Private beta testing a Chrome extension - google-chrome

Is there a way of beta testing a Chrome extension in the Web Store among a small group of users?
I'd like to do this before scaling to everyone on my waiting list, but I don't want to have to send round the file with installation instructions, especially given that Google is tightening up on extensions that aren't downloaded from the Web Store.
It'd also be useful to be able to slowly roll it out (à la Mailbox) if that's at all possible.

Publishing on Chrome Web Store has 3 (well, 4) options:
Public. The extension will be listed in search and gallery, everyone can install and use.
Unlisted. The extension will not be listed in search and gallery, but everyone with a direct link can install.
(Google Apps domains only) People with accounts on [example.com] only. This allows to publish items privately, as long as you administer a Google Apps domain.
Private. The item will only be available to a selected list of Google accounts, or a Google Group. Note that this is aptly aliased as "Trusted Testers".
That said, you most probably have 2 options:
Have a restricted set of accounts that can use your app. CWS allows to either specify an explicit but short list, or to link with a Google Group you administer.
Use "unlisted" and send everyone the link. Use only if you don't care if the link leaks: you won't be able to remotely kill any install.
Note that if you have enough (10000+) users you can do partial rollouts of regular updates, to have less impact from problematic updates if they happen.

Related

HTML5 website running while phone screen is off?

Basically, my question is the same than this topic but it's now 2018. So, how can I still have ECMAScript executed on my phone (to send geolocation position) even if it is asleep? We now have Open Web Apps and Progressive Web Apps (PWA) with service workers, even Apple is jumping in, I'm sure there are ways to do that.
While we can hope that things should've changed on this, unfortunately, it has not.
This article from Google on PWA GeoLocatoin API dated Jan-2018 says clearly that this API works "only while the page is open".
Why not available yet (in my opinion)? Thinking of users privacy, it makes sense. Think of tons of wep pages we visit and for how many we tend to five permission accidentally or we intend to give for a while(until we finish some transaction/booking). Currently there is no way for us to go and check on all location permissions that we've given to web sites in a browser, like we do for Native/Hybrid apps and having option to change it.
We can expect to have tracking option for PWA when it is installed to home screen, where native app like permission handling will be possible to user.
End of the story, we are not there yet!!
Alternate option: While you can use navigator.geolocation.watchPosition to track the user when he is actively using the app, You can complement your app with a separately installed (Native) Android service to update the users location to your back end server, till PWA supports naively.

How to trust an extension in Google Chrome without the Web Store?

For internal use in my department I wrote a Chrome extension. It works fine in developer mode and I delivered it to my colleagues by e-mail attaching the .crx-file. They opened chrome://extensions and drag-and-drop it there. The message
drop to install extension
appeared, Chrome installed the extension and it works like a charm.
Nevertheless, on the very first restart of Chrome, a message appears that Chrome deactivates an unsupported extension.
A link to the help page Extensions disabled by Chrome is added to the message, and states:
To protect you while you browse, Chrome only lets you use extensions that have been published on the Chrome Web Store.
While I understand the reason, is there any other way a user can explicitly tell Chrome an extension is safe? Some effort is acceptable as publishing the extension to the webstore is not.
I have no administrative access, so no changes to registry nor active directory are possible.
As noted, you need Active Directory level policies to whitelist / auto-install extensions. See Policy List.
Chrome will use many defense mechanisms to detect and fight other trickery. The stance is simple: anything an unprivileged user can do any other software can do to implant malware.
However, you should consider publishing in CWS.
This can be done unlisted; unless someone has the listing link, the extension won't be discoverable.
This approach will present a risk of a leak of the link, but with your current delivery mechanism crx can leak as well; in general, copy-protecting extensions is basically infeasible.
This can be done with enforced control over accounts; you can publish to a Google Group of "trusted testers", who will be the only ones to see the listing.
Won't work if you're not allowed to sign into your Google accounts in Chrome.
This can be published with enforcing access only to your domain's users - if you use GApps for your work.
All of the above might not work if your extension is somehow questionable by CWS policies; if you can't publish for this exact reason, and can't use AD policies, I'm afraid you're SOL.
There isn't a way without domain level management to make this work. You can't just have the user "say" it is safe, since the user "saying" something could very well be the attacker. Any mechanism put in place to get around this would simply be used by attackers and unthoughtful companies to add more junk into your browser.

How to share a packed Chrome Extension without publishing?

I have seen other answers here, such as this.
But nowadays, you cannot simply drag an extension to the browser and expect it to work. Google does not allow you to activate it, showing a message "not downloaded from chrome store"
Now, I really don't want to publish anything. It's a personal extension for me and friends! How can I workaround this limitation?
You could publish to testers.
I know you said you didn't want to publish anything but it only shows up to google accounts you have listed at testers.
You really only have two options:
Distribute the crx and have them run in developer mode.
List the extension on the Chrome store.
It sounds like #1 is a problem for you (as it is for most). If you go with option #2, you can list the extension privately, so it isn't listed in the Chrome store.
For context, Google is not doing this to hold people back. Most of the browsers have tightened up these methods to prevent abuse. From Google's perspective, they cannnot differentiate between your friendly use case, and a hacker using an extension to place malware. If it's published through the store, they can scan for malware.

Track new users source - Chrome Store extension

I have a new extension that I am trying to get more users for, I am running two campaigns - lets call them A and B
These campaigns eventually lead to my extension's page on the Chrome store.
Is there a way to know how much installs\addons did each campaign added?
Not clicks - Proper users that added the extension.
Thanks!
In theory, yes.
If you have enabled Google Analytics for your extensions (created a property and added it while editing the extension), that property will start tracking your Web Store page. If you haven't installed it, then no, no such refined data will be available.
You will see installs as visits to /track_install/* URLs. You can create a Goal to have better analytics for it, but you can probably dig through the data even without it.

Publish a Google script for several documents

I recently created a Google script for my documents but I'd like to know how to authorize all my documents to execute this one, not only the document that I used to develop the script...
First, Is that possible without passing on the store?
I have great news for you! Google says they're working on that!
But also bad news. They've been working on it for four years now, which really means they're not working on it.
See Issue 489, star it and wait for the announcement of project completion. He he!
The topic of sharing scripts among multiple documents has been covered before:
https://stackoverflow.com/questions/5334751/how-do-i-share-a-script-i-wrote-with-my-co-workers-on-the-same-google-apps-accou?rq=1
Libraries.
How to share one Google Apps script between few documents?
Libraries.
What happened to the "Publish to Gallery" option in Google Apps Script?
The gallery was retired.
Google Apps Script add code to copy of a document
Can't do it.
Option 1: As those previous answers suggested (and I'm sure there are more), turn your script into a library, then in every document you want to use it you "just" need to add a script that includes the library, and functions that call the library functions.
Option 2: Any stand-alone script can be "tested as an add-on", which allows you to associate a script with any document. Unfortunately, just one document at a time.
Option 3: (Your own suggestion.) You are able to publish through the store, but limit the visibility just to yourself (any account), people with the link (any account) or your organization (domain accounts). If you're using a consumer account, you'll have to pay $5 to register as a developer for this privilege.
I'm uncertain about whether you'd need to wait for a review cycle, or if your add-on would go live immediately, or if you'd be able to skip providing help documentation, support web site, etc. - maybe someone else can weigh in on that via comment, and / or update this answer with details.
The advantage to this would be the ability to have the script in any of your documents, without adding scripts to them.
Consumer account add-on visibility options:
Corporate domain account: