1. On Libraries' Relevance to Users
or
An Impassioned Plea for Users' Rights
Forgive me if I seem to be overreacting to this odd notion of excluding libraries, but I find your tacit suggestion that libraries do not benefit users to be presumptuous. Do you really consider everyone either a scripter or a user? Without overlap? To my thinking, anyone who uses KoLmafia has already taken a step on the path towards scripterhood. The second you string two CLI commands together with a semicolon, you've scripted. Next thing you know, you've saved a bunch of CLI commands in order in a text file. Then you discover you have more control using ASH. Then you discover there are library scripts to help you out, people who have already built important chunks of code that do things you'd like to do in your script. It's simply a question of how deep you want to go, and by excluding libraries from the visible list of scripts you're assuming, a priori, that anyone who uses this GUI instead of typing everything in the CLI by hand (uphill, both ways) is shallow and not interested in libraries that might be available to help them script. From what I've observed, all users are scripters; perhaps future scripters, perhaps not serious scripters, but scripters to some degree, and making it harder for them to access helpful libraries because they are users and therefore not scripters is both presumptuous and fallacious. The degree to which a user is a scripter should be up to each user, not prescribed for them by you or me.
Besides, I thought the primary purpose of mafia presenting an SVN list was to "reduce the barriers", not to "coddle those with technical difficulty". Excluding libraries increases the barriers by roughly categorizing users as separate from scripters, without accounting for overlap or facilitating the journey from one to the other.
2. On the Necessity of an Oligarchic System
or
Control vs. Trust Online: Can an Internet-based Community Deserve Trust?
I must also penguinfully disgree with your claim, Mr. Jobs, that approval is necessary before inclusion. Unless you're dealing with 5th-graders, inclusions that pass muster (correct format, no obvious red flags) can simply be moderated after submission, with much less of a burden on both submitters and regulators. Moderators could be sent a notification whenever a script is registered, to aid swift reaction times. Further, requiring forum membership (or KoL membership; the submission could be made from the logged-in GUI) makes for an extremely small slice of the internet pie, and as you've already noted, our community has a good record of trustworthiness. Let's compare the two:
Approval before submission
Pros: No bogus submissions. People in charge feel important and helpful.
Cons: All users, including the good majority, must wait for a person who has control and power over them to decide their fate. The amount of time this takes will vary based on approver availability. Users feel like they're being scanned at the airport, which frequently leads to negative feelings towards the security officers.
Worst case: Approvers all go on vacation simultaneously, causing delay and frustration to entire userbase. Personal feelings/vendettas can result in unfair regulation of submissions, because with this system, it's personal.
Moderation after submission:
Pros: Freedom to submit for all users. No delays, regardless of moderator activity level. Giving users power/responsibility/choice causes them to feel trusted.
Cons: Fifth-grade users may successfully submit penis.ash when their parents aren't looking.
Worst case: A daft, foolhardy user installs and runs penis.ash before moderators remove it (they're all on vacation). Surprise! The script turns out to be malicious and sends all of the user's meat to some other account. Since the author of penis.ash is known, that user is banned and reported everywhere it's possible to report them. The daft, foolhardy user learns a valuable lesson.
In both cases, problems arise when the human element is tardy. Who then does the system punish when that happens? In the case of pre-approval, everyone is punished. In the case of post-approval, only the daft, foolhardy user who actually installs the harmful script is punished. The second option strikes me as much more fair, in addition to promoting a healthy community.
In most apps where user content is permitted carte blanche, there is also a peer feedback system. Having a "vouch" button show up for your installed scripts would be a neat way to reduce problems with the post-approval method to practically zero. Scripts with multiple vouches would be "trusted scripts" whereas users "without technical ability" probably ought to avoid scripts that have very few vouches. If the number of vouches could be expanded to show who had vouched for the script, it might even be more helpful, since the vouch of prominent users would carry more weight.
It appears we differ philosophically -- perhaps even politically -- on this age-old debate of freedom vs. security. As a teacher, I believe it's important to the classroom environment that the students be trusted, and that's what's governing my opinion here. I feel wary that amid the clamor for high security in this system, we will neglect the community aspect. I believe that KoLmafia users can, by and large, be trusted to submit good scripts and correct data, and that we should not penalize the many for the crimes of the few. I believe that by simply regulating input (rejecting anything harmful or incorrectly formatted) we can eliminate penis-ridden submissions, and in the unlikely but possible case that a maleficent, identifiable, registered player or forum member deliberately submits bogus data, I have no doubt that our team of alert and knowledgeable moderators would take it down before it could do any harm and ban/report the offender, reducing the the payback for any malicious user and making it not worth their while.
I respectfully yield the floor.