Planet Search
(https://img.shields.io/github/downloads/andylizi/starsector-planet-search/total?style=for-the-badge) (https://github.com/andylizi/starsector-planet-search/releases) (https://img.shields.io/github/license/andylizi/starsector-planet-search?label=source&style=for-the-badge) (https://github.com/andylizi/starsector-planet-search) (https://img.shields.io/badge/version%20checker-v1.2.2-blue?style=for-the-badge) (https://fractalsoftworks.com/forum/index.php?topic=8181.0)
(https://i.imgur.com/haEb5DZ.png)
This mod adds a search box to the planet list. That's all. It works as you'd expect. No more scrolling around, muttering ABCs under your breath, no more! Why this isn't in the base game is something I'll never understand.
It's a utility mod and can be added or removed at any time.
Download: https://github.com/andylizi/starsector-planet-search/releases
Version v1.2.2 supports 0.97a and later.
Version v1.2.1 supports 0.96a and later.
Version v1.2.0 supports 0.95.1a and later.
Version v1.1.0 supports 0.9.1a and later.
There's a somewhat similar mod called Explore the Galaxy that allows you to search for ideal colony systems using various filter conditions. Check it out here. (https://fractalsoftworks.com/forum/index.php?topic=21800.0)
Changelog
v1.2.2 - Bump the game version to 0.97a. There are no code changes.
v1.2.1 - Drop support for versions below 0.96a; Relicense to MPL-2.0
v1.2.0 - Support localization via strings.json; Drop support for versions below 0.95.1a
v1.1.0 - Fix a crash related to map dragging; Add version checker support
v1.0.1 - Fix filter showing up on the planet info view
v1.0.0 - Initial release
I would be wary of using andylizi's techniques - I think the code dances on the line of what is and isn't allowed.
why would it not be allowed?
Alex disables (some) reflection and (some) file operations. Using parts he did not (or could not) disable could be forbidden. Until he chimes in, though, it is a gray area. As such, committing to a mod that depends on these techniques could be disastrous for the mod itself (e.g. removed from the forums?).
Yeah, it's a bit of grey area. Regarding the use of reflection, however, I would argue that restrictions as a security precaution is not a good idea in the first place, at least not in its current form.
This is based on the idea that an incomplete and easily bypassable security measure is worst than no security measure at all. It can lure users into a false sense of safety, when the fact is that running untrusted code from the Internet is fundamentally unsafe (unless it's in an industrial grade, battle-tested sandbox, like a modern browser).
For example, the game currently forbids file IO and reflection operation using a custom ClassLoader. Even if we pretend there's no way to bypass those, a malicious attacker can still write: Runtime.getRuntime().exec("format C:");
which is not forbidden, and much more dangerous than just "file IO"!
Now this isn't to say there's no solution. The "accepted" way to sandbox against malicious code is by setting up a Security Manager (https://docs.oracle.com/javase/7/docs/technotes/guides/security/permissions.html). This is not trivial and difficult to do properly, and newer versions of Java are already planning to remove it entirely (JEP 411: Deprecate the Security Manager for Removal (https://openjdk.java.net/jeps/411)):The threat of accidental vulnerabilities in local code is almost impossible to address with the Security Manager. Many of the claims that the Security Manager is widely used to secure local code do not stand up to scrutiny; it is used far less in production than many people assume. There are many reasons for its lack of use……
But let's assume, for the sake of the argument, that we managed to set up a flawless Security Manager or other equivalent measures. Would that mean a mod can't act maliciously anymore? Well, there's still nothing to stop a mod from deleting a player's fleet and other assets "the legit way", and then saving the game… It's pure pettiness, but impossible to guard against.
I hesitate to address this, but the use of reflection is actually not the biggest problem of this kind of technique. The problem is, to use reflection to modify the game effectively, it necessarily requires privileged knowledge of the game's internal working. One of the ways to acquire this knowledge is by reverse-engineering, which clearly violates Starsector's User License:You agree that you will not, under any circumstances:
a. In whole or in part, copy or reproduce (except as provided herein), translate,
reverse engineer, derive source code from, modify, disassemble, decompile, or
create derivative works based on the Game;
(Which I definitely did not do, of course. I actually got this knowledge from a dream I had, do you know? It was a very informative dream. ;) )
(Honestly, the legal status of mods is already a bit vague in my opinion. For example,A "Mod" is defined as a set of graphics, data, and/or sound assets that adds new
content to or otherwise modifies the Game, but does not include the Game, and
requires the Game in order to be used.
This excludes all mods that contain scripts, as executable code obviously can't be counted as "graphics, data, and/or sound assets". It was last updated in 2012, maybe there aren't scripting APIs back then?)
Regarding creating mods by reverse-engineering, different games take different stances:- Minecraft, famous for its lack of an official API, publishes its obfuscation mappings (https://cpw.github.io/MinecraftMappingData) "in an effort to help make modding the game easier", with the restriction that one may only use these mappings for "development purposes" and may not "redistribute the mappings complete and unmodified" or share the deobfuscated source code. Even before that, they acquiesce in the existence of MCP (https://minecraft.fandom.com/wiki/Programs_and_editors/Mod_Coder_Pack) and Forge.
- Don't Starve is written and distributed in unobfuscated Lua source files, so there isn't a concept of "reverse-engineering".
- Rimworld "provides a bunch of code snippets in ../Source/, relative to your Rimworld installation. Since this isn't a lot, one might want to take a look at the game's full source code. RimWorld's EULA allows you to decompile the game for personal use. It's recommended to read it." Patching the game code is done by using a library called Harmony (https://github.com/pardeike/Harmony).
- Factorio provides Lua APIs that can satisfy most modding needs; there's no need for reverse-engineering. No to mention is basically impossible to do so to a C++ game.
- Kerbal Space Program similarly provides a highly complete C# API.
So in the end, what is considered acceptable depends on the game developer. It's understandable if Alex decides he doesn't want these kinds of mods in his game after all. My intention for developing this mod and the similar Dialog Minimap (https://fractalsoftworks.com/forum/index.php?topic=23199.0) is to solve the pet peeves I have while playing, and I released it on the idea that other people could have the same issues. It'd be a pity, but ultimately not a big loss.
Edit 2: Do you mind if I steal some of your code? Ideally, would love to just use a lib of some sort (see above edit), but lacking that I can copy some of your classes instead. What I want to do is to replace your text field with normal button, and upon click show interaction dialog with (now easily moddable, since no reflection needed) filtering UI. On dialog close, either a new List<PlanetAPI> is generated & displayed, or a new dynamic filter is added and used for filtering.
Sure! You're welcome to it, if you still want to after the above. :D
The whole of andylizi's post about modding and malicious code (a bit big to quote properly)
Very interesting read. I had no idea. I thought games were executed in a safe-ish environment of their own and could not access core system files or functions that easily. Thanks for the clarification. And thanks to Jaghaimo for the warning.