Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@quenty/loader
Advanced tools
A simple module loader for Roblox
npm install @quenty/loader --save
Install via NPM like this:
npm install @quenty/loader --save
And then we need to specifically map this loader
require("MyModuleName")
)require["MyModuleName"]
)_G
or shared
to support legacy require systems so you can do _G.Modules["MyModuleName"]
Using Nevermore is really simple. You can either keep the name Nevermore, or customize components here.
Using this loader does not require the large amount of libraries associated with it.
Put this script, and all of its children in ReplicatedStorage.Nevermore (or your preferred parent)
Put a uniquely named module in appropriate parent
ServerScriptService.Modules
and all submodules is loadedUse the module loader
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
local MyModule = require("MyModule")
local MyOtherModule = require(script.MyOtherModule)
You will need to require the module. I use this code to require it. You can rename Nevermore, but all the references to it will need to be renamed.
-- Grab the require from the ModuleScript
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
I know some people have legacy loading systems that use _G
or _shared
. You may easily replace
these systems by storing Nevermore in _G
or _shared
.
_G.myModuleLoader = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
_G.myModuleLoader["MyModule"] -- Loads module
You can then load modules from the default area as such:
You can still load by reference, like Roblox functions
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
require(script.Parent.MyModule)
Loading by name is the main feature.
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
local MyModule = require("MyModule")
You can also load libraries by name. If they aren't there, it will error.
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
local MyModule = require.MyModule
You can also use this syntax if you want
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
local MyModule = require["MyModule"]
By default, modules parented in ServerScriptService.Modules will be loaded.
As long as you load all modules through Nevermore's require() function, even if you don't use the require-by-name function, you will recieve cyclic detection of modules being loaded.
Nevermore contains a special replication model along with its require-by-name system. Modules will are classified as the following types, and behavior changes based upon where you require it
The top parent is the parent passed in with the AddModulesFromParent
You can also add new repositories to Nevermore, to require by name!
You can add modules by parent like this:
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
require:AddModulesFromParent(ReplicatedStorage:WaitForChild("ClientModules"))
Note that until you add this, the loader will error if you try to load these modules! Note that this system follows the replication behavior! So server modules will not be available on the client, and submodules will not be loaded. Also, on the server, client/shared modules will be replicated.
local require = require(game:GetService("ReplicatedStorage"):WaitForChild("Nevermore"))
require:AddModulesFromParent(ReplicatedStorage:WaitForChild("ClientModules"))
FAQs
A simple module loader for Roblox
The npm package @quenty/loader receives a total of 164 weekly downloads. As such, @quenty/loader popularity was classified as not popular.
We found that @quenty/loader demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.