Hey stqmts+5ehe03cek0yy8, > I hope it's not relevant here that the package maintainer of visidata in debian is also the upstream author, and this phoning home provides upstream with some sort of revenue stream, and this is why this bug hasn't been dealt with yet...
The creator of VisiData goes into great depth here about his decision to enable motd by default: https://github.com/saulpw/visidata/issues/913 The privacy page is here: https://www.visidata.org/privacy/. In particular: VisiData fetches the list of startup messages with a single HTTP GET. The first time each day that VisiData is used, it downloads a single small file. This access is also logged by the website. This network request can be turned off by adding options.motd_url=None to your ~/.visidatarc. This daily count of users is what keeps us working on the project, because otherwise we have feel like we are coding into a void. There are some extremely dedicated users who talk to us about how much they love the project, and engage with us, but by-and-large we only found out people were using it when they were unhappy with something. Knowing that there is a steady increase of people using it, motivates me to fix bugs in my evenings after a full day at my day-job. > In my case, visidata was phoning home while working on GDPR data... You don't have to worry! Your GDPR data is perfectly safe. You can look at the code, it is all open source: https://github.com/saulpw/visidata/blob/develop/visidata/motd.py. It just does an HTTP Get. The process to get a package accepted into Debian was brutal. The user @geekscrapy is extremely privacy conscious, and he did tell us that he made the choice to turn motd off, but otherwise has not voiced to us any concerns. He hangs out in the VisiData discord, if you wanted to chat any further about your concern: bluebird.sh/chat. Also, in case this matters to you, we wrote about any occurrences of swap files here: https://github.com/saulpw/visidata/issues/140. I read that you are also concerned about any behind the scenes revenue. VisiData has no revenue stream. Saul, as a creator, has a github sponsors: https://github.com/sponsors/saulpw and a patreon: https://www.patreon.com/saulpw/posts. People sponsor if they want to support his work, and no other reason. Examples of something that patreon money has supported is paying a web developer to build a better-looking website for VisiData. On Tue, 25 Jul 2023 at 08:03, <stqmts+5ehe03cek0yy8@cs.email> wrote: > Package: visidata > Version: 2.11-1 > Followup-For: Bug #1001647 > > This bug still exists in the version of visidata released with debian > bookworm. > > Debian users do not expect software provided through debian to be phoning > home for reasons unrelated to the function of the software. In my case, > visidata was phoning home while working on GDPR data... > > Normally, package maintainers in debian patch out this functionality > before releasing the software to users. Please do so. > > I hope it's not relevant here that the package maintainer of visidata in > debian is also the upstream author, and this phoning home provides upstream > with some sort of revenue stream, and this is why this bug hasn't been > dealt with yet... > > -- System Information: > Debian Release: 12.1 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, > 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 6.1.0-10-amd64 (SMP w/1 CPU thread; PREEMPT) > Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages visidata depends on: > ii python3 3.11.2-1+b1 > ii python3-dateutil 2.8.2-2 > ii python3-importlib-metadata 4.12.0-1 > > visidata recommends no packages. > > visidata suggests no packages. > > -- no debconf information >
