* $100 buy in. Yearly. (Firefox, Edge, Chrome, Opera... No license fees.)
* Long, bug-prone, and somewhat idiotic review process.
* No way to charge for an extension, to recoup that $100. So its ads or nothing.
* Installation page only. No reviews. No real information.
Caveat: You can develop for free, without getting listed, but then you can't automatically update the extension.
What's coming in Safari Extension world:
* The $100 fee is staying.
* Xcode requirement. You'll need a Mac to publish.
* Swift/Objective-C requirement. No more HTML/JS/CSS only.
* Mac store listing, which means you can charge for extensions. But the Mac Store isn't known for a nice review process.
* Hugely lacking documentation. Hopefully this'll change... But Apple doesn't have a good track record here.
Reddit Enhancement Suite has to decide between not publishing for one of the major browsers, or paying out for a longer, harder to maintain process, to achieve the same thing as they already do for Firefox, Chrome, Edge and Opera.
Apple seems to hate their own developers. This story, others, and my own experiences tell me that Apple makes everything more difficult than need be to put together a program, small or large, that actually runs on their platform.
Swift was a step in the right direction, a nice language, a decent Open Source effort, and cross platform to boot.
But Safari... Safari lacks in so many areas that it's progress on JS doesn't matter much. Isolating those who build for it is unhelpful.
It almost seems like Apple want Safari to die.
To Apple's credit, they are occasionally way ahead of the curve on developer convenience, and have reaped huge benefits from that.
I tried making smartphone apps in 2003-07 for Symbian, Java ME and the very first Android beta (the one that had a traditional keypad phone emulator). The experience was always disheartening. Horrible IDEs that sometimes cost money, awful device feature fragmentation with no standard ways to handle it, inconvenient APIs designed in the style of '90s embedded platform expectations.
If you managed to get a working app together, distributing it was a mystery. On Symbian, you'd have to pay something on the order of $1000+ for certification from a "special Symbian partner", and even after that there was no central app store. There were websites offering downloads (and paid listings), but users would not stumble on those. It was a terrible offering all around.
The native iPhone SDK in 2008 changed all that. Suddenly there was a smartphone with a desktop-class IDE experience and desktop-derived APIs, with easy access to fascinating new multitouch UI possibilities... And there was an integrated Apple-curated store where you could publish any number of apps for only $99 / year! That was an amazing deal compared to anything that came before in this space. Some occasional hassles with Xcode bugs and certificate weirdness was nothing compared to the nightmare of the Symbian/JavaME style mobile dev experience.
Even before that, Apple had done well by its Mac OS X developers by offering the NeXT-originated Cocoa tools for free. Back in 2001, that wasn't the expectation yet. It was a good API, battle-hardened at NeXT already, and much better than anything Microsoft was pushing in that Windows XP timeframe. Apple's efforts to support OS X development had two major benefits: the Mac's resurgence was helped by increasing availability of good 3rd party software created by dedicated developers, and the iPhone global launch was greatly helped by the fact that those same OS X developers were able to easily move to the iPhone.
I think that Apple did absolutely the right thing for a young marketplace. It was bad enough as it was (remember the $1000 app that did nothing? And the game with a $100 in-game purchase of ammo?)
In any case, malware is best prevented by strong sandboxing. Forcing everyone to go through the store does approximately nothing to fight malware.
Additionally, not all malware needs to escape a sandbox. For instance, there are a bunch of fake apps that simply capture credentials, or that make expensive phone calls or texts.
A well-run store that can run tools against images is a decent first line of defense against malware. A store also provides reliable information about code publishers. These are not a complete defense, but they appear necessary.
The iOS model (and now Android model) of prompting for permission when the app first tries to use it is much more solid. If an app requests access to your contacts for no good reason, you'll get a fairly obvious prompt and you can say no. There's still some trouble with getting users to pay attention, but it's a lot better.
I don't see how this makes a store appear necessary. Android doesn't allow sideloading by default, and iOS can now sort of sideload apps using the new free signing stuff Apple put out. The limits on the number and duration of sideloaded apps make them impractical for selling legitimate software, but are no obstacle to malware.
Apple seems to have gotten their trophies here (no doubt) and then stared at them rather than figured out how to get more.
Apple controls the entire software and hardware stack so their crappy dev experience is a consequence of either incompetence or arrogance.
There's a one-off $5 fee to publish things on the Chrome store.
But that one off fee seems incredibly negligible against Safari's fee, which is 20x larger... And yearly. For smaller marketshare.
Just stop supporting Safari. It's more trouble than it's worth and, generally, the type of person that runs RES isn't running something has uncustomizable as Safari.
Of course Firefox beats both Chrome and Safari out in this aspect, but you trade off things like the battery life you mentioned as well as compatibility with OS X services and general native-ness (Firefox has always felt odd and foreign under OS X due to using XUL for its UI). For someone like myself whose extension needs stop at Stylish and a good adblocker, the trade off isn't worth it.
I think Google charges like a $5 one-time fee to publish a browser extension, as a way of discouraging trash extensions.
Do you know if this will allow companies to install extensions to their employee computers automatically?
I worked on a commercial Safari extension briefly assuming this functionality had to be there, but gave up when I realised there was no way to push it to an employee's computer without a prompt.
Totally disagree. Publishing Safari extensions might be a rubbish experience, but publishing anything else is fine.
There's a comment on the post disputing this possibility.
This isn’t correct. Without paying the $100, you can’t get a certificate, and
without a certificate, you can’t sign an extension to build a safariextz.
Or even better? Higher barrier to entry and more protection against crappy extensions, spam extensions, amateur hour, etc?
It almost sounds like they want really fast extensions they can confidently distribute on iOS...
I guess what I'm saying is that in some ways Safari is the new IE, but without the same reach. The same kind of vendor lock in and shitty expensive tooling.
I also frequently report bugs in the Chromium project and I usually get an answer in less than an hour. Never a bug I reported was ignored, legitimate or not.
Recently I wrote an article criticising iOS from a dev perspective and posted a tweet from a core webkit member:
> that's because they have a lot more engineers and evangelists/dev-rel than Apple
...referring to Google and the Chromium project.
Well, hours after I published the article the Twitter user was deleted.
Here's the article in question: https://medium.com/@Pier/why-i-hate-ios-as-a-developer-459c1...
> Which they, Microsoft, have ironically backed away from.
Are you really sure that Microsoft backed away from this path? Just google about "Intel SGX (Software Guard Extensions)" and inform yourself how Windows 10 uses/plans to use them. To help you a little bit for researching on this topic, here are two references:
From the article: "The $100 per year fee, which doesn’t have to be paid to publish to any other browser."
Found it (): "Before you publish your first app, you must pay a one-time $5 developer signup fee. A reminder in the dashboard will appear until you pay the fee."
It's not $100, but I remembered having to pay 'something'.
Google and to a lesser extent Mozilla are doing way better on this and seem way more experienced in handling the extension ecosystem.
Conversely, they may want existing iOS and Mac devs to be the ones creating Safari extensions rather than the current crop of multi-browser extension developers. This may be their way of trying to recreate the Mac's propensity to be a host to unique, platform-exclusive apps — in other words, they want Safari to have several prominent exclusives instead of just the same stuff you see everywhere else.
Regardless of the motive I think it's safe to say that it isn't working out as they've planned.
Maybe the thought that Apple had was that charging the $100 would leave them with a smaller set of extensions, with higher quality. I'm not really sure it's working, sure there's fewer extensions, but still a large number of weird ones.
Wouldn't it be possible to do the auto-updating logic yourself? Is there something preventing this? I assume extensions can store stuff with localStorage, so what's to stop you downloading the code and eval'ing it?
On the Mac App Store, besides copy-pasting some Swift/Objective-C, you also need to come up with a UI for your app. It'll probably be a storyboard with a single window that lets users know how to activate your extension, but getting the details right without prior experience in Cocoa development will eat some of your precious dev time.
I understand a developer’s desire to have more reach with less work. But if all browsers have the same APIs, for the same feature set, with the same UI... then what is the point of having different browsers?
If Safari’s API changes lead to extensions that are better integrated with the underlying platform (and I don’t know if that is the case), I say all the power to them.
This is good, and allows browsers to compete on privacy, performance, security, support for web standards, ui/ux, etc.
Second, he writes:
“Maintenance of Safari Extensions is also about to get even worse”
And then: “All four of the other browsers use effectively the same APIs — Safari is potentially going to change that in some ugly ways” and To develop a Safari extension may eventually require Xcode” (emphasis mine).
So it implies that Apple is forcing a switch to the Safari App Extension model, but there doesn’t seem to be any evidence of that. Both the traditional extension model and the new app extension model are supported side by side right now.
While I agree that the review process is ridiculous, I think the author is disingenuous or uneducated on a few of the key points of the article.
> First, you can auto update extensions distributed via your own web server. It says so right in Apple’s docs how to do it:
Only Safari extensions installed from the Safari Extensions Gallery can be
updated automatically. 
The future of extensions development takes place in Xcode 
As of Safari 10.0 on macOS 10.11.5, Safari extensions are created as app
extensions in Xcode. New extensions are wrapped in a containing macOS app and
are distributed and sold on the App Store. If you have created an extension
with the methods described in this document, consider transitioning to the new
extensions model. 
I will gladly pay if you start charging. I'd pay in the neighborhood of $15 for Safari RES. Would love to pay for you to host my RES tags, too.
Is this $100 per extension or $100 per developer? If the latter, make a non profit organisation as 3rd party who pays the fee and allow others to join it for free.
The problem is basically one of jumping through hoops - but the hoops are poorly defined, poorly maintained, constantly moving and often nonsensical.
Having to pay for the privilege is just the icing on the cake.
Where did you get that from? Or are you mixing up utilizing existing tax laws and legal loopholes with evasion? Or is it a reference to the EU tax ruling of $14 billion that's still in courts?
Wikipedia says, "Tax evasion is the illegal evasion of taxes by individuals, corporations, and trusts."
If the person who publishes RES also publishes others, that person still only needs one.