GitHub user Yicong-Huang added a comment to the discussion: Proposal: Add a user feedback option to Texera
Before we say yes to this, I think we should be very careful about the scope. Texera is an Apache open-source project, not a SaaS product with a dedicated support team. In general, an open-source project cannot provide a private ticketing/support service in the same way a commercial SaaS offering can. I have three main concerns: 1. **Privacy and sensitive information.** This is my biggest concern. Through the in-app feedback channel, users may accidentally submit private workflow details, logs, internal URLs, dataset names, credentials, or other sensitive information. As an open-source project, we should avoid collecting and storing such information unless we have a very clear policy around where the data goes, who can access it, how long it is retained, and who is responsible for handling deletion or follow-up requests. 2. **Maintainer bandwidth.** Once we add an in-app feedback or ticketing channel, it is no longer just a UI feature — it effectively becomes a service that someone has to operate. Users may expect maintainers to monitor, triage, respond, and follow up on submitted tickets. That creates an ongoing operational burden for the community. 3. **Open-source community process.** Apache projects generally encourage users to share feedback, bug reports, and feature requests through public community channels, such as GitHub Issues, GitHub Discussions, public Jira, and mailing lists. This keeps the discussion searchable, transparent, and open to contributions from the broader community. A private ticketing channel would go in the opposite direction unless it is limited to clearly sensitive cases, such as security reports. Because of these concerns, I would suggest that we do not frame this as a private ticketing or support system. For regular bugs, feature requests, and usability feedback, we should continue to use public GitHub Issues or Discussions. For security-sensitive reports, we should direct users to the appropriate private security reporting channel. To make user's life easier, **we could provide an in-app UI for submitting feedback and automatically create GitHub issues from those submissions.** However, in that case, we **MUST** make it very clear to users before they submit that the information will be posted publicly. The UI should explicitly warn users not to include credentials, private data, internal URLs, sensitive logs, or other confidential information. If this is for a future SaaS deployment of Texera, that is a different discussion. A SaaS offering could provide its own support channel, privacy policy, retention policy, and operational ownership. But I do not think the open-source project itself should implicitly take on that responsibility. GitHub link: https://github.com/apache/texera/discussions/5759#discussioncomment-17346091 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
