orbot icon indicating copy to clipboard operation
orbot copied to clipboard

Published 20 hours ago verified publisher icon guardianproject

[PRIVACY ISSUE] Weblate publishing email addresses

Open ghost opened this issue 1 year ago • 5 comments

Hello!

Weblate publishes translators' email addresses in the public domain! This can lead to very serious problems for people who have taken on translations of your application. For example, it can lead to mass spam or phishing attacks.

Please take action. If it's impossible to change this behavior, please publish a warning that the email will be publicly visible and a recommendation to use a one-time email or an alias (such as Anonaddy or SimpleLogin)

Here is the proof: IMG_6651

ghost avatar Apr 01 '23 22:04 ghost

How is this different than Github commit history?

commit d29bc980429c1641a4ec332fbdd62ac0edef4cbd (HEAD -> master, origin/master, origin/HEAD) Author: n8fr8 <[email protected]> Date: Fri Apr 7 13:04:55 2023 -0400

I agree there may be more new, less technical users on weblate doing localizations, but given that weblate is meant to work like a shared version control system, including syncing with git, there needs to be some kind of identity associated with a translation.

n8fr8 avatar Apr 07 '23 17:04 n8fr8

Some discussion and options with Weblate:

https://github.com/WeblateOrg/weblate/issues/3105 https://github.com/WeblateOrg/weblate/issues/6508 and https://github.com/WeblateOrg/weblate/issues/8451

will look into what we can do

n8fr8 avatar Apr 07 '23 17:04 n8fr8

Screen Shot 2023-04-07 at 1 15 46 PM

Each user in account settings can change the email that is display publicy on their weblate account.

n8fr8 avatar Apr 07 '23 17:04 n8fr8

Now Weblate allows you to keep your personal information private at End of 2022.

But Weblate will embed your personal information into GitHub when you publish. It needs to be erased on GitHub. Assuming the right of deletion under GDPR, this was not a good approach. Your personal email address will be published on GitHub. GitHub is not controlled by Weblate. Changing Weblate's settings doesn't erase your personal information from GitHub. Need to put a little heavy-handed erasure on GitHub.

We need to delete for every 1 pull request that Weblate sends to GitHub. It would be difficult to erase all the mail dresses all sent over the years.

maboroshin avatar May 26 '23 19:05 maboroshin

I discovered this the hard way today :sweat_smile:

But, there is a useful config var: PRIVATE_COMMIT_EMAIL_OPT_IN = False to default to the noreply commit e-mail

It would be nice to have an even stronger version of that setting that forces the noreply commit e-mail. That would prevent users from shooting themselves in the foot if they change that dropdown not understanding the consequences.

Skyedra avatar Sep 29 '23 11:09 Skyedra