search

ploomber / jupysql

Better SQL in Jupyter. πŸ“Š
https://jupysql.ploomber.io
Apache License 2.0
723 stars 76 forks source link

Telemetry in jupysql is intrusive, violates privacy, and should be optional (opt-in, not opt-out) #1027

Closed hlapp closed 2 months ago

hlapp commented 2 months ago

I appreciate why Ploomber as a company or organization might want telemetry data for how people use their products, but that should be entirely opt-in when these products are meant to be usable outside of the Ploomber ecosystem or infrastructure.

For jupysql, there's no good reason why by default this should (i) make a version check over the internet and print the results of it; (ii) offer any kind of ad about Ploomber Cloud services; and (iii) create persistent config or other files in a user's home directory or filesystem unless some state key to providing %sql functionality in Jupyter is necessary.

I know I can turn off the telemetry and version check (the latter of which is undocumented) through environment variables (note that this is opt-out, not opt-in, and thus unsuitable for a classroom and unacceptable for an educational environment because it by default it compromises student privacy). I'm not sure how to turn off the cloud ad message. And even then, the way the code is written in ploomber_core.Telemetry dirties the home directory when this should be entirely unnecessary for providing %sql functionality.

It's really super unfortunate that this seems to force me to go back to the legacy ipython-sql.

edublancas commented 2 months ago

sorry our product didn't comply with your requirements. I'm unsure if there's any action item here, so I'm closing this

hlapp commented 2 months ago

That's of course your prerogative, but I also find it unfortunate. The legacy package ipython-sql, which explicitly gives your package, a fork, as the successor, did not have any telemetry or other things potentially intruding on user privacy.

So it seems if I don't want to give up my (and my students') privacy, short of resorting to the legacy package I'd have to create and maintain a new fork, which would be unfortunate as then we're diverting rather than pooling contributions. πŸ˜”

hlapp commented 2 months ago

Looks like you decided to address this as per #1034. Much appreciated! πŸ™