Ubuntu developers published new automatic third-party app uploading process to Ubuntu Software Center

USC upload process

After installing and enjoying Ubuntu, usually the user is "faced" with adding software (apps, games, etc) to Ubuntu, process usually performed via Ubuntu Software Center.

Ubuntu Software Center contains, manages and 1-click away exposes thousands and thousands of applications, in order to install an app, the user follows a simple -type a word in USC's search area and click Install- process.

Installing and removing apps via Ubuntu Software Center are easily graspable, yet, across the internets, there are various complains about the quality of applications ("extras"), quality "denied" by the slow process of updating an app after has been landed in USC (and the actual app landing, too).

The at-the-moment third-party apps must take an Ubuntu "journey" that "splits submissions between closed-source and commercial apps, which get reviewed by a paid team of Canonical employees, and non-commercial open source apps which are reviewed by the Application Review Board (ARB)", ARB combining the effort of 7 not-payed community volunteers.

Obviously, regardless of abilities, passion, focused energies, etc, the ARB team is definitely limited, consequently, landing a limited amount of apps and updated apps into USC.

In understanding the mentioned limits, the developers have been greatly helped by Ubuntu App Showdown, definitely a massive success (more than 140 applications), yet "almost two months later and we still haven’t been able to publish more than a quarter of them".

The to-be-followed-and-implemented approach has been published (aimed at fixing the above process), being now available, as an initial work put together by Ubuntu's Jono Bacon, Ubuntu's Michael Hall and Ubuntu's David Planella.

The most important, relevant aspect of the new (work-in-progress) specs are: third-party developers will be able to submit third-party apps directly into Ubuntu Software Center, without being manually reviewed by the ARB team (the 7 volunteers), consequently, landing an app is to probably be performed by a single developer in a matter of (probably) hours, furthermore, the same approach is to be adopted by landing updated versions of the same application (like for instance, Monday, a developer lands mythirdpartyapp 0.1, Tuesday the same developer lands mythirdpartyapp 0.2, following the same automatic non-manual review process).

Ubuntu is widely known for its solid secure "attitude", attitude continued and seriously considered for the newly published app upload process.

Adding an automatic AppArmor policy to the submitted app (independent of the third-party developer, necessary to generate a security sandbox in order to protect the user from malicious code), whitelisted install locations (the third-party app will be forced to be installed on Ubuntu-specified locations), immediate access revoking (on attempts to upload malicious content), specific app permissions (such as preventing access to one's private files and directories), as well as solid carefully-selected rules specified by the Ubuntu developers, come to strengthen the upload process, assuring the user that continuing to use Ubuntu is as secure as always.

Further details (including open active discussions) about the new upload process are available on https://wiki.ubuntu.com/AppDevUploadProcess

Worth mentioning
"This specification only focuses on applications that are uploaded to the Extras extension repository. Thus, this process does not cover developer uploads of newer versions of software in the existing main archive (which includes the main, restricted, universe and multiverse components)".
The mentioned upload process is (at the moment) in a work-in-progress stage.