Multiple API mods completely stopped working

As of today, several of my API mods have simply stopped working for me. No error message, they just don't do anything, normal troubleshooting steps (restarting API, browser etc.) also change nothing. This includes really major ones like AutoButtons and ChatSetAttr. According to the discord, I'm not the only person with this problem. Is something broken on roll20's end?

There have been unannounced (to my knowledge) breaking changes to the sandbox environment. I've posted an update in the autoButtons thread (which has been totally scuppered by the changes). The two that affected autoButtons are:     - Objects no longer have a constructor. No idea why they've messed with this, but it's probable they've messed with Objects further in ways that autoButtons doesn't use     - the Function constructor causes a silent crash. autoButtons used this to create CustomButton math functions, so those no longer work I'd be very surprised if those are the only two changes - they're just the ones I hunted down trying to find how every version of the script broke at once. autoButtons *should* function with the 0.8.1 fix, but only the built-in buttons.

Well that's just incredibly frustrating. What the heck, roll20?

Yup, this happened yesterday afternoon apparently.

This is why we need the devs to use the Dev server!

This sounds big. Let's hope its a temporary bug and they will fix it - the lack of an announcement suggests that to be the case to me.

Keeper of Secrets (KoS) said: This is why we need the devs to use the Dev server! <a href="https://app.roll20.net/forum/post/10766392/script-autobuttons-automatically-generate-damage-and-healing-buttons-for-your-clicking-pleasure/?pageforid=11318083#post-11318083" rel="nofollow">https://app.roll20.net/forum/post/10766392/script-autobuttons-automatically-generate-damage-and-healing-buttons-for-your-clicking-pleasure/?pageforid=11318083#post-11318083</a> Jeff L. &nbsp;said: Hi Oosh -- sorry about this!&nbsp; We have had to make a change to the sandbox and remove all Object.constructor before script execution, in order to mitigate a security vulnerability.&nbsp; We aren't going to be able to revert this change, but we&nbsp; might&nbsp; be able to provide some alternatives (potentially some access to Standard Lib type stuff, for example); if there's something in that vein that would help, please let me know. It sounds like this change wouldn’t have been put on the Dev server regardless, if it was a security vulnerability that was being mitigated.&nbsp; But I agree that I don’t like doing testing on the Production server. The problem with using the Dev server was that it simply wasn’t convenient. If my production games were automatically duplicated onto Dev without requiring me to do anything else, then I would have probably used it more. But having to port games over and set them up like any other game copy wasn’t worth my time.&nbsp;

Keeper of Secrets (KoS) said: This is why we need the devs to use the Dev server! who the hell uses dev server to begin with. Highly doubt that would have prevented anything. a group of 10 people, who barely uses api in there won't change anything.&nbsp;

Novercalis said: who the hell uses dev server to begin with. No one, pretty soon.