[theme-reviewers] Embedded theme options frameworks and/or resources

Edward Caissie edward.caissie at gmail.com
Mon Oct 20 16:15:53 UTC 2014 

I would have concerns with an "approved framework" list as it implies it is
fully vetted and maintained ... which would be by whom?

Also, the "approved" part should also include the "approved implementation"
of the framework as well ... again who will be ensuring that is kept up to
date and accurate?

Granted it is very time-consuming to review a theme *and* any bundled
frameworks but that is simply the nature of reviewing. Themes are to stand
on their own merits, which means every time a theme is submitted for review
it should technically be reviewed in its entirety (although exceptions are
made for previously approved themes to allow for "diff" reviews even those
should be fully checked from time to time to ensure "old" code is still
correct and up to current standards).

Edward Caissie
aka Cais.

On Mon, Oct 20, 2014 at 11:39 AM, Ulrich Pogson <grapplerulrich at gmail.com>
wrote:

> The plugin review is normally done just once when you submit a plugin. The
> themes are reviewed for each update to make sure the guildlines are
> followed.
>
> If you are having trouble with a review you can always ask for a mentor.
> The current place to ask for a mentor is here
> https://make.wordpress.org/themes/2014/10/09/hey-mentors-and-mentees-how-are-things-weve/
>
> I think it might be an idea to have a list of approved framework versions.
> On 20 Oct 2014 17:22, "Venkat Raj" <venkat at webulous.in> wrote:
>
>>  It is options framework, but it doesn't matter. I meant to say any
>> "bundled resource"
>> Checking everything makes sense and we should.
>>
>> My concern is that, say we have 2 embedded resource then 1 theme review =
>> 1 theme code + 2 plug-in code review?
>> I think admins can make a rule for this, because
>> 1) We're already atleast 6 week behind
>> 2) New comers like me, don't have much experience in reviewing plugin
>> code and security issues.
>>
>>
>> On Monday 20 October 2014 08:34 PM, Emil Uzelac wrote:
>>
>>  If you are referring to http://wptheming.com/options-framework-plugin/
>> I don't think that phoning home is involved.
>>
>>  Now, it does not matter if the code was integrated as-is, or has been
>> modified, we still need to check everything :)
>>
>> On Mon, Oct 20, 2014 at 8:59 AM, Jasin S. <jasins at wphoot.com> wrote:
>>
>>>  ^ what tskk said.
>>>
>>>  A good starting point would be using diff to check if the Options
>>> framework has been inserted "as-is" in the theme, or if its a modified
>>> version (maybe even malicious code)
>>>
>>>  I find Sublimerge to be an awesome tool for this (available on Sublime
>>> Text editor)
>>>
>>>  cheers,
>>>  Jasin S.
>>>
>>>  Is that framework included in the theme zip? If it is then you have to
>>>> review it.
>>>> Sent from BlackBerry® on Airtel
>>>>
>>>> -----Original Message-----
>>>> From: Venkat Raj <venkat at webulous.in>
>>>> Sender: "theme-reviewers" <theme-reviewers-bounces at lists.wordpress.org>Date:
>>>> Mon, 20 Oct 2014 11:55:24
>>>> To: theme >> Discussion list for WordPress theme reviewers.<
>>>> theme-reviewers at lists.wordpress.org>
>>>> Reply-To: "Discussion list for WordPress theme reviewers."
>>>>  <theme-reviewers at lists.wordpress.org>
>>>> Subject: [theme-reviewers] Embedded theme options frameworks and/or
>>>> resources
>>>>
>>>> I'm reviewing a theme which embeds options framework.
>>>> My question is, since it is bundled resource, I don't need to go through
>>>> it line by line, right?
>>>> Plugin reviewer can take care of that. But how can I make sure, it is
>>>> not modified version of original
>>>> and/or not containing any malicious code such as dialling home which we
>>>> encountered few days back!
>>>>
>>>> _______________________________________________
>>>> theme-reviewers mailing list
>>>> theme-reviewers at lists.wordpress.org
>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>> _______________________________________________
>>>> theme-reviewers mailing list
>>>> theme-reviewers at lists.wordpress.org
>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>
>>>
>>>
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing listtheme-reviewers at lists.wordpress.orghttp://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20141020/04728e95/attachment-0001.html>

More information about the theme-reviewers mailing list