On Google Developer dashboard for chrome extensions, there used to be a checkbox to enable "gradual release" when editing an extension. You could then pick a number (for example: 5%) and this enabled you as an extension developer to first push a new version only to a select amount of users in order to "feel the pulse" before publishing the extension to everyone.
I have just notices that this feature no longer exists in developer dashboard. Did Google decide to cancel it or something like that, or am I missing it somehow? Anyone knows why they took it out?
I'm on the Chrome team and have been informed that your extension needs to have more than 10K users for this feature to be made available.
Related
I have written a simple Chrome extension and tested it using developer mode to load the unpacked extension. It works as expected this way.
Because the extension uses storage.sync API, I would like to undertake further testing with installations of the extension as published in the Chrome Web Store.
The Developer Dashboard for Chrome Web Store provides an option to publish to trusted users only:
Only trusted testers from your developer dashboard can see it.
You can also include members of a Google Group that you own or manage.
When I publish this way the trusted testers listed for my dashboard can reach the extension and install it from the Chrome Web Store. However, the extension is always disabled upon starting Chrome:
This extension is not listed in the Chrome Web Store and may have been added without your knowledge. Learn more
We, my testers and I, have not been able to find any way to enable an extension disabled by Chrome. Is there one? If not, the entire exercise of an "unlisted" publication mode for testing seems pointless.
The only work around I've found to this situation so far is to set the extension to "unlisted" rather than "published to testers" from the Chrome developer dashboard.
This is not at all satisfying, but did allow some real world testing in an unobtrusive way.
I built a chrome extension, available in the Chrome Web Store, that has an options/settings page. In the settings, people can add additional webpages to a blacklist (the blacklist is already populated with some websites when the extension is initially installed).
I am now about to release a v2 to the chrome extension (mostly css improvements and an additional feature) and wanted to know, if people have added a bunch of new webpages to their blacklist via settings when using v1, will pushing an update to google cause their settings to be reset (e.g., back to the original blacklist)? The blacklist is held in localStorage.
Thanks
No, it will not reset your settings after an update, localStorage and chrome.storage will be kept.
Btw, you can test updating process by building a crx file. There are plenty of tools which can help you to make build; (oncletom/crx is the good one).
For internal use in my department I wrote a Chrome extension. It works fine in developer mode and I delivered it to my colleagues by e-mail attaching the .crx-file. They opened chrome://extensions and drag-and-drop it there. The message
drop to install extension
appeared, Chrome installed the extension and it works like a charm.
Nevertheless, on the very first restart of Chrome, a message appears that Chrome deactivates an unsupported extension.
A link to the help page Extensions disabled by Chrome is added to the message, and states:
To protect you while you browse, Chrome only lets you use extensions that have been published on the Chrome Web Store.
While I understand the reason, is there any other way a user can explicitly tell Chrome an extension is safe? Some effort is acceptable as publishing the extension to the webstore is not.
I have no administrative access, so no changes to registry nor active directory are possible.
As noted, you need Active Directory level policies to whitelist / auto-install extensions. See Policy List.
Chrome will use many defense mechanisms to detect and fight other trickery. The stance is simple: anything an unprivileged user can do any other software can do to implant malware.
However, you should consider publishing in CWS.
This can be done unlisted; unless someone has the listing link, the extension won't be discoverable.
This approach will present a risk of a leak of the link, but with your current delivery mechanism crx can leak as well; in general, copy-protecting extensions is basically infeasible.
This can be done with enforced control over accounts; you can publish to a Google Group of "trusted testers", who will be the only ones to see the listing.
Won't work if you're not allowed to sign into your Google accounts in Chrome.
This can be published with enforcing access only to your domain's users - if you use GApps for your work.
All of the above might not work if your extension is somehow questionable by CWS policies; if you can't publish for this exact reason, and can't use AD policies, I'm afraid you're SOL.
There isn't a way without domain level management to make this work. You can't just have the user "say" it is safe, since the user "saying" something could very well be the attacker. Any mechanism put in place to get around this would simply be used by attackers and unthoughtful companies to add more junk into your browser.
I have seen other answers here, such as this.
But nowadays, you cannot simply drag an extension to the browser and expect it to work. Google does not allow you to activate it, showing a message "not downloaded from chrome store"
Now, I really don't want to publish anything. It's a personal extension for me and friends! How can I workaround this limitation?
You could publish to testers.
I know you said you didn't want to publish anything but it only shows up to google accounts you have listed at testers.
You really only have two options:
Distribute the crx and have them run in developer mode.
List the extension on the Chrome store.
It sounds like #1 is a problem for you (as it is for most). If you go with option #2, you can list the extension privately, so it isn't listed in the Chrome store.
For context, Google is not doing this to hold people back. Most of the browsers have tightened up these methods to prevent abuse. From Google's perspective, they cannnot differentiate between your friendly use case, and a hacker using an extension to place malware. If it's published through the store, they can scan for malware.
I have done a extension for one specific website and uploaded it in my webstore developer account and published it.
After that if i try to search that extension in webstore it is not listing.
Any idea on this? Am i want to make any tag or something in my extension?
PS:
Here is an example of my scenario. I have created a extension for the website abcd.com and named the extension as "abcd - do action". When i search in webstore for abcd, its listing some of the extensions but not mine.
The Chrome Web Store index is updated on a delayed basis. Sometimes it can take a few hours or a few days before your item is searchable. You should also try searching without your own extension installed as sometimes the Chrome Web Store will hide installed extensions from results.