From ed7f00365109e4b725a77ddac1502fe2d992ebb7 Mon Sep 17 00:00:00 2001 From: Matt Godbolt Date: Sun, 14 Feb 2021 17:09:13 -0600 Subject: [PATCH] Privacy policy updates. Closes #2276 (#2419) * Privacy policy updates. Closes #2276 * Improve policies timestamp generation * Remove leftover debug print * Python3 all the things Also uses the short hash for policy commits * More master->main. Co-authored-by: RabsRincon --- Makefile | 4 ++-- etc/scripts/changelog.py | 2 +- etc/scripts/politic.py | 15 ++++++++------- static/alert.js | 1 + static/main.js | 8 ++++++-- static/policies/cookies.html | 2 +- static/policies/privacy.html | 27 +++++++++++++++++---------- 7 files changed, 36 insertions(+), 23 deletions(-) diff --git a/Makefile b/Makefile index 264eb9495..ab6a21402 100644 --- a/Makefile +++ b/Makefile @@ -110,9 +110,9 @@ install-git-hooks: ## Install git hooks that will ensure code is linted and tes .PHONY: install-git-hooks changelog: ## Create the changelog - python ./etc/scripts/changelog.py + python3 ./etc/scripts/changelog.py policies: - python ./etc/scripts/politic.py + python3 ./etc/scripts/politic.py .PHONY: changelog diff --git a/etc/scripts/changelog.py b/etc/scripts/changelog.py index fdb936d87..8a820a82f 100644 --- a/etc/scripts/changelog.py +++ b/etc/scripts/changelog.py @@ -52,7 +52,7 @@ def format_commit(url, commit): try: return commit_template.format(url, grouped_commit[0], html_escape(grouped_commit[1])) except Exception as e: - print('There was an error in changelog.py: {}'.format(e)) + print(f'There was an error in changelog.py: {e}') return '' diff --git a/etc/scripts/politic.py b/etc/scripts/politic.py index 83bbe72fd..16ba11434 100644 --- a/etc/scripts/politic.py +++ b/etc/scripts/politic.py @@ -26,25 +26,26 @@ import subprocess import re -date_placeholder = '()' +date_placeholder = '().*()' date_placeholder_regex = re.compile(date_placeholder) def check_policy_file(police_name): - policy_path = 'static/policies/{}.html'.format(police_name) - privacy_output = subprocess.check_output(['git', 'log', '-1', '--format=%cd', policy_path]).decode('utf-8').rstrip() + policy_path = f"static/policies/{police_name}.html" + policy_last_time = subprocess.check_output(['git', 'log', '-1', '--format=%cd', policy_path]).decode('utf-8').rstrip() - if len(privacy_output) == 0: - print('No need to update {}'.format(policy_path)) + if len(policy_last_time) == 0: + print(f'No need to update {policy_path}') return - print('Setting policy {} last updated time to {}'.format(policy_path, privacy_output)) + policy_last_commit = subprocess.check_output(['git', 'log', '-1', '--format=%h', policy_path]).decode('utf-8').rstrip() + print(f'Setting policy {policy_path} last updated time to {policy_last_time} with commit {policy_last_commit}') f = open(policy_path, 'r') file_lines = f.readlines() f.close() with open(policy_path, 'w') as f: for line in file_lines: if re.match(date_placeholder_regex, line): - f.write(re.sub(date_placeholder_regex, '\\1Last changed on: {}\\2'.format(privacy_output), line)) + f.write(re.sub(date_placeholder_regex, f'\\1Last changed on: (diff)\\2', line)) else: f.write(line) diff --git a/static/alert.js b/static/alert.js index 422f42571..682390fef 100644 --- a/static/alert.js +++ b/static/alert.js @@ -49,6 +49,7 @@ Alert.prototype.alert = function (title, body, onClose) { modal.off('hidden.bs.modal'); modal.on('hidden.bs.modal', onClose); } + return modal; }; /*** diff --git a/static/main.js b/static/main.js index 3f65aabe5..52f28c0eb 100644 --- a/static/main.js +++ b/static/main.js @@ -135,10 +135,12 @@ function setupButtons(options) { // so we instead trigger a click here when we want it to open with this effect. Sorry! if (options.policies.privacy.enabled) { $('#privacy').click(function (event, data) { - alertSystem.alert( + var modal = alertSystem.alert( data && data.title ? data.title : 'Privacy policy', require('./policies/privacy.html') ); + var timestamp = modal.find('#changed-date'); + timestamp.text(new Date(timestamp.attr('datetime')).toLocaleString()); // I can't remember why this check is here as it seems superfluous if (options.policies.privacy.enabled) { jsCookie.set(options.policies.privacy.key, options.policies.privacy.hash, {expires: 365}); @@ -153,7 +155,7 @@ function setupButtons(options) { (hasCookieConsented(options) ? 'Granted' : 'Denied') + '

'; }; $('#cookies').click(function () { - alertSystem.ask(getCookieTitle(), $(require('./policies/cookies.html')), { + var modal = alertSystem.ask(getCookieTitle(), $(require('./policies/cookies.html')), { yes: function () { simpleCooks.callDoConsent.apply(simpleCooks); }, @@ -163,6 +165,8 @@ function setupButtons(options) { }, noHtml: 'Do NOT consent', }); + var timestamp = modal.find('#changed-date'); + timestamp.text(new Date(timestamp.attr('datetime')).toLocaleString()); }); } diff --git a/static/policies/cookies.html b/static/policies/cookies.html index f07656cc4..9ba8c01fd 100644 --- a/static/policies/cookies.html +++ b/static/policies/cookies.html @@ -10,7 +10,7 @@ Be aware: modifying this file in any way will cause a pop-up to users telling th - +

Compiler Explorer Cookie Policy

diff --git a/static/policies/privacy.html b/static/policies/privacy.html index 3c35feb1a..f35fbe1c0 100644 --- a/static/policies/privacy.html +++ b/static/policies/privacy.html @@ -10,7 +10,7 @@ Be aware: modifying this file in any way will cause a pop-up to users telling th - +

Compiler Explorer Privacy Policy

@@ -24,7 +24,7 @@ No need to update this! It's done by the CLI build process Compiler Explorer was created by and is primarily administrated by Matt Godbolt, along with a number of volunteers (including, but not limited to those listed in our "Authors" documentation). It is run on a best-effort basis, and is not a commercial product. We do our best to keep your data safe, but welcome help from the community: See our @@ -85,21 +85,28 @@ No need to update this! It's done by the CLI build process the short URL provider, not Compiler Explorer.

-

Web logs

+

Application, web and error logs

- Compiler Explorer keeps web logs, which contain semi-anonymised IP addresses, but no other personally identifying - information. When a long URL is clicked, the hash part of the URL is not sent to the server, so the user state - (including the source code) is NOT exposed in the web log. If a user clicks a short URL, then the short form IS - exposed in the web log (as https://godbolt.org/g/SHORTURLPART) and from this the source code can be + Compiler Explorer keeps application logs, which contain semi-anonymised IP addresses, but no other personally + identifying information. When a long URL is clicked, the hash part of the URL is not sent to the server, so the user + state (including the source code) is NOT exposed in the web log. If a user clicks a short URL, then the short form + IS exposed in the web log (as https://godbolt.org/g/SHORTURLPART) and from this the source code can be retrieved. As such, if you create a short URL of your code, your source code and other user state can in principle be retrieved from the web log of Compiler Explorer.

- In order to debug and diagnose Compiler Explorer, to help track down and block Denial of Service attacks, and to - gather statistics about Compiler Explorer's performance and usage, the web logs are archived. These logs are kept - for one month, after which they are permanently deleted. + Compiler Explorer uses Amazon's web serving, load balancing and edge caching systems. In order to debug and diagnose + Compiler Explorer, to help track down and block Denial of Service attacks, and to gather statistics about Compiler + Explorer's performance and usage, the logs from these systems are archived. These logs contain the full IP addresses + of requests. Thy are kept for no more than one month, after which they are permanently deleted. +

+ +

+ If your web browser experiences an error, we use a third party reporting system (Sentry). This keeps information, including your IP address and web browser user + agent, for no more than 90 days.

Executing your code