
An update to UBlock Origin was rejected by the Chrome Web Store - vzjrz
https://github.com/gorhill/uBlock/issues/880
======
johnhattan
Update: "We apologize that the update was rejected due to an snag in the
review system. The updated item will be available in the Chrome Web Store
within 30 minutes."

~~~
danielbln
Just got the extension update notification, seems like update 1.3.2 has been
released. Nothing like a top HN post to grease the wheels.

~~~
theshrike79
HN seems to be the official support channel for Google.

------
eli
Headline is wrong. An update to the plugin was rejected (with the option to
resubmit), but the previous version is clearly still in the store:
[https://chrome.google.com/webstore/detail/ublock-
origin/cjpa...](https://chrome.google.com/webstore/detail/ublock-
origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en)

I empathize with the developer, but Occam's Razor suggests this isn't anything
more than a typically crummy vague Walled Garden app store rejection. I'd take
their advice and re-submit.

~~~
gorhill
Yes, it still is in the store as of now.

However the email I received is titled "Chrome Web Store: Removal notification
for uBlock Origin".

In any case, it's just impossible for me to figure what is the issue. I could
spend a inordinate amount of time guess-shuffling code around for no result.

Assuming the email title is misleading -- let's say uBlock Origin won't be
removed from the Chrome store, there is nothing special in 1.3.2 compared to
any other releases, and from the look of it I won't ever be able to fix
whatever is deemed wrong without specifics, and as a consequence, no updates
lead to abandonware.

Edit: I will add that with Firefox and Opera, there has always been
communication with specifics when I was asked to fix something, and I always
did fix as demanded (or suggested).

~~~
maxerickson
Are the block lists maybe considered code?

Updating them at first start would fit the description of not having them
visible in the package.

~~~
gorhill
The filter lists which are selected by default are part of the package. An
updated versions of these lists is progressively downloaded a few minutes
after first install. But this has been like this since forever now, this is
not new.

This demonstrates the problem here, we are left to speculate endlessly about
what the is the issue(s) according to the Chrome store.

~~~
thefreeman
Or you could, you know, email them like the email says to do.

------
weirdentropy
I've switched over from ABP to UBlock Origin. UBO is so much faster than ABP,
uses fewer resources, and does a better job. And, most importantly, they do
not get in bed with the ad companies to arrange for acceptable ads. There are
no acceptable ads in my view (no pun intended). I block ads precisely because
they use my bandwidth, they are a vector for malware, they interfere with my
viewing of websites, they track me (this should be illegal), many, many more
bad things.

In addition to UBlock Origin, I block DOM, HTTP/S referrer, CSS visited links
(surfing history viewable by websites), block WebRTC (leaks private IP address
schemas), and more. I have a right to a clutter-free Internet that is not
tracking me, using my bandwidth without my consent, and doing everything to
make money from me without my consent or sharing with me should it do so. No,
thank you. I will continue to block all ads, tracking cookies, beacons, you
name it. I somewhat enjoy the cold war between users and the ad companies.

~~~
theg2
What a magical world you live in where everything is free and no one needs to
be paid for their work.

Ads have been abused by companies over the years but whitelisting sites that
whose content and services you value and don't abuse you with those ads are
the only reason they can afford to exist.

Edit: I get it, you don't want ads. People have abused them over the years and
that's bad. My only point is that whitelisting (or donating/subscribing to
where possible) the sites you value keeps those sites running. It's nice that
some sites don't need financial support to pay for reporters, editors,
producers, and photographers but that's not the case for many sites that do
great journalism.

~~~
anc84
The good old "there can not be free-of-cost content unless money is involved"
fallacy.

I am a member of many communities whose hosting costs are paid by the
communities, the administrative tasks are shared by members of the
communities, I "consume" many sites which only exist because their authors
want to express themselves, I use sites that exist because people feel the
need to share their knowledge and collections of bytes. They all exist without
a single ad. They exist because someone wants them to exist.

This comment was written and shared for free on the web without restrictions
because I felt the urge to write it.

~~~
theg2
Not all news and content creation can be done as a side job or hobby. The
people who do journalism, create content, or support that goal of quality
journalism need to make a living somehow.

~~~
anc84
Absolutely. And I wholeheartedly think that enough people support high quality
journalism. See the 1 million online subscribers to the NY Times.

The majority of online journalism seems to be regurgitated news agency reports
and stuff that no one needs (or can get free from communities elsewhere _).

_ lots of forums, blogs and aggregators perfected clickbait and cat picture
distributions a decade ago.

~~~
wutbrodo
You picked a particularly terrible example, since the Times hasn't stopped
struggling since introducing an online subscription, and most depressingly, is
starting to experiment with the same clickbait bullshit that Buzzfeed
popularized (things like increasingly questionably labeled "sponsored
stories").

------
AdmiralAsshat
_" Where possible, make as much of your code visible in the package as you
can. If some of your app's logic is hidden and it appears to be suspicious, we
may remove it."_

This is the policy it "broke" apparently. Despite the entire app being open
source and commented, someone at Google could not understand his code and
hence found it obfuscated or "suspicious".

~~~
drzaiusapelord
Textbook harassment here. Google is upset these guys are hurting ad
impressions. I wonder if this is the beginning of an ad blocking backlash.

~~~
wutbrodo
That's an enormous tinfoil hat, even by hn standards

------
wnevets
>Dear Developer,

>We apologize that the update was rejected due to an snag >in the review
system. The updated item will be available >in the Chrome Web Store within 30
minutes.

>Thank you for your cooperation, >Google Chrome Web Store team

so a non story?

~~~
Touche
That happened after this being at the top of HN.

------
alex_marchant
Looks like someone from Google noticed and apologized
[https://github.com/gorhill/uBlock/issues/880#issuecomment-15...](https://github.com/gorhill/uBlock/issues/880#issuecomment-152184030).

------
server_bot
I work at a young startup (redmorph.com) building a similar privacy extension,
and we've run into the exact same problem multiple times. While I understand
that Google has a large volume of code to review, even an automated analysis
tool could split out a line number and filename to reduce the guesswork :P

I have to add my shameless pitch to this thread, and I hope that fellow
builders/entrepreneurs/startup-ers will emphasize with the fight to get
attention/users:

uBlock is a great tool but it doesn't offer any network-level services, so
you're still exposing IP/geo-location and potentially content sent over HTTP
(as opposed to HTTPS). My company, RedMorph, will soon offer in-extension
encrypted (AES-256) proxy at the first paid tier (we need to charge to cover
infrastructure cost, it's still in beta) but you can download our free tracker
blocking extension in the meantime. It's designed with usability in mind, so
the average user can "plug-and-play". We're especially interested in
empowering non-technical parents and children.

I'll be adding uBlock to this comparison soon:
[https://redmorph.com/articles/proof-in-the-
packet.html](https://redmorph.com/articles/proof-in-the-packet.html)

Thanks for your time, I appreciate thoughts and feedback!

------
dchest
Not the first time Chrome Web Store people mess with uBlock Origin:
[https://github.com/gorhill/uBlock/issues/50](https://github.com/gorhill/uBlock/issues/50)

------
Aissen
This is resolved now. Thanks sowbug !

Still worried about these "goofs" from walled gardens… Most of the time there
is simply no way out for small developers.

------
valarauca1
The core reasons appears:

>"Where possible, make as much of your code visible in the package as you can.
If some of your app's logic is hidden and it appears to be suspicious, we may
remove it."

Which maybe true, but odd as the project is publicly hosted freeware. It could
be a case of simply an automatic algorithm making an incorrect call.

Its also worth considering Google's primary revenue stream is advertisement,
which uBlock attempts to subvert to a degree.

~~~
rhaps0dy
Careful with words. It's not freeware, it's free software.

~~~
valarauca1
I'd just like to interject for a second...

------
jug
"Please reply to this email for issues regarding this item removal."

Maybe he could try that?

~~~
jessaustin
Google is famous for never responding to anything. Which is fine; that's their
business model. However, it does mean that if they wanted to communicate, they
would have included the full description of the issues, in the email that
notified him of the existence of the issues. It's not like they sent him a
tweet. Emails can include lots of detail.

~~~
takeda
Well, you are guaranteed they won't respond if you don't send a email to them.

------
moomin
That reminds me... _installs uBlock Origin_

------
cballard
Apps that do controversial things with respect to Apple or Google seem to get
rejected for seemingly random technical reasons a lot.

What does it even _mean_ for code in a packaged program to be "visible"? It
should be invisible! That's the whole point of packaging!

~~~
deelowe
> Apps that do controversial things with respect to Apple or Google seem to
> get rejected for seemingly random technical reasons a lot.

This is regarding the chrome web store, not the play store. Also, I'm aware of
Apple taking a pretty heavy handed approach, but I'm not convinced Google has
a history of this.

> What does it even mean for code in a packaged program to be "visible"? It
> should be invisible! That's the whole point of packaging!

Perhaps you are assuming this is the play store instead of the chrome web
store? Web store apps are just web pages. They want to ensure the packages are
easy to inspect and understand. It's a rule that appears to be attempting to
maintain open web standards. Given that this is HN, I assume that's enough of
a justification for anyone reading this comment.

~~~
emodendroket
It's hard to wonder if Google doesn't "have a history" when they banned all ad
blockers from the Play Store and are (maybe) rejecting ad blockers from the
Chrome Web store for vague technical reasons, particularly when their business
model revolves around ads.

------
issaria
The update is accepted as well now.
[https://github.com/gorhill/uBlock/issues/880#issuecomment-15...](https://github.com/gorhill/uBlock/issues/880#issuecomment-152195504)

------
KJasper
And it's resolved: "Dear Developer,

We apologize that the update was rejected due to an snag in the review system.
The updated item will be available in the Chrome Web Store within 30 minutes."

------
amelius
I think Hanlon's razor applies here:

> Never attribute to malice that which is adequately explained by stupidity.

~~~
webXL
I wonder if there's a razor for benefitting publicity-wise when this
misattribution is made.

------
Ch_livecodingtv
I think Google sometimes is vague when it comes to bans and take downs. There
are times they don't give clear reason which part exactly of their rules and
regulation was being violated. It then becomes a puzzle to solve otherwise
it's a sad story for content owners.

------
chillydawg
It was just sorted out. It'll be in the store within minutes apparently.

------
cven714
Will this affect those of us who already have it installed?

~~~
Nexxxeh
In the immediate term, no, it shouldn't. The update was rejected, but the
already published version remains up. There's nothing catastrophic in the
earlier version.

In the medium term, yes, because if this issues can't be resolved then the
Chrome version will be stuck on that version and lag behind other browsers.

And while there are hoops you can jump through, if it's not approved on the
Chrome Web Store, it's not getting in your Chrome.

On the plus side, sounds like good news for Opera.

~~~
caoilte
Can you not install extensions directly any more?

~~~
Nexxxeh
Not in the Stable or Beta channels of Chrome. (There may be a way of re-
enabling it, but frankly, Opera or something Chromium based.)

[https://support.google.com/chrome/answer/2811969?hl=en-
GB](https://support.google.com/chrome/answer/2811969?hl=en-GB)

------
audessuscest
Solution: Firefox

~~~
Aissen
Since it now requires extension signing they could decide to revoke any
extension they decide. Of course the process is more open, but it's also a
walled garden :-(

------
minionslave
If it goes against Google business model, I could see why they'd wanna see the
source code. Maybe to serve adds that can bypass the algorithms.

------
t_fatus
There are a bit less than 1000 lines changed from 1.2.0 to 1.3.2
([https://github.com/gorhill/uBlock/compare/1.2.0...1.3.2](https://github.com/gorhill/uBlock/compare/1.2.0...1.3.2))
I'm pretty sure google's Chrome dev team could check them by hand in less than
a day and be a little more specific on what is their real problem with this
submission !

------
bambax
Besides findability, what benefits does the Chrome Web Store provide to
extension developers? Does Chrome prevent or somehow limit the functionality
of extensions that aren't coming from the store?

(I developed a few Chrome extensions 5 years ago and used to distribute them
"by hand" to users, but haven't much followed what has happened since).

~~~
ivank
You can't install extensions "by hand" any more, unless you turn on developer
mode. And then you see a nag screen every time you start Chrome. Unless you're
on Linux.

[https://www.chromium.org/developers/extensions-deployment-
fa...](https://www.chromium.org/developers/extensions-deployment-faq#TOC-Why-
do-I-see-a-bubble-about-Disable-developer-mode-extensions-when-loading-an-
unpacked-extension-in-Windows-stable-beta-channels-)

~~~
bambax
Thanks for the answer and the link; didn't know that (May 2015: it's
recent...)

Surprised by the downvotes, wasn't the question legitimate? Or is it obvious
and old news for anyone but me...?

