bmersereau pulls user identities out of the edit logs

Development-era logging was quietly linking named users to the specific legal documents they edited, and bmersereau wants it gone.

compliancesecurity

During development, the edit-resolution path was writing out who did what: user, document, and edit identifiers, all at routine INFO level. In production that becomes a durable record inside any logging system that a named person touched a named legal document. bmersereau frames it plainly as a data-minimization problem under GDPR, the EU privacy rule, and strips those lines out. Genuine error logging elsewhere is left untouched, so the fork still reports real failures.

Pulling the logging surfaced a latent bug that got fixed in the same pass: two document-edit database writes had been silently swallowing their errors, so a failed update could pass unnoticed. Those now report failure properly. A couple of build and test cleanups ride along, including repairing a guard test that was checking the wrong thing and therefore passing against nothing.

So what Anyone running Mike on real client matters should care: this closes a quiet channel that tied identifiable users to specific document activity, and it does so without dropping legitimate error signals.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?