Package: arcanist
Version: 0~git20200925-1
Severity: grave
If one has one or more commits in /some/repo one can create a
Phabricator diff by running `arc diff $oldver`. If there are are
untracked files in the directory the arcanist client gives the message:
--------8<-----------------------------------------------------8<--------
You have untracked files in this working copy.
Working copy: /some/repo
Untracked changes in working copy:
(To ignore these 1 change(s), add them to ".git/info/exclude".)
file0
file1
file2
Ignore these 3 untracked file(s) and continue? [y/N]
--------8<-----------------------------------------------------8<--------
Suspicious resemblance to what `git status` might give. If one then goes
to an appropriate version of Phabricator, on the right column between
"Tags" and "Subscribers" will be "Referenced Files".
I have noticed "Referenced Files" appears when untracked files are
present. Diffs done from repository directories with no untracked files
do not have the "Referenced Files".
As such I reasonably believe arcanist is NOT ignoring these files. At a
minimum it is uploading metadata about them to Phabricator, at worst it
is uploading them to the server without notification.
Privacy and security violation. This is visible enough I suspect many
people have already noticed.
--
(\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/)
\BS ( | ehem+sig...@m5p.com PGP 87145445 | ) /
\_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445
