Restricting access and edit permissions of metadata

What is claimed is: 1. A method, comprising: operating, by a computer system, a server-based application workspace; storing, by the computer system, subscription information indicating a user that is a developer for a particular application package, and one or more users, different from the developer, that are subscribers for the particular application package; storing, by the computer system, lock data for the particular application package that indicates permissions to edit individual ones of a plurality of application components for the particular application package, wherein the lock data specifies a first group of non-subscriber-editable components that includes a first application component, and wherein the lock data specifies a second group of subscriber-editable components that includes a second application component; based on the lock data: permitting, by the computer system, the developer to edit all of the plurality of application components of the particular application package; and denying requests from the subscribers to edit the first application component; and accepting requests from the subscribers to edit the second application component; storing, by the computer system, edit information in a database indicating differences in the second application component before and after the subscriber edits; detecting, by the computer system, a conflict between a particular subscriber edit and a particular developer edit to the second application component; providing, by the computer system, the edit information and conflict details to the developer; and in response to the detecting, resolving, by the computer system, the conflict. 2. The method of claim 1 , wherein the lock data applies to all application components for the particular application package. 3. The method of claim 1 , wherein the lock data further specifies a third group of subscriber-readable components that includes a third application component of the particular application package, and further comprising based on the lock data: allowing requests from the subscribers to read the third application component; and denying requests from the subscribers to write to the third application component. 4. The method of claim 1 , wherein the lock data is specified by the developer at a release of the particular application package to the server-based application workspace. 5. The method of claim 1 , wherein providing the edit information to the developer includes sending, by the computer system, information associated with edits to the developer in response to a release of the edited second application component to the application workspace. 6. The method of claim 1 , wherein providing the edit information to the developer includes operating, by the computer system, a background process in the application workspace that periodically scans installed application components to identify new edits. 7. The method of claim 1 , further comprising: overwriting, by the computer system, any subscriber edits to the second application component during a subsequent developer upgrade of the particular application package. 8. The method of claim 1 , wherein resolving the conflict includes overwriting, by the computer system, the particular subscriber edit with the particular developer edit. 9. A method, comprising: operating, by a computer system, a server-based application workspace; installing, by the computer system, application components for a particular application package into the server-based application workspace, wherein the particular application package specifies a plurality of application components; storing, by the computer system, first and second permission values for respective first and second application components of the plurality of application components that indicate that the first application component is accessible by other application packages and that the second application component is not accessible by other application packages; storing, by the computer system, subscription information indicating a user that is a developer for the particular application package, and one or more users, different from the developer, that are subscribers for the particular application package; storing, by the computer system, lock data for the particular application package that indicates permissions to edit individual ones of a plurality of application components for the particular application package, wherein the permissions for a given user are based upon whether the subscription information indicates that the given user is a developer or a subscriber; allowing a user identified as a subscriber to edit a particular application component; storing, by the computer system, edit information in a database indicating differences in the particular application component before and after the subscriber edits to the particular application component; detecting, by the computer system, a conflict between the subscriber edit and a developer edit to the particular application component; providing, by the computer system, the edit information and conflict details to the developer; and in response to the detecting, resolving, by the computer system, the conflict. 10. The method of claim 9 , wherein the lock data applies to all application components for the particular application package. 11. The method of claim 9 , wherein providing the edit information to the developer includes sending, by the computer system, information associated with edits to the developer in response to a release of the edited particular application component to the application workspace. 12. The method of claim 9 , further comprising executing, by the computer system in the server-based application workspace, application components for a different application package, wherein the executing includes an attempted access to the first application component of the particular application package by an application component of the different application package; permitting, by the computer system, access to the first application component of the particular application package by the different application package, wherein the permitting is based on the first permission value; and blocking, by the computer system, access to the second application component of the particular application package by the different application package, wherein the permitting is based on the second permission value. 13. The method of claim 12 , wherein second lock data for the different application package indicates that all application components of the different application package are editable by subscribers to the different application package. 14. A non-transitory computer-readable medium having instructions stored thereon that are executable by a computer system to perform operations comprising: operating a server-based application workspace; identifying a user that is a developer for a particular application package, and a set of users that are subscribers for the particular application package; storing lock data for the particular application package, wherein the lock data indicates respective permissions for developers and subscribers that are different from the developer to edit at least a first and a second application component of a plurality of application components specified by the particular application package; and based on the lock data: permitting the developer to edit all of the application components of the particular application package; and denying requests from the subscribers to edit the first application component; and accepting requests from the subscribers to edit the second applicatio