Comments (1)
Excellent points.
I think I can create github issue templates to make this process a little bit easier. As for the specifics of the contents of the bug report (peers, and pubkeys), I'll have to mull this over. Looking for the community's thoughts on the following:
I don't have an expert understanding of what compromising data may be contained in the "peers" key (which is a key/value pair of the gun.root.opt.peers variable). While I haven't seen any identifiable data (WAN IP addresses or the like) in my local tests of this feature, this concern is still probably valid. If I included a checkbox to include/exclude that section from the bug report, would that be adequate (I can default to exclude it)?
Public keys are another issue. I understand not wanting to directly associate your public key to your github account. But I have limited options for dumping data that may be necessary to debug gun-specific problems. I'm open to suggestions about how to submit this data, if and when it becomes necessary for diagnosing problems. Off the top of my head, replacing instances of pubkeys with placeholder text may be an option, though a diligent stalker with enough time and resources could match the content of these records to your public key. I could limit the contents to something like metadata (just the update times for each field in the graph). I could also strongly recommend that users attempt to reproduce the bug using a new account. As with the peers key, would it suffice to make it optional to bundle this data with the bug report?
At the very least I need log messages, which for the time being, contain paths to specific nodes which may be problematic. This may also leak possibly sensitive information. I'm blanking on a way to gather useful data about the state of the database where someone may say "Item X didn't show up on my (User Q's) machine when User Y added it on their machine". De-identification of these data poses an interesting challenge.
In the mean time, and until these specific issues are addressed, I will add warnings about the disclosure of potentially personally identifiable information in the contents of the bug report JSON. I should also include clarification about how to submit these files, if not publicly as a github issue, then to me personally.
from ouronote.
Related Issues (20)
- Open Source License Review - Why AGPLv3? HOT 2
- Make repository friendly for contributions.
- Improved image export HOT 1
- Basic image export HOT 1
- Allow users to select licenses for their vectors HOT 2
- Eyedropper Tool HOT 2
- pen smoothing HOT 1
- selected items z-order HOT 1
- Selected items properties HOT 2
- Improved copy selected items
- User creation form needs feedback, validation & error messages HOT 2
- Clone selected items HOT 1
- Rotate selected items HOT 1
- Resize selected items HOT 1
- Color swatch HOT 1
- Text areas HOT 2
- Raster image support
- Support ALT-Text on view link?
- Feature: Scale pen stroke width with zoom level HOT 3
- Bug: Offline mode fails in so many ways
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ouronote.