Yes, thats why I named it ->unsafe<- require. I mentioned in the description that it is only meant for local development purposes and should not be used on public servers. I moved that to be the first section.
All used functions (like get_current_modname) are stored as local variables - if this is not safe then core.request_insecure_environment is also not "safe".
All "secure.trusted_mods" modules must be loaded first, if an insecure mod is loaded before that, it could potentially interfere even with core.request_insecure_environment itself and intercept that, too.
So if a mod is listed in secure.trusted_mods is does not need this module to require something. If it is not listed in secure.trusted_mods it can not replace core.get_current_modname before this mod is loaded. This mod explicitly does not use core.get_current_modname() or other functions at runtime (when another mod calls unsafe_require) for exactly the reasons you mentioned. We use the values which were stored in locals at load time.
I changed the settings prefix to be secure.unsafe_require.allowed_for.modname, to prevent mods from changing this setting at runtime.
To summarize, it is in my opinion definitely better to have only one well reviewed mod which only provides a small subset (the require) compared to many modules using request_insecure_environment in an even more dangerous way.
Yes, thats why I named it ->unsafe<- require. I mentioned in the description that it is only meant for local development purposes and should not be used on public servers. I moved that to be the first section.
All used functions (like
get_current_modname) are stored as local variables - if this is not safe then core.request_insecure_environment is also not "safe". All "secure.trusted_mods" modules must be loaded first, if an insecure mod is loaded before that, it could potentially interfere even withcore.request_insecure_environmentitself and intercept that, too.So if a mod is listed in
secure.trusted_modsis does not need this module to require something. If it is not listed insecure.trusted_modsit can not replacecore.get_current_modnamebefore this mod is loaded. This mod explicitly does not usecore.get_current_modname()or other functions at runtime (when another mod callsunsafe_require) for exactly the reasons you mentioned. We use the values which were stored in locals at load time. I changed the settings prefix to besecure.unsafe_require.allowed_for.modname, to prevent mods from changing this setting at runtime.To summarize, it is in my opinion definitely better to have only one well reviewed mod which only provides a small subset (the
require) compared to many modules usingrequest_insecure_environmentin an even more dangerous way.Thank you for your valuable feedback!