|
Post by Telesphoreo on Dec 12, 2019 5:19:34 GMT
Hi, here to clarify a few things: I have the CoreProtect source code and I legally modified it. I didn't reverse engineer anything. Everything was done 100% legal. I am not allowed to share the source code for CorePRotect, sorry. However, I can provide the jar to anyone who requests it. I'm a developer for CoreProtect, and can modify it. There should be absolutely no legal concerns. Video and I tested TF-CoreProtect back in August, and we thoroughly tested it. The only commands you can access as an operator are /co i and /co status. I don't remember when, but Video mentioned that modifying CoreProtect wasn't possible in one of the suggestion threads. I offered the JAR to seth, and he insisted that /co lookup be unblocked as well. The problem with this is that you can look up players comamnds, which could expose private messages and adminchat. I blocked the command flag on the lookup command for operators. I wanted to clarify this, since this was NOT mentioned in the original post. I would prefer to have /co lookup blocked though, as I don't know what other personal information it could potentially find. Also, if a bunch of spambots were to come on and query lookup data, that could potentially overload the database. Let's say hypothetically you die in a car accident tomorrow. Who then maintains it? In every other thing that we use, it can still be maintained because it's public. I'm not saying you should illegally open source it, but it does present a dilemma. It's very bad practice in pretty much anything to roll with only compiled builds without all maintainers having access to the code. Almost did today, actually. Stupid 14 year old without his license was driving in his Mommy's Prius. Was too busy looking at some girl instead of focusing on the road. Bay Area is wack. If I, PacksGamingHD, die in a car accident, then TF is out of luck. Same with the other people who use any of my plugins. If I die, then I won't be able to maintain it. I'm not going to hire a personal maid to keep TF-CoreProtect working if I die. I didn't make CoreProtect, and the original one (along with the restrictions) can be restored if TF-CoreProtect stops working. I'm the only maintainer of TF-CoreProtect that is on TF. No one on the TF development team maintains it. I'm the only maintainer, so I'm not sure what your last sentence is supposed to mean. also while i have all of your attention can i have my old post count back please and thanks
|
|
|
Post by Polaris Seltzeris on Dec 12, 2019 7:07:57 GMT
Let's say hypothetically you die in a car accident tomorrow. Who then maintains it? In every other thing that we use, it can still be maintained because it's public. I'm not saying you should illegally open source it, but it does present a dilemma. It's very bad practice in pretty much anything to roll with only compiled builds without all maintainers having access to the code. Almost did today, actually. Stupid 14 year old without his license was driving in his Mommy's Prius. Was too busy looking at some girl instead of focusing on the road. Bay Area is wack. If I, PacksGamingHD, die in a car accident, then TF is out of luck. Same with the other people who use any of my plugins. If I die, then I won't be able to maintain it. I'm not going to hire a personal maid to keep TF-CoreProtect working if I die. I didn't make CoreProtect, and the original one (along with the restrictions) can be restored if TF-CoreProtect stops working. I'm the only maintainer of TF-CoreProtect that is on TF. No one on the TF development team maintains it. I'm the only maintainer, so I'm not sure what your last sentence is supposed to mean. also while i have all of your attention can i have my old post count back please and thanks My point was that if it's something exclusively used here and not maintained elsewhere then there is an expectation that all of the usual maintainers here would have access to it as with everything else, but that is not a possibility in this case. There are many reasons in general why you don't just rely on one person to maintain and provide compiled binaries of something, that never works out in the long term.
|
|
|
Post by Telesphoreo on Dec 12, 2019 7:18:54 GMT
Almost did today, actually. Stupid 14 year old without his license was driving in his Mommy's Prius. Was too busy looking at some girl instead of focusing on the road. Bay Area is wack. If I, PacksGamingHD, die in a car accident, then TF is out of luck. Same with the other people who use any of my plugins. If I die, then I won't be able to maintain it. I'm not going to hire a personal maid to keep TF-CoreProtect working if I die. I didn't make CoreProtect, and the original one (along with the restrictions) can be restored if TF-CoreProtect stops working. I'm the only maintainer of TF-CoreProtect that is on TF. No one on the TF development team maintains it. I'm the only maintainer, so I'm not sure what your last sentence is supposed to mean. also while i have all of your attention can i have my old post count back please and thanks My point was that if it's something exclusively used here and not maintained elsewhere then there is an expectation that all of the usual maintainers here would have access to it as with everything else, but that is not a possibility in this case. There are many reasons in general why you don't just rely on one person to maintain and provide compiled binaries of something, that never works out in the long term. You're absolutely correct, and I try and generally open source all of the work I do. I'm afraid that's just not possible with this case, sorry.
|
|
Fleek
Veteran Member
Posts: 3,548
|
Post by Fleek on Dec 12, 2019 7:38:20 GMT
My point was that if it's something exclusively used here and not maintained elsewhere then there is an expectation that all of the usual maintainers here would have access to it as with everything else, but that is not a possibility in this case. There are many reasons in general why you don't just rely on one person to maintain and provide compiled binaries of something, that never works out in the long term. You're absolutely correct, and I try and generally open source all of the work I do. I'm afraid that's just not possible with this case, sorry. Didn’t the owner of CoreProtect plan to release the public version of it?
|
|
|
Post by Telesphoreo on Dec 12, 2019 8:21:49 GMT
You're absolutely correct, and I try and generally open source all of the work I do. I'm afraid that's just not possible with this case, sorry. Didn’t the owner of CoreProtect plan to release the public version of it? Yes, an open source version will be out eventually. There is no confirmed release date for this though.
|
|
Wild1145
Club 4000 Member
Inactive Player & Inactive Senior Admin
Posts: 10,414
| Likes: 9,680
|
Post by Wild1145 on Dec 17, 2019 20:29:07 GMT
There should be absolutely no legal concerns. And that line there is when I start to get concerns over the legality of something...
|
|
Wild1145
Club 4000 Member
Inactive Player & Inactive Senior Admin
Posts: 10,414
| Likes: 9,680
|
Post by Wild1145 on Dec 17, 2019 20:30:16 GMT
My personal view here is to use the general rule we seem to always have done. If it's not open source / source code available to all those who would maintain the main server development, or it's not a mainstream plugin, we don't roll it on the server.
That's the most sensible approach based on the risks presented at this time in my view.
|
|
Video
Forum Admin
An op's rights activist
Posts: 5,585
| Likes: 5,894
IGN: VideoGameSmash12, videogamesm12
Old IGN: https://namemc.com/profile/VideoGameSmash12.2, https://namemc.com/profile/videogamesm12.1
Discord: Video#9801
Birthdate (MM/DD): 07/16
Timezone: UTC-07:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by Video on Dec 17, 2019 21:05:25 GMT
My personal view here is to use the general rule we seem to always have done. If it's not open source / source code available to all those who would maintain the main server development, or it's not a mainstream plugin, we don't roll it on the server. That's the most sensible approach based on the risks presented at this time in my view. However, CoreProtect is a mainstream plugin we have used on the server since around 2016/2017. This suggestion is simply for a modified version of the plugin to take the place of our stock version.
|
|
|
Post by Polaris Seltzeris on Dec 17, 2019 23:44:28 GMT
My personal view here is to use the general rule we seem to always have done. If it's not open source / source code available to all those who would maintain the main server development, or it's not a mainstream plugin, we don't roll it on the server. That's the most sensible approach based on the risks presented at this time in my view. However, CoreProtect is a mainstream plugin we have used on the server since around 2016/2017. This suggestion is simply for a modified version of the plugin to take the place of our stock version. A modification 1. is not open source to other server developers 2. is not mainstream 3. cannot be checked to make sure that it is safe 4. is not maintained by any ranked developer on this server 5. is not *proven* to be legally protected.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 18, 2019 12:51:24 GMT
|
|
Wild1145
Club 4000 Member
Inactive Player & Inactive Senior Admin
Posts: 10,414
| Likes: 9,680
|
Post by Wild1145 on Dec 19, 2019 18:17:28 GMT
My personal view here is to use the general rule we seem to always have done. If it's not open source / source code available to all those who would maintain the main server development, or it's not a mainstream plugin, we don't roll it on the server. That's the most sensible approach based on the risks presented at this time in my view. However, CoreProtect is a mainstream plugin we have used on the server since around 2016/2017. This suggestion is simply for a modified version of the plugin to take the place of our stock version. Is the modified one open source or accessible as source to all active developers? If not don't run it, simple. Use the publicly supported one.
|
|
Video
Forum Admin
An op's rights activist
Posts: 5,585
| Likes: 5,894
IGN: VideoGameSmash12, videogamesm12
Old IGN: https://namemc.com/profile/VideoGameSmash12.2, https://namemc.com/profile/videogamesm12.1
Discord: Video#9801
Birthdate (MM/DD): 07/16
Timezone: UTC-07:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by Video on Dec 19, 2019 19:21:11 GMT
However, CoreProtect is a mainstream plugin we have used on the server since around 2016/2017. This suggestion is simply for a modified version of the plugin to take the place of our stock version. Is the modified one open source or accessible as source to all active developers? If not don't run it, simple. Use the publicly supported one. Oh man, if only you knew how many features or important patches we'd be taking away by doing that...
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 19, 2019 21:13:52 GMT
Approved. He is an official developer of the plugin (I have confirmed it) so I see no issue with the plugin.
|
|
?Robin
Club 4000 Member
caleb get off of tf
Posts: 8,027
| Likes: 8,604
|
Post by ?Robin on Dec 20, 2019 22:40:34 GMT
moved back the thread and reverted the plugin since there was constant, frequent issues when it was reading the SQL database. therefore, this suggestion isn't closed Windows can confirm
|
|
|
Post by Polaris Seltzeris on Dec 20, 2019 23:49:17 GMT
I don't understand why there was a rush to close this given that numerous valid concerns were not even addressed? Normally you don't lock a thread and shut everything down when several people list off legitimate, unaddressed concerns.
|
|