Original task description by @Billinghurst :
Subject: Remove visible email addresses from emails from gerrit.wikimedia.org
Why does Gerrit put all the email addresses into its posts? Either it should send out individual posts for notifying changes, or it should utilise the bcc field.
It does not seem necessary, and it seems at odds to our approach to respecting personal detail to advertise the email addresses of contributors, especially as there is no clear statement through phabricator that this is the default behaviour of the system.
Using Gerrit to send patches requires a wiki account created on https://wikitech.wikimedia.org/ and the same email address. A user registering an account on the wiki would expect the email address to be kept private as per Wikimedia Privacy policy:
Emails
You have the option of providing an email address at the time of registration or in later interactions with the Wikimedia Sites. If you do so, your email address is kept confidential, except as provided in this Policy. [...]
When sending a code patch to Gerrit, the patch must have an email address matching the user account used to connect to Gerrit. Hence the email ends up being voluntary disclosed public. People might have registered with a private address and get surprised when sending a patch by not realizing they end up making it public.
Also see comment by @hashar T151529#2820380
Random potential ideas:
*https://wikitech.wikimedia.org/wiki/Special:CreateAccount could highlight that if using Gerrit the email will be made public since it is required in the git patches.
- https://wikitech.wikimedia.org/wiki/Special:Preferences has the email, used by Gerrit. Might had a similar warning as on Special:CreateAccount
- Update the labs term of use?