The Future of Obsidian Plugins

Posted by xz18r 20 hours ago

The Future of Obsidian Plugins(obsidian.md)

388 points | 147 commentspage 3

jkcorrea 19 hours ago|

(slightly OT): Has anyone been able to replace Notion with Obsidian in a work/team context?

I find there's just enough missing things around collaboration/permissions/sharing that makes Obsidian a non-starter for work, even for the small team I have. Also seems it just feels a bit more "scary" for non-technical users to onboard onto on than Notion.

And if I can't use it for work, I'm not going to use it personally because I don't want to juggle multiple notetakers.

I imagine Obsidian is way more efficient for sharing context between you and agents and wish I could take advantage of that, but I also need to be sharing that context with my team

dilawar 19 hours ago||

On the same boat here.. I am trying to leave notion for a couple of reasons. And falling Rupee also not helping. But nothing is as easy to use.

I was a big todo.sh fan in college. Then wundrrlist and joplin. Still miss wunderlist. Tried Tiddlywiki too and liked it. You can make all of them work if it's just you. Sharing and collaboration is pain!

Then Notion. It is just perfect. Was very happy to pay for personal plan which is now removed. There is no official client for Linux (thanks Lotion). I was even using it to host my blog. Now downgraded to a free plan. Using wordpress for blogging.

Have tried obsidian and joplin as notion replacement but couldn't make it work. Notion mobile app is not very fast but better than any other options. I am so used to its databases, cross-linking, creating reminders.

Why not bring back the personal plan! It was really affordable.

dtkav 18 hours ago||

There are a handful of plugins that might help. Obsidian sync works well for device sync and the CLI is great for agentic stuff.

For real-time collaboration, some options are:

- Relay

- Peerdraft

- Screen garden

(full disclosure - I am the developer of Relay)

aucisson_masque 13 hours ago||

I think that plugins are an inherent risk, there is a pop up in obsidian warning the user before enabling them, and it's up to the user to agree or not.

In my opinion, what could have been done is kind of like what mozilla does where it will vet some of the most popular extensions, so that you know there is at least some kind of verification on these extension, and let everything else be wild.

I'm not sure that you can use a.i. to defeat a.i., if an ai is able to spot malware in a code, it can just as well hide it (from itself).

kepano 13 hours ago|

The blog post describes this but there are still manual reviews, similar to what you are asking for. We just need to expose that in the UI.

AI is not used in the review process. The system is primarily based on our open source eslint plugin, with additional dependency and malware scanning

https://github.com/obsidianmd/eslint-plugin

dakiol 18 hours ago|

I want to use Obsidian... but I won't as long as it's not open source. I know I can keep all my files as plain text, but that's not enough for me. Using a KB on a daily basis shapes my workflows and having to change that from one day to another (e.g., because maybe Obsidian changes in a way I don't like) is too much for me. I could already handle all my plain txt files using simply the file system, but of course I would prefer a KB program. It's a shame because Obsidian looks great.

senko 18 hours ago||

> I want to use Obsidian... but I won't as long as it's not open source.

Sooo... don't use it?

There are plenty of open source alternatives, and I'm sure someone's going to mention org-mode.

obsidianbases1 18 hours ago|||

Trusted source > open-source

As long as it's trusted, there is no lock-in, and the model supports maintaining the software, what do you have to lose?

presbyterian 18 hours ago|||

"there is no lock-in" is a thing that's said a lot about Obsidian and, as an Obsidian fan, I feel like isn't totally true. Yes, Obsidian just stores markdown files, but it has unique syntaxes, especially if you're using plugins, that aren't transferable. So while I can get my files out, I still have to go through the annoying process of fixing them and getting it working in whatever new system I switch to when I leave. It's still far better than a lot of other proprietary tools, absolutely, but it's also not trivial to drop Obsidian if/when you stop using it

PokerFacowaty 3 hours ago|||

You're right that it's not totally true, because it's not a universal Markdown flavor, but at the same time their additions are well-documented in their docs (they have to be for people to use them), so migration tools can just keep up with that.

joemi 16 hours ago|||

Doesn't seem remotely fair to consider lock-in caused by plugins to be an Obsidian lock-in. If the plugin is storing data in such a way that it's not usable in a tool other than Obsidian, that's 100% the plugin's fault, not Obsidian's no matter which way you look at it.

Also, more generally, any software that has unique features will require "the annoying process of fixing them and getting it working in whatever new system I switch to when I leave", whether it's open source or not. So you're not actually looking for open source, you're just looking for something with perfect feature parity to another program.

sprinkly-dust 18 hours ago||||

There are still free as in freedom software hardliner folks out there. The idea that every piece of revoked source code is an affront to computing rights might be less applicable in Obsidian's case since the files are still portable, and the system may be sufficiently extensible through custom plugins (you can load anything you want through the developer plugins option) that source code itself is not necessary. Though perhaps one might want to re-assure themselves that there is nothing 'malicious' happening in the software, that's only achievable with auditing it oneself and using reproducible builds. Perhaps the freedom to fork is also not as thoroughly infringed since the files are portable and reverse engineering is not impeded.

kid64 15 hours ago||||

In what universe is it trusted? This blog post is an admission that they've been lying to their userbase about their review process for years, with updates receiving no review whatsoever. Enjoy your mass exfiltration.

kepano 14 hours ago||

Huh? The old review process has always been well-documented and occurred via PRs on GitHub completely in the open. It was a known limitation and something that we set out to revamp with the new system.

From the docs:

> The Obsidian team is small and unable to manually review every new release of community plugins. Instead, we rely on the help of the community to identify and report issues with plugins.

https://github.com/obsidianmd/obsidian-help/blob/master/en/E...

kid64 14 hours ago||

I realize you're just doing your job as CEO to shape perceptions here, but this is your best effort? The docs should have correctly stated "we don't review ANY new community plugin release". Hint: This is where you would admit the review process itself was meaningless theater intended to provide a false sense of security to users that trusted you.

kepano 14 hours ago||

That would not have been accurate though.

kid64 12 hours ago||

For those that aren't aware, this is all meant to distract/confuse you in light of this story: https://cyber.netsecops.io/articles/obsidian-plugin-abused-i...

kepano 11 hours ago||

We've been working on the project for nearly a year, so no.

https://github.com/obsidianmd/eslint-plugin/commits/

kid64 10 hours ago||

Just say "I think my users are stupid" and be done with it. The timing of your announcement is obviously not a coincidence. You are genuinely terrible at this.

kepano 10 hours ago||

I certainly feel that I am losing brain cells here :)

kid64 6 hours ago||

https://news.ycombinator.com/item?id=48088576

What, no smiley face in those comments? Maybe a silly shrug would have been appropriate.

doginasuit 17 hours ago|||

I don't think it makes any sense given the history of tech companies to count any of them as a trusted source. Open source doesn't ask for your trust, and it is the only way to get off on the right foot.

kepano 16 hours ago|||

Speaking as someone who spends most of his time making open-source software, open source still requires trust. Almost all Obsidian plugins are open source, yet the reason for this new review system is that people don't have the time or ability to vet every line of code of every piece of software. Open source software is only as reliable as the maintenance infrastructure around it. It makes promises that can't be guaranteed about its dependencies, its maintainers, the formats it uses, etc.

joemi 16 hours ago|||

> Open source doesn't ask for your trust

And yet, I'd wager my life savings that almost no one using open source software actually verifies that it's not malicious in a different way than one would closed source software (ie. reputation), and instead almost everyone just trusts it.

kubb 18 hours ago|||

I know that most people aren’t into nvim, but I really love obsidian.nvim for this.

Beautiful searching and editing experience and all the KM features that I need, all on plain Markdown. I’ve been extremely happy since I set it up.

joeblogsmomma 18 hours ago|||

Unless you have crazy custom files I feel like this is a non issue Obsidian is just rending markdown so any potential future app (or the influx of slop AI markdown editors/renderers) out there could do the job albeit worse than Obsidian.

random3 18 hours ago||

Obsidian doesn't just render markdown though. There's a ton of functionality on top of Markdown which makes switching to any other tool very hard in reality. This is further exacerbated once you start relying on plugins (which arguably is the case with the majority of Obsidian users).

computershit 18 hours ago||

I mean, we're not talking about a hosted service here. Albeit not OSS, the client is free, API stable, fully functional offline, and very extensible. Even if Obsidian the company went away, the latest version of the app would continue to work and you would still own your data.

AlienRobot 17 hours ago||

Just use CherryTree then.