Open Source
-
- Posts: 14
- Joined: Thu Mar 17, 2022 6:22 pm
Open Source
Hello.
Some questions:
1. Is DFU open source? Yes. But aren't the libraries of Unity closed source?
2. I've downloaded some mods and found that some have the source code on github and others don't.
Can we make a list of pure open source mods?
3. Some mods contain dll. Even after extracting, I still cannot easily know what the code inside does.
Mods that are not open source and include .dll are definitely a no-go for me. Can I reverse
engineer them, so that I know that they don't harm my system? (I know I can, but are there any
tools?)
4. Is it possible to build in DFU a sandbox for mods?
5. Can someone create a full modded version with only open source and stable mods? Does that make
sense? Maybe we could vote which to include.
6. Including DFU into Debian?
Regards
Healer
Some questions:
1. Is DFU open source? Yes. But aren't the libraries of Unity closed source?
2. I've downloaded some mods and found that some have the source code on github and others don't.
Can we make a list of pure open source mods?
3. Some mods contain dll. Even after extracting, I still cannot easily know what the code inside does.
Mods that are not open source and include .dll are definitely a no-go for me. Can I reverse
engineer them, so that I know that they don't harm my system? (I know I can, but are there any
tools?)
4. Is it possible to build in DFU a sandbox for mods?
5. Can someone create a full modded version with only open source and stable mods? Does that make
sense? Maybe we could vote which to include.
6. Including DFU into Debian?
Regards
Healer
- BadLuckBurt
- Posts: 948
- Joined: Sun Nov 05, 2017 8:30 pm
Re: Open Source
I can partially answer some although I have a different perspective on this than you have.Healer2022 wrote: ↑Mon Mar 21, 2022 8:14 am Hello.
Some questions:
1. Is DFU open source? Yes. But aren't the libraries of Unity closed source?
2. I've downloaded some mods and found that some have the source code on github and others don't.
Can we make a list of pure open source mods?
3. Some mods contain dll. Even after extracting, I still cannot easily know what the code inside does.
Mods that are not open source and include .dll are definitely a no-go for me. Can I reverse
engineer them, so that I know that they don't harm my system? (I know I can, but are there any
tools?)
4. Is it possible to build in DFU a sandbox for mods?
5. Can someone create a full modded version with only open source and stable mods? Does that make
sense? Maybe we could vote which to include.
6. Including DFU into Debian?
Regards
Healer
1. Unity is closed source but the source code is still available on Github https://github.com/Unity-Technologies/UnityCsReference. You're just not allowed to do anything with it but use it for reference so you can see what it does internally.
2. You can if you want to. Some mods just deal with model / texture replacements and don't have any scripts.
3. I don't know if there are tools for the reverse engineering, there probably are. The DLLs became necessary to be able to use things like enums in the C# code since the compiler used for mods couldn't handle them properly.
4. It's probably possible but a bit overkill imo. If you don't trust it, don't use it I guess.
5. Anyone can if they want to but I'm not sure what that would accomplish, maintaining a list of open-source mods would let people decide for themselves which mods they want to use.
6. No clue.
DFU on UESP: https://en.uesp.net/w/index.php?title=T ... fall_Unity
DFU Nexus Mods: https://www.nexusmods.com/daggerfallunity
My github repositories with mostly DFU related stuff: https://github.com/BadLuckBurt
.
DFU Nexus Mods: https://www.nexusmods.com/daggerfallunity
My github repositories with mostly DFU related stuff: https://github.com/BadLuckBurt
.
-
- Posts: 14
- Joined: Thu Mar 17, 2022 6:22 pm
Re: Open Source
Hello.
Thanks for your answer. It helped me.
5. It is annoying to download dozens of mods, check them if they are FOSS. Maybe the first time it's fun. But download every upgrade on its own. Would be cool to have a huge certified FOSS tarball with all stable FOSS mods, sha checksums, signed with gpg, those you don't like, you can deactivate. Done.
6. Would be cool. apt-get install dfu dfu-mods-foss Done. Would reach a huge audience.
Regards.
Healer
Thanks for your answer. It helped me.
5. It is annoying to download dozens of mods, check them if they are FOSS. Maybe the first time it's fun. But download every upgrade on its own. Would be cool to have a huge certified FOSS tarball with all stable FOSS mods, sha checksums, signed with gpg, those you don't like, you can deactivate. Done.
6. Would be cool. apt-get install dfu dfu-mods-foss Done. Would reach a huge audience.
Regards.
Healer
-
- Posts: 20
- Joined: Thu Dec 10, 2020 10:31 pm
Re: Open Source
So you admit it's an annoying task but are expecting someone else to come along and volunteer their time (and it would be a LOT of time) to do it for you? Would be cool if somebody would volunteer to go to work for me and just send my salary home. Can't see it happening though.Healer2022 wrote: ↑Tue Mar 22, 2022 6:10 pm ...
5. It is annoying to download dozens of mods, check them if they are FOSS. Maybe the first time it's fun. But download every upgrade on its own. Would be cool to have a huge certified FOSS tarball with all stable FOSS mods, sha checksums, signed with gpg, those you don't like, you can deactivate. Done.
...
And I honestly don't really see the benefit of all that work as I don't think most people care about that level of detail. Personally I prefer to choose for myself and take full responsibility for my downloads and installs, rather than rely on someone else's opinion, so I'd avoid any such bloated tarball like the plague.
- Jay_H
- Posts: 4072
- Joined: Tue Aug 25, 2015 1:54 am
- Contact:
Re: Open Source
Is there a reason you're being this argumentative? The user idly said "It would be cool if" and let it go. No one's being harassed or obligated here.Tkia wrote: ↑Wed Mar 23, 2022 2:36 pmSo you admit it's an annoying task but are expecting someone else to come along and volunteer their time (and it would be a LOT of time) to do it for you? Would be cool if somebody would volunteer to go to work for me and just send my salary home. Can't see it happening though.Healer2022 wrote: ↑Tue Mar 22, 2022 6:10 pm ...
5. It is annoying to download dozens of mods, check them if they are FOSS. Maybe the first time it's fun. But download every upgrade on its own. Would be cool to have a huge certified FOSS tarball with all stable FOSS mods, sha checksums, signed with gpg, those you don't like, you can deactivate. Done.
...
-
- Posts: 14
- Joined: Thu Mar 17, 2022 6:22 pm
Re: Open Source
Hello.
I don't have the time and knowledge to put together a stable, secure modded DFU. Many users are in the same situation.
Now instead of letting the users do the hard job. Let's say we have 5000 users and it takes 5 hours to create that
stable, secure modded DFU. That are 25.000 hours of work!
Now if we let do that work by the mod creators that will result in approximately 250 hours if we have 50 mods!
250 hours vs. 25000 hours!
That's how Debian works.
The first step we could create a simple list in this forum, that list is update every some months and includes
all stable, compatible with each other, FOSS and secure mods with links to nexus pages.
Now in order to be accepted into this list every mod owner needs to fulfill certain requirements like:
- Contact email address and maybe homepage or for instance github, sf.net
- full source code included in the mod
- instruction step by step to recreate with that source code the exact binary mod that is included too obviously
- a README
- a changelog
- an FOSS license (MIT, GPL, ...)
- sha checksums and gpg signatures
and other useful info
Now someone checks this and then puts the mod onto the list. Once the user is trusted this test may be skipped.
So we have saved thousands of hours of work for the users.
Regards
Healer
I don't have the time and knowledge to put together a stable, secure modded DFU. Many users are in the same situation.
Now instead of letting the users do the hard job. Let's say we have 5000 users and it takes 5 hours to create that
stable, secure modded DFU. That are 25.000 hours of work!
Now if we let do that work by the mod creators that will result in approximately 250 hours if we have 50 mods!
250 hours vs. 25000 hours!
That's how Debian works.
The first step we could create a simple list in this forum, that list is update every some months and includes
all stable, compatible with each other, FOSS and secure mods with links to nexus pages.
Now in order to be accepted into this list every mod owner needs to fulfill certain requirements like:
- Contact email address and maybe homepage or for instance github, sf.net
- full source code included in the mod
- instruction step by step to recreate with that source code the exact binary mod that is included too obviously
- a README
- a changelog
- an FOSS license (MIT, GPL, ...)
- sha checksums and gpg signatures
and other useful info
Now someone checks this and then puts the mod onto the list. Once the user is trusted this test may be skipped.
So we have saved thousands of hours of work for the users.
Regards
Healer
- BadLuckBurt
- Posts: 948
- Joined: Sun Nov 05, 2017 8:30 pm
Re: Open Source
I fail to see why you're trying to pin this as something modders should do as if they have more time than you and any knowledge you lack can be learned. Modding is a hobby for me, I only mod for myself but I'm happy to make my mods available to the public who might enjoy them too but I am not about to go jump through some more hoops to satisfy someone else's need for confirmation. My source code is freely available on github and as long as you know how to build a .dfmod, you can build mine without a hitch when you pull a repo. I'm in no way obligated to provide a step-by-step, I've worked in IT for 15+ years having to deal with 'idiot-proofing' enough to know that I'm done with it. That is why I left IT and can finally enjoy coding again because I am free to do whatever I want. That does not include generating checksums, GPG signatures or any of that jazz, it is SEVERE overkill and kinda ridiculous to expect that from modders.
Also, where do those 5000 users come from? Where does the 5 hours come from? You're not really making a case by grabbing numbers out of thin air. You are the first person who has asked for something like this and if anything, I'd say this is something for the Debian community to address and not the DFU community. I'm pretty sure most modders here are on Windows, not all of them but definitely the majority so I wouldn't expect a whole lot of enthusiasm.
And Debian works by the grace of it's contributors willing to invest time, effort and providing the skillset they have, not because of what you said.
Feel free to open a thread to gather mods for this idea, I don't know if it'll gain much traction but count me out regardless.
Also, where do those 5000 users come from? Where does the 5 hours come from? You're not really making a case by grabbing numbers out of thin air. You are the first person who has asked for something like this and if anything, I'd say this is something for the Debian community to address and not the DFU community. I'm pretty sure most modders here are on Windows, not all of them but definitely the majority so I wouldn't expect a whole lot of enthusiasm.
And Debian works by the grace of it's contributors willing to invest time, effort and providing the skillset they have, not because of what you said.
Feel free to open a thread to gather mods for this idea, I don't know if it'll gain much traction but count me out regardless.
DFU on UESP: https://en.uesp.net/w/index.php?title=T ... fall_Unity
DFU Nexus Mods: https://www.nexusmods.com/daggerfallunity
My github repositories with mostly DFU related stuff: https://github.com/BadLuckBurt
.
DFU Nexus Mods: https://www.nexusmods.com/daggerfallunity
My github repositories with mostly DFU related stuff: https://github.com/BadLuckBurt
.
- XJDHDR
- Posts: 258
- Joined: Thu Jan 10, 2019 5:15 pm
- Location: New Zealand
- Contact:
Re: Open Source
Yes, Unity itself is mostly closed source. BadLuckBurt linked to the source code for the C# scripting API. The C++ engine code is not open source, though game devs can pay them to see and use the source for themselves only. Is this a problem?Healer2022 wrote: ↑Mon Mar 21, 2022 8:14 am 1. Is DFU open source? Yes. But aren't the libraries of Unity closed source?
I'm not aware of such a list but there's nothing stopping anyone from creating one.Healer2022 wrote: ↑Mon Mar 21, 2022 8:14 am 2. I've downloaded some mods and found that some have the source code on github and others don't.
Can we make a list of pure open source mods?
It depends. JetBrains has a utility called dotPeek that can disassemble a C# DLL. There is also a button in DFU's mod manager window (Extract Text) that can do so as well. The latter method doesn't work with mods that have precompiled their scripts and I don't know if dotPeek will either. There might be a tool that can do this but I have no idea where.Healer2022 wrote: ↑Mon Mar 21, 2022 8:14 am 3. Some mods contain dll. Even after extracting, I still cannot easily know what the code inside does.
Mods that are not open source and include .dll are definitely a no-go for me. Can I reverse
engineer them, so that I know that they don't harm my system? (I know I can, but are there any
tools?)
Interkarma has stated that the lack of sandboxing is by design. It's definitely possible to create a sandboxed modding API but it would likely require a lot of work that none of the programmers here are interested in.
DFU's users are free to install (or not install) whichever mods they like. I'm guessing that what you're actually asking for is someone to create a list of such mods, which people are free to do as well.Healer2022 wrote: ↑Mon Mar 21, 2022 8:14 am 5. Can someone create a full modded version with only open source and stable mods? Does that make
sense? Maybe we could vote which to include.
Interkarma has stated that the only supported method of installing DFU is by downloading it from it's GitHub page, and following the given installation instructions. It's highly unlikely he is interested in including it in any Linux distro's repo (along with the work required to maintain it if and once included).
I concur with BadLuckBurt. Where are you getting your numbers from?Healer2022 wrote: ↑Fri Mar 25, 2022 5:52 pm Many users are in the same situation.
Now instead of letting the users do the hard job. Let's say we have 5000 users and it takes 5 hours to create that
stable, secure modded DFU. That are 25.000 hours of work!
Now if we let do that work by the mod creators that will result in approximately 250 hours if we have 50 mods!
250 hours vs. 25000 hours!
The question is: Who do you envision as doing this work? I've come to the conclusion that it's not productive to ask people to do work that you can't or don't want to do yourself.Healer2022 wrote: ↑Fri Mar 25, 2022 5:52 pm The first step we could create a simple list in this forum, that list is update every some months and includes
all stable, compatible with each other, FOSS and secure mods with links to nexus pages.
Similar to Burt, I primarily create mods and content for myself as a hobby, and share it online because I think that maybe there are people out there who also want to use my work in their games. I am not interested in meeting requirements that hinder this aspect of my creative process.Healer2022 wrote: ↑Fri Mar 25, 2022 5:52 pm Now in order to be accepted into this list every mod owner needs to fulfill certain requirements like:
This is a hard no from me. I know enough about how the internet works to know that if I publicly share my email address, crawlers and malicious people are going to sign it up for a flood of spam. If my mod's users want to contact me, they can send me a PM on this forum, Nexus Mod's forum or a variety of other places. I don't see how adding my email address to that laundry list will help anyone.Healer2022 wrote: ↑Fri Mar 25, 2022 5:52 pm - Contact email address and maybe homepage or for instance github, sf.net
Another no from me. My docs are designed for people who want to use the compiled binaries. For people who want to build my mods from source, I assume a certain level of competence with creating those sorts of binaries. Anyone who has that competence won't have trouble re-creating my binaries.Healer2022 wrote: ↑Fri Mar 25, 2022 5:52 pm - instruction step by step to recreate with that source code the exact binary mod that is included too obviously
Depends what you mean by "FOSS". As an example, this is the license I use for my Impressions Resolution Customiser utilities. It is a modified version of the BSD 4-clause license. Is this FOSS? I would say so but I'm pretty sure that the FSF (Free Software Fanatics) would say no, balking at the "no piracy" clause and labelling this as an unwarranted restriction on "user freedoms".
What exactly does this accomplish? I already know that what my mods' users are downloading from Nexus Mods are identical to the files I uploaded there.
Just to help put things into perspective, here are the unique download numbers for the latest version of my mod, Unofficial Block, Location and Model Fixes, since I uploaded it 5 months ago:
Windows: 1.4k
Linux: 80
OSX: 12
So effectively, your requests, which appear to be focused on Debian users in particular, would be for around 6% of my mod's users, at most. I think that what most users actually want is to just play the game.
Last edited by XJDHDR on Sun Mar 27, 2022 4:54 pm, edited 1 time in total.
My DF Unity mods:
Unofficial Block, Location and Model Fixes
Skip Intro Video
My other creations and essays:
https://xjdhdr.gitlab.io/
Unofficial Block, Location and Model Fixes
Skip Intro Video
My other creations and essays:
https://xjdhdr.gitlab.io/
- Magicono43
- Posts: 1141
- Joined: Tue Nov 06, 2018 7:06 am
Re: Open Source
As Burt and XJDHDR said, from what it sounds like this would add alot of extra work on the modders part. For me at least, the most tedious and at least initially time-consuming thing about making a mod public is the actual documentation/process of putting it out there and such (this might just be me, as I hold a probably higher than average standard for my mod-pages and their documentation and images.) So if I had to add another step onto the process for whenever I upload a new mod or even just update one, I think I would be even less motivated to upload/update my mods, as the documentation and maintenance task is extremely tedious for me as is, so adding more would just make that even worse.
-
- Posts: 14
- Joined: Thu Mar 17, 2022 6:22 pm
Re: Open Source
Okay, I understand.
I just want to play Daggerfall, too.
In order to satisfy my need of security a simple list would be sufficient.
There are mods that:
1. Do not contain code.
2. Contain code without .dll. You can dump it and see it. More or less open source.
3. Contain code with .dll and the source code is released (github, ...). Open source. Dll could contain malicious code, but if the user is well known, it's okay.
4. Contain code with .dll and no source code available. NO-GO for me.
1. is GREEN, flag DATA (data only)
2. is YELLOW, you have to check it, flag SCRIPTS (only scripts)
3. is YELLOW, you have to check it, flag OPENLIB (library, but source code available)
4. RED, only way is sandboxing (virtual machine on Linux) or reverse engineering, flag CLOSELIB
So the list would look like this:
STATUS_COLOR, FLAG, MOD_NAME, MOD_URL (USUALLY NEXUS), SOURCECODE_URL (CAN BE NULL)
What is your opinion?
I just want to play Daggerfall, too.
In order to satisfy my need of security a simple list would be sufficient.
There are mods that:
1. Do not contain code.
2. Contain code without .dll. You can dump it and see it. More or less open source.
3. Contain code with .dll and the source code is released (github, ...). Open source. Dll could contain malicious code, but if the user is well known, it's okay.
4. Contain code with .dll and no source code available. NO-GO for me.
1. is GREEN, flag DATA (data only)
2. is YELLOW, you have to check it, flag SCRIPTS (only scripts)
3. is YELLOW, you have to check it, flag OPENLIB (library, but source code available)
4. RED, only way is sandboxing (virtual machine on Linux) or reverse engineering, flag CLOSELIB
So the list would look like this:
STATUS_COLOR, FLAG, MOD_NAME, MOD_URL (USUALLY NEXUS), SOURCECODE_URL (CAN BE NULL)
What is your opinion?