Idea: Blender Add on manager - "UPDATES" panel and Blender cloud accounts

Most package managers on linux can not only install packages, manage them, but also update them.
Blender already has a lot of addons and an addon repository that is official.
Each addon has a way of checking if its compatible with the version of blender that you are running.

But every time there is a new update to that add on, it’s pretty easy to miss because the only place where it is announced is here at blenderartist or at some obscure blog somewhere.

Wouldnt it be great if Blender’s addon manager could also check all addons for available updates and let you update them all with a click of a button?

Also, instead of using one central server that is official (Blender’s) the addons could specify their own update location (more often than not on a github server). That way all of the community addons could get the ability to update themselves when you click them.

Moving the idea further, Blender cloud could allow blender users integration with the software. Blender could store a list of your preffered addons on blendercloud and let you just get them all again with a simple sign in to the cloud. This will motivate all blender users to sign up to the cloud.
In this way for example the Chrome web browser and it’s integration with your google account lets you automatically get all of the addons and bookmarks you previously had on your browser automatically when you move to another computer or operating system.

Can you think of more ways blender could interact with the cloud? What are the top features you would like to have using the cloud?

Here is a crude mockup of the GUI design that could be used


Auto update would be nice, but how to index all those addons who are spreaded around the web?.
Unless people collect them (seen some attempts for that).

Maybe blender.org should host them.
As well thats the most central site to Blender (people would like to post their addon there).
Wont be much data (python code, and perhaps a youtube link / picture to explain and some text).

But maybe… blender itself should autoupdate as well, and maybe not by complete program.
But if a little part got updated then just that part, a bit like windows 10 insider program.
-user could be presented a popup to install the future, or to copy the update, and use it in a copied blender folder.

Maybe something for 2.8 ??
Its kinda strange that there is no updating part in Blender, these days most software has some mechanism for it,

No. Where & whom to report bugs? For every different addon separately or to BF? Who would be responsible for one time addons or their updating? Or just for experiments, betas… and so on.
I think & firmly believe this is users choice & responsibility.

There are some here: http://wiki.blender.org/index.php/Extensions:2.6/Py/Scripts
Some here: http://blenderaddonlist.blogspot.com/
… and some on their developers homepages.
I like & love that some effort is put into better self by seeking, learning, problem solving, understanding, discovering…
You want to take all of that away?
Easy way is not always the best way. Usually it’s worse, look around you.

PS
I find integrated updating mechanism as bloat code & distracting.
I read about and visit sites that interest me. My choice is to keep my self updated.

Though thank you for the offer.

+1 this would be really handy.

Being able to share materials/node setups would be nice. I think this is being looked into?

In the actual addon code there can be a variable for blender’s addon manager that contains the data to check the addon for updates and update the addon (URL).

That way addon creators don’t have to pass a review process by blender fondation in order to incorporate a way to update their addons.

In the same way the addon could also store in its code a link to report bugs/contact the author, a release log and other types of metadata that would be useful.

Blender’s addon manager with some love can help blender reveal to the world its true potential that has been built by the community for years. Not just an addon manager, but also the key to extend blender in the matter of a click. No more hunting through forums and manually copying and pasting stuff.

Another idea to take from Linux package management is the idea of repository channels. If you add the ability to list addons on a server to download within the addon manager, you can have addon channels. A stable official addons channel (blender foundation), a personal channel that the user has backed up (the list on blender cloud i mentioned in my previous post) and an unstable custom channel (one that someone else has created and you imported - blendermarket for example can have their own).
In this sense a channel really is a list file containing addons data to download and update multiple addons. The list can be updated just like the addons can be. It tells blender where the addons are.
The addons can tell blender how and when they need to be updated - in that sense the actual addon developers keep control over the addon updates.

I think the way blender handles assets can be made to be much much smarter - not just addons. If you want people to sign up to blender cloud, give blender a way to interact with the cloud more. And in the spirit of open source software, don’t lock up the cloud just to blender foundation. Let developers play with it, let them do it via github or whatever they use to develop and host their addons.

We are at a stage where some blender addons are as big as an entire application and in a sense blender has turned into an Operating System for 3d modelling. Blend4Web for example - its an entire game engine. It’s a hassle to manually update it every time, but you have to. Each update brings many new features and bug fixes.

that could be a good plan

Maybe you should contact the owner of this website http://blenderaddonlist.blogspot.nl/
There should be some more sites like that btw

I think that the addon update process should not be locked to a single organization or server.
Linux distros may have official channels to update the software, but their package systems are completely open and it is easy to add your own repositories.

The best example for me is the way arch linux deals with it. If you look at the way yaourt works - they recently moved AUR to github entirely.
Arch linux PKGBUILD scripts are a beautiful example of a great system to get software, but also be able to easily customize the script to get a more bleeding edge version from elsewhere and even change the compilation approach.

How often do addons get updated between blender releases ? If never or very rarely then is it worth the effort ?

The updater would have to know what version (and possibly particular build) of blender you have and whether the update to the addon is still compatible with the version (and build no. if using buildbot version) to know whether it is safe to update or is it going to break the addon.

Modern software does do such checks, and its also quite easy to check.
A good update system could also more easily update blender in parts that got an update only.
(so blender.org can save on bandwidth costs).

Also windows 10, got a nice update system (most hate it but…) if you dont change your settings, then your PC will share updates with other PC’s on the internet… think of it as torrent based updater.

While linux repositories are nice, i do remind sometimes its not that easy; some repositories are not updated regullary. but well it can work, i didnt always had the latest blender version but it kinda worked.
Not to be negative about linux, i’m using 2 linux mint boxes, and 2 windows boxes (10 and 7 )

Given the vast amount of addons and the size and importance of some of them in blender, I can see that I am not the only one starting to see a problem with the lack of an adequate addon update system in blender.
:slight_smile:

All if really needs is an API that allows addon developers to allow their users to automatically update their addon.
So you neeed two things:

  • b3d Addon updater API - When prompted by user, the api looks into an addon source code for the needed variables to check for an update and update the addon.
    Here is an Arch linux PKGBUILD file for example:
    https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=mypaint-git
    note the “source=” variable. It points to a different URL for each PKGBUILD file

  • b3d Addon channels API - When prompted by the user, this API reads from a special “Addon repository list” text file. This text file can be created by the user from the addons they have installed, exported and shared with other users. It can be backed up in the cloud to their blender cloud account. An official version of the list can also be automatically downloaded from blender’s server (the official blender foundation addon channel). The list basically contains a recepy to download/update addons from different locations (not just a single server).
    Blender should be able to automatically generate an addon repository list from the addons that the current user has installed. It should also be able to read from an addon repository list file and import addons that are currently not listed in the user’s channel.

I say do it one by one. For starters and UPDATER api should be great. Then as extra features think of the channels api. One is meant to enable addons to update themselves. The other is to help the users manage their own addons and share them.

I love the package manager of Sublime editor.
https://packagecontrol.io/

This will make things clear about how it will work.

Anyone working on this should definitely consider how they’re going to address the inherent security risk in letting any add-on download files from any arbitrary source on the Internet. While the current way is certainly more manual and can admittedly be annoying, you’re at least forced to go through a little bit of due diligence to ensure that you trust the individual from whom you’re downloading your updates.

For Linux repositories there are maintainers that handle what gets included or not. And if you combine having the code on Github or something equivalent, you can very easily look at the code before you install it (diff comparisons, etc.) It doesn’t mean that bad code can’t get through the system, but I have yet to see virus type code get installed through a Linux repository. Blender Market has a lot of these mechanisms in place already, we just need to have a method to determine when a new version is out and be able to install it from within Blender itself.

If you have installed the addon once and it worked for you - then the update variable in it should already be a trusted update source that was placed there by the developer.

If you are installing an addon from your own channel (bookmarked addons list) or from the official blender foundation list - then again it is a trusted source.

Are there any other ways to see if there are malicious bits of code in the addon? If it’s made out of pure python code - then it can be read by the user before installing it.
Doesnt blender already have a mechanism to check with which version of blender the addon is compatible, who made it and its description?

The addon could notify the user as to what the update url is and prompt wether to install the update.
This data can be shown with the update size,included files, version number and release date. If some of that looks shady, then it would be the user’s decision to trust it or not. I wouldnt trust an addon with binary files or executables included. Clean, open source python files are more trust worthy.

Are there any other ways to increase addon security? I am yet to hear of a virus or adware that was written as an addon specifically for blender. And wouldnt that be a problem with or without a functional update system anyway?

Let me preface by saying I’m not trying to be dismissive of this idea. There are just some serious considerations that need to be accounted for when trying to design a feature like this.

If the add-on is notifying the user of updates, that means that every single add-on potentially has to query a different websites to look for updates each time the user starts Blender. Granted, it’s a small query, but Blender has a lot of add-ons. This could definitely slow down Blender’s start time… especially if one of those sites is unresponsive.

Blender should NOT check addons for updates at startup.
It should do it only when prompted by the user (“check for updates” button). It could also be done on a per add-on princliple - letting the user check for a new version a specific addon, not ALL of the installed addons.

The less obtrusive this is, the better.

This is a great idea, I’d really like to have a way to update all my addons automatically instead of just downloading and replacing files or folders each time an addon is updated; it takes time, and it gets annoying and very time consuming when you rely on many addons for your daily work… I don’t really know how this should be managed, but it is definitely something that should’ve been done some time ago. :slight_smile:

Here is a crude mockup of the simplest approach I could think of - a three state button system. The button informs the user of the state of the addon, it also serves as a way for the user to prompt a command.


(also added it to the first post)

Yes please. The update feature would be really needed.

I think that blender updating AND all your addons would be nice, but not the day of the release,

maybe like 3 weeks after the release, so the thing can be tested before it bricks people’s projects.

Just my 2 cents.