[Qgis-psc] AGM: plugins vote

Fri Apr 10 04:51:11 PDT 2020

Hi all,

Il 09/04/20 10:51, Alessandro Pasotti ha scritto:
> On Thu, Apr 9, 2020 at 10:24 AM Denis Rouzaud <denis.rouzaud at gmail.com> wrote:
>>
>> Le jeu. 9 avr. 2020 à 08:48, Alessandro Pasotti <apasotti at gmail.com> a écrit :
>>>
>>> Sorry, but I didn't understand what's the real issue here: the

things are getting complicated, and more interesting options are still
being added (thanks!). Let me recap what are the issues, based on my
experience as a plugin manager since many years:

* binaries in the repo
this will expose QGIS.ORG to non negligible risk of being sued, because of:
- possible licence violations, as we have no way of checking whether the
included binaries respect all licences
- damages due to malicious or broken code.
Of course we can shield ourselves adding well crafted disclaimers, and
having uploaders sign some document taking full responsibility for their
plugins, etc. (please note: this will not be possible in all nations -
sometimes who owns a website is considered responsible for all its
content), but this will introduce significant legal and technical costs
and complications.
To put this in context, AFAICR this happened only once in our 10+ years,
for some obscure Windows code doing some kriging analysis. In all the
remaining cases, a gentle pressure made plugin author to change their
code to have the binaries downloaded post install.

* platform-specific plugins
there are already plugins working on one particular OS, mostly because
they act as a front end to specific sw only available on that OS.
Of course nobody sane would refuse a Mac only plugin because it
activates some osx unique function, or corner cases like this.
In the remaining cases, a gentle pressure resulted in an improvement of
the plugin allowing it to run on all platforms, with a general advantage.

* including Python libraries (not explicitly mentioned in the questions,
thanks Denis)
I agree there is a real need here (mostly if not only for Windows
users). What I have done so far is to gently push towards including the
needed lib in the Osgeo4W installer (thanks Juergen!), and this has
benefited all. I know this can be a PITA for new plugins, uncommon or
specialized libraries, and we are looking for a better solution since
long (ideally the plugin should be able to download the needed lib when
not available in the system). However, including libs in the plugin
raises further issues, e.g.:
- it is difficult to manage versioning of libraries (often old ones are
included, with side effects)
- it makes it easy to have locally patched versions, thus not
encouraging upstream fixes and improvements
- it loads the system with multiple copies of the same lib (I often
found included libs that are already in the installer!); for non-
Windows users a separate install of the lib is generally saner

Finally, as Alessandro noted, setting up a custom repo for special cases
takes 5 minutes.

As noted, the real problem with plugins management is the lack of manpower.

Cheers.
-- 
Paolo Cavallini - QGIS.ORG Chair
www.faunalia.eu:
training, support, development on QGIS, PostGIS and more