Security isolation support: Plugin js bundle builder #16303
Labels
enhancement
New value added to drive a business result
Feature:Plugins
Feature:Vega
Vega visualizations
stale
Used to mark issues that were closed for being stale
Team:Core
Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc
Team:Security
Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
To support plugin isolation in an iframe, plugins need a way to get a js code bundle that's independent of the main Kibana js bundle. For example, to support #2873, Vega vis would need a separate bundle that includes just the vega library (see prototype #15014 (comment)). To make this more generic, we could establish this pattern:
The plugin would create an
<iframe sandbox src=index.html>
, and theindex.js
would be the starting point for the bundle building.Ideally,
packag.json
should be separate from the the main one, and have its own set of dependencies, but this might not be feasible with the currentyarn
implementation, forcing all deps to be listed in the mainpackage.json
.The text was updated successfully, but these errors were encountered: