Plugin quality checklist

If you want to write a high-quality pretix plugin, this is a list of things you should check before you publish it. This is also a list of things that we check, if we consider installing an externally developed plugin on our hosted infrastructure.

A. Meta

  1. The plugin is clearly licensed under an appropriate license.

  2. The plugin has an unambiguous name, description, and author metadata.

  3. The plugin has a clear versioning scheme and the latest version of the plugin is kept compatible to the latest stable version of pretix.

  4. The plugin is properly packaged using standard Python packaging tools.

  5. The plugin correctly declares its external dependencies.

  6. A contact address is provided in case of security issues.

B. Isolation

  1. If any signal receivers use the dispatch_uid feature, the UIDs are prefixed by the plugin’s name and do not clash with other plugins.

  2. If any templates or static files are shipped, they are located in subdirectories with the name of the plugin and do not clash with other plugins or core files.

  3. Any keys stored to the settings store are prefixed with the plugin’s name and do not clash with other plugins or core.

  4. Any keys stored to the user session are prefixed with the plugin’s name and do not clash with other plugins or core.

  5. Any registered URLs are unlikely to clash with other plugins or future core URLs.

C. Security

  1. All important actions are logged to the shared log storage and a signal receiver is registered to provide a human-readable representation of the log entry.

  2. All views require appropriate permissions and use the event_urls mechanism if appropriate. Read more

  3. Any session data for customers is stored in the cart session system if appropriate.

  4. If the plugin is a payment provider:

  1. No credit card numbers may be stored within pretix.

  2. A notification/webhook system is implemented to notify pretix of any refunds.

  3. If such a webhook system is implemented, contents of incoming webhooks are either verified using a cryptographic signature or are not being trusted and all data is fetched from an API instead.

D. Privacy

  1. No personal data is stored that is not required for the plugin’s functionality.

  2. For any personal data that is saved to the database, an appropriate data shredder is provided that offers the data for download and then removes it from the database (including log entries).

E. Internationalization

  1. All user-facing strings in templates, Python code, and templates are wrapped in gettext calls.

  2. No languages, time zones, date formats, or time formats are hardcoded.

  3. Installing the plugin automatically compiles .po files to .mo files. This is fulfilled automatically if you use the file form our plugin cookiecutter.

F. Functionality

  1. If the plugin adds any database models or relationships from the settings storage to database models, it registers a receiver to the pretix.base.signals.event_copy_data or pretix.base.signals.item_copy_data signals.

  2. If the plugin is a payment provider:

    1. A webhook-like system is implemented if payment confirmations are not sent instantly.

    2. Refunds are implemented, if possible.

    3. In case of overpayment or external refunds, an external refund is properly created.

  3. If the plugin adds steps to the checkout process, it has been tested in combination with the pretix widget.

G. Code quality

  1. isort and flake8 are used to ensure consistent code styling.

  2. Unit tests are provided for important pieces of business logic.

  3. Functional tests are provided for important interface parts.

  4. Tests are provided to check that permission checks are working.

  5. Continuous Integration is set up to check that tests are passing and styling is consistent.

H. Specific to

  1. integrates the data stored by this plugin with its data report features.

  2. integrates this plugin in its generated privacy statements, if necessary.