
You can fork Linux too btw, in fact, many do.
This is demonstrably false. We have open issues on the tracker. We have warnings in the console. Morrowind (and mwscript in general) is a steaming pile, and you've seen how inconsistent and weird it is and how modders have used this (like elseif vs. else if). The more you try to fix the syntax, the more you break previous mods. This is inherently solved by two approaches: respect the bytecode, or move away from the monstrosity that is mwscript and leave it there only to support legacy MW mods/modders that want to use it.
Mort expressed some concerns there already, but I'll add that it's a really weird approach to take. Do you really want to micromanage modders? Is that healthy for OpenMW, or healthy for the Morrowind modding scene? You are absolutely going to find things that you are either just not interested in, or don't agree with, and that mod just can't be made? That's... legitimately disappointing.Zini wrote: ↑05 Apr 2018, 18:24Regarding limiting modders: I don't see that. We do take feature requests after all. And if a mod developer is capable of creating executable he is probably also capable of contributing to OpenMW. It is open source after all.
Don't want to go into details now, but most of the listed functionality could probably better implemented with core support within the engine itself, which is then used by content developers. We are able to dish out new releases quite quickly if there is enough development activity, so I don't see delays resulting from waiting for a new OpenMW version a problem either.
You should totally look into what is possible, I think you misunderstand what LuaJIT offers a project like this or MWSE. Again I'll use the Discord Rich Presence mod as an example here. I had to write no bindings. I had to write no C (other than what I added to MWSE to allow Lua mods). I used freely available, MIT-licensed FFI bindings to the Discord RPC library, and made a few function calls inside of Lua.
Depends entirely on the function. Speaking in hypotheticals doesn't help here since there are numerous reasons why a particular function request may be denied, and the impact it has on the potential mod depends on exactly what the function would be.
Whether or not to use MWScript is completely separate from whether or not to allow system API access. I'm fully on board with using a different scripting language. I find MWScript insanely horrid, and extending it to enable advanced functionality is just going to make it more horrid. But regardless of what scripting languages get supported in the future, scripts must be properly sandboxed.As a real actual modder - the idea of continuing to use mwscript is insane to me. You have the option to use lua or literally anything but the nonsense that is mwscript but instead you choose to double down on bethesda's bad code lmao.
Depends entirely on the API. Speaking in hypotheticals doesn't help here since there are numerous reasons why a particular function may be sandboxed.Chris wrote: ↑05 Apr 2018, 19:30Whether or not to use MWScript is completely separate from whether or not to allow system API access. I'm fully on board with using a different scripting language. I find MWScript insanely horrid, and extending it to enable advanced functionality is just going to make it more horrid. But regardless of what scripting languages get supported in the future, scripts must be properly sandboxed.
I meant for future extensions. The remaining issues you mentioned are the result of us not being fully aware of how badly broken the original compiler was.This is demonstrably false. We have open issues on the tracker. We have warnings in the console.
The original compiler is a steaming pile. The language itself (if you apply a basic set of common sense to compensate for the garbage compiler) is rather meh then terrible (with some glaring omissions). And again, nothing will be broken (beyond what is broken now already).Morrowind (and mwscript in general) is a steaming pile, and you've seen how inconsistent and weird it is and how modders have used this (like elseif vs. else if). The more you try to fix the syntax, the more you break previous mods
That isn't micromanaging, that is open source development. And yes, I consider that extremely healthy.Mort expressed some concerns there already, but I'll add that it's a really weird approach to take. Do you really want to micromanage modders? Is that healthy for OpenMW, or healthy for the Morrowind modding scene?
I can see most of these things going into OpenMW in one way or another.With things like Sky Diversity, Discord Rich Presence, and Fliggerty's C&E mod, what is a modder to do? Try to convince you to add imagemagick bindings? Bundle the Discord API? Expose networking functions? I don't see you approving any of those things
Considering the vanilla engines don't support arbitrary code execution from mods, how do you expect me to answer? Even in regards to vanilla script extenders, I don't know every mod that has ever been made, nor do I know every instance of drama that occurs in the TES modding scene to know whether there has ever been a case of a mod that had an embedded virus. But even if there hasn't been, that simply means it hasn't been worth the trouble for someone to try, so what do you suppose making it easier would accomplish?NullCascade wrote: ↑05 Apr 2018, 19:31Please provide an example, in the nearly two decades of TES modding, where a malicious mod has been delivered.
It basically means that scripts can only see and interact with information the engine specifically provides to it. It can't see or do anything the engine hasn't allowed for.
It still wouldn't be as easy or effective as plenty of other methods of distributing viruses. Seriously, what's our threat model here? Is a malware author going to write malware specifically to be used off a very specific game engine where most of the mods are consolidated on places like the Nexus and GHF? The Nexus automatically virus-scans files, and GHF has moderators manually approving mods. So good luck distributing viruses that way. People generally only go looking for mods in out-of-the-way, unknown places on the net when there's a very specific mod that they're looking for that was never uploaded anywhere beyond the author's own site. In such cases, they already know of its existence and want to use it or at least test it. What odds would you like to give that malware authors will manage to become known enough as legit modders with good mods to have people do this with their stuff? Especially when it's just so much less hassle to just run an illicit shady DLL site that purports to give you DLLs that you were probably searching the web for simply because they were part of an error message and you're not super computer-literate, unlike most OpenMW users? Essentially, why would anyone target OpenMW users with mods when they get a broader audience with less effort by targeting certain ways in which Windows is beyond fucked up? Are we trying to defend against malware authors who are braindead morons with no clue of what they're doing or why for mod users who are even bigger morons here? If so, how are those people even writing malware to begin with?Chris wrote: ↑05 Apr 2018, 19:39Considering the vanilla engines don't support arbitrary code execution from mods, how do you expect me to answer? Even in regards to vanilla script extenders, I don't know every mod that has ever been made, nor do I know every instance of drama that occurs in the TES modding scene to know whether there has ever been a case of a mod that had an embedded virus. But even if there hasn't been, that simply means it hasn't been worth the trouble for someone to try, so what do you suppose making it easier would accomplish?NullCascade wrote: ↑05 Apr 2018, 19:31Please provide an example, in the nearly two decades of TES modding, where a malicious mod has been delivered.