Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Privacy concern #344

Open
brace110 opened this issue Dec 18, 2021 · 79 comments
Open

Privacy concern #344

brace110 opened this issue Dec 18, 2021 · 79 comments
Labels
question Further information is requested

Comments

@brace110
Copy link

brace110 commented Dec 18, 2021

Browser

Brave

Browser Version

Latest

Extension or Userscript?

Extension

Extension/Userscript Version

Latest

Video link where you see the problem

Every

What happened?

How can we be sure our viewing habbits are not being tracked if every video I watch is being sent to your domain:

fetch(
    `https://returnyoutubedislikeapi.com/votes?videoId=${getVideoId()}`
  ).then((response) => {
    response.json().then((json) => {

Can we solve this question to market/make this plugin even more popular and trusted by everyone?

@brace110 brace110 added the bug Something isn't working label Dec 18, 2021
@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

You can't. And there is no way to solve it either (well, giving everyone admin rights to all infrastructure would solve it).

@Anarios Anarios closed this as completed Dec 18, 2021
@aryavsaigal
Copy link
Collaborator

maybe we can add an advanced option so it only fetches dislikes for the videos you want (by the click of a button)
you wouldnt need to see dislikes of a creator you trust a lot and entertainment videos.

if people are concerned they can just enable this and check dislikes for videos they dont trust, which should be pretty less compared to all the videos you watch.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

maybe we can add an advanced option so it only fetches dislikes for the videos you want (by the click of a button) you wouldnt need to see dislikes of a creator you trust a lot and entertainment videos.

if people are concerned they can just enable this and check dislikes for videos they dont trust, which should be pretty less compared to all the videos you watch.

that would be one way to solve it. But then again - it would still expose all videos that you requested (and people would request most of their videos)

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

You can also block it in firewall, and only unblock when you want to see dislikes .

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

or disable it, and only enable when you need it. you get the idea.

@aryavsaigal
Copy link
Collaborator

that would be one way to solve it. But then again - it would still expose all videos that you requested (and people would request most of their videos)

It's harder to be sure of someones viewing habits by less videos fetched

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

that would be one way to solve it. But then again - it would still expose all videos that you requested (and people would request most of their videos)

It's harder to be sure of someones viewing habits by less videos fetched

yep, but imagine flipping the switch every time you want to see dislikes

@aryavsaigal
Copy link
Collaborator

that would be one way to solve it. But then again - it would still expose all videos that you requested (and people would request most of their videos)

It's harder to be sure of someones viewing habits by less videos fetched

yep, but imagine flipping the switch every time you want to see dislikes

it will probably be a button on the youtube page itself, shouldnt be much of an inconvenience to those using this

@Aerophus
Copy link

Should have kept this open instead of immediately closing it, atleast so we can have an open discussion about possible implementations of what I think its a pretty good idea.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

It was never opensource.

@zannini
Copy link

zannini commented Dec 18, 2021

It was never opensource.

Ah. I'm sure the community will be very happy to use a tool that is not creepy. Google is already creepy we shouldn't make the thing creepier.

Don't worry we will solve this problem over Christmas break. Be it with this software or another 😉

@aryavsaigal aryavsaigal reopened this Dec 18, 2021
@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

So, making a request to a server is creepy now? You shouldn't be using github then either.

Be it with this software or another 😉

Good luck.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

By the way - a bunch of copycat-extensons died today once I enabled IP rate limiting.

They were just calling my api in their backend - no own DB, no caching - nothing. Just pretending to provide a service while in reality they didn't. Now imagine they had a DB dump and server code - what good would it make - more userbase fragmentation, less reliable votes? And all while using my work for free.

@brace110
Copy link
Author

brace110 commented Dec 18, 2021

As the OP, I'd like to mention to @Anarios that in no way I'm claiming malicious intent. I am very grateful for your work.
I was just wondering if we can provide some sort of way to guarantee privacy, to improve the extension and see it succeed like we all want.

I suppose a few options would be possible:

  • Calling a public Youtube API instead of a custom domain (if possible)
  • Having a toggle added to the extension and only when requested the calls are made to the back-end to request dislike info (although people can theoretically always put the Extension on 'Active on Click mode' to achieve similar results.
  • Having the backend code also run opensource so it can be verified by others.
  • Allow people to host their own servers who handle the JS calls. (Too technical for most people, but the option would be interesting for developers)
  • ... many others?

I think discussing options here, like mentioned above, would be a great idea. Perhaps we will come to a conclusion that nothing can be done. But at least we explored all options.

@k1nxx
Copy link

k1nxx commented Dec 18, 2021

As the OP, I'd like to mention to @Anarios that in no way I'm claiming malicious intent. I am very grateful for your work. I was just wondering if we can provide some sort of way to guarantee privacy, to improve the extension and see it succeed like we all want.

I suppose a few options would be possible:

  • Calling a public Youtube API instead of a custom domain (if possible)
  • Having a toggle added to the extension and only when requested the calls are made to the back-end to request dislike info (although people can theoretically always put the Extension on 'Active on Click mode' to achieve similar results.
  • Having the backend code also run opensource so it can be verified by others.
  • Allow people to host their own servers who handle the JS calls. (Too technical for most people, but the option would be interesting for developers)
  • ... many others?

I think discussing options here, like mentioned above, would be a great idea. Perhaps we will come to a conclusion that nothing can be done. But at least we explored all options.

100% Agree, But youtube is still selling your data, so whats the point ? Also in order for this extension to be alive, it requires user data. Thus proving it useless without such data

@sy-b
Copy link
Contributor

sy-b commented Dec 18, 2021

@brace110

Calling a public Youtube API instead of a custom domain (if possible)

That's the reason there is a separate domain. YT removed the ability to get dislikes from YT API.

Having a toggle added to the extension and only when requested the calls are made to the back-end to request dislike info (although people can theoretically always put the Extension on 'Active on Click mode' to achieve similar results.

Agreed. Many people had already suggested this.

Having the backend code also run opensource so it can be verified by others.

It is in plan. Just the thing is that, right now, the focus is on making the data meaningful

Allow people to host their own servers who handle the JS calls. (Too technical for most people, but the option would be interesting for developers)

I probably didn't get this one. Can you explain why?

@aryavsaigal
Copy link
Collaborator

  • Calling a public Youtube API instead of a custom domain (if possible)

public api doesnt return dislikes anymore

  • Having a toggle added to the extension and only when requested the calls are made to the back-end to request dislike info (although people can theoretically always put the Extension on 'Active on Click mode' to achieve similar results.

didnt know that existed, people can easily do that

  • Allow people to host their own servers who handle the JS calls. (Too technical for most people, but the option would be interesting for developers)

that would only be archived counts, after a while it will get outdated and youd have to keep syncing the database

Having the backend code also run opensource so it can be verified by others.

technically the host can modify the backend to collect your data and sell it while the open source code doesnt show the modifications


I don't think theres anything you can do instead of Active on Click mode honestly.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

Now imagine worst case scenario - say, I was as evil as it gets - what could I track? A random ID that you can regenerate at any time and an IP that can be dynamic\behind NAT\behind VPN.

So if you use a dynamic IP or a VPN - there is nothing I can track. This would be a real solution to privacy concern. Unlike a non-solution of posting server sources.

@k1nxx
Copy link

k1nxx commented Dec 18, 2021

I'd suggest making this a public company

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

I suppose a few options would be possible:
Calling a public Youtube API instead of a custom domain (if possible)"

  • there is no public youtube api for dislikes.

Allow people to host their own servers who handle the JS calls.

I don't see what it solves. You can build extension from sources and replace my API with your own even today. Or I didn't understand this point.

@brace110
Copy link
Author

brace110 commented Dec 18, 2021

an IP that can be dynamic\behind NAT\behind VPN.

Here in Europe we are forbidden to track IP-addresses without consent, they are being anonymized to 0.0.0.0, I run security for our company, so I deal with this a lot.

But I do see your point, the incoming data would be an IP-address, some headers, perhaps a browser user-agent and the video ID.

Theoretically you could build up a user profile on this information, for example a table that stores videos watched by certain IP's in a database. However this would be a tiny drop compared to what Google/Youtube is tracking about us.

I wonder if the "risks" here are actually overstated... What you do guys think?

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

Theoretically you could build up a user profile on this information, for example a table that stores videos watched by certain IP's in a database

I doubt you could even sell it. If I could attach a cookie so that ads can be shown to you based on your watch history - that would be a gold mine. But you see that I don't do it in the frontend code.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

that would be a gold mine.

That would be what youtube already sells about you :)

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

So instead of buying it from me - it's much more logical to just use google adds.

@Anarios
Copy link
Owner

Anarios commented Dec 18, 2021

There is a similar discussion in #45 , I cross-post some messages because general sentiment is very similar. Could I close this one and we continue there? what do you think?

@brace110
Copy link
Author

brace110 commented Dec 18, 2021

I have one last question, you mentioned other people using your endpoint.
Since I don't need my dislikes added to the Youtube page itself, I just want to be able to lookup the dislikes on videos. Would you be open to allowing others to use your endpoint? (or even for me to fork this project and create an extension that doesn't need the current requirements:

I think a lot of people would be happy to just have a tool that allows them to easily look up dislikes on certain videos. Without altering the Youtube page itself. Of course the regular users of this extension would prefer the Updated Youtube page, but this extension could be an add-on for technical users, or perhaps a separate extension.

You mentioned above that people already started using your endpoint, is this a problem? Traffic for example? or people abusing your work? I'd love to hear your thoughts.

@11h00
Copy link

11h00 commented Jan 12, 2022

i checked by myself the devtool of the extention, and first off, i didnt seen any extra header meaning than im actually being tracked, second off, there is not cookies about youtube, google or anything related, the only thing wich is your user id (maybe used to detect spam or anything like this).
there is nothing more than simple ellement to make the api work/secured properly. this extention is safe tho

@brace110
Copy link
Author

i checked by myself the devtool of the extention, and first off, i didnt seen any extra header meaning than im actually being tracked, second off, there is not cookies about youtube, google or anything related, the only thing wich is your user id (maybe used to detect spam or anything like this). there is nothing more than simple ellement to make the api work/secured properly. this extention is safe tho

The issue is that videos are being sent and perhaps logged with user-agent & ip addresses. Now of course this is a drop in a bucker of what Youtube/Google is collecting about us. But the the privacy issue remains interesting. We can't use a direct Youtube connection since the Youtube API stopped working so we're relying on the owners back-end application to store the actual dislikes.

I think the best solution would be to implement a toggle, that only when hit retrieves dislikes for that video. That way we limit the calls to the back-end and we accept the risk of our view habbits beings 'logged'. Although the owner already adressed that he can barely log anything, let alone sell this data in #344 (comment)

By the way there already is a way to toggle the extension per video, people can theoretically always put the Extension on 'Active on Click mode'. That way the extension does nothing until clicked upon and it will refresh the page.

@11h00
Copy link

11h00 commented Jan 14, 2022

So you think than the solution could like like:
You have a video and you somewhere on the page (maybe on dislike label?) a button where is written (see dislike count) so it does no "track" and get the video dislike count automatically?

@CallMeAlexO
Copy link
Contributor

The issue is that videos are being sent and perhaps logged with user-agent & ip addresses.

Your user-agent is not sent, this information is written in the post request headers. Which are open source. You can see no such information is sent to the server. The IP addresses are not unique enough to identify you as an individual, as was said before, if this is a concern, consider using a proxy or a VPN because every website you browse will see your IP.

I'm sorry, but these are entirely non-issues.

@pzduniak
Copy link

pzduniak commented Jan 16, 2022

@CallMeAlexO

Your user-agent is not sent

It is. Why would you write that?

You can see no such information is sent to the server.

It is.

The IP addresses are not unique enough to identify you as an individual

It is.

because every website you browse will see your IP.

But they usually have no capability to track my YouTube history.

I'm sorry, but these are entirely non-issues.

They are issues.

I'm worried about a "Contributor" (someone "trusted" with repo write access?) writing such a reply. I know that you probably don't have access to the backend, but you're risking the reputation of the project by acting so carelessly. Do not underestimate privacy issues. You might not give a crap about it, but others do. And they will lose hope in this project when they notice your role attributed to an ignorant reply.

I have just realized that "Contributor" appears next to anyone who contributed to the codebase in a repository. I still believe that it's dangerous to write stuff like this (hell, I interpreted it that way!), but it's not as serious as I thought it was. Previous commenter most likely has no write access to the repo.

@ItsDrike
Copy link

ItsDrike commented Jan 16, 2022

I'm worried about a "Contributor" (someone "trusted" with repo write access?) writing such a reply.

@pzduniak

A "Contributor" is merely someone who has contributed to the project at least once. That means just having a single commit in the repo makes you a contributor. You're probably mistaking this role for the "Collaborator" role, which is given by the repository owner directly and does give these exclusive rights such as write access. "Contributor" is simply someone who forked the repo and got their pull request merged by someone with actual write access.

Other than that though, I agree with the comment about IPs though and these are in fact issues, it's just that there isn't really that much you can do about them.

The IP address will always be sent, and there's absolutely no way to prevent that, most people use dynamic addresses so they change every now and then, still though, this change usually doesn't happen between countries, so the least an IP could provide is some geolocation info, but if someone has a static IP, this issue obviously gets much worse, still though, there's absolutely nothing this project can do about it, best you can do is use a VPN on your side.

As for the user-agent though, I don't believe it's being sent since as pointed out, the client-side is open sourced and you can see the headers which are being sent, and they do not contain user-agent, so that should probably be safe (though I'm not hugely familiar with this code-base and there may be something that does send these, but I doubt that.)

@pzduniak
Copy link

@ItsDrike

A "Contributor" is merely someone who has contributed to the project at least once.

Indeed, I realized that a couple minutes after posting the comment. Not sure who posted the clarification first, but thanks :)

it's just that there isn't really that much you can do about them.

There is! It would overcomplicate the backend for relatively negligible benefit, but this thread contains some solutions. Unfortunately any effort to solve the issue would need to be orchestrated by the project's leadership.

As for the user-agent though, I don't believe it's being sent since as pointed out, the client-side is open sourced and you can see the headers which are being sent, and they do not contain user-agent, so that should probably be safe (though I'm not hugely familiar with this code-base and there may be something that does send these, but I doubt that.)

Folks, there's no need to be familiar with the codebase. Install the extensions, open Dev Tools, open an YT video and watch XHR requests in the network tab. Search for returnyoutubedislikeapi.com. User Agent is sent with all XHR requests.

image

@Anarios
Copy link
Owner

Anarios commented Jan 16, 2022

User Agent is sent with all XHR requests.

That is correct. And it's default fetch behavior in browsers.

On the other hand - user agent is pretty far from a device fingerprint.

@ItsDrike
Copy link

ItsDrike commented Jan 16, 2022

User Agent is sent with all XHR requests.

@pzduniak
I see, my bad then, I'm not hugely familiar with browser extensions and I had no idea this was the case, thanks for clarifying!

user agent is pretty far from a device fingerprint.

@Anarios
I disagree, if there is some way to avoid sending it, I'd like to see that done. While in general, most people will have the same user-agent being latest chrome on a windows machine, for other people using less common browsers (such as firefox), not to mention less common operating system such as Mac OS, or even some Linux distribution will have a very unique User-Agent that would only really be shared with very few other people using this extension. This is a clear privacy disadvantage for anyone using anything non-standard.

@Atemu
Copy link

Atemu commented Jan 18, 2022

Dedicated issue for K-anonymity: #452

@User198263321
Copy link

User198263321 commented Feb 1, 2022

I wouldn't. Since the extension itself is open source, we would be able to see and make sure that nothing gets sent over network until a specific button is clicked. Period. The request could start when you click a button say "view dislike count", which is separated from the dislike button as well.

CONCEPT:
image
The part highlighted is what you would click to view the dislikes forked from the server AFTER you click on it. Disliking the video itself would fetch the API stats automatically assuming it sends video information to the server anyways.

EDIT: Another idea would be a minimal option for this setting which would just show the dislike button (with the "DISLIKE" text hidden except when you hover over it, the popup toast message would say "Shift click to view dislikes on this video" instead of "I dislike this".

Again, this could be an OPTIONAL toggle in the config options for this extension so people aren't confused about this and users that are searching for more privacy would be able to get it.

TLDR: Optional toggle to send nothing over the network unless specific button is clicked on which views the dislike ratio
OR: you click on the thumbs down button which dislikes the video (and sending a request that you disliked the video as well as getting the dislike ratio)

This would help me ensure that I only am sending network requests when I request (or need) it. If I don't want to view video dislikes, I don't click the view dislikes button or the dislike button (although clicking the dislike button is when I would want to view the dislike ratio anyway since I sent a packet to the server anyways). Pure and simple.

Also, please release your compiled extensions on GitHub. I don't like using Chrome Web Store and I like updating my extensions from source manually. Using the Web Store is just tedious when sorting and naming extension versions and sorting through the random hashed folders.

@aryavsaigal
Copy link
Collaborator

aryavsaigal commented Feb 1, 2022 via email

@Atemu
Copy link

Atemu commented Feb 1, 2022

The problem also isn't really solved by making it manual. I want the functionality the addon provides; else I wouldn't have installed it. Having to press a button on every video doesn't help privacy in any way.

@cyrildtm
Copy link
Contributor

cyrildtm commented Feb 1, 2022

I don't understand why this thread is still going on: If you want to stay anonymous, why do you use Youtube? Every time you watch a video you make a request that is equivalent to:

fetch(
    `https://www.youtube.com/watch?v=${getVideoId()}`
  )

Go to your local video rental store and pay by cash. Wear a ski mask.

@User198263321
Copy link

User198263321 commented Feb 4, 2022

The problem also isn't really solved by making it manual. I want the functionality the addon provides; else I wouldn't have installed it. Having to press a button on every video doesn't help privacy in any way.

For me, I don't care what the dislike counter is on most videos. When I find a video that looks like clickbait or a scam, I want to view the amount of dislikes. Then I click the button, and it send a single network request of the video ID, retrieves the data, and displays it to me. Much less tailored info that the extension gathers by sending a request every single time I click on a new video. Basically, the extension is completely offline until click the button to send the request. This can also reduce the server load I am hearing issues about depending on how many users use this feature

As for the extension, I load them manually. I would rather have an extension straight from the source in case google does anything with it or something (this is probably silly and they probably don't do anything with it, but still, why not release extension builds on GitHub?)

I am still for #452 to be added as well to strengthen this.

@Nightcaat Nightcaat changed the title (Bug): Privacy concern Privacy concern Apr 24, 2022
@magistermaks
Copy link

@ItsDrike
User-Agent header can be set to a custom value (e.g. empty string) on Firefox, but not on Chrome, bc of a long standing unfixed bug. So this can potentially be "fixed" for Firefox users

@FireMasterK
Copy link

I've created https://github.com/TeamPiped/RYD-Proxy, an open-source non-logging proxy that utilizes rotating Tor instances to avoid rate limiting while issuing requests.

You can use it like so for example: https://ryd-proxy.kavin.rocks/votes/dQw4w9WgXcQ

People interested in self-hosting it can use the docker-compose provided in the repository itself.
Like other services on my domain, there are no logs kept for this one either.

@FireMasterK
Copy link

Thank you. Now we are one step closer to breaching the API server's anti-spam mechanism.

That was never the goal, The goal was to avoid the API server's rate-limiting mechanism, for which I initially requested to be whitelisted for. (on the discord, to no response)

Just expand your script and add the puzzle challenge solver, and you will be able to register as a new stranger every two minutes.

Had you read the repository's readme:

Only fetching the Dislike count is supported, and will ever be supported.

@cyrildtm
Copy link
Contributor

cyrildtm commented Jun 18, 2022

We should ban Tor origins in order to maintain the quality of the database. Anyone can write a code to (1) register as a new account with a new IP and (2) vote like/dislike for any number of videos, containing a list of targeted ones and many other randomly selected ones. The result is obfuscated spam data but with targeted videos being attacked. As a consequence, the like/dislike data is highly skewed due to human intention, and the quality is compromised.

The above free open-source program just provided half of the evidence: The API server cannot distinguish whether a user is on a Tor network and hence there is no way to stop bad intentions. Now we only need some person-hours to complete the other half.

This concept is hard to implement as any single person. However, as soon as one apprehends a list of vulnerable and/or compromised systems around the world, the program can be loaded on victim computers and make concurrent requests over Tor. Each computer needs to establish a new Tor circuit, register as a new user with a new random user ID, solve the bitcoin puzzle locally, and start voting for the targeted video list. After completion, the same victim computer can start another Tor circuit and make the same requests. This is comparable to DDoS attack in its format, but it does not require a very high level of amplification; One just needs to overcome the regular video audience and channel fans. (Or maybe fans can make use of this)

This is not a new concept; I realized this a while ago but did not elaborate. Now that a half proof of concept is available, I think it's time to raise the concern.

@a-kriya
Copy link

a-kriya commented Jul 27, 2022

#399 was also closed that reported the code that posts all suggested videos on every video to the backend. Issue still exists:

} else if (request.message == "send_links") {
toSend = toSend.concat(request.videoIds.filter((x) => !sentIds.has(x)));
if (toSend.length >= 20) {
fetch(`${apiUrl}/votes`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify(toSend),
});

@Anarios
Copy link
Owner

Anarios commented Jul 28, 2022

@a-kriya - the code is not called. It was only active during first weeks when dislikes were still available. As you can see in the network tab - this call is never made.

@User198263321
Copy link

I don't understand why this thread is still going on: If you want to stay anonymous, why do you use Youtube? Every time you watch a video you make a request that is equivalent to:

fetch(
    `https://www.youtube.com/watch?v=${getVideoId()}`
  )

Go to your local video rental store and pay by cash. Wear a ski mask.

I know I am already giving Google data. I don't feel like giving data to another party if I don't need to.

I still normally leave this script disabled until I feel like seeing dislikes for one specific video.

@User198263321
Copy link

User198263321 commented Aug 6, 2022

maybe we can add an advanced option so it only fetches dislikes for the videos you want (by the click of a button) you wouldnt need to see dislikes of a creator you trust a lot and entertainment videos.
if people are concerned they can just enable this and check dislikes for videos they dont trust, which should be pretty less compared to all the videos you watch.

that would be one way to solve it. But then again - it would still expose all videos that you requested (and people would request most of their videos)

I have probably requested only a dozen or so of videos since I first started using this script in December of 2021 . It would be higher if it wasn't as tedious as it is for my workaround of just manually enabling the script each time I want to check a single video.

@sy-b
Copy link
Contributor

sy-b commented Aug 8, 2022

I don't feel like giving data to another party if I don't need to.

Just out of curiosity, I want to ask you a couple of things

If RYD's backend (not the open source extension) ever gets compromised by malicious actors -

  1. How the data collected can affect you [in comparison with data collected by google]
  2. What harm can it cause it to you from the collected data.
  3. How likely do you think it will happen & do you think the outcome is worth your efforts : Optional

@sy-b
Copy link
Contributor

sy-b commented Aug 8, 2022

Skimming through this page it doesn't seem that we have privacy paranoids here.


To any privacy paranoid I encounter in future:

You seem to be kinda new to this privacy thing or maybe you are in 'hardcore privacy' related filter bubble. First get out of that bubble.

TLDR: Privacy is important but anything in excess is harmful. Try to balance out things.

from: https://www.privacyguides.org/basics/threat-modeling/

Balancing security, privacy and usability is one of the first and most difficult tasks you'll face on your privacy journey. Everything is a trade-off

I have some suggestions for you -
Thoroughly* read thrice, understand and implement these


Since this is for future reference, I might edit/update it.

@sy-b
Copy link
Contributor

sy-b commented Aug 8, 2022

This #344 (comment) can be implemented with #452 iff the owner wants to take it seriously.
I feel that it's unnecessary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests