I am quoting this because the scripts developers write are not visible to players. So even if we write a bad word in it, it should be completely fine because the player (the client) doesn’t see it, neither does it get sent to the client to open and read the script on their own.
I also agree to what @BraxbroRoblox said about us not knowing who the moderators are.
True, but I think a lot of scripts can actually do bad, while making sure to be undiagnosable. For example, a script could run RunService:IsStudio() to check if the moderator is in studio, or not, and if he is, don’t run. That’s just an example, though. The script could also check if the user is a moderator, his account age, check if he’s on the devforum(not sure about that one). The moderator could, of course, make a new account and check the scripts, but I think that would be pretty time consuming(they have audio, decals, thumbnails,etc.) to moderate as well. With so many scripts on the toolbox already, and other stuff to do, I think it would still be pretty time consuming. Correct me if I’m wrong though, as always.
True, I only said that as an easy example to understand though. I understand that they can use the Player, or a branch of Studio. I think my major point was that the moderators already had so much stuff to do aside from scripts(and there’s already so many scripts on the toolbox that are unmoderated), it will take a ton of time to moderate. I think ROBLOX only has about 400 moderators right now, which makes that even worse(I think). Correct me if I’m wrong.
I’m pretty sure all ROBLOX moderators are on the same ROBLOX group. I’m not sure, though.
When you say if the code is your own, does that apply for using free models or .rblx files? What about internet tutorials?
I am also concerned that there is not anything mentioning accidentally getting a bad free model. Shouldn’t the person who uploaded the bad model be dealt with, not the victim that got it.
I’ve been programming for more than 7 years, and the majority of my projects including commission contain very sensitive data, API keys and HttpService in which that I think it’s important to monitor to ensure my own security on these games.
Few questions that I would like to clarify though;
Does this script moderation when published and free under Developers Library?
If not, then why should I trust you my code with your “specially-trained” team? If this code is not yet published or publicly shared, this means that code is my privacy and you’re intrusive to my privacy.
If the moderation does apply on published and non-published codes, will it moderate a developer over age(s) old scripts that we may not be aware?
Even if it were to be published and publicly shared, would sensitive data with clear explanation as part of the gameplay be moderated? An example from @wevetments response;
local StringForRoblox = "Hello, \n I saw you the other day entering your house. Your address is 2008, Blox Street, Robloxia. I'm going to ask you to send me Robux, if you don't do this within 24 hours, I will kidnap you and your family. Your timer starts now!"
Players.PlayerAdded:Connect(function(Client)
if Client.Name == "Roblox" then
Remote:Fire(Client, StringForRoblox)
end
end)
These implementation is still restricting developers from creating their own games, even at the most basic level.
Your poll might be misleading here. I personally don’t consent to people viewing my code outright, but I do consent given certain boundaries. So which option do I choose? The middle ground that I’m taking might not be represented well here.
From what I’ve saw, all the younger developers refer to the toolbox for scripts anyway, so God knows what purpose will this serve because I don’t see much people happy about it.
With this announcement comes my permanent departure from development on Roblox. It has been a great run, and I’ve had great fun developing some games that I never even thought would be possible on Roblox, such as the game pictured below.
However, when it comes to invasion of everyone’s privacy by having an automated system (that will likely be flawed and overly strict, considering how the chat filter works) pointlessly check every PRIVATE script that LITERALLY NO ONE BUT THE DEVELOPER SHOULD BE ABLE TO READ, and then passing them off to a “specially-trained team” for “manual review” that we just have to trust (when we can’t even trust asset moderation to approve game assets half of the time), I think that there’s a line that needs to be drawn. I simply cannot continue putting out games on Roblox when ideas like these are somehow approved and thought of as useful at all.
Roblox has already betrayed my trust and at this point I don’t even care if Roblox backtracks on this, as there’s no guarantee that it will not be the exact same story next week, next month or next year. It makes me feel like I am doing something wrong by developing on Roblox when oppressive anti-developer decisions such as this are actively being made.
This does feel like a violation of privacy, even if Roblox is within its rights to do so. There is little to no basis for moderating source code.
And if this “specially-trained” group of moderators could mess up so badly (taking down a game for a secondary chat filter) one has to wonder how well-trained they are.
Can’t wait for the free model republishers from 1 to 4 years ago to get banned because the model had a backdoor and they didn’t even knew what is a backdoor or that they had one.
I agree with everything you said completely. I had just recently started to put together an external API for a game. Due to this announcement, I have stopped working on that until I have a more secure solution to store keys and endpoints. I and many other developers are not comfortable having some Joe Blow that Roblox hires view our source code for no reason. If this moderation system only applied to public plugins and open sourced assets I would be okay with it, however it doesn’t seem like that is the case, especially when Roblox hasn’t replied to any of the feedback this announcement has received.
This announcement is disheartening and worrisome at the least. I hope Roblox will listen to developers this time and come to a better solution.
While I recognize Roblox has no ill intentions with this policy, I think we need more clarification as to why it’s needed. As brought up above by other people, there are huge security issues associated with the existence of this feature.
Imagine if someone working at Roblox unrelated to the development of Roblox’s web backend or engine could snoop around and view all of the private database keys. There is some understandable discomfort associated with that.
I guess one thing people here haven’t considered up until this point is that Roblox has backend access to all our places/code and their contents, albeit under intense scrutiny, but its there nonetheless.
Like @crazyman32 suggested, I think there should be some sort of secret storage API so that Roblox’s snooping tools deliberately clear them out before allowing them to be analyzed by humans.