This is an incredible feature, I do have to ask… what is the speed of the plugins popping up? I saw a massive delay on the video but I believe that is just the video itself. Is it extremely slow or is it relatively fast like the other categories?
People already started abusing sell feature, and I see plugin (useless one) that costs over R$1M.
One more question, how we can preview plugin before we gonna pay for it, since I dont wan’t to buy plugin and then, realize that’s just an empty, click-bait, or virus?
I don’t particularly agree with this feature yet if it were released to the public, as it could create some very dicey situations, what if you buy a plugin just to have the creator take out/modify a feature you may have bought the plugin for? Adding onto what buildthomas said, they would have to re-introduce the idea of private modules if they were going to fix the re-upload problem, which then again brings up the overall issue of malicious code being implanted within a module. For now the system is a white list, so I doubt this will become an issue, but it’s something to think about.
I’m optimistic that all these issues may be worked out, this is very enticing and sure does add an incentive to making plugins despite these issues. Another way for developers to find success on Roblox.
Allowing plugins to be closed-source is best way I can think of to allow paid plugins to work at scale, otherwise the issue of people re-uploading plugins (either as exact copies or even with significant changes) can become too big of an issue.
For what it’s worth, as a developer I would feel 100% comfortable running a closed-source plugin if there was a proper permissions system in which developers have to manually authorize the plugin to perform certain actions (datastore access, HttpService calls, InsertService on behalf of the game, etc.) which could cause harm.
I will say though, the paid marketplace really excites me because factoring revenue into search relevancy will completely obliterate the swaths of botted assets that currently plague the library. If done right, this will drastically increase the quality of assets available to developers on the platform.
Edit: a follow-up on a closed-source plugin giving its creator admin commands in your game:
I wouldn’t say re-uploading to the Marketplace is the issue here. We’ve got two major problems going against each other.
Nobody wants to end up using a plugin which isn’t trustworthy. They want to inspect the source, or at least be sure that Roblox has put in precautions to prevent backdoors from being slipped in, which last I checked is still an issue.
If the source is available, it can be reuploaded. The incentive here isn’t cash for everyone though, no. It will be the groups of people who can’t afford plugins. This already happens at a much larger scale with programs like Photoshop. People are going to be setting up places to download plugins without having to pay the creator.
Only solution I can really see is if Roblox finds some way to ramp up security on plugins enough that we can rely on not needing to see the source. Even if it’s solved though, I’d imagine that pirated plugins are still going to be a big issue. Even if the code is closed-source, it’s still on our PCs. I can see it being a market where devs will pay to have the tools to crack plugins wide open and distribute them online.
It gets annoying, for example: someone would like to try to find an plugin, and instead of viewing actual plugins, see botted plugins that are empty or with some sort of virus.
As others have stated, unless there is a proper permission system in place AND if the plugins and have hidden source code, nobody wants to use this. This also brings us back to why closed modules were shut down in the first place, because you couldn’t see what they were doing.
Now there is another thing that does this, so is Roblox making another mistake by releasing hidden source plugins that can cause even more harm?
If they feel comfortable enough to add a plugin system like this they sure should add private modules back because then there is almost no difference between them, other than the private modules being “more safe” since they don’t actually edit the game itself but can only do things at run-time.
Other than that rant I like where we’re finally headed with a native system in place. This has been wanted for a long time, and the support for it is here soonTM, and now we all have much better times ahead of us.
Now it’s clear that it’s up to Roblox on how to fix the sustainability for sold plugins, but an example way to fix it could be through letting the plugins run on their servers, and send instructions to the studio sessions.
That way they can’t get a hold of the source of the plugins, but “only” what it is doing.
Actually, one solution over people trying to appear in top position with spam-purchase or similar is to make a Permanent Price, where once you set a number, you can only put the Plugin OnSale or Offsale.
The bad side to this is that only Paid Plugins would be trustable due that only people accessing it have rated the plugin, it would be very similar to Paid Access game, the project is being voted by actual users, and not Bots. for almost 100%, Most likely won’t happen, but i guess it would cost quite alot to bot-purchase it, hence making it not-worthy to do.
Is there source protection? Someone could easily reupload a plugin and steal all revenue from a hard working developer. Also, uploading plugins should be a more mainstream process.
Pretty nice but it will be kinda hard to make sure others don’t copy work unless you figure out a way to fix this I think it will be fine. But I was looking forward to a feature like this so I’m glad they actually made a marketplace for plugins. Possibly, we could have models in the future!
Q: Do you have plans on allowing subscriptions to plugins in the futures? Similar to how VIP Servers work currently.
I personally wouldn’t really like to see this as a feature as I don’t believe developers should pay monthly to use a plugin.
Relating to the topic about plugin source security:
Also I do believe that there now is some sort of security towards a plugin’s source code. Before, if you ran game:GetService("InsertService"):LoadAsset(PLUGIN_ID)[1].Parent = workspace inside of Roblox Studio’s command line, it would give you the plugin source code.
I used @AlreadyPro’s Character Loader as an example
I now believe that when you run this piece of code, it will output a 403/bad request error:
However, I’m still not too sure if a user can get a plugin’s source once they have it installed.
As stated by other users
On the other hand, I don’t think that this should be prevented as the user wouldn’t know if they’re installing a malicious plugin or a safe one.
I have a few questions, most of which have already been stated.
What would happen if the plugin creator made a plugin paid that you already had installed? would you need to pay to continue using it or would it be locked on its current version, or something else?
as many others have stated; how can we verify the plugins are safe, and that they really contain the thing we paid for?
It’s a good step, but needs more work before it should be made fully public.