The game’s main framework is a module nested within many folders. This module is required by other modules to access the framework: local main = require(game:GetService("ReplicatedStorage").Folder1.Folder2.Folder3.Folder4.MainFramework)
To reduce indexing, I place a separate module under ReplicatedStorage directly which the modules can require instead to retrieve the framework: local main = require(game:GetService("ReplicatedStorage").Main):Get()
To reduce this further, I’m thinking of parenting this module to the DataModel: local main = require(game.Main):Get()
This doesn’t seem to be an issue to parent stuff to the game itself (talking mainly out of experience), yet it doesn’t look so clean. the only place scripts are safe from what so ever is in the ServerScriptService (or objects in ServerStorage), parenting it anywhere else people such as exploiters can get them. I’d just say it doesn’t look clean to parent it to the game itself.
If you don’t want, for example, an exploiters to get the module, don’t put it outside ServerScriptService
The module is only requiring the framework, so this is not an issue. They could just as easily access the same framework located under ReplicatedStorage. The server scripts/modules and respectively located under ServerScriptService and ServerScriptStorage.
It should be safe to put instances within the DataModel granted that the server is the one to do that.
There is some issues however if you’re planning to use cloud edit (aka Team Create). When you create an instance in the DataModel directly via cloud edit, those changes do not replicate to all other connected users.
However, that issue aside, putting instances in the DataModel directly behaves the same as it would if it was workspace, ReplicatedStorage, etc.
Of course, for security reasons, you’d want all server side code to be stored within ServerScriptService.