Page 1 of 1

Writing data to database

Posted: Fri Sep 17, 2021 10:25 am
by jordansparks
It has come to my attention that there are some plugins that are extensively writing to the database. This abuse needs to end. It's dangerous and unstable. We've clearly stated on the plugin page from day one that plugins should never write to the existing database tables. The API is the only approved method for writing to the database. We will be putting new measures in place designed specifically to block plugins from making changes to the database. I'm not sure exactly what this will look like, but if we can't do it through technical measures, then we will do it by requiring plugin writers to be vetted and we will block all unvetted plugins.
1. An oral surgery plugin that has its own window and writes only to its own tables is allowed.
2. A plugin that changes the way a form looks or behaves might be ok, but we'll need to vet it.
3. A plugin that puts payments into the database is not allowed.
4. A plugin that updates appointment status is not allowed.
5. You have a plugin for use only within your own organization. This could be allowed in certain situations if you understand the risks. We will try to talk you out of it, but it's better than forking the code, for example.
We will not suddenly turn off plugins without an alternative. So if you already have a complex plugin, we will work with you to wean you off of it. But everyone needs to know that enforcement is coming. We've been moving in this direction for a long time.

Re: Writing data to database

Posted: Sun Nov 07, 2021 8:14 am
by jordansparks
Plug-ins must now be whitelisted in order to work.