* shard: update to crystal 0.31.0
Additionally, no longer use the Crystal "markdown" library which has
been removed from the Crystal stdlib in version 0.31.0.
See https://github.com/crystal-lang/crystal/pull/8115.
Also fix some deprecation warnings using the following commands:
find . \( -type d -name .git -prune \) -o -type f -exec sed -i 's/URI\.escape/URI\.encode_www_form/g' "{}" \;
find . \( -type d -name .git -prune \) -o -type f -exec sed -i 's/URI\.unescape/URI\.decode_www_form/g' "{}" \;
sed -i 's/while \%pull\.kind \!\= \:end_object/until \%pull\.kind\.end_object\?/g' src/invidious/helpers/patch_mapping.cr
<p>This document concerns what data you provide to this website, the purpose of the data, how the data is stored, and how the data can be removed.</p>
This document concerns what data you provide to this website, the purpose of the data, how the data is stored, and how the data can be removed.
<h3>Data you directly provide</h3>
<p>Data that you provide to the website for the purpose of the site's operation (for example: an account name, account password, or channel subscription) will be stored in the website's database until the user decides to remove it. This data will not be intentionally shared with anyone or anything.</p>
### Data you directly provide
<p>Information stored about a registered user is limited to:</p>
<ul>
Data that you provide to the website for the purpose of the site's operation (for example: an account name, account password, or channel subscription) will be stored in the website's database until the user decides to remove it. This data will not be intentionally shared with anyone or anything.
<li>a list of session tokens for remaining logged in across devices</li>
<li>the last time an account was updated (to provide accurate notifications)</li>
Information stored about a registered user is limited to:
<li>a list of video IDs identifying notifications from a user's subscriptions</li>
<li>a list of channel UCIDs the user is subscribed to</li>
- a list of session tokens for remaining logged in across devices
<li>a user ID (for persistent storage of subscriptions and preferences)</li>
- the last time an account was updated (to provide accurate notifications)
<li>a json object containing user preferences</li>
- a list of video IDs identifying notifications from a user's subscriptions
<li>a hashed password if applicable (not present on google accounts)</li>
- a list of channel UCIDs the user is subscribed to
<li>a randomly generated token for providing an RSS feed of a user's subscriptions</li>
- a user ID (for persistent storage of subscriptions and preferences)
<li>a list of video IDs identifying watched videos</li>
- a json object containing user preferences
</ul>
- a hashed password if applicable (not present on google accounts)
<p>The above list reflects <a href="https://github.com/omarroth/invidious/blob/master/src/invidious/users.cr#L14-L51">this code</a>.</p>
- a randomly generated token for providing an RSS feed of a user's subscriptions
<p>Users can clear their watch history using the <a href="/clear_watch_history">clear watch history</a> page.</p>
- a list of video IDs identifying watched videos
<p>If a user is logged in with a Google account, no password will ever be stored. This website uses the session token provided by Google to identify a user, but does not store the information required to make requests on a user's behalf without their knowledge or consent.</p>
The above list reflects [this code](https://github.com/omarroth/invidious/blob/master/src/invidious/users.cr#L14-L51).
<h3>Data you passively provide</h3>
<p>When you request any resource from this website (for example: a page, a font, an image, or an API endpoint) information about the request may be logged.</p>
Users can clear their watch history using the [clear watch history](/clear_watch_history) page.
<p>Information about a request is limited to:</p>
<ul>
If a user is logged in with a Google account, no password will ever be stored. This website uses the session token provided by Google to identify a user, but does not store the information required to make requests on a user's behalf without their knowledge or consent.
<li>the time the request was made</li>
<li>the status code of the response</li>
### Data you passively provide
<li>the method of the request</li>
<li>the requested URL</li>
When you request any resource from this website (for example: a page, a font, an image, or an API endpoint) information about the request may be logged.
<li>how long it took to complete the request.</li>
</ul>
Information about a request is limited to:
<p>No identifying information is logged, such as the visitor's cookie, user-agent, or IP address. Here are a couple lines to serve as an example:</p>
<pre><code>2019-01-19 16:37:47 +00:00 200 GET /api/v1/comments/xrlETJYzH-c?format=html&hl=en-US 1345.88ms
- the time the request was made
2019-01-19 16:37:53 +00:00 200 GET /vi/r5P-f5arPXE/maxres.jpg 1085.41ms
- the status code of the response
2019-01-19 16:37:54 +00:00 200 GET /watch 7.04ms</code></pre>
- the method of the request
<p>This website does not store the visitor's user-agent or IP address and does not use fingerprinting, advertisements, or tracking of any form.</p>
- the requested URL
<p>This website provides links to googlevideo.com to provide audio and video playback. googlevideo.com is owned by Google and is subject to their <a href="https://policies.google.com/privacy">privacy policy</a>.</p>
- how long it took to complete the request.
<h3>Data stored in your browser</h3>
No identifying information is logged, such as the visitor's cookie, user-agent, or IP address. Here are a couple lines to serve as an example:
<p>This website uses browser cookies to authenticate registered users. This data consists of:</p>
<ul>
```
<li>An account token to keep you logged into the website between visits, which is sent when any page is loaded while you are logged in</li>
2019-01-19 16:37:47 +00:00 200 GET /api/v1/comments/xrlETJYzH-c?format=html&hl=en-US 1345.88ms
</ul>
2019-01-19 16:37:53 +00:00 200 GET /vi/r5P-f5arPXE/maxres.jpg 1085.41ms
<p>This website also provides an option to store site preferences, such as the theme or locale, without an account. Using this feature will store a cookie in the visitor's browser containing their preferences. This cookie is sent on every request and does not contain any identifying information.</p>
2019-01-19 16:37:54 +00:00 200 GET /watch 7.04ms
<p>You can remove this data from your browser by logging out of this website, or by using your browser's cookie-related controls to delete the data.</p>
```
<h3>Removal of data</h3>
This website does not store the visitor's user-agent or IP address and does not use fingerprinting, advertisements, or tracking of any form.
<p>To remove data stored in your browser, you can log out of the website, or you can use your browser's cookie-related controls to delete the data.</p>
<p>To remove data that has been stored in the website's database, you can use the <a href="/delete_account">delete my account</a> page.</p>
This website provides links to googlevideo.com to provide audio and video playback. googlevideo.com is owned by Google and is subject to their [privacy policy](https://policies.google.com/privacy).
### Data stored in your browser
This website uses browser cookies to authenticate registered users. This data consists of:
- An account token to keep you logged into the website between visits, which is sent when any page is loaded while you are logged in
This website also provides an option to store site preferences, such as the theme or locale, without an account. Using this feature will store a cookie in the visitor's browser containing their preferences. This cookie is sent on every request and does not contain any identifying information.
You can remove this data from your browser by logging out of this website, or by using your browser's cookie-related controls to delete the data.
### Removal of data
To remove data stored in your browser, you can log out of the website, or you can use your browser's cookie-related controls to delete the data.
To remove data that has been stored in the website's database, you can use the [delete my account](/delete_account) page.
leonklingele
5 years ago
committed by