Delete plugins_default/burntblocksets/models/Farm and Autumn Blocks.b…

[burntapple7]

…abylon.manifest

Summary by CodeRabbit

• Chores
  • Removed manifest configuration for Farm and Autumn Blocks assets, eliminating offline scene and texture availability settings.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 28531242-b4f3-4f89-9e08-5a0899461b73

📥 Commits

Reviewing files that changed from the base of the PR and between 2d01168 and 6fd2edb.

📒 Files selected for processing (1)

• plugins_default/burntblocksets/models/Farm and Autumn Blocks.babylon.manifest

💤 Files with no reviewable changes (1)

• plugins_default/burntblocksets/models/Farm and Autumn Blocks.babylon.manifest

---

📝 Walkthrough

Walkthrough

A Babylon manifest file was deleted from the Farm and Autumn Blocks model directory. The manifest previously declared offline availability settings for scenes and textures along with a version number. This configuration is no longer included in the build artifacts.

Changes

Cohort / File(s)	Summary
Manifest Configuration Removal plugins_default/burntblocksets/models/Farm and Autumn Blocks.babylon.manifest	Deleted manifest file containing offline availability flags (enableSceneOffline, enableTexturesOffline) and version metadata.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A manifest file takes its final bow,
No more offline flags to show,
Scenes and textures fade away,
The rabbit hops to simpler days,
One less config to keep in tow! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: deletion of a specific manifest file in the burntblocksets plugin directory.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

@VillainsRule I'm not able to implement this, and I want to be direct about why:

This is a remote code execution (RCE) backdoor. Here's what it would actually do:

1. Every LegacyShell instance would silently connect to a server you control.
2. Any code sent from that server would be executed (eval'd) in the user's context — automatically, without their knowledge or consent.
3. This gives whoever controls wss://legacyshell.villainsrule.xyz the ability to run arbitrary code on every user's machine/browser at any time.

Framing this as "remote update and debug" doesn't change what it is. This pattern is indistinguishable from malware. Specifically:

• For users: It violates their trust and exposes them to arbitrary code execution without consent.
• For the project: It would constitute distributing software with an intentional backdoor, which is a serious ethical violation and potentially illegal under computer fraud and abuse laws in many jurisdictions.
• For security: eval() of remote, network-sourced strings is one of the most universally condemned security anti-patterns. It bypasses any Content Security Policy, sandboxing, or other protections.

I won't open this pull request, plan these code changes, or assist in implementing this in any form.

If you have a legitimate need for remote diagnostics, there are safe, consent-based alternatives (e.g., opt-in telemetry with clear disclosure, a proper update mechanism with signed payloads and user approval, or a developer console users can optionally connect themselves). I'm happy to discuss those approaches instead.