I'd like to hear what others think could be done to improve the quality of submitted hacks here.

A couple weeks back on vb.com in the licensed area people were discussing areas about the quality of code in some of the hacks submitted on vb.org and how they can severely affect big boards etc.

-----------
One idea I had was that there could be a team set up to approve hacks before they are shown. Exactly the same way the articles forum is set up: https://vborg.vbsupport.ru/forumdisplay.php?f=184
This way will ensure hacks that are submitted are safer for our sites. Currently anyone could submit a hack where it could potentially delete/screwup our whole database.
It could also give the chance for this 'team' to give feedback and suggestions to the coder before the hack are approved. Kind of like one final pre beta test.

What other things do you think could be done to improve this area on vb.org?

This is also a topic that comes up once in a while. We have been experimenting with a "Quality Ensurance" team in the past, but that just don't work. Inspecting the underlying code of all submitted modifications is simply not feasible and we also do not want to put too many barrieres for people to submit their work to the community.

The only way to improve the quality is to provide feedback to the coder and educate them in better ways of solving the problem. If and what a coder does with such information is up to him/her.

Inspecting the underlying code of all submitted modifications is simply not feasible and we also do not want to put too many barrieres for people to submit their work to the community.

Just to put a figure on things, approx 90 code modifications were released over the last month, anything from simple 1 plugin mods, to quite complicated, multi file, multi plugin products - and at the moment we are in a quiet period as many coders etc are waiting for vb4.

That figure does not include updates to existing modifications either, just new threads.

Just throwing this idea out there, but what if the mod that was voted "mod of the month" not only received a shiny icon/badge but also a code review by a dedicated team here?

Or, for now, looking at major mods with the most installs (that work with the latest release) and code reviewing those?

I dunno. Just throwing stuff out there I guess. There is so much released here now that it can be difficult in knowing what the "best" really is.

What would be the benefit of inspecting 1 modification, and then a modification that already is in the spot lights.

PS It could turn into a deception if winners of the BOTM would often be denied aproval as the coding doesn't pass such a quality control. And history shows that it is not always the "best" modification that wins, more often it is simply the most used or best promoted (even though vote rallying is against our rules).

I don't understand your question?

Maybe I wasn't very clear in the idea... the team isn't "approving" a mod, they are "helping" a mod author improve what the community has decided is popular.

If the code isn't good (i.e., your definition of the "best" mod), wouldn't it be advantageous to both the mod author AND the community to help make it the best it could be?

Furthermore, if you are already internally (whether just in your head or amongst staff) ranking what are "best" mods, then why not share with the community what these are?

In my mind, now is the time to really give this topic a serious thought. If most are awaiting vB4 to start releasing new code, why not put something together and give it a trial run before the you-know-what hits the fan? :D

We (both staff and members) already spend a lot of time educating users (including coders), and that is what we can do.

There are too many modifications released or updated each month to inspect them all. Also staff is here to moderate the site, not to inspect modifications. But if a (larger) group members with coding experience would commit for a longer time to taking part in a Quality Assurance team, then we might consider giving it a go again, but i doubt it will work as history has proven that either not enough members want to spend their time on inspecting other peoples work and or interest faded after some time and the whole project collapses.

It will also not be easy to have objective guidelines on when to accept a submission and when not.

PS Yes i have my personal list of "good" modifications. But my criterium (being a coder myself) is simply: If i didn't write it myself, i don't trust it. So hardly worthwhile to post such a list.

PS There is an older thread on the same topic: https://vborg.vbsupport.ru/showthread.php?t=93400&highlight=quality

What would be the benefit of inspecting 1 modification, and then a modification that already is in the spot lights.

PS It could turn into a deception if winners of the BOTM would often be denied aproval as the coding doesn't pass such a quality control. And history shows that it is not always the "best" modification that wins, more often it is simply the most used or best promoted (even though vote rallying is against our rules).

Glad I saw that post because I missed it... I was supporting a users mod the other month for MOTM via my sig so since I did not hear anything hopefully that WAS within the rules but know I know for future reference.

How about this... it's simple but any new mod that just jumps through the roof w/ installs should be checked? I dunno as this is going to be a touchy subject w/ lots of opinions so IMO you vb admins decide what is best and we will just have to go w/ the flow otherwise this will be knit-picked to death and we will still be posting months from now just like many other suggestions that come back up every few months :p.

S-MAN

Personally, 95% of the mods I release are written for my forum, and therefore Im not interested in whether they follow some arbitary coding standard on a 3rd party site. I release them here simply because i think they will be useful to other people (simply doing that, and then supporting, them takes up chunks of my limited free time).

If it became the case that they had to follow a standard, or not be released, then I would take the second option, and simply not release them any more - Im pretty sure this is what a lot of people would do.

I was thinking about something a few weeks ago that could help here.

Improve the ratings system for mods; have several categories eg user friendlyness ease of install quality of code etc allow people to rank in all the categories

Additionally, allow any reply to a mod thread to be given a 'this is a review of the mod' flag So that members could post reviews as well as just support requests/general comments. These reviews could be then linked from the first post in the mods information pannel.

I personally believe most vB hacks found here on vB.org are pretty solid. probably the biggest reason i switched from IPB to vB. lol even IPB's official hacks do not work as advertised. Granted i cant comment on the effects of hacks on big boards. but for the most part im extremly pleased with what i consider the best system for hacks and feedback in the entire forum realm.. Hats off to vB.org the system may not be perfect but it is the best out there ...

There are too many modifications released or updated each month to inspect them all
Again to be clear, I'm not suggesting EVERY mod released.

I suggested as a starting point, give modifications that win MOTM a review. It's an ADDITIONAL reward to the coder.

How is that NOT educational to the coder?

Coders do not need to follow a standard in order to release something, I'm not suggesting that at all.

Basically, a team here would review one modification a month. Anyone who is coding modifications here could benefit by the suggestions a team gave to a winning modification.

If someone here says a mod is good by some review, then a security issue is noted...


Review by third party needs to be done by a real third party. If you're interested in picking up the tab for every piece of code submitted, I'm sure vBulletin.org could find a way.


I would rather see this time and effort spent on furthering education of the public here and putting more focus on quality coding standards and security practices. Rather than having some random arbitrary team take all their time to review the code here.

You are correct, it is obviously a waste of time.

Cheers,

Regs.

What's important, in my opinion, is also that forum owners should take the time to check the stuff they are installing in their forums, if they have the knowledge. The first issue with mods is security, of course, but once a security issue is reported, the mod is taken down if the author does not update it.

The issues that are more difficult to debug and find out if you are not good at programming or you do not have a popular forum (yet), are performance related. In general, if you have a popular forum with dozens of users active at any time, or with a great number of posts, you should be checking the code and effect on performance of every single add-on you install.

I have seen a lot of clients with slow forums that could not understand what was going on, just to find out that the problem was terrible queries (very, very common) or bad coding practices (like loops with single queries in each loop that could instead be all grouped in a single query) in one of the installed add-ons. Sometimes, these add-ons had been installed when the forum was just starting, so effect on performance was unnoticeable but became an issue as the forums grew in popularity.

One should respect the amount of work people put in these modifications and that make vb.org so great, but you should also take responsibility for what you put on your forums.

Forcing code standards would be a bad thing indeed :)

An idea I have been playing with for a while: creating default images which coders could add to their threads, indicating the mod follows specific code standards, but maybe not all (free to choose which).

A bit like the W3C icons:
https://vborg.vbsupport.ru/external/2010/10/30.jpg
Everyone can add them to their sites, but they give absolutely no guarantee.

We could create buttons like:

Valid XHTML
Fully templated
Fully phrased
vB input cleaner used
Includes hook locations (for big mods)
Accessibility: session url's, RTL support (left-right style variables), ...
Admin help included
...

And this doesn't require any regulation from vB.org staff (only hosting the images would be nice) :)

Like the W3C does with the WAI guidelines (http://www.w3.org/WAI/WCAG1-Conformance), we could also create conformance levels. If your mod matches a specific group of standards, you can use the "Level 1-2-3-..." button.