New App Feature Proposals - SudokuPad/sudokutools GitHub Wiki

Puzzle Prototyping Feature

Goal:

To enable a setter to include some amount of javascript with a puzzle to implement a new feature for testing

Issues:

How to prevent from malicious code executing from within the SudokuPad website
How to avoid or mitigate errors or deprecations
How to keep included code compact

Potential Approaches

Make this "opt-in" for the solver.

This would push responsibility on them. Perhaps show source code to them.
Make this a manual process.

Puzzles can be submitted and moderators will determine if safe. Puzzle would be published on server. Testing by setter still an issue
Make this a special client on different domain.

Allows separation of "safe" and "unsafe" puzzle environments. Makes setting and testing easier. Still dangerous for solver.
Create a tight API or even custom language subset.

Could solve many issues, but much more complex to implement. Might still have "hidden/unknown" dangers.

Likely Approach

Browser extension for development. Puzzles can be built and initially tested only with extension
Puzzle with new feature is submitted to labs.sudokupad.app for safety review. Will have certain constraints and limits on code style size and features. Will not be tested for bugs, etc.
If accepted, feature is added to "labs", and puzzle can be shared and further tested on labs.sudokupad.app
Solvers can also vote on labs features
If feature passes certain bar of popularity, it may be added as a first-party feature to sudokupad.app

This way, new features can be build and tested. After a small submission process they can even be shared, and this enables this use for on-off features shared in a video, for example. Puzzles can be built and tested immediately, but not shared on publicly trusted channels until after they have undergone a simple safety check, after which they can be shared in the "labs" environment, signifying features that are not fully integrated with the app.