The approval of plugins is primarily carried out by contributors. Currently, the primary contributor is Admire Nyakudya ([email protected]). Do not hesitate to get in touch with him if you have any questions about the plugin approval process.
The approval process involves the following steps.
All new plugins follow the rough guidelines outlined below:
Note: Plugins cover a whole range of domains which the person doing the approval might not be versed with. With such an expectation, we will try to do random tests (random plugins will be selected) to see if the plugin installs and runs without crashing QGIS. We also expect plugins to be cross-platform, working on Unix systems and Windows. In the list of published plugins, we have a diverse range of plugins offering different functionality. We encourage plugin developers to collaborate on plugins offering the same functionality as developing plugins with functionality that is almost similar. If you need to enhance a particular plugin, we are able to facilitate this with an existing author. For issues relating to the transfer of ownership, or updating any other metadata about existing plugins, please do not hesitate to contact us through the QGIS Developer mailing lists.
These are plugins that are already in use and being enhanced by new versions being uploaded. During the approval process, we expect the following:
Note: Testing will also be done randomly to see if the plugin still works and does not crash QGIS.
We try to publish/approve plugins daily with the exception of weekends. If you have uploaded a plugin on Friday-Sunday, it will most likely be approved on Monday. During extended holiday periods, the timelines might be even longer. We also take into consideration that contributors live in different parts of the world with different public holidays. This might also impact the timelines for approval.
Every uploaded plugin version goes through an automated two-step process before becoming available for download:
Note: You can inspect the scan results at any time by visiting the version detail page and clicking the Security tab.
Users who have been granted the can_approve permission are
considered trusted contributors. Their upload forms show an
additional optional checkbox:
Publish immediately after security scan passes — If checked and all automated security checks pass, the plugin version is published automatically without waiting for manual review.
This checkbox is unchecked by default. Leaving it unchecked means the upload follows the same two-step flow as any other contributor: upload → security scan → manual approval. Checking it is an explicit opt-in for fast-track publishing.
Fast-track approval is based solely on the uploader's permission.
Uploading a new version to an existing approved plugin does
not grant fast-track status; only the uploader holding
can_approve and explicitly opting in does.
On the plugin upload page, tick the Publish immediately after security scan passes checkbox before submitting. Leaving it unchecked follows the standard two-step flow.
version_create_api)
Include auto_approve_after_scan=true as an extra field in your
multipart POST request alongside the package file.
Omitting the field (or sending false) uses the default
two-step flow.
curl -X POST https://plugins.qgis.org/plugins/<package_name>/version/add/api/ \
-H "Authorization: Bearer <your_token>" \
-F "package=@my_plugin.zip" \
-F "auto_approve_after_scan=true"
plugin.upload)
Pass a second boolean argument to the plugin.upload method.
Existing callers that pass only the package continue to work unchanged
(the parameter defaults to False).
import xmlrpc.client, base64
server = xmlrpc.client.ServerProxy("https://user:[email protected]/plugins/RPC2/")
with open("my_plugin.zip", "rb") as f:
data = xmlrpc.client.Binary(f.read())
server.plugin.upload(data, True) # True = opt-in to fast-track
If you are a regular contributor and would like to be considered for trusted status, please reach out through the QGIS Developer mailing list.
dai nomi dei campi)
Plugin Tags