On Tue, 07 Mar 2017 at 09:23:47, Gaetan Bisson wrote:
[2017-03-07 09:05:28 +0100] Lukas Fleischer:
If we *really* think that we need to keep user names secret, I think we should take down the whole AUR website because we already share this information everywhere without explicitly telling our users we do so. Or at least censor the user names on every single page they appear on which would be a lot of work.
Intent matters a lot in court. It's not just pure logic arguments. There's a big difference between showing the usernames of package maintainers, or comment posters, as users would expect, and plainly giving the whole list out to a third party --- as they wouldn't expect.
As I already mentioned in my initial email (below the part you quoted in your first reply), my idea was to make the list of user names obtainable via the RPC interface, similar to the GitHub API for user names [1]. If you skipped that part, please read the complete email. The basic idea is that user names are public anyway, so it makes sense to provide a sane interface for retrieving them. Regards, Lukas [1] https://developer.github.com/v3/users/