Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

always use .test TLD for email domain names #483

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

always use .test TLD for email domain names #483

wants to merge 1 commit into from

Conversation

armadillojim
Copy link

Hello! Thank you for the wonderful testing library.

I have a domain name that uses my last name, and I frequently get test emails from developers' staging environments. This is endlessly annoying to me, and it potentially exposes companies' internal data when testing.

When I alert companies to this, they often thank me for telling them, but they are often clueless as to how such a thing happened. However, last month GitLab sent me a test email, and I when I alerted them, they were kind enough to ask their engineering team for the cause. It turns out they use ffaker to generate fake email addresses to test with. I can only imagine that many other companies do the same.

Would you be willing to change ffaker so that fake email addresses always use the .test TLD? Perhaps throw in .example and .local if you want variety.

I've created a PR here with one possible fix. I'm open to suggestions and feedback, and am willing to change my proposal.

@Volosh1n
Copy link
Contributor

Volosh1n commented Apr 25, 2021
edited

Hi @armadillojim! Thank you for this suggestion and sorry to hear that you got annoyed by those emails, but there are two things I'd like to say:

  1. There is a FFaker::Internet.safe_email, which always generates emails with @example.com
  2. Staging envs should have email intercepting or something like MailCatcher to avoid such trouble. Not to be rude to those projects, who don't understand this, but anyway...

@armadillojim
Copy link
Author

Thanks!

I agree the use of the library ultimately is the responsibility of the developer. However, I feel that the library should be set up in such a way that by default it doesn't encourage harmful behavior.

What about adding a parameter to domain_name so that by default it adds .test? That way, any developer who wants to can easily turn it off (and generate potentially valid email addresses), but a hapless developer who doesn't know better will be protected.

@Volosh1n
Copy link
Contributor

Volosh1n commented Apr 25, 2021
edited

Yes, I agree, but I believe such approach would be dublication of purpose of FFaker::Internet.safe_email, which would be meaningless if common email generation creates non-existent emails.
image

@armadillojim
Copy link
Author

Ok, thanks!

What about renaming safe_email as email, and renaming email as unsafe_email?

@Volosh1n
Copy link
Contributor

Volosh1n commented Apr 25, 2021
edited

Hard to tell if it's ok for those people. who already use these methods... We should create warnings for them for the next version about method name deprecation, and then rename methods for the following versions. Not a huge fun of such things. @marocchino, what do you think?

@marocchino
Copy link
Member

marocchino commented May 1, 2021
edited

@Volosh1n 🤔 How about support rails like config file? Version 2 was released six years ago, so it seems like the major release time has come.

@Volosh1n
Copy link
Contributor

Volosh1n commented May 1, 2021

@marocchino sounds good, if there are plenty of things to be updated!

@marocchino
Copy link
Member

@Volosh1n I opened discuss for it. #486 any feedback is welcomed. 😉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@armadillojim @Volosh1n @marocchino