diff options
| -rw-r--r-- | todo.org | 8 |
1 files changed, 3 insertions, 5 deletions
@@ -3617,11 +3617,9 @@ Ask: Reference values -- modus-vivendi: refine-changed bg #4a4a00 fg #efef80, changed bg #363300 fg #efef80. modus-operandi: refine-changed bg #fac090 fg #553d00, changed bg #ffdfa9 fg #553d00. Side-by-side legibility render: [[file:assets/2026-06-07-dupre-diff-face-legibility-compare.png][assets/2026-06-07-dupre-diff-face-legibility-compare.png]]. -** TODO [#A] erc-yank silently publishes >5-line pastes as public gists :bug:quick:solo: -:PROPERTIES: -:LAST_REVIEWED: 2026-06-20 -:END: -=modules/erc-config.el:345= — C-y in any ERC buffer auto-creates a public gist for anything over 5 lines: clipboard content goes to a public URL with no confirmation, and no executable-find guard for =gist= (errors mid-send if absent). Privacy trap. Add a =yes-or-no-p= gate or drop the package for plain C-y. From the 2026-06 config audit. +** DONE [#A] erc-yank silently publishes >5-line pastes as public gists :bug:quick:solo: +CLOSED: [2026-06-20 Sat] +Dropped erc-yank 2026-06-20 (Craig's call: drop, not harden). The package turned a >5-line paste into a PUBLIC gist (=gist -P=, the clipboard-paste flag, no =--private=) behind a single y-or-n-p, with no executable-find guard for =gist=. It also gisted the system clipboard rather than the kill-ring text being yanked. No replacement binding needed: =erc-mode-map= defines no C-y of its own, so removing the package lets C-y fall through to the ordinary global =yank=. Verified live: effective C-y in an ERC buffer = =yank=. (Audit's "no confirmation" was slightly off — the package did prompt — but public-by-default + one-keystroke confirm + no guard made dropping it the clean fix.) ** TODO [#B] F7 diff-aware coverage classifies every changed file "not tracked" :bug:solo: :PROPERTIES: |