It should be, in the same way it’s possible to get image urls.
There’s nothing to actually stop people publishing closed source games as things are.
There are actually a handful of Arduboy games that are closed source (or ‘source available’ rather than open source).
Most are games that have bypassed the forums and just been published on Twitter, but there’s also that recent Starfox-like game (I asked about source code at least twice and got no reply) and Circuit Dude (‘source available’).
Ultimately all we can do is encourage people to publish and licence their source code and (if you’re hardcore) refuse to play games that are closed source.
I think we’ve got enough of a culture of source-sharing that we don’t have to worry too much.
Pretty much all of our biggest contributors publish their source code, so most people will follow the example.
No, but if someone wants help with their code we will just tell them “we can’t help if we don’t know what the code looks like”.
When they don’t get help, they’ll either publish their source code or stop asking for help.
This is also why I was considering source file uploads.
As @Jean-Charles_Lebeau said,
.zip files are a lot easier to shove viruses into.
.zip can contain literally anything, which sort of defeats the point of a whitelist in the first place.
Practically anything that could happen from a
.hex uploaded to the forum could already happen from a
.hex uploaded to GitHub or Pastebin.
.hex is found to be problematic then the same thing would happen as has happened in the past (anyone else remember the fidget spinner incident?) the offending
.hex would be removed and an announcement would be made informing people of what has happened and offering assistance for anyone affected.
Hopefully something like that could never happen for newer Arduboys because they should all have their protection fuses set (though I wouldn’t be surprised if the odd batch sneaks through).