Someone said hackers used modulescript. I don’t know the id but when they executed the modulescript would’ve copied the whole game and placed the copy of the game in hackers desktop.
That’s irrelevant and unsubstantiated. Even then, it doesn’t matter whether the code execution is facilitated through a ModuleScript or a code injection or whatever. ModuleScripts are just LuaSourceContainers meant to execute code on require. The point is the code, not the physical instance.
No. It cannot copy objects placed in ServerStorage or ServerSciptService. Are you actually listening to any of the other developers on this thread explaining to you what the client can, and can’t access?
It is one of those. That’s it. Nothing else. You are going off-topic talking about stealing games, I suggest you raise a new thread to ask a different question.
To answer your original question yes, exploiters can view source code in modules even if they are not required. You should change your framework if this is an issue.
If you are unsure of what can be seen by Server and Client you can simply “Start Test Server” and observe the explorer you will know exactly what is accessible by whom.
Very informative thread, have a read and it should cure your concerns.
My advice is let go of what ever is exposed to the Client, you aren’t in control of the security, Roblox is and I doubt that they would do something about.