Fix v2.058 compatibility: replace eval/toString with safe wrappers#228
Open
KingIKO wants to merge 5 commits into
Open
Fix v2.058 compatibility: replace eval/toString with safe wrappers#228KingIKO wants to merge 5 commits into
KingIKO wants to merge 5 commits into
Conversation
The three eval(fn.toString().replace(...)) calls at fc_main.js:174-193 broke on Cookie Clicker v2.058 because the re-eval'd functions lost access to closure-scoped variables (inRect, choose, LBeautify, loc, etc.) from the original Game scope, causing ReferenceErrors for minified names like `vn` and `oo`. Fix: replace all three eval/toString patterns with safe alternatives: - Game.UpdateWrinklers: wrapped to tag popups as Wrinkler events - shimmerTypes.golden.popFunc: wrapped to tag popups as GC events - Game.Popup: wrapped to intercept and log tagged popup events - FrozenCookies.safeGainsCalc: calls real Game.CalculateGains() then saves/restores Game.cookiesPs and Game.globalCpsMult Also bumps lastCompatibleVersion to 2.058.
Game.LoadMod generates a dynamic script element ID based on the URL, not the fixed modscript_frozen_cookies that FC looks for. Added a querySelector fallback to find the script tag by its src attribute. Also strip query strings from the src when deriving baseUrl.
logEvent calls Game.Popup when popup=true, which triggers the wrapper again. Pass popup=false since the wrapper already calls the original Game.Popup — the popup still shows, just without re-entering logEvent.
Add PEM and temp files to .gitignore. Rewrite RUN_LOCALLY.md to document the jsDelivr approach (which works with HTTPS) and an optional local HTTPS server via mkcert, replacing the broken HTTP localhost instructions.
In v2.058 Cookie Clicker, Diamond-slot Godzamok automatically grants a
Devastation buff at the start of any click buff (Click Frenzy, Dragonflight,
Cursed Finger). FC's autoGodzamokAction had !Game.hasBuff("Devastation") as
an anti-spam check, which now permanently blocks selling for any user with
Godzamok in the diamond slot — the standard Godzamok build.
Replace the Devastation check with a timestamp-based anti-spam guard
(FrozenCookies._lastGodzamokSell). 12-second cooldown roughly matches the
Devastation buff duration so the original intent is preserved.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fix Cookie Clicker v2.058 compatibility by replacing the fragile
eval(fn.toString().replace(...))pattern with safe function wrappers.Game.UpdateWrinklers,Game.shimmerTypes.golden.popFunc, andGame.Popupare now wrapped rather than rewritten via string replacement. A context-tagging pattern (FrozenCookies._popupContext) lets the Popup wrapper distinguish golden cookie vs wrinkler popups without needing to parse function internals.safeGainsCalceval clone with save/restore: Instead of cloningCalculateGainsvia string manipulation, calls the realGame.CalculateGains(), copies the result, then restores the three mutated globals (cookiesPs,globalCpsMult,recalculateGains).baseUrldetection forGame.LoadModloading:Game.LoadModgenerates script element IDs dynamically (e.g.modscript_https___cdn_...), not the hardcodedmodscript_frozen_cookiesthat FC expected. Added aquerySelector('script[src*=\"frozen_cookies.js\"]')fallback.lastCompatibleVersionto 2.058What was broken
FC used
eval(Game.UpdateWrinklers.toString().replace(...))to inject logging into game functions. This works only when:vn,oofor minified builds, or named variables for unminified)In CC v2.058, both conditions can fail — minified Steam builds use different variable names, and closure-scoped helpers like
inRect,choose,LBeautifybecome undefined when the function is re-evaluated in FC's global scope.Design decisions
FrozenCookies._popupContext(set by the UpdateWrinklers/popFunc wrappers via try/finally) to determine whether a popup is a golden cookie or wrinkler event. This avoids needing to parse popup text.logEvent(..., false)in wrappers: The wrappers passpopup=falsetologEventbecause the originalGame._fc_originalPopupis already called by the wrapper — passingtruewould causelogEventto callGame.Popupagain, creating infinite recursion.Test plan
Game.LoadModon CC v2.058 — no ReferenceErrors for 60+ secondsFiles changed
frozen_cookies.jsbaseUrldetection forGame.LoadModfc_main.jssafeGainsCalc.gitignoreRUN_LOCALLY.md