Allow creating Widgets from Plugin [Proposal]

Context (You can skip it)

I’m working on a plugin that stores frames designed in Figma independently, so different, unrelated to each other, people can use and edit them in their own Figma Files.

  1. Designs selected by a user are exported.
  2. If another user needs to edit the designs, it can import them to its own Figma File and save it.
  3. If another user needs to render the designs outside Figma, it can choose them from an Admin Panel

Moreover, designs should have a possibility to implement Widgets, which should be stored and restored as well.

Problem

Widgets can’t be created by Plugins, they can only be cloned.

Which is a problem in my case because exported designs may contain Widgets, which may not be familiar to another user, thus it can’t be imported back.

Proposal

I understand that this is probably for security reasons, but I really want to see this feature and I think I have a nice way to make it possible.

createWidgetById

I propose a new method for PluginAPI, which will be able to create a brand new Widget even if it’s not presented in a Figma File.

It will return the WidgetNode if the creation was successful and null if not.
Something like that

interface PluginAPI {
  ...
  createWidgetById(id: string, syncedState?: Record<string, unknown>): WidgetNode | null
}

Breaking User Intent

I understand that the proposal is breaking a User Intent, however I have some more proposals to address this problem as well.

Request Popup

To make sure that user is aware of Widget creation, a request (or confirmation) popup can be shown to user.

This popup should contain details about Widgets that are going to be created, “allow”, “decline” buttons and “trusted” checkbox to skip subsequent requests.

Referencing

Another way is to provide a new field in manifiest.json for referencing Widgets, which could be specified by a Plugin.
This also could be done under e.g. “Publisher Kit”, so publishers can create “ecosystem” of its own Plugins and Widgets.

Referenced Widgets will be displayed in a Plugin Page and contain a warning that the Plugin may create enlisted Widgets, making sure that user is aware of them.

That is, referenced Widgets could be created by their ids without any security risk and
user intent breaking.

As for Figma Reviewing Team, it is a benefit for them as they will see what widgets are created by a Plugin, which will allow them for more efficient review.

My opinion to Security Risks

My first thought why it’s not already implemented was “Security Risks” and I found another post in the forum with the same explanation. But after studying this question for some time, I think that it might be overblown as all Plugins and Widgets are reviewed by Figma and potentially malicious software is rejected.

Similar posts

I found some other similar posts, so it’s obvious that people are interested in it and it seems to be a good use-case for Figma Plugins-Widgets.