Why not use plugins?
-
@nuclearmoose said:
I have a question about an earlier comment regarding a plugin called 'SDS'. What's that?
-
Personally, I don't use 3rd party plugins. If I need something not built-in, then I'll write the plugin myself. IMO, installing 3rd party plugins is a security issue that is ignored by most (as far as I know). I'm not willing to take the chance on that possibility, even though it may be small.
-
I think that's a bit too much paranoia, you can control who's plug-ins you install.
The best plug-ins are also from a handful of guys who are well trusted here, and also being in a big community, you will also see the reaction of others who have used the plug-ins. -
Stay away from the 'free-porn.rb'
-
As plugins are simple text files with a limited 'vocabulary' they don't have the possibility to do much with your computer outside of the Sketchup window. Maybe create millions of spheres and crash Sketchup.
Every one can open .rb (not .rbs) and read what the script does. So if a plugin has been downloaded 1000 times without any critical comments, it will probably do what it should and not create millions of spheres.But you're right, using ruby files from somewhere in the internet could be risky, especially if it's directly from the search results. A plugin repository where plugins have to pass a review (like for firefox plugins) should be more reliable. SCF is something like repository (although I would like to see a unique repository which is directly connected to Sketchup).
-
david. does bring up an interesting point, one that I would love to ignore, but Google won't. The reason that Google has given for not being able to create a Google sponsored App store is that ruby opens too many security breaches. Ruby can delete all the contents of your hard drive, install virus, etc. Google has said they can't be responsible for that. So it has been hard to get an app store in plce unfortunately.
Even if the app store scanned the ruby code to see what methods it uses - face.pushpull is safe, but hard_drive.format would not be (I don't think that is the actual name of the method ). So they could scan the code before allowing it to bt uploaded to their app store. But ruby allows code to be downlaoded from anywhere on the internet. So google can't track that, hence a security problem.
For now it has been a non-issue, since all of us coders here seem to be trustworthy so far. But it is still a legitimate concern, for Google and users.
As for myself, I use quite a few ruby's, but interestingly, I do not use a lot of them. And I have not mastered any of the geometry manipulating ones like subdivide and smooth (except shape bender and simple loft). But then, I never need to do that stuff. I mostly model boxy cities. So I might never be a full guru since I don't know how to make organic shapes.
Chris
-
The SDS (subdivide and smooth) plug-in is a gem as far as organic modeling goes, it extends SU to areas it was not initially created to be, here is a few of many cartoons that if it was not for plug-ins I would never have been able to create.
-
WoW!!
Th-Th-That's ( Not ) All Folks! -
@david. said:
Personally, I don't use 3rd party plugins. If I need something not built-in, then I'll write the plugin myself. IMO, installing 3rd party plugins is a security issue that is ignored by most (as far as I know). I'm not willing to take the chance on that possibility, even though it may be small.
How do you decide on what applications you install on your computer?
-
@ecuadorian said:
@nuclearmoose said:
I have a question about an earlier comment regarding a plugin called 'SDS'. What's that?
Thanks for the link!
-
I had a theory as regards ACAD
90% of users used it "out of the box"
90% of the remaining 10% used bespoke keyboard short cuts and scripts they got from others
It was the remaining 1% that actually created the short cuts and scripts.Why should SketchUp be any different
-
personally i cant see any good reason for not using plugins. Sure there are a few minor things that might be cause for concern, but when i weigh them up against the amount of time i save using plugins it is incomparable in the extreme.
David, i find your position a little strange. You would willingly invest lots of time redoing whats already been done when checkable ruby exists (in 95% of rubies at least.) Compare that to running binary files on your machine: you have practically zero control over what they actually do and no way of finding out (except in the rare case of an open source program, although this would still likely involve intense scrutiny of a lot of code which could take a long time.) Seems like a contradiction to me.
-
Looking at the development of WordPress would be a great reference tool for establishing similar development of Sketchup plugins. Google seems hesitant, or perhaps outright against the notion of hosting and managing a SU ruby script store. Frankly, we don't need Google for that. Sure, Ruby is capable of doing a lot of nasty things to a computer; WordPress uses JavaScript and PHP and MySQL and trust me, entire web servers can be brought down with the right code inserted into a WordPress-powered site. How is that different that the thousands of extensions available for Mozilla's Firefox browser? or for their email app, Thunderbird? Maybe Apple can protect most iPhone and iPod Touch users, but not for those devices that have been cracked open with jail-breaking software.
My point with all of this is that an effective, safe, and dynamic scripting community can be built for Sketchup. Will there be risks? Yes, but as others have said, coders here have reputations and trust with members. That is the starting point for anyone. If a person is serious about developing for SU, then they know that they must build real trust with the community.
A plugin repository, managed for and by users, is the only way to go. People will look at the code, and they can ask questions. Experienced users can point out obvious issues, and even perhaps outright hostile code. WordPress had all of these issues -- and discussions -- early on, and it was decided that it was going to be up to the community to police itself. Really, isn't that the best way? Now WordPress probably has THOUSANDS of plugins, and they range from very professional, well-coded to the first time unoptimized code of beginners. The cream makes it way to the top, to the point where many of these plugin developers create business opportunities for themselves.
We, as a user base, can't dictate or control where Sketchup goes as an application. However, as a strong, united, viable and active community, we would carry a lot of influence into the future of the program. While WordPress, the core program, is open-source, it is still under tight control, almost, but not quite like Google has total control over Sketchup. However, the developers over there at WordPress.org work to create a better API all the time, offering the theme and plugin communities more and more tools to access and use. All of them benefit, and most especially, the average WordPress user benefits, without knowing a single line of code.
I don't dismiss people's concerns about potential issues that can be created by bad or illicit code, but from my own experience, those concerns can, and do, get addressed all the time. The bad guys try something new, and the community rushes in to fix the problem. It's always there, but by far, the vast majority of plugins do nothing but help people build better web sites and web experiences.
By the way, I'm not a WordPress dot Com employee or anything, and I'm not even a coder. I'm just a bit of an evangelist for a program that I have seen grow from a baby into a grown-up. It gets better all the time, and a LOT of people are enjoying the benefits.
Sketchucation is already a great community. I've only been here a short while and I see a lot of parallels to my WordPress experience. You all know that on the internet, one thing you have of value is your name, and therefore your reputation. Building a formal plugin community would leverage that, and, as I hopefully have shown with this far-too-long-post, is something that is not only possible, but desirable.
-
@chris fullmer said:
So, why don't people use plugins? Do they just not realize how useful they can be?
For people who do use them, how did you start?
When I started SU, I didn't understand what a plugin was. I figured if it wasn't included in the program from the developer, I didn't need it. Further, I didn't want to mess with the program files and break something.
That changed when I discovered Weld, and how easy it is to install them. Now, I just try to keep up with all the new plugins so I know whats available, but I don't install one unless I have a specific need for it. I don't like the clutter from too many plugins.
-
I started to use plugins fairly early - not too much after I finally read the SU Guide (you know the feeling as to "RTFM") and discovered the Ruby section of the old @Last forums then Smustard and the Ruby Library Depot. Then I tried almost every plugin whose description interested me and surely my menus soon started to be cluttered so nowadays I also just use the ones I really need but of course, that's the point in these plugins.
@aerilius said:
As plugins are at the user's own risk, users would have to agree to the terms of use before installing a possible "SCF ruby store and auto-update"-plugin.
I'm not shure about "the user's own risk" and "agree to terms of use". Would this be enough? SCF is no person and can not withstand a court case.Well, we already have the Extensions index although it is a bit abandoned project at the time and its core also needs some revamping.
And for a while, SketchUcation is functioning as a "company" (registered in Ireland in Spring or Summer last year) so we could indeed take legal responsibility (although I am not sure if I wished to do that) -
@chris fullmer said:
... Ruby can delete all the contents of your hard drive, install virus, etc. Google has said they can't be responsible for that ...
Many thanks for pointing this out! I think this should be a real discussion here and not only something like "where do you go if you do not dare to install any software on your pc".
Security is really important if it's connected with responsibilities. We know that browsers have often security leaks, although it is really hard to write a dangerous website with pure javascript: If you don't know the leaks, you can not do things outside the browser because there is no "vocabulary" for that. Websites are like in a sandbox compared to other applications.
That is where Sketchup is different. It's not a sandbox. I don't know much about ruby, but I know exporters that can create files anywhere on the hard drive where you choose it.
So if Google cannot take the risk for an App Store (review would be more complex than for models, they even don't allow yet rich content in model descriptions), SCF will certainly not.Downloading plugins is at one's own risk. But most likely plugins from well known forums might be secure.
[Edit] A direct access to plugins from within Sketchup would nevertheless be fascinating. Technically, it should be feasible, something similar to the 3d-warehouse access in Sketchup. We as a forum of 26000 users have experiences with the plugins on SCF and know quite sure which are definately reliable. As plugins are at the user's own risk, users would have to agree to the terms of use before installing a possible "SCF ruby store and auto-update"-plugin.
I'm not sure about "the user's own risk" and "agree to terms of use". Would this be enough? SCF is no person and can not withstand a court case. -
@unknownuser said:
@tfdesign said:
it's just a case of knowing the 'tricks of the trade'
you're right, all the stuff possible with rubies are possible with native SU tools (though i really wouldn't consider attempting an SDS operation manually). a decent understanding of geometry can get you pretty far in this game but still, what you rather do in this situation:
ya dig?
Yes. Point taken. I dig!
-
Hi,
I use the plugins sparingly. When I start a project, I do this first with the SketchUp tools.
If i run on a specific problem in a project, I think about what plugin could help me to simplify the work flow or to solve a specific problem.
I have a lot of interesting plugins. In the majority of plugins, I was made aware of the Forum.
Usually I am not in a position to plan in advance what plugin could be used for what purpose.
The problem is that one does often not remember which plugin is for what purpose,
since we do not use these plugins every day. Many of us will surely have the same problem.
Sometimes I experiment with different plugins to find out for what purpose I could use it.
Plugins I use frequently are:
• Shape Bender
• Follow me and Keep
• Copy along path
• Round corner and Bevel edges and Corners
• Curve Maker, Taper Maker
• Weld
• Draw helix
The function of these plugins, I have some in my head and know what you can do with it.
The biggest problem is that there are too many plugins. Everyone will surely have a few plugins it knows and uses for specific tasks.
And then you see a tutorial in the forum and you think that is a must have. Then wakes again the collecting fever.
Karlheinz
-
With all of the excellent, insightful comments already posted, I don't know what I could add, but my guess on Why many do not use Plugins would be:
1.Caution against installing some dangerous process.
2.Stubborn-ness.
3.Fear, superstition.
4.Purism.
5.Inexperience with plugins, generally.
I remember as a new user, on discovering Didier Bur's site, looking at the very brief descriptions of the various scripts did not seem sufficient. And, I felt like there was not enough time to explore and experiment with each one. So, there was a reluctance there, and with the limited description, I could not tell whether some of the "more exotic" scripts could be used for general purposes or for a very narrow scope of operations. That caused a concern that loading a whole pile of scripts could somehow bog down the program. And, the fact that my home machine is becoming more obsolete by the day. -
@unknownuser said:
The problem is that one does often not remember which plugin is for what purpose
About use of plug
Just know what do you want specifically to made : an helix?
Just ask here "does this plug exist"* ?
There will be always someone to give the answer
A Forum is made also for thatAbout risk and security
Seems you risk more with falling your latop on the floor or spilling some water (cafe) on it- you can also use the search engine of the forum first
Advertisement