Just wanted to say a huge thankyou for being so patient in the forum; it's quite annoying that the comment section is a more a function of the title + personal opinions than a function of the blog content.
I love using obsidian, and thanks so much for all the work that you and the team have put in :)
For what it's worth - and I know I'm being very critical of the plugin security model here - I also think Obsidian is very good, and am a paying customer.
Part of my frustration with this is that I've seen hobbyist video games with a more robust plugin security model than Obsidian's plugins. It's possible to do better than just "yolo, eval(github)", and I feel like it would thoroughly improve Obsidian for me, and apparently many others (judging by all these comments), if Obsidian invested in creating a secure plugin ecosystem rather than putting lipstick on the existing yolo plugin vortex.
Just because Obsidian is in JS, and JS has a terrible culture around package security, doesn't mean Obsidian needs to inherit and propagate that culture.
As I wrote, yes, a permission system is planned. But 1. we cannot oversimplify the problem of getting from here to there, 2. permissions are not a panacea. If you look at the scorecards for a few plugins you'll immediately see issues that a permission system wouldn't catch.
Millions of people depend on thousands of Obsidian plugins. We cannot just flip a switch and break everyone's workflows overnight. It will be a gradual process. We're working on it, and I hope you'll at least concede that this is better than nothing.
Just wanted to say a huge thankyou for being so patient in the forum; it's quite annoying that the comment section is a more a function of the title + personal opinions than a function of the blog content.
I love using obsidian, and thanks so much for all the work that you and the team have put in :)
Thank you! It means a lot <3
For what it's worth - and I know I'm being very critical of the plugin security model here - I also think Obsidian is very good, and am a paying customer.
Part of my frustration with this is that I've seen hobbyist video games with a more robust plugin security model than Obsidian's plugins. It's possible to do better than just "yolo, eval(github)", and I feel like it would thoroughly improve Obsidian for me, and apparently many others (judging by all these comments), if Obsidian invested in creating a secure plugin ecosystem rather than putting lipstick on the existing yolo plugin vortex.
Just because Obsidian is in JS, and JS has a terrible culture around package security, doesn't mean Obsidian needs to inherit and propagate that culture.
I have indeed read the blog post. Can you point out which part of my post is inaccurate? It is certainly possible I misunderstood something.
Surely you're not about to claim that asking plugins to "disclose" what resources they use is in any way comparable to sandboxing and permissions.
As I wrote, yes, a permission system is planned. But 1. we cannot oversimplify the problem of getting from here to there, 2. permissions are not a panacea. If you look at the scorecards for a few plugins you'll immediately see issues that a permission system wouldn't catch.
Millions of people depend on thousands of Obsidian plugins. We cannot just flip a switch and break everyone's workflows overnight. It will be a gradual process. We're working on it, and I hope you'll at least concede that this is better than nothing.