[Bf-committers] Blender Addons Policy

2021-06-18 Thread Lechu Sokolowski via Bf-committers 
Hi all,

I was informed that "When it comes to bundling add-ons with Blender, the policy 
is changing for the upcoming release."

I was asked to ask the following questions here:
1. Does this mean that Blender 3.0 and all the future versions won't include 
any commercial addons such as Archipack, Blendkit, Bsurfaces, etc?
2. Will there be any new guidelines to the Community Addons linking directly to 
the creator's private sites and portfolios? Examples are Oscurant Tools, 
Amaranth, etc? Or do you need to be signed up for a Diamond Sponsor level just 
like with the commercial addons?
3. Does this mean there won't be Community Addons linking directly to 
commercial applications like Nuke, Autodesk software, Unreal Engine, etc?

--
Lech Sokolowski
chocofur.com
___
Bf-committers mailing list
Bf-committers@blender.org
List details, subscription details or unsubscribe:
https://lists.blender.org/mailman/listinfo/bf-committers

Re: [Bf-committers] Buildbot Update - June 18, 2021

2021-06-18 Thread Jacob Merrill via Bf-committers 
Thanks for all you do!


On Fri, Jun 18, 2021 at 8:09 AM James Monteath via Bf-committers <
bf-committers@blender.org> wrote:

> Hi all,
>
> Buildbot has been updated.
> https://builder.blender.org/admin/#/builders
>
> Notable changes on the Wiki.
> https://wiki.blender.org/wiki/Infrastructure/BuildBot#Notable_Changes
>
> --
> James Monteath - ja...@blender.org - www.blender.org
> Blender DevOps Engineer
> ___
> Bf-committers mailing list
> Bf-committers@blender.org
> List details, subscription details or unsubscribe:
> https://lists.blender.org/mailman/listinfo/bf-committers
>
___
Bf-committers mailing list
Bf-committers@blender.org
List details, subscription details or unsubscribe:
https://lists.blender.org/mailman/listinfo/bf-committers

[Bf-committers] Buildbot Update - June 18, 2021

2021-06-18 Thread James Monteath via Bf-committers 
Hi all,

Buildbot has been updated.
https://builder.blender.org/admin/#/builders

Notable changes on the Wiki.
https://wiki.blender.org/wiki/Infrastructure/BuildBot#Notable_Changes

-- 
James Monteath - ja...@blender.org - www.blender.org
Blender DevOps Engineer
___
Bf-committers mailing list
Bf-committers@blender.org
List details, subscription details or unsubscribe:
https://lists.blender.org/mailman/listinfo/bf-committers

Re: [Bf-committers] Blender 2.93 Released!

2021-06-18 Thread Dan McGrath via Bf-committers 
Also, maybe of interest: SLSA

https://thehackernews.com/2021/06/google-releases-new-framework-to.html

On Thu, Jun 17, 2021, 11:57 PM Dan McGrath  wrote:

> Hi,
>
> Just a thought, assuming only non commercial add-ons, but is there any use
> in pushing such a add-on system into the python pip repos?
>
> As long as you own the namespace, like blender-*, for example, you would
> at least be able to offload the hosting burden to pip, as well as benefit
> from their battle hardened system.
>
> On Thu, Jun 17, 2021, 9:23 PM Brecht Van Lommel 
> wrote:
>
>> There are certainly challenges implementing such a system, though it's
>> been done many times in other applications. It's too early to go into such
>> details, it's not clear this will even happen or when.
>>
>> On Thu, Jun 17, 2021 at 10:14 PM Dan McGrath 
>> wrote:
>>
>>> Hi,
>>>
>>> For an official online repository that is integrated into Blender, users
 would not notice much difference compared to bundled add-ons. I think it
 would be valuable to have a way for more developers to share their
 add-ons
 in the same way.

>>>
>>> Out of curiosity, where and how were you thinking of hosting this
>>> repository? I would suggest our Google workspace area, due to the ACL,
>>> accountability and immutability of their system, but I don't know that the
>>> team would prefer that over S3 or self hosting.
>>>
>>> If self hosted, what about the security of this? A compromise of a
>>> binary is trickier; the binary rarely changes, has well known checksums, is
>>> signed (on Win/Mac) and at least goes through mirrors and Microsoft which
>>> surely have excellent monitoring for unusual behaviour and known malware.
>>> If you start self-hosting auto-updating python code, files are directly
>>> uploaded into users' networks and devices. You bypass a lot of that built
>>> in security in our delivery pipeline in a way I don't know you can easily
>>> compensate for, not to mention all of the bandwidth costs which are already
>>> a challenge to our gigabit link.
>>>
>>> --
>>> Cheers,
>>> Danny
>>>
>>> --
>>> Danny McGrath - danmcgrath...@gmail.com
>>> GPG key: EDF6 AFF5 2086 F93A 1F59 36A5 44B6 26F3 6968 71CA
>>>
>>
___
Bf-committers mailing list
Bf-committers@blender.org
List details, subscription details or unsubscribe:
https://lists.blender.org/mailman/listinfo/bf-committers