To provide a method by which Wabajack can assist mod authors in maintaining creative control over their mods while still allowing for more rapid installation of mods
- Users can download a mod, change it and create an installer with Wabbajack that publishes these changes via binary patching this goes against usage restrictions for "no modifications of this mod are allowed".
- Users can extract BSAs with Wabbajack, going against warnings for no BSA extraction
- The nexus doesn't seem to provide a good way to track a modder's desire to not allow end users to modify their files
- Wabbajack allows downloading from 3rd party sites that does not maintain author's rights. We currently have a "who cares" attitude, which isn't condusive to collaboration with the modding community. It would be good to improve this situation.
- Wabbajack maintain a list of authors/mods who have opted out of allowing their mods to be modified.
- This list will be editable via a GitHub PR (a hassle for authors), or by including a magic string
WABBAJACK_OPT_OUT_OF_MODIFICATION
(or something similar) to their mod summary page. - Wabbajack will query this info during compilation and refuse to binary patch or extract BSAs for any mod in this list.
- Wabbajack will switch to using code signing for releases, and a non-exe distributed modlist. Modlists will become serialized blobs of data, and not executable code. This means users will know when they are using a unofficial build. And thus someone disabling these content control features will create a modlist that no official Wabbajack build will install.
- Wabbajack will scan files from 3rd party sites to try and find matches with the "opt-out" list. This matching will be done via SHA256 (not very useful) and via filename. So if author
modder334
has opted out and his mod containsmodder334s_immersive_cheese_reborn.esp
, Wabbajack will never create a modlist that downloads opt-out files from a 3rd party site.
There's reason to be leery of Google Drive and Dropbox too unless the mod author themselves is specifically promoting those avenues over the use of others, but in general those are regarded as likely safe whereas Mega and Mediafire are generally assumed to be illegitimate.
I can't speak for other authors on this, but I think if Nexus meets it halfway and offers additional permission options that specify a no-modification and no-reupload policy (they already do, but hook them into the API) then I could live with Wabbajack being able to download the file. I just don't like the idea that this kind of download system strongly marginalizes the mod authors to the point where you end up with a community devoid of diversity like Minecraft.