Board Thread:General Discussion/@comment-25523075-20150727172451/@comment-24473195-20150727205048

Cqm wrote: For those who are confused, the reason dev wiki is currently locked is because someone vandalised a number of scripts in a particularly malicious way. Honestly, this has been a problem waiting to happen for a while with no obvious solution in the short term, hence the protection. There are many possible counter-measures. Like requiring certain number of posts before submitting edits to .js pages. Or using wikipedia's edit approval/draft before going live. But the easiest is possibly only allowing the code-editor group to submit new edits and everyone else uses a sandbox until they are ready for the big leagues. The current approach is so bad that someone can easily mistakingly post bad code.

At least modules are so hard to implement that any spammer trying it will likely waste their time because currently we don't even have a clue as to whether they are being used externally.

Anyway, there aren't that many active scripters there anyway, so it isn't particularly hard to add the proficient ones to the code-editor group. Another approach would be using peer reviews for every script before going live or a white-list.