Examples of what I mean by modding:
- minecraft mods: add some jar file into your mod folder
- skyrim mods: add some .esp file into your mod folder
- luanti: put some folder with .lua files and config into your .minetest/mods folder
Mods are basically “turing-complete” and can add different types of computation to your application, while integrating with the (GUI) system.
How to design a program that allow for modding?
With interpreted programming languages like python or lua, you can load code as strings at runtime … but is it done that way for these languages (that would be really bad for security)?
eval("print('mod loading ...')")
So roughly how I imagine modding in python to work, a demo in the python repl …
>>> items = {}
>>> newmod = """
... {"name": "holy-mod-sword", "value": 10, "do-damage": lambda x: x.firedamage(1000)}
... """
# loading the mod
>>> items["holy-mod-sword"] = eval(newmod)
>>> items
{'holy-mod-sword': {'name': 'holy-mod-sword', 'value': 10, 'do-damage': <function <lambda> at 0x7f8c710a9d00>}}
is it done that way or similar?
I think as soon as you add mods to your application that can bring their own code with them you have a potential security issue. The most secure approach that I have seen is wasm mods/plugins run in a sandbox.