Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@quenty/loader

Package Overview
Dependencies
Maintainers
1
Versions
152
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@quenty/loader

A simple module loader for Roblox

Source
npmnpm
Version
10.9.2
Version published
Weekly downloads
2.7K
96.85%
Maintainers
1
Weekly downloads
 
Created
Source

Loader

Documentation status Discord Build and release status

A simple module loader for Roblox

Installation

npm install @quenty/loader --save

Installation with NPM

Install via NPM like this:

npm install @quenty/loader --save

New features and requirements

  • Convert between NPM and Wally format
    • Replicate/build out correct models
    • Preserve single script instance for debugging
    • Create bounces
  • Convert between Wally format and Nevermore original format
  • Understand object values at the NPM level -> Wally format

Bootstrapping

local LoaderUtils = require(ServerScriptService.Modules:FindFirstChild("LoaderUtils", true))
LoaderUtils.toWallyFormat(ServerScriptService.Modules, {
	Client = ReplicatedStorage;
	Shared = ReplicatedStorage;
	Server = ServerScriptService;
})

Algorithm

We assume is a folder is a package if it contains a "dependencies" folder. For a given package folder, all packages underneath it shall have...

  • Access to every other package that is not in the dependencies folder
  • Access to every package in the dependency folder at the 1st level of recursion
  • Access to every package in the dependency folder at each ancestor level at the 1st level of recursion
  • Access to every sibling package (this is because we expect to be installed at a uniform level)

  • A module will be defined by a module script

  • A junction will be defined by a place with a "Dependencies" folder and will have access to its dependency folder, and all ancestors, but not siblings

  • A junction will give all modules underneath it access

  • Modules expect external dependencies to be at script.Parent

  • Modules will be split between client/server/shared based upon their parent

  • Dependencies will be any modules up to the root

  • For conflicts, the first copy available will be used (Start at a tree, go up one node, and look all the way down for a copy)

  • Modules will prefer to be parented directly, at a top level, without a bouncer

    • However, if a requirement is needed at a separate version, the module will be parented to its own folder, and a bounce script will point to it.
    • All required modules that it may need will point back to this module.
  • Discover junctions and
  • If there are no conflicts, then just link the shared modules for the server to consume, and we're done.
  • If there are conflicts, than we need to build 2 trees for each conflict.
    • Identify junction
		A
	B		C
Maid1	Other	Maid2

Keywords

Roblox
Nevermore
Lua

FAQs

Package last updated on 10 Jan 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

Research

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

Socket found 37 malicious PyPI wheels that abuse Python startup hooks to launch a Bun-powered credential stealer tied to Mini Shai-Hulud/Miasma.

By Socket Research Team  -  Jun 07, 2026