Read only public interface

[nijel]

Once we sort out performance issues, the tool should provide public read only interface.

[devenbansod]

Hi @nijel, do we still want users to first 'Login with Github' and then we decide which interface (read-only or current) to show based on whether the user has commit access to phpmyadmin/phpmyadmin repo?

OR let the tool's read-only interface be accessible to everyone without logging in and for editing/updating the reports, the user has to login?

[ibennetch]

Just my two cents, but I'd be a little nervous about providing an anonymous interface that would risk leaking IP addresses, URLs, or user email addresses. Of course, since I'm part of the project team, I can't see what that interface looks like right now, so it might be fine; I'd just be cautious.

[nijel]

The problem I see right now is that we link error reports from GitHub and it's not really possible for non team member to figure out details. That's why I was proposing this. Having this behind GitHub authentication would block it from being indexed by bots, what is probably desirable.

Alternative approach might be to include more information in the GitHub comments, so that going into the report is not necessary, but I'm not sure this is good approach either.

We don't store any IP address or private URLs, unless user enters this into the error message, so there really should not be anything to leak (that was one of intentions when creating error reports, to not store any sensitive data there).

PS: Anyway we should not collect anything what can be considered personal data, otherwise we would be hit by GDPR.

[ibennetch]

Okay, that sounds good to me. Obviously, I couldn't remember what exactly was stored directly, so I probably should have looked before commenting.