I wouldn't rely on the forums as a means to communicate with the publisher. Half the time they'd go by a different name anyway. That's what the 'Contact Publisher' button is for.
As for the video player, I am pretty sure that Taylor Dale is ZBox around these parts. He seems pretty accomodating to me. And the reviews don't seem to give any indication of any issues.
That was an example as this is what I hear high-profile users complain most often about - some extensions are WIndows-only, some can't hold up with large-resolution videos because their decoder is written in GML, a few fit all purposes but are not stable and the authors hadn't been responding to publisher contact emails for a while. Which brings us to...
We are working in the constraints of a closed source environment after all.
There are layers upon layers of closed source environments, from components to OSs to hardware itself. Yet that somehow didn't stop people from making open-source software in past.
There are also slightly different levels of trust and expectations from a single-person asset creator versus a company that shouldn't mysteriously disappear one misty morning.
Exactly, and you wonder why Authors might want to protect their code?
It requires a great deal of technical knowledge on the subject to "steal" something without a single trace, often more than making it from scratch. For example, last year someone got caught on have been lifting code from my and few other's assets, and they did rewrite the code, but the general flow remained the same, so they were outed by fact that the edge case behaviour on few effects was exactly the same as in originals. Most of the people that are willing to steal work
won't even go that far.
For a larger-scale example, few years ago there was that court case where one company based their MMO client on other company's MMO client while writing a custom backend. And got caught on some easter egg grade behaviour if the user did very specific actions. And owed millions of dollars in the end.
As they say, if you want absolute security, never release anything ever. Or license things privately and with a legally binding contract if you may.
1) It could still be GML that has been encrypted in a manner that the IDE can still read it but not make the code visible to the user. So, it would not change the compiling of the project at all, other than the IDE unencrypting it for compilation. As long as it were done in memory, there would be nothing for the end user to easily get their hands on.
Yes and no. For example, GameMaker's HTML5 runtime is stored in a encrypted archive called scripts.html5.zip. Just as you would expect of this, over years various people found ways to get into that. Know why it's not a big deal? It's still obfuscated. There's nothing won by getting to it, and it's impractical to pick that apart, just like any medium/large scale web application.
2) Yes, there is the worry of a bug. But that is possible with any product. It could be that the end user buys the library for $5 and the source code for $20 or something of that nature. Or, maybe the Yoyo Marketplace has the source code stored away, and if somebody quits supporting their extension, it gets released to people who had purchased the extension?!?! Or maybe, the marketplace can be setup to offer refunds in the case of game breaker bugs. Or some other safeguard to be determined.
Even if we assume that YYG would be willing to go those lengths (none of other engine creators did), that wouldn't go very far without someone manually reviewing each asset to make sure that the source code is what it is, is not obfuscated, and otherwise usable. And you can't offer long-term refunds if the asset creator got their money months ago and now is nowhere to be found - it'd have to be at your own expense.
GameMaker semi compiles the code at build time. Pretty obvious they'd have the means to decompile their own format if they wanted to.
Absolutely no potential side effects with shipping a feature-complete decompiler to the end user, none whatsoever. 10/10 idea
Why not have the option to compile extensions into the format that he runner uses and just import that as an extension, with all of the code hidden away, just exposing the functions to the end user. The same way that DLL's are used.
That's not the case for HTML5 and also not all that secure.
You could very well restructure your extension to be a native extension with the GML part only calling one or other GM function and then returning the result back to the native code.