When the modding community is so heavily plagued with mods that are malicious in some way, I don't think having a modding api that can be safe by convention yet recompiled to be fast would be a bad idea. So while I'm not sure it was the smartest choice, it's not so inanely stupid as you seem to be putting it.

▲

diggan 5 days ago | parent | next [-]

> When the modding community is so heavily plagued with mods that are malicious in some way

Is it? Granted, I'm a heavy mod user myself for various games, but only created mods myself for Cities Skylines and Cities Skylines 2 so I guess I know that ecosystem the best, and yes, there been a few cases of malicious mods, but "heavily plagued"? What ecosystem are you talking about?

▲

Cieric 5 days ago | parent [-]

Most recently in my memory it's been minecraft. There was a wave of mods that were stealing things like discord access tokens, I don't have clear memory on all of the cases that I've been through, just that I always try and verify all mods I can now. I think I remember one for Lethal Company and looking online I'm seeing some referenced for Dota 2, Sims 4 and Slay the Spire.

Just learned Nexus mods is also pretty good about handling anything that's virus like, most of my modding experience has been external to that though.

	▲	Scramblejams 5 days ago \| parent [-]
		Yep, this really bums me out. Wanted to try plenty of Minecraft mods but never wanted to go to the trouble to set up a secure environment, so I never did either. As an only-tangentially-related aside, the difficulty of making mods for Windows games work on Proton also bums me out. I wish some kind of cross-platform, sandboxed modding ecosystem existed solving enough problems that most modders would prefer to use it. I'm not sure that's even possible, though.

▲

naikrovek 5 days ago | parent | prev [-]

If you’re saying that there’s no other way to create a mod API with clear security boundaries, I disagree.

The mod API should not have to do this anyway. The OS should do this. It is beyond belief that most operating systems just allow programs to do anything they want simply because they’re being executed.

And if the OS can’t do this, you run in a VM which nvidia disallow you to do in a performant way.

	▲	Cieric 5 days ago \| parent [-]
		While I agree that it's not the best situation, (and I'm wholly against nvidia in this case.) And yeah this isn't about the mod-game api boundary, this is more about the mod-os boundary since that is harder to control against. WASM from my research so far doesn't allow any of that by default and it has to be passed through by the runtime. In this case it would be passed through to the retargeting compiler. This can give additional benefits like allowing mods on consoles in a more secure way and allowing for targeting the game to future cpu architectures without requiring all mods to recompile their code (not that I think the latter is a reason microsoft cares about.) But the idea of recompiling code when launching a game is already kind of standard on the gpu side of things.