

We can't change the code in one time.

Fabien is aware of this, but sometimes the validator people are not :/

 

And I agree that all new code/module must follow the standards.

 

When the Validator displays a security issue warning, it doesn't mean "There's a security issue", it means "There may be a security issue". If native modules show this warning and are still validated, it means we checked, double-checked and triple-checked and there wasn't any security issue.

Triple-checked -> Are you sure ?   :)

  • Like 3
Link to comment
Share on other sites

When the Validator displays a security issue warning, it doesn't mean "There's a security issue", it means "There may be a security issue". If native modules show this warning and are still validated, it means we checked, double-checked and triple-checked and there wasn't any security issue.

So the punchline is that a double standard exists, and that only community modules need to strictly adhere to the validator, while partner and native modules do not.

 

This completely undermines what the validator should be doing.  The validator should then be updated to remove those unnecessary checks.  again, either there is an issue or there is not an issue.  it doesn't take double and triple checking, just remove the pointless validator rule then.

Edited by bellini13 (see edit history)
Link to comment
Share on other sites

I think it's important to note that as PrestaShop team continues to improve module/theme validaton process that modules which may have been approved before may not pass when re-validated because of version change.  This seems natural process for me.  Happy day, Fred

That would be fine if the rule applied to everyone.  The point of this post is that this rule does not apply to everyone.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...