Merging a PR creates a commit with my real email address. I expected it to use a fictitious one like firstname.lastname@example.org that indicates that pgimeno is my username in notabug.org but suggests that it's not an address that can be used for contacting me.
I'm not sure if this is caused by #168.
I'm interested in this, too.
I don't see a subscribe button, so I'm commenting to subscribe.
i am confused - why would you want to publish code and not allow anyone to contact you?
and why would you expect an fictitious email address? does any existing forge have such naughty behavior?
Speaking of the Github API, for example, spam bots.
Having the email accessible to logged-in users is acceptable, but signing off a commit with it opens the plausibility of spam.
Yes, GitHub provides such a mechanism. See attached image.
And yes, it's an anti-spam measure. It's not that I don't want to be contacted. People can contact me through issues or PRs, or by pinging me, for example. But I don't want to be changing the email address every time a spambot finds it.
And it's not only the Github API that allows access. When viewing any commit, you add ".patch" to the URL and you can see the email of the author. For example:
(I committed that with that email). So it's actually out in the open without needing any API, just a web crawler. NotABug supports the same feature:
(edit: the link doesn't point to the one I typed, let me see if this works:
I've been pushing to Notabug with my Github email set and while it obfuscates my 'real' email, the user is not linked to my account/avatar.
I submitted a request on Gogs.