this post was submitted on 27 Mar 2025
28 points (100.0% liked)

Programming

19290 readers
158 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
28
Make my application extendable by "mods"? (sopuli.xyz)
submitted 5 days ago* (last edited 5 days ago) by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Examples of what I mean by modding:

  • minecraft mods: add some jar file into your mod folder
  • skyrim mods: add some .esp file into your mod folder
  • luanti: put some folder with .lua files and config into your .minetest/mods folder

Mods are basically "turing-complete" and can add different types of computation to your application, while integrating with the (GUI) system.

How to design a program that allow for modding?

With interpreted programming languages like python or lua, you can load code as strings at runtime … but is it done that way for these languages (that would be really bad for security)?

eval("print('mod loading ...')")

So roughly how I imagine modding in python to work, a demo in the python repl …

>>> items = {}
>>> newmod = """
... {"name": "holy-mod-sword", "value": 10, "do-damage": lambda x: x.firedamage(1000)}
... """
# loading the mod
>>> items["holy-mod-sword"] = eval(newmod)
>>> items
{'holy-mod-sword': {'name': 'holy-mod-sword', 'value': 10, 'do-damage': <function <lambda> at 0x7f8c710a9d00>}}

is it done that way or similar?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 5 days ago

Eval is bad for security boundaries and the string based approach is a pain to develop and maintain. An alternative that is equally bad for security but better for development would be dynamic imports using importlib.

If you want to support custom scripts while enforcing security boundaries, you could use an embeddable interpreter like lua, or create your own.