Deskbar Applet, NewStuffManager, 2.16, Installing New Plug-Ins, AutoUpdate, etc.

["Nigel Tao" <nigel tao gnome gmail com>]

OK, I should have brought this up on d-d-l a month or two ago, at
least before we got all freezy, but I procrastinated.  Corner me
sometime and ask for my lame excuses.  Anyway, going with better late
than never...

The text below is probably best read at my blog:
http://blogs.gnome.org/view/nigeltao/2006/07/30/0 where it has
new-fangled technologies like screenshots and links, but it's
copy'n'pasted here in case the nitpickers amongst you want to quote
stuff in any ensuing argument^Wdiscussion.  'cos it's not like d-d-l
hasn't been controversial enough in the last few weeks...  :-)

Short version: There's this new easily-install-new-deskbar-plugins
thingy people have implemented, aiming for the 2.16 release timeframe.
However, it's, like, easily-download-executables-from-the-internet,
which I don't think GNOME has done before, and so the GNOME community
should have a say in whether or not we push ahead with this.

Long version (really, just go straight to
http://blogs.gnome.org/view/nigeltao/2006/07/30/0 )

One of the things about the 2.14 deskbar-applet release was that,
although it supported third-party plug-ins, the GUI to manage them was
all-but-nonexistant. Basically, whilst you could enable and disable
installed plug-ins via the checkboxes in the preferences dialog, you
couldn't (a) find and install new plug-ins, and (b) update existing
plugins through the GUI -- both of which Firefox lets you do, for
example. Instead, you had to download a file (or download and unpack a
tarball) and copy that to a secret directory
(~/.gnome2/deskbar-applet/handlers/) -- i.e. one that you couldn't
find in nautilus.

In the last few months, Sebastian Pölsterl and the other deskbar
hackers have worked on being able to install new plug-ins through a
friendly GUI. The deskbar-applet-list mailing list discussion starts
in April, continues in May and there's also the PluginManager wiki
page. Here's the current state of play (no, this isn't finalized, yes
there are issues, which I'll touch upon at the end of the tour). First
off, there's a new Check For Updates button on the list of installed
plug-ins.

Clicking on that invokes the NewStuffManager a new (Python) program
that communicates with deskbar-applet via D-Bus. To be precise,
NewStuffManager provides the org.gnome.NewStuffManager service.
NewStuffManager is not deskbar-applet specific, and could provide any
app with update info. The app-specific part is another Python file,
deskbar-applet's spec is the only instance so far, and looks like
this:

OPTIONS = {
"repo": "http://raphael.slinckx.net/deskbar/repository/deskbar-repository.xml";,
"install-path": "~/.gnome2/deskbar-applet/handlers",
}

And note that it mentions
http://raphael.slinckx.net/deskbar/repository/deskbar-repository.xml,
which is the master list of plug-ins and their versions. The intention
is that distros can customize this URL, if they choose to. An example
snippet of that XML file looks like this:

<item>
<id>yahoo.py</id>
<name>Yahoo! Search</name>
<description>Search Yahoo! as you type</description>
<author>Deskbar Team <foo bar com></author>
<version>3.1.1</version>
<url>http://raphael.slinckx.net/deskbar/repository/yahoo.py</url>
</item>

NewStuffManager will note that there is a new version of the Yahoo
handler, and the UI will show that it is updatable.

Clicking on Update will show a progress dialog box, and under the
hood, download the newer yahoo.py from
http://raphael.slinckx.net/deskbar/repository/, unpack the archive (if
necessary), and copy those files to the right place in the file
system: ~/.gnome2/deskbar-applet/handlers/. Note that this is the
user's installed plug-ins, not the globally-shared (and
only-writable-by-root) plug-ins at /usr/lib/deskbar-applet/handlers.

The other thing to notice is the New Extensions tab. Switching to this
tab will invoke NewStuffManager to check the master list for
installable plug-ins. It looks like this:

Again, the Install button will download and install the plug-in. There
really isn't much difference between updating existing plug-ins and
installing new ones, apart from that the user was (probably) aware of
an existing plug-in beforehand, and updating an existing plug-in might
involve an active existing plug-in.

That's what it looks like. It is indeed easier to find and install
plug-ins than before. And plug-ins rock, since they make users go, "I
rock". However, there are two very significant issues:

Security: We will be downloading arbitrary Python files, which could
be executed whenever the deskbar-applet initializes all of its
plug-ins. This could be a major security hole. Personally, it's not
that I don't trust Raphael or his web-site, or the third party
websites that he chooses to endorse, but I don't trust (the worst of)
the internet. We don't have digital signatures or other verification
mechanisms implemented yet (and GNOME 2.16 is due only a few months
from now). Auto-update (and auto--removal of obsolete files) is
another issue that should be considered - whilst it is frustrating as
a developer that users don't manually upgrade to the latest and
greatest, users should remain in control of their computers.  Possible
precedent / discussion point: Firefox auto-updates (IIRC).

Privacy: This design means that http://raphael.slinckx.net/ (or whever
the master list(s) get hosted) is pinged every time I look at the New
Extensions tab.  Possible precedent / discussion point: distros
already provide updates, automatically, over the internet.

Finally, Sebastian, Mikkel, Raphaël and others have already sunk a lot
of time into this, and I'd hate to sound like I don't appreciate their
work, their enthusiasm, their contribution, and their intentions. I
do. :-) And like Mikkel said: "I really think it's a cool feature; I
would just hate to botch it".