[arch-dev-public] AUR ToS (aka making AUR user names public)

Lukas Fleischer lfleischer at archlinux.org
Tue Mar 7 08:29:19 UTC 2017

On Tue, 07 Mar 2017 at 09:23:47, Gaetan Bisson wrote:
> [2017-03-07 09:05:28 +0100] Lukas Fleischer:
> > If we *really* think that we need to keep user names secret, I think we
> > should take down the whole AUR website because we already share this
> > information everywhere without explicitly telling our users we do so. Or
> > at least censor the user names on every single page they appear on which
> > would be a lot of work.
> Intent matters a lot in court. It's not just pure logic arguments.
> There's a big difference between showing the usernames of package
> maintainers, or comment posters, as users would expect, and plainly
> giving the whole list out to a third party --- as they wouldn't expect.

As I already mentioned in my initial email (below the part you quoted in
your first reply), my idea was to make the list of user names obtainable
via the RPC interface, similar to the GitHub API for user names [1]. If
you skipped that part, please read the complete email. The basic idea is
that user names are public anyway, so it makes sense to provide a sane
interface for retrieving them.


[1] https://developer.github.com/v3/users/

More information about the arch-dev-public mailing list