How do 3rd party apps get approved for App Store or supported Integrations from GUI?

I’m a new HA user (only a few days) and interested in learning more about how 3rd party apps/integration support gets approved?

I own a B-hyve Sprinkler system that I was looking to integrate. It’s not in the Integration GUI nor in the Supervisor App Store. However, I found in the forums a component was created:

It appears to be actively supported, but only available outside the native HA offering, which I guess introduces more risk (or at least that is what Google is suggesting if I get the recommended HACS add on for 3rd party apps through the Community Store :slight_smile:)

Do developers have to go through any hoop jumping to get their offering blessed? Why do some apps make it and others don’t?

Thanks

As a developer for 3 integrations, i am well aware being part of core setup helps users to use and consume the integration. On the other hand, there is a list of additional requirements (Checklist for creating a component | Home Assistant Developer Docs) which they are actually good, but requires additional effort from developer.

Also, having a custom integration allows me to fix the issues until integration reaches a maturity level.

3 Likes

Also, having a custom integration (e.g. in HACS) rather than Core allows to decouple the release cycle of the integration from the one of HA.

Now, HACS itself has a number of requirements, but luckily you can add custom repositories.
Definitely not user friendly, but definitely the most flexible.

3 Likes

Thanks for that background and info. Using your integrations as a proxy: Do you think there is a plan at some point to comply and put in official “store”?

Or, is the more likely scenario: if folks want your integrations at any point they will need to be comfortable with whatever risks exist using 3rd party unofficial integrations?

I’m trying to get a feel for whether these unofficial apps will eventually come into HA and it’s just a question of time, or this more likely the future state too & we’ll need to get comfortable

Thanks - appreciate the color. What’s your opinion on the risks with HACS and unsupported apps? Overblown?

i don’t see a guaranteed way of being eliminating security risks when it is part of core. Especially, when main functionality for many core integrations are placed in a separate python library. I am not sure if HA developers check the dependencies and respective changes in each release.

Thanks - feels like if that is the case then maybe the HA developers should rethink the positioning and make a store that is more inclusive and simply allow users to filter by usage and other metrics (e.g. security review, user rating, etc).

Just a callout, while i am aware how home assistant works, maybe there is already a mechanism to validate this. On the other hand, home assistant is about being open source, right, so anyone can see what is running under the hood, nothing is hidden.

Good reading: Why Open Source Software is More Secure Than Commercial Software

1 Like

They will come to that, eventually.
Been there, done that. Having a monolithic code base with hundred of integrations is not sustainable in the long run.

1 Like

Agree, i am not happy to install thousands of python libraries just because there is couple of people out there might use these integrations. I would prefer to install every integration by explicit intent and i am fine to restart core for this.

3 Likes

Resurrecting old thread. Anyone have any idea what it would take to fully integrate a HACS-experience into HA, without needing to reboot core for every integration you install or update? I’m not entirely sure why a core reboot is needed when it’s possible to reload some integrations. Can you imagine rebooting your phone everytime you installed or updated an app from the app store?

Having almost every integration coming from a built in ‘store’ would allow for a lot more rapid innovation. It seems there is a major backlog for getting new integrations into HA core, and this could do a lot to relieve it - more eyeballs sooner on new and updated integrations.

On rebooting part;

  • if it is a new integration you are adding through hacs, there are probably some dependencies need to be downloaded from python library servers and this dependencies will be available after installation. So there is a dependency checker in HA in every restart taking care of this. On the other hand, i started to question myself if these are installed at restart time or integration addition time. :slight_smile: got lost
  • reloading installation doesn’t change any local python files or libraries, just clear the integration state and tell it to start from scratch.