Fundamentally, outside of the initial question raised in OP about load metrics, the suggestions around coding going awry boil down to a few things
-
Custom code can lead to problems / be malicious
Yes, it certainly can.
-
Most support cases are due to bad custom code
Seems totally obvious - I believe it when @bravenel he says it.
-
Proposal to remove custom code as way to combat support load
This would break everything Hubitat stands for.
-
Hubitat blessed, community-driven code review / plugin acceptance platform
This is a great idea, but one that requires time investment in the form of, if nothing else, organization (actual code review, policy writing, rule preparation, platform development, etc etc not withstanding).
Fundamentally, the Hubitat platform has three massive legs up over the competition
- Not being cloud based
- Having the ability to run & write your own custom code (drivers, apps, etc)
- The power that Rule Machine brings to the table as a function of the aforementioned
I applaud Bruce's stance (and presumably the company's official stance) on custom code:
Users need, and should be forced to, take responsibility for their own actions (you know, be an adult). It's absolutely on you, the user, to understand and acknowledge that running code you didn't write, and have no idea what it actually does, could potentially be harmful. And more importantly, to own that mistake when support says "This code is causing issues".
The community here is quite vibrant and active - when someone writes code that's got a bug, it's quickly squashed (see: @Cobra's anecdotes). Similarly, I would expect to see a very quick reaction by the community at large should code be identified as malicious - that's the beauty of a thriving open-source community.
If living inside of a walled garden is more attractive to you than having the full power and potential that freedom brings, I would encourage you to look at other Home Automation solutions (@sptrr99). Don't ask the rest of us to live inside that walled garden with you though - we value the choices that Hubitat lets us make ourselves.
tl;dr:
If you're concerned about custom code, don't run it. If you choose to run custom code, take responsibility for your actions.
=====================
The Community platform for apps and drivers is a great idea, and I think Hubitat officially blessing it is awesome - but it's a huge time sink. Which is precisely why it doesn't exist today. On top of that, there simply aren't (right this moment), enough people developing third-party code to really warrant the investment. For now, the forums seem to be working (see: vibrant and active FOSS community). A first stab at something like this might be as simple as a github repository, where all PR's are audited and commented on, documentation exists as wiki pages, discussions exist in the form of bug, etc etc.