endless-sky
Fully automatic plugin updates
I believe it's worth considering the option of reviewing in hindsight rather than screening everything beforehand. We would still check plugins when they are first added, meaning someone malicious would need to develop and upload a legitimate plugin, then later introduce malicious content through an update.
It seems to me that the potential for abuse is pretty low, and if we adopt a three-strikes system, Strike 1: Warning Strike 2: Plugin removed Strike 3: Author blocked
I feel confident that we won't get many, if any, people looking to abuse the system.
This would also free up a lot of maintenance requirements so we could then look into implementing systems that make adding a plugin easier, so we'd be making things easier for the 99% of good actors who just want to share their plugin, while introducing a small risk of malicious content being listed on "official" sources for a short time before it's reported and removed.
I can't imagine anyone would consider that insufficient.
Originally posted by @Hecter94 in #1781
The first step is to have the current pipeline auto-merge PRs while creating them (50d209df4954cee48ea542b89ae2915981a56fab)
In the long term, I would like to revamp the autoupdate script to take care of the git operations, so I don't have to tie them together with bash. That would also enable more sophisticated checks, error handling etc.