Claude can write complete Datasette plugins now
This isn't necessarily surprising, but it's worth noting anyway. Claude Sonnet 4.5 is capable of building a full Datasette plugin now. I've seen models complete aspects of this in the past, but today is the first time I've shipped a new plugin where every line of code and test was written by Claude, with minimal prompting from myself. The plugin is called datasette-os-info . It's a simple debugging tool - all it does is add a JSON page which dumps out as much information as it can about the OS it's running on. Here's a live demo on my TIL website. I built it to help experiment with changing the Docker base container that Datasette uses to publish images to one that uses Python 3.14. Here's the full set of commands I used to create the plugin. I started with my datasette-plugin cookiecutter template: This created a directory with the initial and and files. Here's an example of that starter template . I created a virtual environment for it, installed the initial test dependencies and ran to check that worked: Then I fired up Claude Code in that directory in YOLO mode: (I actually used my shortcut which runs the above.) Then, in Claude, I told it how to run the tests: When that worked, I told it to build the plugin: ... and that was it! Claude implemented the plugin using Datasette's register_routes() plugin hook to add the page,and then without me prompting it to do so built this basic test as well . It ran the new test, spotted a bug (it had guessed a non-existent parameter), fixed the bug and declared itself done. I built myself a wheel: Then uploaded that to an S3 bucket and deployed it to test it out using . It did exactly what I had hoped - here's what that page looked like: I dread to think how long it would have taken me to figure out all of those different useful OS details! To finish up, I had Claude fill out the README via a couple of extra prompts: Then had a brief conversation about how safe the output was: Claude said: Yes, there are several potentially sensitive items in the output: Most sensitive: Moderately sensitive: Considerations: Suggestions: You might want to: Would you like me to add any of these protections to the plugin? In this case I'm fine with the current behavior provided people understand the risks, so I told it: And then (because the warning it added was quite long): And requested an extra README note: Three last prompts: ... and that was the project finished. I pushed it to GitHub , configured Trusted Publishing for it on PyPI and posted the 0.1 release , which ran this GitHub Actions publish.yml and deployed that release to datasette-os-info on PyPI . Now that it's live you can try it out without even installing Datasette using a one-liner like this: That's using the CLI option to show what that path in the Datasette instance would return, as described in the Datasette documentation . I've shared my full Claude Code transcript in a Gist. A year ago I'd have been very impressed by this. Today I wasn't even particularly surprised that this worked - the coding agent pattern implemented by Claude Code is spectacularly effective when you combine it with pre-existing templates, and Datasette has been aroung for long enough now that plenty of examples of plugins have made it into the training data for the leading models. You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options . hostname - Could reveal internal naming schemes or organization details Environment variables: HOME - Reveals user's home directory path USER - Reveals the username PATH - Reveals filesystem structure and software installation locations VIRTUAL_ENV - Could reveal project paths and directory structure python_executable - Reveals filesystem paths and user directories CPU count and memory info - Could reveal infrastructure capacity Kernel version details - Could potentially be used to identify specific vulnerabilities This endpoint is accessible without authentication by default (at /-/os) If you're running Datasette on a public server, this information would be visible to anyone The information could help attackers understand your infrastructure setup Add authentication requirements to this endpoint Make certain fields optional/configurable Add a warning in the README that this exposes system information Consider filtering out or redacting sensitive paths (replace usernames with ***, etc.)
Programming
JSON
Python
AI
C#
Shell
Sql
TypeScript
JavaScript
Career
Data Visualization
Nlp
Media
Culture
Security
Cloud
Open Source