83 lines
6.1 KiB
Markdown
83 lines
6.1 KiB
Markdown
---
|
|
title: "Plugin platform roadmap"
|
|
state: "active"
|
|
created_at: "2026-06-19T13:18:58Z"
|
|
updated_at: "2026-06-19T13:18:58Z"
|
|
linked_tickets: ["00001KV5R5V2S", "00001KV5W3PHA", "00001KV5W3PHW", "00001KV5W3PJ3", "00001KVFD3YSV", "00001KVFDX9AF", "00001KVFDX9AY", "00001KVG0HR96"]
|
|
---
|
|
|
|
## Goal
|
|
|
|
Build Yoi's Plugin platform as a coherent extension system: packages are discovered and inspected safely, enabled explicitly, registered through typed Plugin surfaces, executed in a sandboxed runtime, constrained by Plugin-layer grants, and authored through SDK/templates rather than raw runtime ABI details.
|
|
|
|
The long-term platform goal is not merely to run Wasm. It is to make Plugin packages a durable, inspectable, permissioned, and authorable extension layer for Tools first, then host APIs (`https`, `fs`), and later Service / Ingress surfaces when concrete needs justify them.
|
|
|
|
## Motivation / background
|
|
|
|
The current Plugin foundation is already substantial:
|
|
|
|
- package discovery and explicit enablement resolver;
|
|
- Tool surface registration through the ordinary ToolRegistry/model-visible schema path;
|
|
- minimal sandboxed WASM Tool execution;
|
|
- Plugin permission grant enforcement;
|
|
- follow-up Tickets for read-only inspection CLI, `https`, `fs`, and Component Model migration.
|
|
|
|
The remaining work must be kept as one roadmap because the pieces constrain each other:
|
|
|
|
- Plugin authoring needs an SDK/PDK and examples, not raw pointer/length Wasm ABI hand-coding.
|
|
- `https` and `fs` host APIs must be grant-gated and shaped so they can move cleanly to typed Component Model interfaces.
|
|
- Diagnostics (`yoi plugin list/show`) are needed before the system becomes harder to debug.
|
|
- Component Model adoption should guide new host API design before a custom raw ABI becomes entrenched.
|
|
- Service / Ingress are useful for bridge-style integrations, but should come after Tool runtime, diagnostics, and host API policy are stable.
|
|
|
|
Research of common Wasm extension systems points to the same pattern: mature systems combine a package manifest, explicit capabilities, a sandbox runtime, host-provided capability APIs, language SDK/PDK bindings, templates/examples, inspection/check tooling, and versioned interfaces.
|
|
|
|
## Strategy / design direction
|
|
|
|
- Keep Plugin as a user-facing package/config/runtime layer above lower-level `pod::feature` substrate.
|
|
- `pod::feature` provides contribution/registration substrate.
|
|
- Plugin owns package discovery, enablement, grant policy, runtime selection, authoring UX, and user-facing diagnostics.
|
|
- Preserve authority boundaries.
|
|
- Package discovery is read-only inventory.
|
|
- Package presence never registers a Tool/Hook, executes Wasm, starts a Service, reads files, opens network, or injects context.
|
|
- Explicit enablement and Plugin grants are required before registration/execution/host API use.
|
|
- Tool calls/results continue through ordinary ToolRegistry and Worker history paths.
|
|
- Treat Component Model as the preferred future Plugin runtime shape.
|
|
- New typed Plugin host APIs should be designed in WIT-compatible terms.
|
|
- `runtime.kind = "wasm-component"` should become the preferred runtime once implemented.
|
|
- Current `yoi-plugin-wasm-1` raw core-Wasm ABI remains a compatibility / migration bridge until Component Model execution and authoring are validated.
|
|
- Sequence the platform in usable layers:
|
|
1. Package discovery / explicit enablement / digest-pinned restore. Completed foundation.
|
|
2. Tool surface registration. Completed foundation.
|
|
3. Minimal WASM Tool execution. Completed foundation.
|
|
4. Permission grants. Completed foundation.
|
|
5. Read-only Plugin CLI inspection (`yoi plugin list/show`) for debugging discovery/enablement/grants/runtime metadata.
|
|
6. `https` and `fs` host APIs for Tool Plugins, grant-gated and WIT-compatible.
|
|
7. Component Model runtime migration and authoring model.
|
|
8. Guest SDK/PDK, examples, `check`/`pack`/`new` authoring tooling.
|
|
9. Service / Ingress / WebSocket or inbound HTTP only after Tool + host API foundations are stable.
|
|
- Keep Discord-style bridge goals split into two stages.
|
|
- Outbound Discord/webhook Tool is possible after `https`.
|
|
- Bidirectional Discord bridge requires Service + Ingress + WebSocket or inbound HTTP and host routing policy.
|
|
|
|
## Success criteria / exit conditions
|
|
|
|
- Users can inspect Plugin discovery/enablement/grant/runtime state through a read-only CLI without executing Plugin code.
|
|
- Plugin authors can build a Tool Plugin without writing raw memory/pointer ABI plumbing.
|
|
- Tool Plugins can safely call grant-gated `https` and `fs` host APIs.
|
|
- Component Model support is available or a documented migration path is active, with WIT-compatible host API types and measured packaging/runtime impact.
|
|
- Plugin grants remain authoritative over registration, execution, and host API calls.
|
|
- Plugin diagnostics explain missing package, invalid manifest, digest/version mismatch, missing grant, rejected schema, runtime mismatch, and unsupported host API cases safely.
|
|
- Existing raw core-Wasm Plugin tests either remain passing or have an explicit compatibility/deprecation decision.
|
|
- Documentation covers package format, runtime kinds, Component Model direction, host API authority, authoring SDK/templates, and operational debugging.
|
|
- Service/Ingress work starts only after Tool Plugin + host API + diagnostics foundations are usable.
|
|
|
|
## Decision context
|
|
|
|
- This Objective is roadmap context, not Ticket authority. Implementation still requires reading concrete Ticket bodies, threads, artifacts, and relations.
|
|
- Component Model direction supersedes making Yoi's custom raw ABI the long-term authoring interface, but does not require an immediate flag-day rewrite.
|
|
- `https` / `fs` work should avoid choices that conflict with later WIT typed interfaces.
|
|
- Guest SDK work should either target Component Model directly or keep the raw ABI wrapper clearly transitional.
|
|
- Plugin and MCP remain separate. Component Model adoption for Plugin does not imply MCP server execution, MCP prompt/resource injection, or MCP trust policy changes.
|
|
- Plugin surfaces remain Tool / Hook / Service / Ingress; outbound side effects are Tool metadata and host API grants, not a separate surface.
|