On 2015-10-28, Brian Wolff <bawolff(a)gmail.com> wrote:
I'm not sure how necessary that all is, especially
for apps with only
normal edit rights, or less. If an app maintainer tries to pull
anything silly, we can just block it. Users can already be tricked
into giving their password to someone malicious, at least this way we
can easily keep track of what's going on.
I think the point of the approval process is that I don't install
OAuth app key in the application like Vicuña (
https://github.com/yarl/vicuna).
There is no clear consensus what to do with apps like this. One idea
would be ever user needs to register it for themselves, but that
of course wouldn't work with the permission queue.
~saper