#privacy
floral pasture
It looks like a good addon, however in my opinion it should be made clearer that the bot token is shared with your API.
I understand its needed to connect and recieve member join events, but ultimately its still the bot token being sent upstream to some black box API
fair solstice
I understand its needed to connect and recieve member join events, but ultimatel...
?
floral pasture
the addon code itsself is opensource, however the actual bot management aspect isnt? If you don't want to open source it thats cool, but imo the distinction should be made clearer
fair solstice
I host everything bot, db, website ect
fair solstice
the addon code itsself is opensource, however the actual bot management aspect i...
only the glua part is open source
floral pasture
I know and its good of you to host these things for people
fair solstice
I know and its good of you to host these things for people
ok I see
floral pasture
But people are going to see this and think "bot token being sent to hidden API"
thats all im saying
fair solstice
You think of abuse or dangerouse beave
floral pasture
if you make that absolutely clear there is literally no issue, and really no point to attack on. other than that its a great addon
floral pasture
You think of abuse or dangerouse beave
yes
fair solstice
I'ts the price of a full host system I have no other way
floral pasture
I dont think you get what im saying here
fair solstice
I dont think you get what im saying here
I just can try by best to protect data: https://gmod-integration.com/privacy
floral pasture
I'm saying that it if you want to keep it closed source thats cool, its your project. I am simply saying that people are going to see this as potentially a risk.
Your current steam workshop doesn't mention anything about your API. In my opinion the wording makes it seem asif the game server is directly connected to discord, where as in reality its being proxied through your API which is out of the server owners control.
All I'm saying is that if you mentioned that in the steamworkshop, just that the addon uses your API and that the token is shared etc there is no issue
fair solstice
hum yes
floral pasture
In my opinion it should just be clearer as to your access to the tokens
fair solstice
I will do it
floral pasture
an additional suggestion
fair solstice
yes ?
floral pasture
you send player_connect hook data directly, which includes the connecting players ip address. there is literally no need for that, so could remove it?
fair solstice
you send `player_connect` hook data directly, which includes the connecting play...
nop, it's a part of the future trust factor system
floral pasture
yeessssh
fair solstice
for vpn, proxy detector
floral pasture
nobody is going to get behind an addon that is essentially just building a massive database of players ip addresses
i hate to say
that should be an optional and more people would use it
i know you're probably innocent here
fair solstice
that should be an optional and more people would use it
I can make a option to activate this by default not activate
floral pasture
but you have to think of it from the other prespective of how much bad could you do with it
fair solstice
xD
floral pasture
I can make a option to activate this by default not activate
yeah
that would be good
gloomy rapids
fair solstice
<a:catYes:828111462416515072>
I probably have SQL injection exploit
When I made this code I just discovery sql
gloomy rapids
fair
floral pasture
anyone bychance remember the default gmod http useragent?
if you make it so it doesn't store everyones ips by default this looks like a good addon tbf if its all managed hosting
fair solstice
https://pls.propkill.me/9DBw.png
?
gloomy rapids
he asked for useragent
fair solstice
https://github.com/linventif/__linventif_stuff/blob/main/lua/linv_stuff/server/s...
I don't think I will make any updates to this. I don't have time anymore, and I've grown and discovered the importance of social interaction.
gmod-interaction is my last gmod projet and i'ts more a discord / web projet
floral pasture
managed to put the social interaction to one side for the gmod grind i respect that
fair solstice
managed to put the social interaction to one side for the gmod grind i respect t...
I just never had much social interaction xD, so now that I'm at university, I'm discovering life
floral pasture
fair
floral pasture
if you make it so it doesn't store everyones ips by default this looks like a go...
^^ that though
as a reminder
Addon token safety
fair solstice
^^ that though
I write it in my trello, and discord
floral pasture
I write it in my trello, and discord
sorry just saw this. i do think the addon idea is good, but in its current state i cannot support it personally
as soon as thats fixed ill support it since it does seem like a good concept
fair solstice
sorry just saw this. i do think the addon idea is good, but in its current state...
It's 6am for me I go sleep and I will do it t2moro
floral pasture
sounds fair
also now actually having read the steam workshop update, its a good step in the right direction but it is very vauge when describing how it actually works.
I get you dont want to over complicate the description, but you should at least mention that your API receives the bot token and runs the bot for the player. Currently "establish communication and synchronization" doesn't really explain the process well enough for it to be a worthwhile disclosure
ofc this is all still in my opinion
fair solstice
also now actually having read the steam workshop update, its a good step in the ...
when you say token bot did you thinks a Discord Bot Token ?
because is not
it's a token generated with /server add
fair solstice
xD