The last straw happened this evening. Reviews are coming this weekend! Help plan them here.
The basics: unreviewed scripts CAN be installed by logged in users only... On the rails side I'll catch the request and send a 403 FORBIDDEN if the user isn't logged in.
Why? Because people are uploading scripts *cough* scrap all *cough* whose only purpose on the site appears to be a hosting service for them. They then use the userscripts as a component of a bookmarklet.
So - what does this mean?
Every script needs reviewed before it is public. If you are logged in you can see/install everything...
So, why has it taken this long? Well, the question I have is: Who determines if a script is acceptable? I neither can nor want to review hundreds of scripts a week. Obviously when a script is updated the changes will need to be accepted before they are public.
Are the reviewers a selection of a bunch of trustworthy users?
Do we make it so anyone can, but certain users have more weight (eg, the more karma you have the more your vote counts)? And add a delay between upload and acceptance if only "weak" users have rated it... giving time (a day?) for other users to see it and vote to reject?
I wrote this in utter frustration. After you comments and emails we implemented hiding of scripts with "dirty words" - see Hotlinking of Unlisted Scripts.
You could comment on this post if you were logged in.