-
Notifications
You must be signed in to change notification settings - Fork 10.3k
respect DO_NOT_TRACK env var per consoledonottrack.com #19528
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Hi! Thank you for your contribution! We are happy to add this, however I have couple of questions/comments first:
Thank you! |
This condition is highly ambiguous, we call to unpkg.com to format stack traces in error messages better - is that an non-essential-to-functionality request? |
It sounds like formatting stack traces into error messages is functionality, and isn’t a phone-home for purposes of tracking - it doesn’t seem ambiguous what “to track” means in this context, at least to me. Also, considering that unpkg and gatsby are different entities, and unpkg isn’t providing a tracking service to gatsby, it is pretty plainly not an instance of tracking (either first or third party) but just network-based functionality. |
I will update the PR as requested. Nobody else has adopted it yet because I just had the idea and made the site yesterday; the PRs are all pending. |
@sneak I appreciate what you are doing here. And I see that it's having some difficulty taking off (looking at the other libraries PRs). While I believe we are happy to take this I have an idea that might be more beneficial for you to scale this. Right now to scale this, you need to get this integrated into enough libraries that it becomes common enough for people to carry the torch forward. Submitting PRs to libraries and landing it seems like it might be hard. Another option instead of standardizing on a single env var is to make a script that users can download and it will set global envs for all the libraries. So an idea is basically, on your website you have some curl script which downloads and executes something that just does
The benefits that might occur here is that you will have a central repository and takes zero library buy in from library authors. Feel free to ignore this idea, just thought I would throw it out there! |
I appreciate the suggestion, but then I need to know a full list of packages that have tracking/spyware/telemetry/analytics/usage reporting/whatever and continuously update the package (and users have to continuously update their list of exports in |
Responses:
Not yet, though syncthing seems open to it and homebrew says they'll consider it once some other projects do. The PR to syncthing still needs another couple changes that I haven't had time today to make - this whole idea was cooked up yesterday (and seems to have garnered a lot of support).
I updated the PR, will update again with any linting fixes as required by CI. |
@sneak I absolutely understand. I'm just spit-balling here. It seems like the path of least resistance here is to not require library authors to respect some specific key, even if it is a good idea to do so. The way I see it, users who care about this are going to be more passionate about this than library authors. So if you have a central repository, everyone who is a "supporter" will be a contributor potentially. They'll submit PRs to add some libraries specific env var to the master list, which then everyone gets. You can then have your script compare itself against the upstream master to suggest users to re-run it for updates. I'm merely suggesting these things because I've noticed the other PRs you opened were closed and dismissed. Homebrew/brew#6745, syncthing/syncthing#6158 Again, I commend this idea and just want to see it work out for you! |
as an beginning you can start just with a readme or Better an json file which you can post on your website. Like an awesome list of don't track environment vars or other commands (Google cloud cli) or settings for opt out and a link to the settings page or info page or something. As next step some one can write a utility which consume the json. If a library implemented the option in source the get a big green checkmark on website As I read the comments in other repos for your PR there is an demand for your idea. |
I opened an issue about the idea of an script or list at https://github.com/sneak/consoledonottrack.com/issues/8 - lets continue the discussion there |
Let's please keep this discussion on track: this issue is about a specific proposed change to Gatsby, supported by code, to support DO_NOT_TRACK. |
Hey @sneak! As mentioned before, we would be interested in supporting this flag (in addition to our own) if there was some adoption by major projects already. For now I will close the PR, but as mentioned before - happy to re-open when the standard gets some adoption. |
@pieh what does any other software's actions or lack thereof have to do with Gatsby supporting this flag? It doesn't matter who's first or who's last. If you think it's a good idea, then do it. This is about making it easier for users. |
Because in the vacuum, we would add support for non- |
Here is a project that describes how to opt out of telemetry for various tools: https://github.com/beatcracker/toptout. |
@pieh netdata has adopted this now. Would you please reopen? |
any news on this? |
@pieh ? |
"not interested in being first one" when it comes to user privacy? |
@ibz that's quite a stretch. There is already a flag to turn off tracking if you read the thread and look at the PR changes. |
@TylerBarnes It's not. I did read the whole thread. The reply was clear: "this would make us de facto advocate for this standard". Basically gatsby chooses to not favor a proposed standard that would improve user privacy even though all they had to do was to accept a PR. Bad move. |
The author of the proposed standard deleted (t)his repo at GitHub 🤔 So it is not active anymore |
That's not accurate. Only the jekyll site sources have been removed from GitHub as I no longer use GitHub for source code as Microsoft is an unethical company. |
Not only it is inaccurate, but it is irrelevant. Gatsby rejected the PR only 4 days after it was opened, using "not interested in being first one" as a reason. So user privacy is clearly very low on their priority list. All they had to do was approve a PR that was already there - absolutely zero resources / time investment required on their side. Very bad PR for Gatsby. Yes, pun intended. ;) |
Description
https://consoledonottrack.com
This introduces a check for the
DO_NOT_TRACK
environment variable standard for users to express clear lack of consent to telemetry tracking.