This came up in a meeting today between Samuele and I and we felt it would be good if the store verified that the snap type does not change in a new upload. Eg, if the last upload's snap type was 'app', then we should reject the upload if the next is 'gadget'.
Today the review-tools flag for review when specifying anything other than 'app' which helps, but would not discover going from a non-app snap type to 'app' (not to mention, we won't always flag for non-app). The review-tools also are stateless and cannot be adjusted to check for this (without the store passing the review-tools the previous snap type).
I'm not sure if the store shouldn't just perform this check or if it should pass this in to the snap (perhaps --previous-yaml=/path/to/last/yaml). There are problems with passing this to the review tools since determining what is 'last yaml' is tricky. Best is probably for the store to store the value of the first upload's snap type and comparing on every upload (or passing that to the review tools: --previous-snap-type='app').
It sounds simpler for the store to check this. Type seems to be stored per upload, and we can check an upload always matches the previous one's type. We'd need a bit of scouring the database for any snaps which have changed types so we can decide what to do in those cases, looking back, but if implemented as I describe, this should never happen again going forward.
This is probably oversimplistic and I may be missing some subtleties but we can hammer those out during the specification phase if this sounds acceptable in general.
I have a question though: do we want to allow some way of changing a snap's type? or would the type be set "in stone" after the first upload? If the latter, I think we need to be careful and transparent in publicizing this change of behavior.