-
Notifications
You must be signed in to change notification settings - Fork 249
NuGet Account Deletion Workflow (deprecated)
Today there is no self-service option for a user to delete his/her NuGet account. Even if we do get a genuine request to delete an account, we don’t have a clean way to do it since that would result in orphaned packages.
Tracking Issue - Please comment on the issue for any questions/suggestions/criticism/praise that you may have for this feature.
Any person or entity which has registered and has a nuget.org account.
The volume of account deletion requests is showing an upward trend. We have received 5 requests in the past 60 days. Also, to comply with privacy guidelines we must allow the user to delete all personally identifiable information (PII) including their account.
- The username for the ghost account will be "Deleted User"
- Clicking on contact owner on a package that has been re-parented under the ghost account will take the user to the Contact Us page
We will update the contact us page with details around Deleted user contact. i.e. the NuGet team will only respond to copyright license issues and we do not support individual packages.
- Usernames of all deleted account must be stored. They must be stored in a way that does not allow us to retrieve them directly (similar to passwords) but does allow us to block someone from creating new accounts with the same username.
- During new account creation, a check must be added to de-duplicate against usernames of deleted accounts.
As a matter of policy, we will commit to a 60 day time-frame to complete the operation i.e. brokering transfer of ownership of packages at risk of being orphaned, removing association from packages, re-parenting the packages, and deleting the account. Our privacy policy will be updated to stipulate the same.
- What about the information contained in the nuspec inside the package?
- Legal - From the legal side, since we already say that any personal information that you put into the package will be public information, I do not think we have to change the privacy statement in that aspect
Tracking Issue - Please comment on the issue for any questions/suggestions/criticism/praise that you may have for this feature.
Check out the proposals in the accepted & proposed folders on the repository, and active PRs for proposals being discussed today.