Examples of what I mean by modding:
- minecraft mods: add some jar file into your mod folder
- skyrim mods: add some .esp file into your mod folder
- luanti: put some folder with .lua files and config into your .minetest/mods folder
Mods are basically “turing-complete” and can add different types of computation to your application, while integrating with the (GUI) system.
How to design a program that allow for modding?
With interpreted programming languages like python or lua, you can load code as strings at runtime … but is it done that way for these languages (that would be really bad for security)?
eval("print('mod loading ...')")
So roughly how I imagine modding in python to work, a demo in the python repl …
>>> items = {}
>>> newmod = """
... {"name": "holy-mod-sword", "value": 10, "do-damage": lambda x: x.firedamage(1000)}
... """
# loading the mod
>>> items["holy-mod-sword"] = eval(newmod)
>>> items
{'holy-mod-sword': {'name': 'holy-mod-sword', 'value': 10, 'do-damage': <function <lambda> at 0x7f8c710a9d00>}}
is it done that way or similar?
For your
holy-mod-sword
example specifically, the better approach is to specify a structured data format (think Excel sheets) that your game loads from a specific directory at startup and inserts the found items, NPCs etc. into the game’s runtime data structures (e.g. loot tables).For example, Skyrim (and other Bethesda games) do this with .esp-files, which allow you to import a big variety of different game entities. In a small indie game, the format doesn’t have to be anything special; e.g. Elin modders use plain .xlsx files, where the columns are item name, item weight, item sell value, item damage, etc.
The above approach works for static data, such as simple items, but you’ll need more to allow modders to write Turing complete scripts. There are two different approaches to this:
eval
is, though you’ll need to hide builtins, globals and such by passing extra parameters). These approaches are theoretically safe thanks to the runtime sandbox, but there are often unintended ways to escape the sandbox and execute arbitrary code.TIL about BepInEx thanks! I will have to learn more about DLL injection.
I think we all know how this ends in practice … Gamers review all their mods code before playing