This is for a project on Script Builder.
What are you attempting to achieve?
To be simple: loadstring in a localscript
My end goal is to have a copy-cat script in script builder.
(One that only logs the chat, not cmdbar)
What is the issue?
You can’t loadstring in locals
Other solutions
I could try writing my own module that loadstrings in a server script with a special environment that makes it seem like a localscript, but that could get messy
You could check the :ls command in the Adonis Core as a starting point. That’s the only reference I have.
If you want it spoon-fed to you, which is arguably how I’d want it too, you can push the string to this module:
However, leaving a local loadstring module on the client could allow some lower level exploits to execute code through it.
What is your use case? There should be another way besides arbitrary code execution.
Imma self advertise my interpreter (pretty sure it’s the most true to 5.1 right now).
As for the compiler you’ll still need something to produce the Lua bytecode, for which I suggest you look at the module Adonis uses.
Rerubi interpreter: GitHub - Rerumu/Rerubi: Legacy Lua bytecode interpreter; discontinued in favor of https://github.com/Rerumu/FiOne
Well, if you REALLY want to go overkill, you could use a parser and implement your own semantic actions to do what the code would have done. 
It just so happens that today I got my GLR parser written in Lua, along with the Lua syntax I feed it, accurate enough to parse every script I’ve tried. Sometime next week I should have semantic actions working. (Since it parses epsilon grammars, it sometimes throws in extra productions that add ambiguity and makes developing semantic actions more difficult. I’ll have to fix that first.) You can run the parser by using the ‘make’ command on linux or running main.lua.
If the reason you want to run scripts on the client rather than the server, then I have a much, much better solution for you than the one above. You could use my RBXLua Sandbox. This little beast of a script, once required at the top of the file, is difficult to escape! Note that scripts in it could still call remote functions and use _G/shared, but whatever code it written in the script is protected. This means you could heavily restrict what the script can do, but still provide an unprotected library in shared for players to access, kind of like kernel/user mode in operating systems. I know of no way to escape the sandbox, and the design of it is simple and elegant enough to easily see that it has a solid theoretical Lua foundation. (I DARE you guys to try and escape it after you include it at the top of your script! But note, it is so extensive, it will even be hard to tell that you are still inside the sandbox.)
Edit: Oh, you could also using the sandbox catch things like properties being set on or accessed from instances and send those over to a client to run them locally. It would run a bit slower due to latency though.
That’s pretty nice!
I’ma star this for later incase I ever need a good sandbox
I know this was three years ago but I really like your FiOne interpreter for this task, which I’ve recently been modifying myself. Does FiOne work on the client as well, though, or only the server?