On 06.07.21 08:25, Mathias Homann wrote:
"Data necessary for law enforcement"
*Every* company will have to comply with the local legislation. At least they write it into their privacy statement ;-)
- that could mean name AND CONTENT of every audio file being worked on - it could be illegally copied intellectual property after all.
Please point out the source code where this is done. It's not like this is some closed source program that could silently start spying on you without it being easily noticeable.
And you still have not pointed out where exactly we make sure that the spyware parts are not compiled into the suse packages..
Did you check if we enable it? The relevant CMakeLists.txt snippets are: ------------------------------ set( _OPT "audacity_" ) ... cmd_option( ${_OPT}has_networking· "Build networking features into Audacity" Off) ... set_from_env(SENTRY_DSN_KEY) set_from_env(SENTRY_HOST) set_from_env(SENTRY_PROJECT) set_from_env(CRASH_REPORT_URL) cmake_dependent_option( ${_OPT}has_sentry_reporting "Build support for sending errors to Sentry" On "${_OPT}has_networking;DEFINED SENTRY_DSN_KEY;DEFINED SENTRY_HOST;DEFINED SENTRY_PROJECT" Off ) cmake_dependent_option( ${_OPT}has_crashreports "Enables crash reporting for Audacity" On "${_OPT}has_networking;DEFINED CRASH_REPORT_URL" Off ) -------------------------------- Now my CMake is weak, but https://cliutils.gitlab.io/modern-cmake/chapters/features/modules.html explains it. As I understand it: to enable "audacity_has_sentry_reporting": * audacity_has_networking needs to be "On", but defaults to "Off" * SENTRY_DSN_KEY, SENTRY_HOST, SENTRY_PROJECT need to be defined. * they are set via environment variables. to enable crash reports: * audacity_has_networking needs to be "On", but defaults to "Off" * CRASH_REPORT_URL needs to be defined from an environment variable Now please check if our package adds "-D audacity_has_networking=yes" to the cmake invocation. Then check if CRASH_REPORT_URL, SENTRY_HOST, SENTRY_PROJECT, SENTRY_DSN are exported before cmake is invoked. *IF* this is true, we can continue to discuss the issue. Until then, this is, IMVHO, RESOLVED_INVALID, to use bugzilla terminology. As I wrote before: I don't think their current privacy statement is well done, but it's also not a game changer. And calling it "spyware" is just twitter lynchmob style IMVHO. And if it is just "we need to drop this package immediately because it is from $NOW_EVIL_COMPANY!!!!!", then go ahead, drop chromium and all the libraries developed by google, facebook, the NSA,... ;-) -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman