Go to: typo3.com Home TYPO3 Association Home typo3.org Home FLOW3 Bugtracker Forge (Development Platform) News Buzz (TYPO3 Blogs) Support (Mailinglist Archive, Beta) Wiki Mailing lists

Search:

One feature of the second generation extension repository (TER2) is that only those extensions are added to the official repository which have passed a basic security scan done by two members of the security team. After uploading an extension through the Extension Manager, the reviewers are notified and - depending on their workload and time available - they review the new extension version. In the meantime, these extensions are already visible in the "unsupported" section of the extension repository. Only extensions which are marked as "beta" or "stable" will be reviewed and have a chance getting into the official collection.

The whole review process is quite new (as of 15.02.06) and forms an important part of the general strategy making TYPO3 even more secure. As we still build up the security team and infrastructure, any help, be it organisational or financial, is highly appreciated. If you would like to offer such help, please contact the security team.

There are still hundreds of extensions which need an intial review. However, after that big pile of work is done, only few uploads per week have to be worked on. Until the security team has reviewed enough extensions, all sections (except the "reviewed" section) also contain unreviewed and potentially insecure extensions.

The extensions in our repository are free to use. Although they are reviewed for possible security issues their installation might cause problems in your TYPO3 installation or work not as expected. Neither the respective authors, the reviewers, nor the providers of this website or TYPO3 take any responsibility for problems resulting from the use of code provided by this repository.