ptrthomas
commented
1 year ago @christian-sc23 thank you for this feedback, it will certainly be resolved in the next release.
This commit makes sure to reduce telemetry to bare minimum: https://github.com/karatelabs/karate/commit/ffd5d2163582adbe36a11035c0b6b629a4a57115
We also made the documentation change you suggested: https://github.com/karatelabs/karate/commit/811a9dce61d47648ba9fb22c4c13ff5e07b4f25b
And yes, PostHog has an option to remove all data collected for any given user.
I just opened a generated karate-report html-source file and was pretty astonished to find my system login username in there.
(Karate Version 1.3.1, Windows 11)
https://github.com/karatelabs/karate/blob/master/karate-core/src/main/java/com/intuit/karate/report/karate-posthog.html
Inside karate-core/src/main/java/com/intuit/karate/FileUtils.java, this user name is determined by a java system property:
USER_NAME = System.getProperty("user.name", USER_HOME);For many people (especially in enterprise it environments) this property will contain their full personal name!
The documentation states that this name will not be sent to posthog, correct? (https://github.com/karatelabs/karate/blob/master/karate-core/src/test/resources/analytics.md) So why is it inside the generated html files?
Furthermore this might cause data privacy issues when uploading the reports to a public location (e.g. for an open source project)
There is another github issue related to this topic: https://github.com/karatelabs/karate/issues/2100 but no answer to this question:
My suggestions:
Also note that in some jurisdictions tracking without user consent might be illegal (this includes calling a tracking service with an ip address), so this could cause problems for people publishing the generated html reports.