Mods & Codestealing (Community Discussion)

In light of the drama (and non-drama) involving mods & code recently we (by which I mean, the fantastic @Shadlington) may have a solution to give censure to anyone ill-mannered enough to nick other people's code (details in Shad's post below). What remains is to determine whether:

a) whether we as a community want Shad's suggested system of reprimand implemented; and

b) the broad guidelines under which said system might be implemented.
​

I've included Shad's post & those following below. Ideally this should be a drama free thread, seeing as the norril vs Aphelion thing is p much done/dusted now. Unnecessary drama will be hammered down with extreme prejudice.

 

[Note: This was moved from another thread, hence why some of my comments seem out-of-place]

I'm not getting into this whole Aphelion-norill thing. Skimming the topic it sounds like it has been mostly resolved now, so that's nice.
That said, the wider issue is interesting and important. Maybe a separate thread would be more appropriate at this point to keep people more focussed, but I'll leave that decision in FBB's capable hands.

Soooo... A few people have talked about us implementing something. I've given this some thought. I don't want to waste time on implementing some standard system for automatically enforcing disputes of this nature - such a system would be counter-productive towards the spirit of collaboration that we want to promote, as it'd be taking an immediate position of distrust.
However, whilst I am all for sharing and collaborating I do think there are some cases where people can simply be dicks about it (e.g. in this case, if Aphelion had refused to cooperate at all - in spite of the very reasonable allegations made - then it would have been a bit of a dick move IMO) and I would like some way of saying "yeah, we don't like that kind of behaviour/attitude" that goes a bit beyond simply hoping that the community shuns said behaviour - some kind of actual enforcement, at least as a deterrent. Preferably something that doesn't require us to waste much time on implementing it.
To this end, I have a proposal. Now, some of you may be aware that I've been working on a centralised system for allowing the verification and integrity-checking of mods, using kag's Web API (requires that devs register their mods with the API and that when they push a new release they generate a registration file that they include with the mod code, so not too much extra overhead).
This is very close to being rolled out into the actual game - once this is done servers will have a setting for only allowing 'verified' mods and players will be able to filter servers down to just those using this setting (or not using mods at all, ofc). Initially it'll be opt-in by default, but once we see decent uptake & get any kinks worked out we'll hopefully swap to opt-out - so by default servers will not be able to run mods that aren't API-verified and players will not see those that aren't using verification.
Why is this relevant? Because it would be very little effort for me to add a flag to registered mods that blocks them from being verified, which would prevent them from being run without a server having to specifically turn off API-verification and dropping off the default server list. In fact, its not really any effort at all as I intended to do this anyway for the purposes of blocking mods that were deemed to be violating some more severe rule (e.g. fucking with your server somehow). Further to this, I could add additional functionality for blocking developers from registering any new mods at all if they are deemed to be serial violators.
Now I would hope we wouldn't have to actually use this very often and it'd only be done on a case-by-case basis, but having it as an option would hopefully provide a little more deterrent to 'dickish' behaviour than 'just' community ostracization.
...That said, I don't want to actually come up with a definition for what 'dickish' behaviour constitutes. I'm sure you guys can figure that out together (hopefully not in an over-prescriptive way - keeping it simple would be best).

Side note that I started musing on whilst writing this post:
If someone were to write a little app that'd take two mods as inputs and make some kind of similarity assessment about the two of them, that could possibly be useful for helping to decide on these kinds of things in the future. There's probably tools like this out there already, or at least libraries that you could plug into a simple GUI.

...Urgh, why am I so bad at keeping these kinda posts short?

 

Oh yeah, feel free to call me on my bullshit if I'm suggesting something that noone wants.
This is a community issue so if folks think its a bad idea then that's cool, not gonna force the issue.

 

That sounds like a great idea Shadlington, I was going to propose that people be required to login to setup servers (passing un/pw via commandline or something), but your idea is much much better.

 

Whilst I'll be supporting dev groups from the beginning (I'm just making the last few changes to the API to support this now, as it happens), if devs want to track individual contributions they'll initially have to setup their own VC system (I do eventually intend to provide a managed git repo setup for mod devs, but this is still some months off).

 

How would they apply to this? I can't think of a realistic scenario.

 

If devs are using VC to track their contributions then timestamps can presumably be used to resolve disputes, surely? Or alternatively, the API will soon have the ability to store archived versions of mods, which would provide another source of evidence (and eventually the API-managed VCs will provide definitive proof).

 

After Shadlington posted there really wasn't much else to post, his idea pretty much covers everything possibly needed, and he's already working on it. The little stuff past that is usually handled as it comes up, some feedback was given in IRC for example when he posted it.

E: (Answer to below so I don't spam this thread)

Yeah, and when those things comes it's nice to have this thread already ready and open for it to discuss those matters and any others that would potentially arise.