Reusable Packages have the potential to be incredibly useful for marketplace applications, including existing systems like HD/Nanoblox and Adonis.
They include powerful features like versioning (while retaining a toggle to AutoUpdate) which make them an ideal replacement for MainModules (which pose their own security risks and are likely to be removed entirely in the upcoming years).
1. Enhanced Permissions
There’s one key limitation preventing many from adopting them right now: a lack of access permissions that grant anyone the ability to view and use the package without being in a specific group:
Currently you (the package creator) have to grant manual access to others, or the user has to join your group (but even then there’s no view or use-only option). This is not scalable for marketplace applications which may receive thousands of downloads in a single day.
We’d quite like to take a hybrid approach with Nanoblox (to hopefully eventually replace HD Admin) where we use a plugin to install the application into the users place, then have the bulk of the application function under a package.
This would then allow the ‘Core’ of Nanoblox to be easily updated by our users (either via AutoUpdate or manual review) when we publish new changes. These changes include security patches, bug fixes and new features.
This is contrast to MainModules where you’re forced to either fork the MainModule (and lose your ability to receive new updates), or opt-into automatic updates which is not desirable for larger games where this behaviour introduces security vulnerabilities.
Enhanced access permissions will enable us to develop powerful marketplace applications while ensuring safety and security through features such as versioning.
2. Immutable Packages
When you modify a package that you don’t own but have read/use-access to, nothing happens initially. However, when you come to publish the game, it will produce the following warning:
Instead can the behaviour be changed so that as soon as you attempt to modify a script/module/model/etc under a package it prevents you from doing so and instead produces a warning informing you that the package can’t be modified.
Not only will this improve user experience (as there won’t be any unexpected warnings when you attempt to publish/close your game), but it will empower developers to create high-quality applications as users will be unable to modify specific parts of their application without losing automatic updates / versioning.
@Mr_Purrsalot This could then act as more effective alternative to private modules / obfuscated code which developers previously needed or relied upon.