Lua Viewer Alpha

  • Search existing ideas before submitting- Use for customer support issues- Keep posts on-topic Thank you for your ideas!
Why Lua?
As a programmer, I've never been a fan of Lua. It's cumbersome, and tries to "do things differently" than every other scripting language. Take for example array indexes. Everyone is familiar with index zero being the first entry of an array. Lua uses index one. Going back and forth between the two when trying to interface stuff with LSL is going to be a pain, because if I have a index that is entry 14 in LSL, it will be entry 15 in Lua. Or how everything is separated, and there is no object model, except for when there is a object model, but the decision of a object model is completely random. If you want to insert into a table, you don't do MyTable.append() , or MyTable.push() , you have to call the "table" object, which has a function "insert": table.insert(MyTable, MyValue) . Another is Lua's bitwise. I forget what the functions are specifically, but I remember when I had to do stuff in Garry's Mod, if you wanted to do bitwise operators, it was stuff like bit.xor(a, b) instead of what everyone else does like a^b . Don't get me wrong, I really appreciate that there is effort going to do client side scripting, and it would be hella useful, but I don't see Lua as the future. It's been dying out of favor from what I've seen, even Garry Newman (The creator of Garry's Mod) has fallen out with Lua. ( ) It would make more sense to use a language that is more in-line with what people are familiar with, such as Python or JavaScript. If sandboxing is a issue(EG: Preventing file access), the V8 engine is what NodeJS uses. NodeJS just implements interfaces such as file access into V8. Otherwise, V8 is just a engine for JavaScript without any bells/whistles. ( ) Javascript even comes with the benefit of being able to do WASM, which is almost on par with native machine code. If Lua is ultimately the decided language, I really really do not see myself using it. I had to use it recently to implement interfaces for a DNS service(PowerDNS), and it was horribly painful to work with, because it felt like everything I knew about programming was thrown out the window. I highly ask that a second look be taken on which language to use for client side scripting, I really do not feel that Lua fits with Second Life, and that there are much better choices to choose from, especially ones that would better align with what people who do programming in Second Life are familiar with.
Signed Client Scripts / Client Script Repository
In Brief If a client side scripting solution is decided on, I would suggest either some form of official clientside script repository, or a way of scripts being signed to run clientside so that the script could be removed, or signature can be revoked incase of abuse. The problem There is a huge desire for products in sl to be able to load a script into the viewer for increased functionality. See this request There is also a desire for the client side scripting to be very powerful. (For instance RLV like control of inventory may be an almost minimum level requirement desired for clientside scripting) These 2 desires cause 2 main problems that this proposal could resolve to some degree. Security Shared Experience Without a solution to this we could see a rejection of clientside scripts as they are regarded as unsafe and or unwieldly with further fragmentation of experience as users do or do not have certain scripts installed if there is no way for an LSL script to guranree a clientside script is loaded. Security For security we would need a very granular permission system, which will inevitably result in people either refusing them because they don't understand, or just clicking yes because they don't understand/care. Which are both bad outcomes.... This is also assuming that nobody finds some exploit to escape whatever sandboxing will be done on clientside scripts. And as scripts being signed/ in repo, can require them to be full and cleanly open source, some level of abuse can be prevented / inspected from the start. A permission system would still be very desirable, but less critical and less of a problem if scripts that can run in a default setup are vetted somewhat in advance. Shared Experience For shared experience, we could end up rapidly devolving into "Script only works on X viewer because that's what I designed it for" kind of products. With this solution an LSL script could prompt for a known good clientside script to be running/installed on the users viewer with user approval, and get expected functionality from it, Consistently across viewers as there would be little incentive for a TPV to break what is available to these scripts. Propsed Solution Summary A form of script signing, or official repository, managed by LL or some approved user group, to be the only way remote code could be loaded would solve most of those problems. This would not prevent people from running custom clientside scripts, but allow LSL scripts to interact with "known good" clientside functionality provided by scripts. I would also suggest to prevent people just telling others to "go download this zip and extract it here" that this signature/repository source, be enforced by default. Thus lsl could run something like llPromptForClientsideScript(<some_form_of_script_id>) and get a response from the viewer once the script has either been loaded (installed and loaded or if it already running etc), or the user declined the script. Problems I see with this proposed solution This would require anyone wanting new functionality for a general sl audience to either get their script approved, or get their functionality added to an existing project that's in good standing. Though this could still be faster and easier than getting desired features included into current viewers. To alleviate the above somewhat, I would suggest some form of "Good Standing" where once added, a source (be that a project or individual) can update their script with less manual oversight. It adds some extra continuous workload to LL or whatever user group. is decided to be in control of approval. Opinionated decisions will likely be a problem, with some features being deemed inappropriate by some and not by others. Developers / Power Users To allow for the creation of scripts and tinkering by power users, I would suggest the viewer needs to be launched with some sort of flag to disable the signature/repo requirement. With some clear warnings to less experienced users as to the risks this may entail.
Load More