New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
addresses.txt file leaks into search engines #55784
Comments
The python.org postmaster received this email today: -------------------- Kind of sucks that this file 1) exists 2) is indexed by google and 3) my email is in i\t. I found it by googling my email address to see what would come up. http://hg.python.org/pymigr/file/e727de0dfeec/addresses.txt I've asked the website team to see if they can adjust the robots.txt |
Is there a problem with the robots.txt? It already disallows all robots. |
Why should we have this file served on the web itself? Cannot it be on server outside of www ( or any directory which is getting served). I would vote for this. |
The question is not "why", it is "how". This file is part of the scripts used to migrate from svn to hg. These files themselves were maintained in an hg repository (it could have been an svn repository), for obvious practical reasons. And that repository was online since there didn't seem any reason to do otherwise (and, again, it's more practical). We could of course make this repo less visible now (but I think we still need to migrate the peps repo). Georg? |
Sure, the repo can go private if deemed necessary. I still think this is not a big deal anyway. |
Tom Pinckney thinks it's a big deal. I suspect he might be interested |
As I said, I'm not opposed to make the repo private. I don't need to convince anyone. You sound like you're trying to change my opinion here. |
Ok, the repo is now private. |
I interpreted "not a big deal" to mean that having addresses exposed |
Your interpretation was correct indeed. It's an email address we're talking about here, which is necessarily a public bit of information, not a private one like a Social Security or credit card number. Anyway, the repo is now private, so nobody will be able to access any version of the addresses.txt anymore via python.org. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: