docs: web plugin v2.0.0 product brief #233

Open

k9ert wants to merge 1 commit from kn/web-plugin-v2-product-brief into main

pull from: kn/web-plugin-v2-product-brief

merge into: ultanio:main

ultanio:main

ultanio:fix/filedrop-error-handling

ultanio:feat/communication-events

ultanio:feature/telegram-lurker

ultanio:docs/prd-plugin-dependency-tree

ultanio:feature/interaction-ledger-merged

ultanio:fix/headless-mode

ultanio:feature/dockerization

ultanio:fix/filedrop-malformed-json

ultanio:docs/product-brief

ultanio:docs/prd

ultanio:docs/bmad-brownfield-scan

ultanio:release/v0.2.0

ultanio:feat/176-workspace-location

ultanio:fix/174-exec-cwd

ultanio:fix/deploy-v2

ultanio:test/init-integration

ultanio:fix/deploy-command

ultanio:fix/graceful-plugin-discovery

ultanio:feat/trust-plugin

ultanio:fix/identity-and-wake

ultanio:fix/forgejo-ci-workflow

ultanio:fix/test-alpha-script

ultanio:fix/filedrop-reply-to-sender

ultanio:fix/filedrop-reply-logging

ultanio:feature/openai-compat

ultanio:fix/99-telegram-pairing-passthrough

ultanio:fix/deploy-chown

ultanio:chore/retrigger-deploy-2

ultanio:fix/retrigger-deploy

ultanio:feat/integration-tests

ultanio:feat/deploy-workspace-context

ultanio:fix/alpha-deploy-bugs

ultanio:fix/deploy-known-hosts

ultanio:fix/deploy-workflow-v2

ultanio:test/deploy-ci-verification

ultanio:fix/deploy-workflow-simplify

ultanio:fix/trigger-deploy-test

ultanio:fix/add-deploy-script

ultanio:fix/deploy-runner-label

ultanio:fix/deploy-debug

ultanio:fix/deploy-host-fingerprint

ultanio:feature/auto-deploy

ultanio:fix-97

ultanio:story-109

ultanio:fix/97-run-sync-typo

ultanio:story-108

ultanio:story-107

ultanio:story-106

ultanio:story-105

ultanio:story-103

ultanio:feat/colored-logs

ultanio:story-80

ultanio:fix/antipattern-cleanup

ultanio:story-75

ultanio:story-69

ultanio:story-70

ultanio:story-62

ultanio:story-61

ultanio:story-60

ultanio:feature/scheduled-execution

ultanio:feature/knowledge-plugin

ultanio:k9ert-patch-4

ultanio:k9ert-patch-3

ultanio:k9ert-patch-2

ultanio:k9ert-patch-1

Conversation 1 Commits 1 Files changed 1 +215

k9ert commented 2026-03-08 22:41:09 +00:00

Owner

Copy link

Summary

• BMad-driven product brief for web plugin v2.0.0 and new plugin introspection plugin
• Five Web*Provider interfaces (panels, pages, routes, assets, WebSocket) — composition over monolith
• Two-tier contribution model: panels = data-driven (~10 lines), pages = handler-driven (full control)
• New plugin plugin separates introspection logic from web server, contributes plugin browser
• Cookie-based token auth, Pico CSS + HTMX + Starlette stack retained
• MVP: three priority interfaces, plugin browser with search/filter, 5+ reference implementations

Next steps

• PRD (/bmad-bmm-create-prd)
• Architecture (/bmad-bmm-create-architecture)
• Epics & stories (/bmad-bmm-create-epics-and-stories)

🤖 Generated with Claude Code

## Summary - BMad-driven product brief for web plugin v2.0.0 and new `plugin` introspection plugin - Five `Web*Provider` interfaces (panels, pages, routes, assets, WebSocket) — composition over monolith - Two-tier contribution model: panels = data-driven (~10 lines), pages = handler-driven (full control) - New `plugin` plugin separates introspection logic from web server, contributes plugin browser - Cookie-based token auth, Pico CSS + HTMX + Starlette stack retained - MVP: three priority interfaces, plugin browser with search/filter, 5+ reference implementations ## Next steps - [ ] PRD (`/bmad-bmm-create-prd`) - [ ] Architecture (`/bmad-bmm-create-architecture`) - [ ] Epics & stories (`/bmad-bmm-create-epics-and-stories`) 🤖 Generated with [Claude Code](https://claude.com/claude-code)

k9ert added 1 commit 2026-03-08 22:41:09 +00:00

docs: web plugin v2.0.0 product brief ... 81256de162

BMad-driven product brief for web plugin v2 and new plugin
introspection plugin. Five Web*Provider interfaces, two-tier
contribution model, plugin browser, token auth.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

doxios commented 2026-03-09 05:30:38 +00:00

Collaborator

Copy link

🦊 PR Review — docs: web plugin v2.0.0 product brief

Scope: Documentation only (new file: docs/decisions/web-plugin-v2/product-brief.md)
Checks: Skipped (docs-only)

---

Verdict: 🟢 Approve

This is a thorough, well-structured product brief that aligns with Cobot's plugin architecture principles. The five Web*Provider interfaces follow the established ToolProvider pattern, and the separation of the plugin plugin from the web plugin respects Principle 3 (adding a plugin never requires editing another).

🟢 Good

• Follows established patterns: The Web*Provider interfaces mirror ToolProvider and use all_with_capability() discovery — exactly how the plugin system is designed to work
• Principle 3 compliance: Explicitly addresses that PR #48 violated this principle by using direct method calls, and the new design fixes that
• Two-tier contribution model: Panels (~10 lines, data-driven) vs pages (handler-driven, full control) is a smart gradient that lowers the barrier for simple use cases
• Clear MVP scope: Good discipline on what's in vs out — WebAssetProvider and WebSocketProvider deferred, settings read-only
• Risk awareness: Auth token leakage, circular dependency, interface lock-in all called out with mitigations
• BMad frontmatter: Steps tracked, input documents referenced

🟡 Minor

• plugin plugin naming: The name plugin for a plugin is self-referential and could be confusing in code (from cobot.plugins.plugin import PluginPlugin?). Consider introspection or registry-browser as alternatives. Not blocking — just worth discussing before implementation.
• Settings persistence deferred: Makes sense for MVP, but the brief doesn't mention how plugin settings schemas would be declared (just that they exist). A brief note on the expected schema format would help implementers.
• No mention of existing tests: The brief references "all existing tests pass" as success criteria but doesn't mention whether the current web plugin has meaningful test coverage to preserve.

Summary

Solid product brief. The architecture aligns with the plugin design guide, the scope is well-bounded, and the user personas are concrete. Ready to merge as a decision document.

---

Reviewed by Doxios 🦊 (automated PR review)

## 🦊 PR Review — docs: web plugin v2.0.0 product brief **Scope:** Documentation only (new file: `docs/decisions/web-plugin-v2/product-brief.md`) **Checks:** Skipped (docs-only) --- ### Verdict: 🟢 Approve This is a thorough, well-structured product brief that aligns with Cobot's plugin architecture principles. The five `Web*Provider` interfaces follow the established `ToolProvider` pattern, and the separation of the `plugin` plugin from the web plugin respects Principle 3 (adding a plugin never requires editing another). ### 🟢 Good - **Follows established patterns:** The `Web*Provider` interfaces mirror `ToolProvider` and use `all_with_capability()` discovery — exactly how the plugin system is designed to work - **Principle 3 compliance:** Explicitly addresses that PR #48 violated this principle by using direct method calls, and the new design fixes that - **Two-tier contribution model:** Panels (~10 lines, data-driven) vs pages (handler-driven, full control) is a smart gradient that lowers the barrier for simple use cases - **Clear MVP scope:** Good discipline on what's in vs out — `WebAssetProvider` and `WebSocketProvider` deferred, settings read-only - **Risk awareness:** Auth token leakage, circular dependency, interface lock-in all called out with mitigations - **BMad frontmatter:** Steps tracked, input documents referenced ### 🟡 Minor - **`plugin` plugin naming:** The name `plugin` for a plugin is self-referential and could be confusing in code (`from cobot.plugins.plugin import PluginPlugin`?). Consider `introspection` or `registry-browser` as alternatives. Not blocking — just worth discussing before implementation. - **Settings persistence deferred:** Makes sense for MVP, but the brief doesn't mention how plugin settings schemas would be declared (just that they exist). A brief note on the expected schema format would help implementers. - **No mention of existing tests:** The brief references "all existing tests pass" as success criteria but doesn't mention whether the current web plugin has meaningful test coverage to preserve. ### Summary Solid product brief. The architecture aligns with the plugin design guide, the scope is well-bounded, and the user personas are concrete. Ready to merge as a decision document. --- *Reviewed by Doxios 🦊 (automated PR review)*

doxios added the

Kind/Documentation

Priority

Medium

Scope/Cross-Plugin

labels 2026-03-09 05:30:48 +00:00

All checks were successful

Hide all checks

CI / lint (pull_request) Successful in 11s

Details

CI / test (3.11) (pull_request) Successful in 24s

Details

CI / test (3.12) (pull_request) Successful in 25s

Details

CI / test (3.13) (pull_request) Successful in 24s

Details

E2E Tests / e2e (pull_request) Successful in 15s

Details

CI / build (pull_request) Successful in 7s

Details

This pull request doesn't have enough approvals yet. 0 of 1 approvals granted.

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin kn/web-plugin-v2-product-brief:kn/web-plugin-v2-product-brief

git switch kn/web-plugin-v2-product-brief

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

Compat/Breaking

Breaking change that won't be backward compatible

  

Kind/Bug

Something is not working

  

Kind/Competitor

Anything we found interesting at competitory

  

Kind/Documentation

Documentation changes

  

Kind/Enhancement

Improve existing functionality

  

Kind/Epic

Business requirement — groups related stories

  

Kind/Feature

New functionality

  

Kind/Security

This is security issue

  

Kind/Story

Implementable unit with AC — results in a PR

  

Kind/Testing

Issue or pull request related to testing

  

Priority

Critical

The priority is critical

  

Priority

High

The priority is high

  

Priority

Low

The priority is low

  

Priority

Medium

The priority is medium

  

Reviewed

Confirmed

Issue has been confirmed

  

Reviewed

Duplicate

This issue or pull request already exists

  

Reviewed

Invalid

Invalid issue

  

Reviewed

Won't Fix

This issue won't be fixed

  

Scope/Core

Changes to core non-plugin code (CLI, config loading, etc.).

  

Scope/Cross-Plugin

Touches multiple existing plugins. Needs extra scrutiny, may require a PRD.

  

Scope/Plugin-System

Changes to plugin infrastructure (base.py, registry.py, interfaces.py, __init__.py, agent.py plugin dispatch). PRD required before merge.

  

Scope/Single-Plugin

Changes contained to one plugin (or adds one new plugin). Standard review.

  

Status

Abandoned

Somebody has started to work on this but abandoned work

  

Status

Blocked

Something is blocking this issue or pull request

  

Status

Need More Info

Feedback is required to reproduce issue or to continue work

No labels

Compat/Breaking

Kind/Bug

Kind/Competitor

Kind/Documentation

Kind/Enhancement

Kind/Epic

Kind/Feature

Kind/Security

Kind/Story

Kind/Testing

Priority

Critical

Priority

High

Priority

Low

Priority

Medium

Reviewed

Confirmed

Reviewed

Duplicate

Reviewed

Invalid

Reviewed

Won't Fix

Scope/Core

Scope/Cross-Plugin

Scope/Plugin-System

Scope/Single-Plugin

Status

Abandoned

Status

Blocked

Status

Need More Info

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

ultanio/cobot!233

No description provided.