Launcher Sign in
01 · introduction

Publishing to the Anomaly catalogue

This guide walks you through publishing a mod to mods.anomalylabs.io — the authoritative SCP:SL mod source used by the Anomaly Launcher.

Every release is automatically reviewed for malware and served through a sandboxed install flow. Player reports trigger a deeper review and pull the release from the public catalogue until an admin clears it.

Packaging a release

The default release flow is a guided builder: drop DLLs into the Mods, Plugins, or UserLibs columns, then upload target zips for data folders like UserData. The browser builds the canonical release zip before submitting it for scan.

Advanced users can still upload a prepared zip with files arranged in MelonLoader's standard folder layout. There's no manifest file — file roles are inferred from the top-level folder names. Per-release info (version, target game versions, changelog, dependencies) is set in the upload form.

The upload form gives you a semver helper (Patch / Minor / Major / Manual), a multi-select for target game versions, and a search-as-you-type dependency picker. Before submit you get a live preview of the exact directory tree that will publish. 

my-release.zip
├─ Mods/
│   └─ RoundReports.dll
├─ UserLibs/
│   └─ SharedDep.dll
├─ UserData/
│   └─ RoundReports/
│       └─ config.json
├─ LabApi/
│   └─ plugins/
│       └─ RoundReports.Server.dll
└─ README.md            (optional, kept as project metadata)

Recognized folders

Each top-level folder maps to a deployment target. Anything outside this list is flagged in the preview and stripped from the canonical zip the launcher downloads.
Mods/
client

DLLs MelonLoader auto-loads at startup.

Plugins/
client

Early-load plugins (loaded before mods).

UserLibs/
client

Shared dependencies — dedup-friendly.

UserData/
client

Configs, translations, assets.

LabApi/
server

Server-side LabApi files. Conventional subfolders: plugins/, dependencies/.

Exiled/
server

Server-side Exiled framework files.

ServerData/
server

Server-side data, configs, translations.

Folder names are case-canonicalized — Windows devs zipping mods/ still ship a Linux-server-correct Mods/. Mixing cases in the same upload (Mods/ AND mods/ together) is rejected.
Root files README.md, LICENSE, icon.png, and CHANGELOG.md are accepted by validation but are not installed by the launcher. Anything else at the root is treated as a stray.
In the guided builder, a UserData zip should contain raw paths inside UserData/. For example, Anomaly/Overrides/file.json becomes UserData/Anomaly/Overrides/file.json in the release.

Append vs. Replace

Each upload has an Append toggle (default on). It controls what happens to files from the previous release that aren't in the new zip:

  • Append — prior files carry forward. Ship a hotfix as a zip with just Mods/MyMod.dll and the existing UserLibs/UserData come along automatically.
  • Replace — the new release contains only what's in the zip. Use this to drop a removed dependency or rebuild from scratch.

Files in both the new zip and the prior release are replaced by the new bytes — uploaded files always win.

Review + approval

Each new file goes through automated malware review. Per-file results combine into a per-release state machine:

  • any file MALICIOUS → release REJECTED
  • any file still PENDING → release stays PENDING
  • any file SUSPICIOUS or ERROR → release moves to REVIEW
  • all files CLEAN → release auto-publishes as APPROVED
NOTE

Automated review catches known-bad files. Reports from players trigger additional inspection and instantly de-list the release until an admin clears it.

Dependencies

Pick other mods from the catalogue with the dependency search in the upload form. Each dep gets a semver range (defaults to ^latest). Dependency files appear in the upload preview tagged Dependency but are not bundled into your release — the launcher pulls them as separate packages and resolves them before installing yours.