Is it necessary to transmit all macros and entire config to ingest.sentry.io? about app HOT 4 OPEN

This is a huge privacy concern. Collecting data without explicit and informed user consent, even for benign purposes like debugging, undermines user autonomy. Users should have control over their data and how it's used. Forcing or defaulting them into data collection without clear, understandable choices can be seen as manipulative.

Also:

your information is anonymized

If you think this protects you, Sentry collects IPs, UAs, etc. By "anonymized," it means there is no direct connection between you and the data, but that doesn't mean there is no indirect or inferred way to make that connection. A simple macro that types an email can reveal your identity, negating any claimed anonymity.

Furthermore, some of your macros might be stored somewhere on a third-party server without your knowledge while you thought you were just configuring a keyboard.

able to recognize common stuff like passwords and credit cards from the JS side, and clean that up before even sending through the network.

Why even bother? Firstly, you will never cover all cases. Secondly, it's just a waste of time that could be better spent focusing on what really matters: building an application to configure a keyboard, nothing else.

--

Respecting user privacy and maintaining ethical standards should be a priority. Let users opt-in if they want, but don't hide it.

I simply don't trust https://usevia.app/

from app.

I am not related to VIA at all, but I am a developer which uses Sentry occasionally to track bugs, so I think I can give my two cents here.

I can tell you: your information is anonymized. Even if you were able to log in to the VIA app, it would be anonymized, unless the developers purposefully included personified information in your payload - and that's not easy. It is able to recognize common stuff like passwords and credit cards from the JS side, and clean that up before even sending through the network.

And then, I would say that the information is somewhat relevant to the VIA devs, given some bug might arise from an action you took. This way, they can follow what you were doing that triggered the bug, what's your current state and all, so they can reproduce it on their machines and fix the issue even before you bother reporting it (I mean, if you even noticed the issue, because sometimes I get bugs users don't even notice, and are just lurking around, waiting to combo with some other stuff to really crash our app).

That all said, I do understand it might be data-intensive, specially for big configuration payloads. I wonder if they could add a "data collection for bug reporting" toggle, in case data is indeed a problem for some users.

from app.

It is able to recognize common stuff like passwords and credit cards from the JS side, and clean that up before even sending through the network.

Of course it doesn't detect that it's a password. Like... how would it possibly know what to look for?

from app.

Via the field name 🙃

from app.