Tool Release rules (last modified: 2013/06/17)

M

Minimaul

Guest
The following rules apply to all community-developed and released tools:
  1. Tools should be packaged in a ZIP file (or similar) with a readme file. Write a tutorial on how to use your tools if it's not obvious.
  2. You should create a new thread in the Tool Releases forum and attach a copy of your tool to the original post. Keep this original post updated when you release new versions. This is aimed at avoiding tools disappearing when people leave a community or when people move things around and forget to update links.
  3. You should release source code with your tools. Ideally a copy of the source code for the version you have currently released should be attached to the forum. This is to prevent malware spreading on the forum (people have tried before). Tools without source code may be removed without warning.
  4. You may release your tool source code under whatever license you prefer, however we prefer that you allow future users and developers as much freedom as possible to use/improve your tools.
 
I don't think the source code requirement would be sufficient to prevent malware. Just because there's source code attached doesn't necessarily mean it's the source code for the program that was downloaded. While unlikely, it's always possible someone could write some code designed to look like a legitimate mod tool on cursory inspection (but would either not compile or compile to something useless) and attach a completely different binary. There's also the much more likely scenario of someone who has a virus on their computer but doesn't realize it, and it infects the EXE before they post it.
 
The source code requirement isn't for Malware scanning only.
It's also to allow another modder to take over maintaining the tool in case the original author abandons it.
 
That's a good point, but according to Minimaul malware is the main reason.
Ideally a copy of the source code for the version you have currently released should be attached to the forum. This is to prevent malware spreading on the forum (people have tried before).
 
I don't think the source code requirement would be sufficient to prevent malware. Just because there's source code attached doesn't necessarily mean it's the source code for the program that was downloaded. While unlikely, it's always possible someone could write some code designed to look like a legitimate mod tool on cursory inspection (but would either not compile or compile to something useless) and attach a completely different binary. There's also the much more likely scenario of someone who has a virus on their computer but doesn't realize it, and it infects the EXE before they post it.
Yes, and we'll be checking for that. But the source code helps where possible.

The source code requirement isn't for Malware scanning only.
It's also to allow another modder to take over maintaining the tool in case the original author abandons it.
Is equally true, though.
 
Back
Top