Plugin Safety
Are there any safeguards in place for using calibre plugins?
I have seen the warning on adding a plugin which says that a plugin could be malware, and we can choose to trust the developer or not. But many of us do not have enough Python knowledge to check the plugin code for malicious behaviour.
Now I'm not suggesting that any of the plugin developers are rogues, but it would only take one bad apple to cause havoc to an unsuspecting user.
So in terms of safeguards, I wondered if the calibre team do any peer reviews of code submitted for plugins? Is there a list of 'certified' plugins?
|