I was wondering if I its ok to give away the users compiled files instead of giving python source code. I tested on few different machines the python script I wrote from x64 to x32 as well , the only error I got on one of machine was Bad magic number also if we open the pyc file in notepad it shows machine language text but it shows the path(location) where it was last compoled so that shows what Autodesk Maya I used and my computer username… any idea how to get rid of this detail that get with pyc file or if their is some better way to hide source code ?
One of our tech artists distributed some of his tools as a large (10mb) .exe file with all required libs compiled into it.
It worked quite well, but I don’t know what he used to compile his executables.
Maybe that would be an option?
It’s fine to give them pyc files, but heres a few things to keep in mind:
a)pyc files are easy to reverse engineer. It’s only a deterrent. Same goes for exe compiled py files (and in answer to the question above about what he used to compile: probably py2exe or py2app etc)
b)You’ll have a much harder time finding problems that users report
c)Are you really doing anything that needs obfuscation? If you are, a compiled c++ plugin is probably better. Otherwise chances are it’s unfounded paranoia.
d)pyc files will require external documentation
You can edit the pyc file to remove the compile information and/or give it alternative data there instead.
Personally, unless it’s proprietary information, I’m all for giving out the actual py file. It’s easier for the user to debug and modify and less headaches for me(which is why I use python in the first place)
I too use python in the first place, I started of with mel but now I dont even think of writing anything in MEL until someone ask me so , I have seen many cases in this industry people stealing other people work which is why I want to hide code I write not because I am not sure what I am doing, I am happy giving away pyc , at-least newbies wont attempt to manipulate to post it as if their own since they cannot reverse engineer…
don’t agree with the point d) as far as documentation is concerned the help function in python is handy to put some useful info inside atleast for small scripts that run for Maya. [in some scripts I have embeded report me back over internet in case an error occurs]…
I am not going to stick it as regular practice… but will use it for some time/ and where ever necessary …
I think you’re blowing this out of proportion. If you’re writing something advanced enough/proprietary that you want to ensure no one has access to your methods then make a compiled c++ plugin; otherwise just release it as a .py file. As dogvil said you can reverse-engineer .pyc files so it is certainly not a fool-proof method of hiding your source code.
Secondly, I feel that releasing source code of tools is a great way to keep the open development environment of maya’s community alive. So many of us have learned a lot of what we know from the community and I think it’s fair to expect people to give back to it, and trying to hide source code doesn’t really do that and removes a great avenue for people to learn new techniques and methods. I have learned a lot from dissecting some of the fantastic scripts that people have released over the years and hope that I can help other people in the same way down the line. Also sometimes a script will do 95% of what I want it to do and being able to modify it to fit within my current pipeline is valuable, and it’s frustrating when it’s a .pyc and I can’t easily do that.
If maintaining credit for your scripts is so important make sure you document their releases/progress. Start a blog and post about your releases/progress. Publish them using git. Besides that, trust the community. Anyone trying to steal your scripts and claim credit is probably a hack and not someone you should think twice about.
If you do not plan to benefit commercially from these tools then its not a good idea.
If by off chance you really have some advanced proprietary solutions then by all means write them as a Python extension in C++.
Otherwise it’s most likely nothing special for anyone to steal in the first place.
I’ve yet to see someone try and pass off MacaroniKazoo’s tools as their own, instead many have benefited from them and used the open source to learn and hone their own craft.
I will chime in again and say the only two instances of pyc file distribution I’ve encountered myself are:
*Ron Bublitz’s Graph Editor Redux but it hampers his availability to 32bit people
*Boutique23s DRM. It is amusing, but they’re so open about it that I don’t mind because they have great rigs. But if I really wanted to, I could reverse it and distribute it easily.
In both cases, it’s really just a deterrent and easily circumvented.
in any case, it’s about protecting your idea and not about protecting your code. Document your code on blogs etc, any thieves will not get far.
Going on the thievery route, if they have the pyc, they can still distribute it and take credit for it in a reel (video).
Plus if you remove the identifiers in the pyc, how can you still prove it’s yours? Unless you’re planning on writing a lot of annoying pop ups. In which case, don’t.
Besides, based of your posts so far in this forum, you are still very new to python and aren’t generating anything that is worth stealing yet. In fact you are learning from the open source nature of python and this forum, so to turn around and then hamper that is just weird.
Also about your note on using help(function) , yes that works but only assuming you write good documentation which is a skill in itself. It also requires the user to both load a python interpreter and load the module. It also only shows docstrings and not commenting inside the function. What if you have an error in your script that freaks out on a particular system? I can’t edit it and need to waste your time now to fix it…but if it was a py file, I could fix it and both parties’d be happier
if you are looking for community cred and working your professional reputation, delivering source is better. you’ll get better feedback and free bug fixes from your users if you let them see the source code. serious open source projects take a lot of time and energy, so stick to sharing bits and pieces for the short term until you have a project that is big enough and important enough to you that you are 100% sure you’ll be able to give it the support it needs – otherwise you might end up with disgruntled people complaining about bug fixes that never come instead of adoring fans.
for end-users who don’t know or care how your stuff works under the hood, pyc is handy because i removes a source of potential problems. I distribute to my artist users as a zip file of pic - it’s slightly faster and a smaller download, but most importantly I don’t have to worry that an old pyc left around on a users disk will cause mysterious bugs – or disguise my screw ups, like importing a module that I’ve supposedly deleted.
However as I said this is not distribution for my peers, it’s for people who only want the tools and dont care about the innards.
oh, and it’s much more likely you will get good feedback and happy users if you do both good code commenting ( for the techies) and good end-user documentation. nowadays I’d always opt for wiki based documentation, since it encourages users to correct and update your docs – which, sadly, are usually a little behind unless you are very conscientious . use the python module to launch links for your users …if you’re worried about Chinese firewalls and such you could zip up a bunc of HTML pages, but I suspect it overkill until you have a bunch of users to worry about.
as for obfuscation - don’t bother unless you are selling something for a living. and even then, I’d wait and figure out of piracy is a real problem.
sorry about the capital letters. iPad.
First of all, you guys leave me with no words, I feel honored to have reply from experienced people on board , really tech-artist is a great community… Thanks you Dhruv, Capper ShadowM8, and Theodox. I will take you guys advice. Yes I am new to python just few months, I am taking so keen interest in getting to know python better that I never gave it to C or C++ or Java… I did spent some time with Java played with JMF.
I would too want to jump into the class of TDs, but I don’t know which company in India will hire a fresher to work even junior to a TD who is switching from Compositing(not that I don’t like compositng). Since I am learning of mostly from Communities/tuts/ or books (Yes really helps) and not attending any institute or boot camp(since ther isn’t any nearby).
There are several different types of TDs btw with different expectancies on a junior. Some are just pure grunt work.
I was lucky enough to be hired straight out of school as an AnimationSupport/AnimationLayout TD at RnH where I do do quite a fair bit of scripting. I have no CS training or experience and am completely self taught, as are a lot of people surprisingly in this industry. Arguably it’s one of the largest VFX studios, so yes, studios will hire people straight out school into more advanced roles as well.
which school did you went?
I went to Vancouver Film School. Great school but nothing I do at work was taught to me there. The things I am thankful for are the friends I made, the social skills I developed and the ability to handle stress
Good luck for the future my friend!!!
for FREE software: source code all the way please. I just hate compiled stuff because of:
- tools shows great potential for automation but I cannot change the code…
- tool has a small bug that I could fix myself but I cannot change the code…
- the author has given up on CG and now lives as hobo in Thailand and there’s no way to reach him…
- I could recompile your tool for <insert updated DCC package version> but I don’t have the source…
I just don’t see the reason to “protect” free tools by not handing out the source. Maybe there’s this “some day later I make it commercial and get awesomely rich!” thought some people have, but really, how often did that happen? Or “I keep the source so I can prove I’m the author”… but how often do you need to do that? I just can’t come up with a sound reason to not just hand over the source for free tools. Especially for 3D tools which can end up in an integrated pipeline, not handing our sources is just releasing a crippled product.
I am totally settled with distributing the source code of free tools but I don’t know about others. we are surrounded by mean e aters…
I just came across this post and since it references my tools I thought I would chime in. Yes, I only distribute compiled code. This is because I HAVE been burned in the past where my code has been stolen. The first instance is someone took it, published it in a book and even when I showed it to the publisher, they didn’t care. Actually he offered to have me write my own book - which I didn’t.
Second, someone I used to work with, took my code, made a commercial product out of it and let a very well known online animation school use it. I’ve tried to contact them about this but no one has ever responded back to me.
So yes, you do have to be careful.
This is a really interesting thread.
It seems handing out source files is great for smaller projects, something you could do yourself but wont have to if you stumble across the code online. But for projects that take a substantial amount of time, a decision has to be made by the developer to either produce it for free distribution, in which case .py files apply, or to keep sources hidden to prevent stealing.
In my experience, studios produce code that is “released” internally as open-source even though they run the risk of freelancers taking parts or all of it home with them as they leave. So really the prominent area in which protecting your code is important seems to be as an outside developer wanting to distibute his or her projects, either commercially or for free, without providing the ability to extend upon the work (aside from providing plug-in characteristics).
Producing your code as compiled c++ seems quite far-fetched though. What if the proprietary part isn’t in performance-critical miniscule parts of your code, but rather in the organizational hierarchy in which it has been built, such as an API? Would all of the API have to be written in another language to avoid open sources?
Perhaps python simply isn’s designed to hide its sources, I don’t know. It’s an interesting question, how would you protect your code without obfuscating development?
The basic answer is that python is not the right platform to use if you really care about secrecy. It’s a very open language and the culture is very oriented around sharing.
If you really wanted to you could run files through an obfuscator (eg: https://github.com/astrand/pyobfuscate) and then distribute it as pyc. That would require a substantial amount of effort to decompile and modify – it would still be possible but it’s probably more work than the average maya tools pirate would care to invest.
If you are selling your stuff and your business model is ‘I sell files’ then it matters a lot. On the other hand you could pretty switch to something like a subscription model where the tools call home for validation and updates. If you go that route you catch people at the authentication stage. Even that won’t stop a determined pirate – it only takes one joker who thinks he has a right to your work to undo any kind of protection you employ anyway. The best defense is to make it hard enough to stop the casual thieves and offer good service (customization, support, etc) so people want to pay.
Actually, the most important issue is your reputation. In both of my cases I contacted the companies where these 2 worked, had a conversation with their supes. In one case they no longer work there. I’ve made a point of sharing the names of these two within my circle of contacts and they know to look out for the creeps if they want jobs wherever my contacts are. Like I said, you have to be very careful if you want to steal other peoples’ stuff.
@cgjedi: imo, what they did is not cool, but what you did less cool.