Comment by Paul-E
3 days ago
Obsidian seems like a perfect candidate for a WASM/WASI based plugin system that would properly sandbox plugin code.
3 days ago
Obsidian seems like a perfect candidate for a WASM/WASI based plugin system that would properly sandbox plugin code.
For at least the vast majority, yes definitely. I'm fine with full bypasses existing (say a webgl thing, or web previews, custom VCS integration, there are tons of legitimate reasons to escape a sandbox), but they should be an abnormality with heavy warnings and proportionate community attention to watch for issues, not the only option.
I don't think they meant it this way, but I honestly consider unsafe official plugin systems to be negligent to the point of being actively malicious. By releasing one, if you ever become successful you have explicitly chosen to screw over an unknown number of your users to save yourself a relatively small amount of work in the short term. It might be single digit users, or it might be septuple digit users - is it really worth it?
(Unsafe unofficial plugins, like most games? Mildly unfortunate but I think that's fine. Though a healthy modding community around your stuff should be a VERY STRONG sign that you should introduce a safe version to protect your users, if it won't cause you to implode (it definitely can)).
Has WASM/WASI DOM-access? When I last read about the architecture, there was a strict separation between WASM, Javascript and the app, but also a movement to allow UI-customization from WASM-space. Many Obsidian-plugins are adding heavy UI-changes, so without that, it would be kinda pointless.
Not generally / as many would hope, but that's partly because both WASM and WASI are not targeting being a full javascript-in-browser replacement - they're lower level, larger APIs are built on top, not defined by them. It's fairly easy to build an unsafe and unstable DOM access layer (a little bit of eval or string key accessers), but the web changes rapidly and isn't a stable target - exposing that in a stricter environment is tricky, and no one approach is likely to solve all needs.