Distribution + queues locked: 3-store browser-ext + dual VS Code marketplace + PWA-only + CF Queues + Hookdeck
Distribution + queues locked
Single consolidated Batch 13 decision covering four parallel distribution / reliability picks. All four locks were originally proposed at wider scope and walked back to the floors below — the family chose simplicity over coverage every time.
Decision
1. Browser extensions: Chrome + Firefox + Edge
Every oriz-*-ext repo publishes to all three browser stores:
- Chrome Web Store — $5 one-time dev fee (sunk cost, not a subscription)
- Firefox Add-ons (AMO) — free, unlimited
- Microsoft Edge Add-ons — free, unlimited
CI flow: build once via web-ext; submit in parallel to all three.
2. VS Code extensions: VS Code Marketplace + Open VSX
Every oriz-*-vsc-ext repo dual-publishes:
- VS Code Marketplace — Microsoft's official, free
- Open VSX Registry — Eclipse Foundation, required for VSCodium / Cursor / Theia / Gitpod / code-server
CI flow: build once into .vsix; vsce publish + ovsx publish.
3. PWA-only on every site
Every site in the family ships as an installable PWA via
@vite-pwa/astro. No native
wrapper. Workbox-generated service worker, manifest, install prompt.
4. Webhook reliability: Cloudflare Queues + Hookdeck
The reliability stack is two layers:
- Hookdeck (webhook ingress) — 50K events/mo free, exponential-backoff retries, replay UI
- Cloudflare Queues (fan-out queue) — 1M ops/mo free, native Worker binding
Producers POST to Hookdeck ? Hookdeck retries to api.oriz.in Worker ? Worker enqueues onto Cloudflare Queues ? consumer Workers drain.
Why
All four picks share the same logic: simplicity over coverage, built on the family's already-locked stack, and all free or one-time-fee.
- Three browser stores reach >99% of extension users; adding a
fourth (Safari, Opera-native) would gate on Apple Developer
Program ($99/yr — fights
no-subscriptions-anywhere) or duplicate Chromium reach. - Two VS Code marketplaces reach every VS Code-compatible editor (VSCodium, Cursor, Theia, Gitpod, code-server). JetBrains is a different IDE family — different artifact format, different build, different audience. The family has no JetBrains plugin in plan; pre-emptively wiring the publish step would be over-coverage.
- PWA-only means every site is installable today with no Apple Developer / Google Play tax, no signing complexity, no per-platform binary build. Capacitor and Tauri stay walked back unless a hardware / native-only feature need lands.
- CF Queues + Hookdeck stacks two reliability layers from services the family already pays $0 for. Trigger.dev's durable-workflow model is more powerful but redundant for current webhook volume, and adds a new account / credentials surface.
Implications
- Every extension repo (
-extand-vsc-extperbranding/repo-naming-suffixes.md) carries one CI workflow that publishes to all the stores in its flavour's row of the matrix below. Perdecisions/process/per-repo-ci-workflows.md. - Every site repo enables
@vite-pwa/astrovia the preset; the only per-site override is name / icons. - Every external-webhook producer (Razorpay first; Lemon Squeezy, GitHub, others as added) targets a Hookdeck connection URL, not api.oriz.in directly.
- All credentials originate at Doppler
and mirror to GitHub Secrets
per
security/secrets-management-doppler.md. - The earlier
infrastructure/extensions-cross-store-publish.md(Batch 1) andinfrastructure/hookdeck-for-webhook-reliability.md(Batch 4) anddecisions/architecture/queue-cloudflare-native.md(Batch 8) are NOT superseded — they remain in force; this Batch 13 lock consolidates them with the new VS Code + PWA + Hookdeck-as-ingress facets and records the walked-back alternatives.
Publish + reliability matrix
| Surface | Targets (active) | Walked back |
|---|---|---|
Browser extension (oriz-*-ext) |
Chrome Web Store + Firefox AMO + Edge Add-ons | Safari (Apple Developer fee), standalone Opera |
VS Code extension (oriz-*-vsc-ext) |
VS Code Marketplace + Open VSX | JetBrains Marketplace |
Site (oriz-*-site) |
PWA via @vite-pwa/astro |
Capacitor, Tauri, TWA |
| Webhook reliability | Hookdeck (ingress) ? Cloudflare Queues (fan-out) | Trigger.dev (durable workflows) |
Walked back — why simplicity over coverage
| Walked back | Originally proposed for | Why walked back |
|---|---|---|
| JetBrains Marketplace | VS Code distribution trio | Different IDE family entirely (Gradle build, JetBrains Platform SDK, separate audience). Family has no JetBrains plugin in plan; adding the publish target pre-emptively is dead code. Re-open if a JetBrains plugin is ever greenlit — likely under a -jb-ext suffix added to repo-naming-suffixes.md. |
| Capacitor | Native PWA wrapper, parallel to vite-pwa | iOS publish requires Apple Developer Program at $99/yr, conflicts with no-subscriptions-anywhere. Android publish doable free but adds a per-app binary, signing, Play Store review. PWA install on Android already covers the install-icon use case. |
| Tauri | Native PWA wrapper, parallel to vite-pwa | Adds a Rust toolchain + WebView dependency for zero gain over PWA on the surface the family targets (web). Re-open only if a desktop-native feature lands (system tray, native-menubar, native-FS) that PWA APIs can't express. |
| Trigger.dev | Durable-workflow queue alternative to CF Queues | Powerful programming model (code-defined multi-step workflows with checkpointed state) but overkill for current webhook volume. Adds a separate account, credentials surface, and hosting dependency. CF Queues + Hookdeck covers the same reliability surface inside the family's existing stack. Re-open if multi-step durable workflows become a real need (the queue/inngest.md entry covers the same swap-target shape). |
The shape of every walked-back item is the same: marginal coverage gain at the cost of a new credentials surface, a paid tier, or a build-toolchain dependency. The family stays small, the stack stays on Cloudflare, and re-opening any of these is a one-decision flip when a real need surfaces.
Cross-refs
- Repo naming suffixes —
-ext/-vsc-ext - Earlier cross-store browser-ext decision (Batch 1)
- Earlier Hookdeck-for-Razorpay decision (Batch 4)
- Earlier CF Queues primary decision (Batch 8)
- Chrome extensions as submodules
- Per-extension privacy policy
- Per-repo CI workflows
- Cloudflare Pages for all sites
- No subscriptions anywhere
- No card-on-file rule
- services/business/extension-store/index.md
- services/business/pwa/index.md
- services/data/queue/index.md