Best Practices for Publishing ThingWorx Applications

Best Practices for Developing Applications > Publishing Applications Built on ThingWorx Platform > Best Practices for Publishing ThingWorx Applications

This section provides a summary of the best practices for publishing your applications.

Use the following best practices while publishing your applications to the PTC Marketplace. It is recommended to run virus and security scans on your applications before publishing it to the marketplace.

Activity	Description
Automated Virus Scan	You must check your application for viruses by setting up automated virus scans. Use antivirus applications such as ClamAv to check for potentially harmful viruses.
Static Code Analysis	A static code analysis is a technique used to analyze the software for potentially vulnerable code without executing the code. Use tools such as VeraCode to perform this test.
Dependency Check	You must check your application and its dependent system files such as JARs for vulnerabilities. Use tools such as OWASP ZAP to check the application and its dependencies for components with vulnerabilities.
Security Testing	You must test your application for security loopholes. Use applications, such as Sophos and Sonatype, to perform the security testing.
Functional Testing	You must perform functional testing of your application to ensure that the application conforms with the functional requirements.
Negative Testing	You must perform negative testing to check if your application can handle invalid input data.
Versioning of Extensions	You can publish various versions of your extension on the PTC Marketplace. See the section Extension Name and Version Convention, for more information.

Was this helpful?