Publishing to the Marketplace

Bientôt disponibleDéploiement en 1 clic sur Vultr MarketplaceM'avertir →

CarphaCom

4. Review workflow

Submissions land in a queue. Review covers:

Manifest validation — schema, semver, ID uniqueness.

Signature verification.

Static security scan — dependency vulnerabilities, dangerous patterns (eval, child_process without sandbox).

Functional smoke test — installer + uninstaller run on a sandbox CarphaCom instance.

Listing review — descriptions accurate, screenshots real, no broken links.

Most reviews complete within 2 business days. You'll receive email + dashboard notifications.

States: submitted → in_review → (approved | rejected | changes_requested) → published.

5. Versioning

Use strict semver:

Patch (1.0.0 → 1.0.1): bug fixes, no schema or API changes. Auto-update is enabled by default.

Minor (1.0.0 → 1.1.0): new features, backwards compatible. Auto-update enabled.

Major (1.0.0 → 2.0.0): breaking changes. Auto-update disabled by default — merchants must approve.

Bump version in manifest.json and package.json together. Submit each version as a new release through Developer Portal → My Items → [item] → New version.

1. Create a developer account

2. Generate a signing key

3. Submit a new item

4. Review workflow

5. Versioning

6. Earnings

7. Support obligations