I'm packaging Open Policy Agent  (OPA). Since my original review request , OPA released new versions, so I'm updating the package.
However, with version 0.20.0, OPA added a telemetry service, enabled by default, reporting to a OPA-managed service the OPA version, a UUID and the build architecture (cf changelog  and privacy information )
I didn't find any Fedora policy regarding this kind of opt-out telemetry. Is it ok to package OPA as is, or should I patch it to make telemetry opt-in by disabling it by default in the Fedora package?
It would be great to document the Fedora policy regarding this issue.
My approach would be to disable it by default, and let users enable it as opt-in.
Maybe asking on the users list (or even devel list) will yield different opinions :)
I don't believe this is a packaging committee decision, because it has nothing to do with how you package something. FESCo or the Council would need to make distro poliicy here and document it. If there is something we could document for the method for changing code to conform to that policy (similar to how we document suggested patching for system crypto policies) then that would go into the packaging guidelines.
Metadata Update from @tibbs:
- Issue close_status updated to: nothingtodo
- Issue status updated to: Closed (was: Open)
Sorry for the questions but I didn't want to create unnecessary duplicates.
to comment on this ticket.