Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Sébastien Luttringer
On Sun, 2017-03-05 at 14:35 +0100, Lukas Fleischer wrote: > *** To me, - It make sense to have AUR RPC searchable for username;- Information are already public, so the question is more about a proper api interface vs crawling.- Solution should be available for every registered users, not only for

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Allan McRae
On 05/03/17 23:35, Lukas Fleischer wrote: > Hi, > > I was recently contacted by a Polish researcher asking for a list of AUR > account names. Please share this data. It looks like this person is doing genuine research into networks within open-source software communities. Providing easy access

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Bartłomiej Piotrowski
On 2017-03-05 14:35, Lukas Fleischer wrote: > As I already said on IRC, I do not consider username as private data. If someone is afraid of connecting his activity on AUR with GitHub (or any other service), they shouldn't use the same username in the first place. Especially given how easily the

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Lukas Fleischer
On Tue, 07 Mar 2017 at 09:23:47, Gaetan Bisson wrote: > [2017-03-07 09:05:28 +0100] Lukas Fleischer: > > If we *really* think that we need to keep user names secret, I think we > > should take down the whole AUR website because we already share this > > information everywhere without explicitly

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Gaetan Bisson
[2017-03-07 09:05:28 +0100] Lukas Fleischer: > If we *really* think that we need to keep user names secret, I think we > should take down the whole AUR website because we already share this > information everywhere without explicitly telling our users we do so. Or > at least censor the user names

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-07 Thread Lukas Fleischer
On Sun, 05 Mar 2017 at 22:54:07, Gaetan Bisson wrote: > [2017-03-05 14:35:05 +0100] Lukas Fleischer: > > My original questions was: Are we fine with sharing the list of AUR > > accounts names (only user names, no real names or email addresses) with > > a researcher that seems trustworthy and

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Gaetan Bisson
Dave, You appeared to have inserted some text in the middle of Lukas' message with no indication whatsoever which paragraphs are yours and which are his. I'm sure GMail can tell them apart but for those of us who use run-of-the-mill emails could you find a way to fix this behavior? I'm attaching

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Dave Reisner
On Sun, Mar 5, 2017 at 10:34 AM, Lukas Fleischer wrote: > On Sun, 05 Mar 2017 at 19:11:33, Dave Reisner wrote: > > As long as we publish a list of all available packages, it doesn't matter > > if we comply with this request -- the information is already obtainable > >

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Gaetan Bisson
[2017-03-05 14:35:05 +0100] Lukas Fleischer: > My original questions was: Are we fine with sharing the list of AUR > accounts names (only user names, no real names or email addresses) with > a researcher that seems trustworthy and agrees to not share the data in > any form other than the resulting

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Lukas Fleischer
On Sun, 05 Mar 2017 at 19:11:33, Dave Reisner wrote: > As long as we publish a list of all available packages, it doesn't matter > if we comply with this request -- the information is already obtainable > through RPC requests. Could you elaborate, please? I do not see how this information is

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Lukas Fleischer
On Sun, 05 Mar 2017 at 18:40:36, Thorsten Töpper wrote: > As stated in IRC I'm against handing out user data (including nick > names) to a 3rd party. Personally due to mentioned privacy stuff, but > also the legal problems we may run into as we don't have a ToS. So > under these circumstances I

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Dave Reisner
On Mar 5, 2017 8:35 AM, "Lukas Fleischer" wrote: Hi, I was recently contacted by a Polish researcher asking for a list of AUR account names. I did not expect this to be controversial but a couple of Trusted Users raised concerns on IRC, so I decided to move this to the

Re: [arch-dev-public] AUR ToS (aka making AUR user names public)

2017-03-05 Thread Thorsten Töpper
On Sun, 05 Mar 2017 14:35:05 +0100 Lukas Fleischer wrote: > Hi, > > I was recently contacted by a Polish researcher asking for a list of > AUR account names. I did not expect this to be controversial but a > couple of Trusted Users raised concerns on IRC, so I decided