Open KazWolfe opened 3 months ago
NotNite
commented
3 months ago I'm against the concept of Plogon modifying manifest files of the build output; currently you can trust that it is an exact copy of what was on the repository with no tricks (minus secrets), and I'd rather not encourage the possibility that the build system can tamper with output files in any way, nor should that be something we encourage as features.
goaaats
commented
3 months ago The API should probably patch it in, if this is desirable. Probably is, since we could remove a lot of special handling in Dalamud.
KazWolfe
commented
3 months ago If “tampering” with manifests is a problem, then we can avoid that step somehow and just ensure our generated pluginmaster contains the proper URLs. We would, however, need to verify that we aren’t loading any image URLs from the manifest proper so that we don’t leak info to servers not within our control.
For what it’s worth though, I see the manifest as effectively an “app store metadata” file. I’m not sure this qualifies for the same level of immutability as any actual binary data in general. The code and build logs remain public and on public runners, so this isn’t behavior that wouldn’t be clearly seen and documented.
Plogon should generate its manifest files such that it overwrites any developer-provided
IconUrlorImageUrlswith the images present in D17. This would allow Dalamud proper to simplify its icon fetching code to only handle a single case and always load images from a remote with no consideration about third-party status.As a secondary consideration, plugin developers should be allowed to specify images with arbitrary names for the preview/marketing images, meaning a schema change to the TOML would be required. Example:
All images would need to be committed to D17, allowing updates without plugin version bumps.