These guidelines are set to ensure Powercord's ecosystem stays as awesome as possible, and to avoid malicious plugins, or plugins performing badly. The Powercord Staff will enforce all of these guidelines and take decisions we consider appropriate for plugins not complying with these guidelines, at our sole discretion.
Note: We may decide, depending on the context, to let uncompliant plugins pass. These exceptions will be made at our sole discretion.
- Product: Either a plugin or a theme for Powercord
- Discord API: All remote services hosted by Discord (REST API, Gateway, CDN, Media Proxy, ...)
- End User Data: Any data (username, avatar, messages, ...) posted or otherwise generated by Discord users
- Selfbotting: The automation of any action interacting with the Discord API with a disproportionate amount of manual user interaction. Note that a single user interaction should only trigger one (or depending on the context, a small amount) interaction with the Discord API. You may not perform bulk operations to the Discord API based on a single user input. You also may not perform actions normally impossible for a normal client, such as sending embeds.
Everything you build for Powercord will have to follow those rules.
This includes but is not limited to:
- Any behavior that breaks Discord's ToS (excluding client modding);
- Any behavior that would abuse the Discord API;
- Distributing malicious and/or harmful plugins (malware);
- Distributing plugins which serve to confuse and/or annoy users.
- For example: spoiler-spam, exploit of obscure client behavior.
End User Data of other users must be handled with caution with regards to privacy. For example, logging all deleted messages is prohibited.
Any data processed from Discord API endpoints must be processed the same way as it is by the Discord client UI.
For example, displaying channels that the Discord client would otherwise hide is prohibited.
This also applies to restrictions put in place by Discord on legal or any other serious matters, such as the NSFW age gate.
This is to ensure our users do not get banned from indirect ToS violations, and to avoid abuse.
Your plugin is prohibited from advertising anything on the Discord client.
Powercord provides links to your GitHub account, product repository, and a link to your product's Discord support server if provided.
Degrading the user experience through unnecessary messages or pop-ups shown in-app also falls under this rule.
If your plugin has a backend, this backend is prohibited from storing any user data without explicit permission from the plugin user.
All features that require the collection of user data should be opt-in, and properly reflect data collection via the use_eud
permission.
The use of external APIs may put the user's privacy at risk.
Remote services may keep track of user IPs and more.
If your plugin makes use of a remote service, please specify this with the ext_api
permission.
Fetching arbitrary URLs (e.g. pinging of links posted in chat) must go through a proxy server.
We're not against plugins providing NSFW features, but they should be properly labeled and handled.
If your plugin's main purpose is providing NSFW content, you must specify this through the nsfw
manifest key.
If your plugin's main purpose isn't necessarily providing NSFW content, but your plugin can provide NSFW content, the NSFW features must be disabled by default.
Products that demand a lot of resources degrade the user experience. Slower computers may not be able to run smoothly if your product is using excessive amounts of CPU and/or memory.
If you do need to perform resource-heavy tasks, consider using a web worker.
In the event your plugin breaks with another plugin, we expect you and the other developer to get in touch and figure out a solution to the problem. It's all about friendly cooperation.
If you want to make a plugin that already exists, prefer contributing to the already existing plugin instead of having another plugin with the same purpose.
This is also true for plugins. Your plugin can be very feature rich with thousands of lines of code, or just a few lines. As long as they bring a feature, we'll accept it.
To quote aetheryx,
plugins are like boobs
small, big, it doesn't matter, we love them all
When reviewing plugins, we won't impose any specific code style, license or anything. Your code, your choices. We'll
recommend some good practices (like not mixing "
and '
for example), but won't reject your plugin because of it.
Even if we have full access by being administrators of the organization, we'll never push to a plugin's repo unless we're invited to do so. We'll always prefer forking and making a PR. It's your plugin, and we don't have to push. The only exception to this is an urgent security vulnerability; in the case of a high-risk vulnerability, we may hotfix your plugin to prevent widespread damage to users.