Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot validate github access token #4

Open
owen800q opened this issue Sep 6, 2019 · 11 comments
Open

Cannot validate github access token #4

owen800q opened this issue Sep 6, 2019 · 11 comments

Comments

@owen800q
Copy link

owen800q commented Sep 6, 2019
edited
Loading

The newly generated token cannot be validate correctly

image
@pravj
Copy link
Member

pravj commented Sep 6, 2019

Hi @owen800q,

Thanks for reporting this, can you please try generating a new token and checking if that works?

Just want to ensure if this is a proper issue, if it's, you will get a supporter license 🔑 for 🆓.

@owen800q
Copy link
Author

owen800q commented Sep 6, 2019

@pravj
After regenerating a new token for testing ,still not working..
Peek 2019-09-06 23-45

@virgulvirgul
Copy link

same problem here.

@ax4
Copy link

ax4 commented Dec 22, 2019
edited
Loading

Same problem here. After I input the token, and click the save button, it gives no response than loading. I will try to learn the code to see what's going on.

In the console of Chrome Extension, it said

settings.js:259 click on form submit
settings.js:133 add user token
api.followgithub.org/v1/user/token:1 Failed to load resource: the server responded with a status of 500 ()

I guess it might be a server-issue behind the extension service.

@pravj
Copy link
Member

pravj commented Jan 17, 2020

I couldn't manage the expenses for running the server, and hence the extension is not working.
I'm thinking of asking users to contribute (Paypal), not sure if people will be willing to pay.

What do you think? @ax4 @virgulvirgul @halhenke @owen800q

@owen800q
Copy link
Author

@pravj
I can donate a cheap VM on digitalocean. BTW, Can't the api server be deployed to heroku?

@ksboy
Copy link

ksboy commented Apr 21, 2020
edited
Loading

I couldn't manage the expenses for running the server, and hence the extension is not working.
I'm thinking of asking users to contribute (Paypal), not sure if people will be willing to pay.

What do you think? @ax4 @virgulvirgul @halhenke @owen800q

It seems the extension is still serverless, it will be okay?

@ax4 ax4 mentioned this issue May 12, 2020
Closed
@jrial
Copy link

jrial commented Jun 4, 2020

I couldn't manage the expenses for running the server, and hence the extension is not working.
I'm thinking of asking users to contribute (Paypal), not sure if people will be willing to pay.

What do you think? @ax4 @virgulvirgul @halhenke @owen800q

Why does this need a server? What is its purpose? Can't the server component be removed from the picture?

Also: what data is being stored on that server? Is there user-identifiable data on there? If so, are you complying with the GDPR? It appears not, since this is the first I hear of a server being necessary for this to work.

@ax4
Copy link

ax4 commented Jun 5, 2020
edited
Loading

Hi @jrial ! Good challenge!

But I would suggest not throwing questions looking negative to a currently unsolved problem. YES, there's so much cool stuff going on with GDPR, but the reality is that not all of the developers have the way to add GDPR complying with their project. Adding a burden to a project is not how open source software made magically.

(the current stage of this project's development is temporarily inactive and the infrequent issue comments / none-pr-s can prove this. GDPR alone won't solve the coding problem, or won’t automatically generate the fixing source code for a project).

Instead of complaining, I would suggest forking the source code of this project, and then make its backend code developed and open-sourced. Like any other project, it could be engineered into a self-hosted instance. Or if anyone has magical engineering, it could be an extension standalone using the 'backend page' to arrive at the purpose.

Once the improvement is done by fork folks, they can make pull requests to improve this project.

Sincerely I am writing replies back to this repo because I believe the lacking of server-side code can be fixed. It just needs some more code to solve the problem.

@jrial
Copy link

jrial commented Jun 10, 2020
edited
Loading

I don't necessarily mind that there's a server involved. However, "I am just a humble open source developer" does not exempt you from the law. It doesn't change the fact that your only options to comply with said law are:

  1. don't store personally identifyable data
  2. store the bare minimum of personally identifiable data necessary for you to deliver your service (e.g. to keep track of paid subscriptions), and disclose this to the users
  3. store the bare minimum necessary for you to deliver your service, inform the users of this, and obtain their express consent for whatever you wish to store on top of that.

The GDPR is not a burden to the FOSS developer; the GDPR is in line with the values most of us hold dear.

That said, I guess the server is probably only used for some processing, which can perfectly be done client side as well. However, without a reply from the dev (or a look under the hood by someone who understands whatever language browser plugins are written in [EDIT] Javascript, apparently), it's all speculation.

@jrial
Copy link

jrial commented Jun 10, 2020

Some further digging shows that your personal access token is sent to the server. Whether it's stored, or just used as data in transit, is unclear since the server code is not open source and can not be inspected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@jrial @pravj @virgulvirgul @ax4 @ksboy @owen800q