To provide a method by which Wabajack can assist mod authors in maintaining creative control over their mods while still allowing for more rapid installation of mods
- Users can download a mod, change it and create an installer with Wabbajack that publishes these changes via binary patching this goes against usage restrictions for "no modifications of this mod are allowed".
- Users can extract BSAs with Wabbajack, going against warnings for no BSA extraction
- The nexus doesn't seem to provide a good way to track a modder's desire to not allow end users to modify their files
- Wabbajack allows downloading from 3rd party sites that does not maintain author's rights. We currently have a "who cares" attitude, which isn't condusive to collaboration with the modding community. It would be good to improve this situation.
- Wabbajack maintain a list of authors/mods who have opted out of allowing their mods to be modified.
- This list will be editable via a GitHub PR (a hassle for authors), or by including a magic string
WABBAJACK_OPT_OUT_OF_MODIFICATION
(or something similar) to their mod summary page. - Wabbajack will query this info during compilation and refuse to binary patch or extract BSAs for any mod in this list.
- Wabbajack will switch to using code signing for releases, and a non-exe distributed modlist. Modlists will become serialized blobs of data, and not executable code. This means users will know when they are using a unofficial build. And thus someone disabling these content control features will create a modlist that no official Wabbajack build will install.
- Wabbajack will scan files from 3rd party sites to try and find matches with the "opt-out" list. This matching will be done via SHA256 (not very useful) and via filename. So if author
modder334
has opted out and his mod containsmodder334s_immersive_cheese_reborn.esp
, Wabbajack will never create a modlist that downloads opt-out files from a 3rd party site.
Thanks for taking the time to reply.
I agree, if the nexus adds a option for "don't patch or unpack this file" then I can use that instead of going through other hoops.
As far as 3rd party sites go, I'm fine with disallowing MEGA/Mediafire. But there are legitimate mods published via Google Drive (like 3DNPCs). This isn't an all or nothing point though, we could dis-allow MEGA/Mediafire and stick with only supporting Google Drive/Dropbox and Direct HTTP links.
The 3rd party scanning is this: if we know the files you (a mod author) produce, and know you've opt-ed out of allowing modifications to those files, then we can detect when those files show up in a link from a 3rd party site and refuse to download them. We already hash every file in every BSA and archive so it's possible to detect when a user has taken a BSA apart and uploaded part (or all) of it to Dropbox/Google Drive/or whatever.
That will be the sticky part of this conversation, and one I hope we can reach some middle ground on: if Wabbajack can enforce a no-modification/no-reupload policy on these files, is it acceptable to auto-download them from the Nexus? It seems that in that case we start to standardize on a world where users of mods don't modify mods on their own machine, and exchange they get a faster setup and install experience.