search

Yellow-Dog-Man / Resonite-Issues

Issue repository for Resonite.
https://resonite.com
140 stars 2 forks source link

Request: Somewhere to privately upload logs #3137

Open Lixquid opened 2 weeks ago

Lixquid commented 2 weeks ago

Is your feature request related to a problem? Please describe.

When I was about to upload a bug report, I saw that logs are mandatory for any reports. Makes sense I thought, so I decided to have a quick scroll through the log of the session I did to reproduce the problem.

It turns out that the log contains some information I'd prefer not to be permanently attached to my GitHub account including my real full name (visible in file paths), IP Address (which is static and very hard to change), and the identity of the account that "owns" the local space (the first account using the machine, not really an issue to leak for me but I can imagine some people wouldn't want to reveal this).

As a developer myself I fully agree that logs are vital diagnostic tools, and attempting to sanitize or redact them is painful since you never know what some people wouldn't want to be revealed, and it's something you then have to consider every time you introduce more logging information. Additionally, as platform developers you cannot control what information mods or other third party software may introduce into the log stream, which can still reveal information.

Describe the solution you'd like

I'd like for an extremely simple web-service that allows users to submit logs (and possible other files that might be prudent) that are then only visible to them, and Resonite platform developers.

Ideally, using GItHub OAuth as an identification mechanism, since GitHub accounts are already mandatory to post issues.

Describe alternatives you've considered

An option I considered was encrypting the log and then attempting to privately send the decryption key to a developer, but I believed this would be annoying to manage on a large scale, since encryption keys would need to be matched to the files they're decrypting and also shared between developers through other channels.

Additional Context

No response

Requesters

Lixquid, TW1STaL1CKY, ModernBalloonie

mpmxyz commented 4 days ago

An alternative could be to avoid having personal data in the logs. This has its own complexity. Since I have similar problems as the requester I have created a small tool to remove the most obvious offenders from the log file and replace it with pseudonyms: https://github.com/mpmxyz/ResoniteLogCleaner If there are any trust issues with the provided executable files you can compile it yourself using Visual Studio or just dotnet publish -r win-x64 --no-restore --configuration "Release" ResoniteLogCleaner.csproj on the command line! (assumes you know how to look at "untrusted" code ;-))