Skip to content

Plugin API

Sea Lantern plugins run on Lua. Plugins access host capabilities through the global sl namespace.

Detailed API definitions, parameters, return values, and limits are maintained in the main repository under docs/plugin/.

Note

Plugins in this document mean Sea Lantern Lua plugins. They are not Minecraft server Bukkit / Spigot / Paper plugin files. Minecraft server plugin file management is a separate module.

Runtime Model

  • The plugin runtime creates a global sl table.
  • Plugin capabilities are controlled by permissions declared in manifest.json.
  • Unauthorized modules return permission errors when called.
  • Plugins run in a restricted Lua environment with only the required standard libraries enabled.
  • sl.i18n is available by default. Other modules require their matching permissions.

API Modules

ModulePermissionDescription
sl.loglogPlugin logging
sl.storagestoragePrivate key-value storage
sl.fsfs.*Sandboxed file system operations
sl.apiapiPlugin API registration and calls
sl.uiui.*UI injection, toast, menus, and component bridge
sl.elementelementPage element queries and actions
sl.serverserverServer information and logs
sl.consoleconsoleConsole commands and status access
sl.systemsystemSystem and app information
sl.httpnetworkRestricted HTTP requests
sl.processprocess.*Execute declared programs inside the plugin directory
sl.pluginsplugins.*Access other plugin resources
sl.i18nnoneInternationalization API

Basic Usage

lua
sl.log.info("plugin loaded")

local locale = sl.i18n.getLocale()
local title = sl.i18n.t("common.app_name")

sl.storage.set("enabled", true)
local enabled = sl.storage.get("enabled")

local servers = sl.server.list()
sl.console.send("server-id", "say Hello")

File System

The file system API is isolated by scope:

lua
local text = sl.fs.read("data", "config.txt")
sl.fs.write("data", "output.txt", "Hello")

Supported scopes:

ScopeDescription
dataPrivate plugin data directory
serverCurrent server directory
globalGlobal shared directory

Permissions:

PermissionDescription
fs.<scope>.readRead files
fs.<scope>.writeWrite files
fs.<scope>.listList directories
fs.<scope>.metaQuery file metadata
fs.<scope>.deleteDelete files
fs.<scope>.transferMove, copy, and rename

The legacy fs permission is normalized to fs.data.

Process Permissions

PermissionDescription
execute_programFull process capability
process.execExecute programs
process.inspectInspect background processes
process.output.readRead process output
process.killKill processes

sl.process.exec() requires the program path to be declared in manifest.json under programs. The program and working directory must stay inside the plugin directory.

Safety Limits

  • The file system rejects absolute paths, path escapes, symbolic links, and reparse points.
  • Virtual paths do not expose real host paths.
  • Delete operations do not recursively remove non-empty directories.
  • HTTP only supports http and https, and blocks localhost and private network addresses.
  • HTTP requests do not follow redirects automatically, and response bodies have size limits.
  • Console commands are checked against runtime state and safety rules.
  • Storage is intended for small structured data.

UI and Element APIs

sl.ui registers UI behavior with the host, including:

  • HTML / CSS injection;
  • toast notifications;
  • sidebars;
  • context menus;
  • component bridge.

sl.element queries and operates on existing page elements.

Component bridge features require extra permissions:

  • ui.component.read
  • ui.component.write
  • ui.component.proxy
  • ui.component.create

Internationalization

Plugins can read host translations and register plugin-specific translations:

lua
sl.i18n.registerLocale("en-US", "English")
sl.i18n.addTranslations("en-US", {
  title = "Example Plugin"
})

Plugin translations are stored under the plugins.<plugin_id>.* namespace.

Trusted Plugins

The current Trusted plugin mechanism includes:

  • manual review;
  • bundled trusted catalog;
  • package hash verification;
  • permission ceiling checks;
  • authorization when enabling.

This is not a full digital signature system.

High-risk permissions include:

  • execute_program
  • plugin_folder_access
  • plugins.write
  • ui.component.proxy

Plugins using these permissions require extra review and user confirmation.

Development Locations

ContentPath
Plugin API docsdocs/plugin/*.md
Lua runtimebackend/tauri-host/src/plugins/runtime/
Trust rulesbackend/plugin-trust/
Command implementationbackend/tauri-host/src/commands/plugins/
Frontend APIfrontend/src/api/plugin.ts

When changing plugin APIs, check the runtime implementation, frontend wrapper, command registration, and documentation together. Plugin UI, permission behavior, and data formats are compatibility surfaces.

Released under the GPL-3.0 License