if the user installs the plugin by double clicking on the downloaded .ccx file, , is it possible, before completing the installation, verify that the user A) is logged in the Adobe Creative Cloud B) does he have a valid PS license?
If it’s a paid plugin and user is connected to internet, CCD checks if user has purchased it. If not, installation is stopped. If user is offline on the other hand, I believe even CCD check is bypassed and plugin can be installed without paying I reported this a while ago, but never got any response
If plugin is free, I think there’s no check at all. So probably the same if plugin is not on the Marketplace - you can install it freely
I was contacted several times and asked to share the CCX file, because users could not install using CCD. When I asked why, they couldn’t explain clearly. I just said no, because I’m pretty sure they were using cracked Ps or something like that. IMO you shouldn’t worry about such actors, who’re not willing to pay for the services, unless you distribute your plugin yourself and they can write some reviews without actually installing it
I think users can bypass checks using command-line (UPIA)
however I wouldn’t worry too much about it, since it’s pretty much in the hands of Adobe to check for genuine/compatible products.
one solution might be implementing your own license check but not sure if it gets approved for the market.
I have a plugin that I bought a while back called “Animator” that was updated recently from CEP to UXP and its developers publishes a CCX and provide instructions on how “Activate” it using graphicriver’s license key.
not perfect but it’s a bit safer if you plan on publishing on your own
Looks like you’ve gotten answers on the Valid PS license side of things.
From my experience, you must have a Creative Cloud account in order to install a ccx plugin, even through command line. In my thread here multiple people are blocked from installing a ccx due to “not being signed in” even though we are signed in, so it definitely checks for that.
This is definitely not the case. It’s relatively easy to install any .ccx-based UXP plugin without using the Creative Cloud app. I’ve written Adobe about this backdoor and have not heard back. Worse yet, one of my customers claims to have contacted Adobe tech support for help installing my plugin on a licensed version of Ps (so the person had the CC app but it wasn’t working to install the .ccx file), and tech support showed them the backdoor installation method. IMO, this is Adobe doing self-harm. Anyone with a cracked version of Ps could use this method and Adobe is showing them how to do it. One of the benefits Adobe has over other image-editing apps is the support for extensions, and forcing installation through the CC app is the perfect way to insure only licensed users could install extensions. But it seems Adobe has created (or at least tolerates) a backdoor installation method for UXP panels, which means pirated version of Ps can also easily install pirated versions of UXP plugins. It’s actually much worse than this if you stop and think about it, but discussions of additional consequences probably should not happen on a public forum.
Our experiences couldn’t be more different! But I digress. Its apparent my team is experiencing a doozy of a bug.
The situation you describe sounds bad for people who want to make money from using the plugin marketplace, which is still very much an important concern. If plugin developers can’t reliably make money from the marketplace, there may be less quality content on it, which might eventually impact Adobe. But I personally think the freedom to install .ccx files should be the priority. It would make development of in-house tools for creative studios way better, and who cares if a cracked PS user installs some free plugins?
Adobe should instead add a library or system that you can implement in plugins that does one of the verification systems talked about in this thread. That way fancy in-house tools could be password protected (or not), and paid plugins can ensure a transaction.
@Zob and others, pardon the naive question : “pirated versions of UXP plugins”… This means that either or both of the following cases is somehow possible A) to open and read/modify a ccx file B) to read an https authorization request (user/password check) sent via internet to the private plugin license checker ?