In the Friendica/Mastodon application I am working on, while it was in alpha and beta stage, I have adopted the Sentry SDK for crash reporting, which works very well on Kotlin Multiplatform and is easier to setup than other (closed source, capitalistic and ugly) alternatives.

In doing so, I made an interesting , while I was submitting the app to open source stores (IzzyOnDroid and F-Droid), that if crash reporting is opt-in (i.e. disabled by default but it can be enabled in the app settings) the app is acceptable for their policies because users have to give their consent to enable reports (which are a form of tracking).

Considering there are users complaining about Raccoon for Lemmy crashing (e.g. while creating posts/comments) and that being a “deal breaker” (understandably!), my question is: would you accept it if I included Sentry, making it opt-in? In this way you could enable it just if there is some reproducible issue and turn it off whenever you like (restarting the app is needed to make any change to initialization effective).

Opinions are welcome, I will not do anything unless we decide together, especially because adding this service implies extra work for maintainer(s) 🤣

  • @[email protected]
    link
    fedilink
    English
    212 days ago

    if crash reporting is opt-in (i.e. disabled by default but it can be enabled in the app settings) the app is acceptable for their policies because users have to give their consent to enable reports (which are a form of tracking).

    I guess F-Droid’s logic makes sense.

    Q:

    What exactly Sentry collects? What kind of identifiable info goes out of the phone?

    • Akesi SeliOPM
      link
      212 days ago

      The stacktrace of the exception, operative systm version and app version, the date when the crash happened (as well as statistics on the number of occurences over time), device manufaturer and model, whether the device is rooted, the system locale, whether the app is in background, battery level, orientation when the crash occurred. It could collect other data that classify as sensitive information (e.g. IP addresses which may give hint about the location) but these can be disabled.

      It’s not me, the developer, who can use this data for profit (which is quite obvious since I am a volunteer): what is really at stake here is whether it’s worth putting these data in the hands of a corporation (this is not a self-hosted service, I would be running on their servers and using the free plan)… It’s a cost-benefit tradeoff, plus the setup which is not exactly trivial, especially since I have to change the release pipelines for CI/CD because the build breaks.

      • @[email protected]
        link
        fedilink
        English
        311 days ago

        If Raccoon ever crash on me, I’ll copy the logs that are saved on the phone in app data folder… I wouldn’t use Sentry (TMI), but others might like the convince…