Add a proper system for Scoped Sandbox Stratagem

[MulverineX]

This would replace the current modules mechanism and allow language-agnostic sandbox customization beyond the defaults in a secure manner.

data/funny_pack_private/luafy/sandbox_requests.json - Global for all scripts within the namespace Example scope:

• web_requests
  • match_url Regex string
  • per_day Integer, -1 for infinite
  • max_size Integer, maximum outgoing or incoming request size in bytes, -1 for infinite
  • required Whether to disable all Luafy scripts in the namespace if this isn't authorized
  • reason Short explanation to end-users & server administrators why you need this scope

config/luafy/sandbox.json

{
  "funny_pack_private": {
    "hash": "au56soh273628...", // hash of the scopes config, if this doesn't match, the namespace is disabled and an error is printed in console. This hash is automatically populated by the mod once
    "web_requests": true
  },
  "i_made_this": true
}

true at the root of the scopes object for a specific namespace would authorize any sandbox change made by the namespace, this is dangerous and should only be used by people developing scripts themselves, platforms shouldn't allow packs that recommend setting this. A warning is printed to console when a namespace has this set

If a namespace fails to get a required scope, an error is posted in the server console

If multiple datapacks try to change the scopes for the same namespace, all involved datapacks are disabled and an error is printed to console

If multiple datapacks try to register scripts in a namespace that has sandbox changes, all involved datapacks are disabled and an error is printed to console

If a namespace outside of a datapack tries to call sandbox-exception namespace scripts, that fails. The only way this is supported is through the use of another namespace within the same pack that doesn't have sandbox exceptions.

[MulverineX]

Any namespaces that use this, forcefully use #29