Bukkit Dev policy change petition.

I would like to make a petition for a rule change of bukkit dev policy. If you would like to "sign" this petition just vote.. Also for moderators if this is in the incorrect topic then please move it to the correct topic. And also for any problems please instead of pming me here please pm me on bukkit dev (same username).

An example of what such a page may look like can be found at http://gpflags.net23.net

 

Moved to BukkitDev Feedback.

 

I think this would be a bad idea. It provides an ideal medium for spreading viruses that is much harder for BukkitDev staff to check. Because of the undue stress on staff, it would also greatly increase the time it takes for a plugin to be approved.

 

I voted against this, it would give BukkitDev a bad name, people would not read the warnings and point fingers at Bukkit as soon as their server doesn't work due to a malicious plugin.

I believe you can use CI for development builds, so that is always an upside.

 

Although I understand you want to be able of providing the latest of the latest to your plugin users, this would make BukkitDev so much less safe. We check all the files to make sure they're OK, to let server owners know there's no way any developer of any of their plugins will be able to do bad things to the server.
If this would go through, all of that would be gone, giving people the potential to spread malicious files, etc.

 

I voted no... this would defeat the point of the BukkitDev staff working their socks off in order to keep BukkitDev's excellent reputation

 

If you had proper grammar & spelling, I would have read your main post before voting no.. But I didn't even read it after the poll title.

 

Lolmewn Do you check the CI? No, so what's stopping me from putting a virus build there?

 

We've had this discussion many, many times.
Please contribute to one of the existing threads regarding this topic; there's already extensive discussion and explanation from staff.

First one on the list:
http://forums.bukkit.org/threads/linking-to-unapproved-files.139248/#post-1619878

 

Gravity

From that thread:

If I upload it on mediafire with a disclaimer, it's not on DBO and it's still up to the discretion of the user. There is no difference.

 

http://forums.bukkit.org/threads/linking-to-unapproved-files.139248/page-2#post-1624588
http://forums.bukkit.org/threads/linking-to-unapproved-files.139248/page-2#post-1629019

Again, there's been extensive discussion on this topic in every thread in which it has been mentioned. We've responded multiple times, so please don't take this thread offtopic by starting the discussion. You're free to bring up your concerns in a place where they are already relevant.

 

While I would like the ability to do this I have followed most of the discussion on previous threads and understand why the decision is the way it is and why it would be very unlikely to change. So am with the majority on this one with a no vote.

 

Currently people are allowed to upload dev builds on a ci server? So look at the following possibles:

Possibility 1:

1. Bukkitdev user decides to get a malicious force op plugin that claims to do something else.
2. Bukkitdev user uploads ok first version to get people using his plugin.
3. He gets a ci server and then uploads the force op plugin
4. People download the dev builds and get there servers hacked.

Possibility 2:

1. Bukkitdev user decides to get a malicious force op plugin that claims to do something else.
2. Bukkitdev user uploads ok first version to get people using his plugin.
3. He gets a static download page and then uploads the force op plugin.
4. People download the dev builds and get there servers hacked.


What is the difference may I ask?

 

john01dav
This is the wrong place to discuss this as previously stated and your questions are mostly answered in this post as well

More specifically this post by TnT http://forums.bukkit.org/threads/linking-to-unapproved-files.139248/page-2#post-1629019

 

You can't have a serious petition with this many mistakes.