JonKazama-Hellion/HellionChat
1
0
Fork 0
Code Issues Pull Requests Actions Releases 28 Activity

docs: community standards, privacy notice and release-body automation

Browse Source 
Closes the remaining gaps in GitHub's community-standards check, adds
explicit privacy and dependency documentation matching the plugin's
"DSGVO-by-design" claim, and removes the stale upstream Crowdin
artefact so the repo no longer suggests it ships its own translation
pipeline.

New community-health files:

- CODE_OF_CONDUCT.md: project-specific, short and direct, single
  reporting path to kontakt@hellion-media.de
- CONTRIBUTING.md: scope, accepted vs declined contributions, build
  and test instructions, EUPL-1.2 contribution terms, translation
  policy split between Hellion-specific (here) and upstream strings
  (Chat 2 repo)
- SUPPORT.md: routing for bugs, security, privacy and casual feedback
- .github/PULL_REQUEST_TEMPLATE.md: summary, change-type checklist,
  testing notes, compatibility notes for migrations and manifest
  fields, contribution checklist
- .github/FUNDING.yml: comments-only file, no platforms enabled,
  points donors at the upstream Chat 2 maintainers' Ko-fi pages

New privacy and compliance documentation:

- PRIVACY.md: what the plugin stores locally (config, SQLite,
  EmoteCacheV1), retention defaults, the two outbound network calls
  (BetterTTV API+CDN with ShowEmotes opt-out, Square Enix Lodestone
  font once-off), explicit no-telemetry statement, GDPR
  Art. 15/17/18/20/21 rights mapped to plugin features, third-party
  privacy-policy links
- THIRD_PARTY_NOTICES.md: direct NuGet dependencies with versions
  pinned to v0.5.4 (MessagePack, Microsoft.Data.Sqlite, morelinq,
  Pidgin, SixLabors.ImageSharp under Six Labors Split License 1.0),
  Dalamud SDK and .NET tooling, bundled Exo 2 font (OFL-1.1) and
  plugin icon, network-touch status per component, re-audit commands

Crowdin cleanup:

- crowdin.yml deleted (was upstream Chat 2's project_id 663694,
  pointed at /ChatTwo/Resources/Language.resx, never wired to
  HellionChat strings)
- README, CONTRIBUTING and CODE_OF_CONDUCT no longer suggest
  HellionChat operates a Crowdin project; remaining mentions are
  explicitly framed as upstream Chat 2's workflow

Contact and version consistency:

- Maintainer email switched from maintainer@hellion-media.de to
  kontakt@hellion-media.de in SECURITY.md and NOTICE.md
- README version references updated to 0.5.4 (header, project status
  block) and the update-tag pattern generalised from v0.1.x to v0.X.Y
- bug_report.yml version placeholder bumped to 0.5.4
- Project-documents table added to README footer linking all health
  and reference files in one place

Release-body automation:

- .github/workflows/release.yml now extracts the matching version
  block from ChatTwo/HellionChat.yaml's changelog and combines it
  with a static install / docs footer (custom-repo URL, project
  document links, licence) before passing the result to
  softprops/action-gh-release@v3 via body_path
- Workflow fails fast if no changelog block exists for the tagged
  version, automating the existing "yaml + repo.json + release body
  kept in sync" rule
- Tag value passed via env: TAG_NAME with strict ^v\d+\.\d+\.\d+$
  validation before any string concatenation, so the tag input cannot
  break out into shell evaluation
This commit is contained in:
Jon Kazama
2026-05-03 10:42:07 +02:00
parent 61764459ed
commit 1b63765caa
13 changed files with 815 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
PRIVACY.md
+259
View File
@@ -0,0 +1,259 @@
# Privacy notice
HellionChat is a Dalamud plugin for FINAL FANTASY XIV that focuses on
giving the user explicit control over what their chat client stores
locally. This document describes what the plugin does with your data,
what it does not do, and how you exercise the rights the GDPR gives
you over data you generate yourself.
This document is informational. The maintainer of HellionChat is
**not** a controller or processor of your data in the GDPR sense,
because no data ever leaves your machine on the maintainer's
infrastructure. Independently of that, the plugin is built so that
you can act on your own data the way the GDPR expects.
Last reviewed: 2026-05-03 (HellionChat v0.5.4).
---
## TL;DR
- All chat data the plugin stores stays on your machine, in your
Dalamud `pluginConfigs/HellionChat/` directory.
- The plugin does not phone home. There is no telemetry, no analytics,
no crash reporter, no usage counter, no remote update check beyond
what Dalamud itself does.
- Two outbound network calls exist by design: the BetterTTV emote
service (for chat emotes) and the Square Enix Lodestone font CDN
(for the in-game symbol font). Both are documented in detail below
and both can be reasoned about per request.
- You can export every message the plugin has stored, in Markdown,
JSON or CSV, and you can wipe stored history per channel, per date
range, or globally.
---
## What the plugin stores locally
HellionChat keeps three kinds of state on your machine, all under
`%appdata%\XIVLauncher\pluginConfigs\HellionChat\` on Windows
(`~/.xlcore/pluginConfigs/HellionChat/` on Linux/macOS via XIVLauncher
Core):
1. **Configuration** (`HellionChat.json`)
Plugin settings, channel whitelist, retention values, layout state,
theme colours. Contains no chat content.
2. **Message database** (SQLite file in the same directory)
Chat messages from the channels on your whitelist, stored as
MessagePack-encoded blobs. Default whitelist out of the box covers
only your own conversations: tells, party, free company, linkshells,
cross-world linkshells, alliance, ExtraChat. Public chat, NPC
dialogue, system messages and battle logs are dropped on the
storage layer and never written to disk.
3. **Cached emote images** (`EmoteCacheV1/` directory)
Image files downloaded from BetterTTV when an emote appears in a
message you receive. See "Outbound network calls" below.
There is no shared state with the upstream Chat 2 plugin.
`pluginConfigs/HellionChat/` is independent from `pluginConfigs/ChatTwo/`.
### Retention defaults
- Tells: 365 days
- Your-conversation channels (party, FC, linkshells, cross-world LS,
alliance, ExtraChat): 90 days
- Global default for anything else: 30 days
**Retention is off by default.** The plugin does not delete anything
on its own until you explicitly turn the retention sweep on in the
settings. Until then, stored messages stay until you clear them.
---
## What the plugin does not store
- Public chat (`/say`, `/yell`, `/shout`), NPC dialogue, system
messages and battle logs. These are filtered before they reach the
storage layer.
- Anything from channels you remove from the whitelist. The privacy
filter runs on the way in, not on the way out.
- Login credentials, character IDs, account IDs. The plugin uses
whatever Dalamud already exposes about the local character to
attribute messages; nothing of that is sent anywhere or persisted
beyond the message itself.
---
## Outbound network calls
HellionChat makes two kinds of automatic outbound network requests.
Both are inherited from upstream Chat 2 and both are documented here
because "DSGVO-by-design" means you should know what your client does
on your behalf.
### 1. BetterTTV emote service (`api.betterttv.net`, `cdn.betterttv.net`)
- **What it does:** When a chat message arrives that references a
BetterTTV emote, the plugin asks the BetterTTV API for the emote
metadata and downloads the image from the BetterTTV CDN to display
it inline.
- **What is sent:** A standard HTTPS GET request. Your IP address
reaches BetterTTV (unavoidable for any HTTPS request); the request
itself contains no identifying user data, no character name, no
message text. Only the emote ID being looked up is in the URL path.
- **When it triggers:** Only when an incoming message contains an
emote token that is on the BetterTTV emote list.
- **Cached:** Yes, in `emoteCache/`. A given emote is downloaded once
per machine and reused.
- **How to opt out:** Turn off the **Show emotes** option in
Settings → Chat. With it disabled, the emote cache does not load
and no requests to BetterTTV are made for the rest of the session.
- **BetterTTV's privacy policy:** <https://betterttv.com/privacy>
Source: `ChatTwo/EmoteCache.cs`.
### 2. Square Enix Lodestone font (`img.finalfantasyxiv.com`)
- **What it does:** Downloads the `FFXIV_Lodestone_SSF.ttf` font file
from the official Square Enix Lodestone CDN once during font setup,
so the plugin can render in-game special symbols (job icons, item
glyphs, etc.) inside ImGui.
- **What is sent:** A single HTTPS GET request to the public Square
Enix font URL. Your IP address reaches Square Enix (unavoidable);
no character data, no plugin identifier, no message content.
- **When it triggers:** Once per font initialisation, not per session
if the file is already cached locally.
- **Cached:** Yes, by Dalamud's font subsystem.
- **How to opt out:** This call is part of the font pipeline inherited
from upstream Chat 2 and not toggleable from the settings UI today.
If a user-facing opt-out for this would be useful for you, please
open a feature-request issue.
Source: `ChatTwo/FontManager.cs`.
### Links you click yourself (no automatic traffic)
The settings panel contains a few buttons that open external pages in
your browser when you click them: the upstream Chat 2 GitHub repo,
the upstream maintainers' Ko-fi pages, the HellionChat issue tracker
and `hellion-media.de`. Nothing happens until you click. They are
documented here for completeness, not because they generate background
traffic.
---
## What the plugin does not do
- **No telemetry.** Source verified: no calls to AppInsights, Sentry,
PostHog, Plausible, Google Analytics, Microsoft Clarity or any
comparable service exist in the codebase, nor in the direct
dependencies the plugin pulls in. See `THIRD_PARTY_NOTICES.md`.
- **No crash reporting.** Crashes go to Dalamud's local `xllog`,
not to a remote endpoint controlled by HellionChat.
- **No usage counters.** The plugin does not count installs, sessions,
feature usage, channel activity or anything else for the maintainer.
- **No phone-home update check.** Updates are delivered through
Dalamud's plugin installer, which polls the custom-repo
`repo.json` on GitHub. That is GitHub's traffic and falls under
GitHub's privacy policy; the plugin code does no separate update
check.
- **No background sync.** Messages stay on your machine. There is no
cloud backup, no sharing feature, no remote viewer.
---
## Your data, your rights
The GDPR gives you specific rights over data about you. Because
HellionChat stores everything locally, those rights translate
directly into plugin features:
### Right to access (Art. 15)
Use the export feature in the plugin settings. You can export to
**Markdown**, **JSON** or **CSV**, filtered by channel, date range
or sender substring. The export goes through a Dalamud file dialog
and writes wherever you point it, on your machine.
### Right to erasure (Art. 17)
Two options:
1. **Targeted deletion** — the "retroactive cleanup" feature lets you
apply your current whitelist to the existing database. It shows a
preview of what will be removed before you confirm with
Ctrl+Shift, runs in the background, and calls `VACUUM` afterwards
to actually shrink the file.
2. **Full deletion** — close the game and delete the
`pluginConfigs/HellionChat/` directory. Next plugin start will
produce a fresh, empty configuration.
### Right to portability (Art. 20)
The JSON and CSV exports are open formats. The Markdown export is
human-readable and machine-parseable. Nothing is locked into a
proprietary container.
### Right to object / restrict processing (Art. 21, 18)
Adjust the channel whitelist or set retention to a low value. Both
take effect immediately on new messages; existing data needs the
retroactive cleanup to apply retroactively, by design.
---
## Third parties involved
| Party | Why they appear | What reaches them | Their privacy policy |
| --- | --- | --- | --- |
| BetterTTV (NightDev LLC) | Optional emote rendering | HTTPS request for an emote ID; your IP | <https://betterttv.com/privacy> |
| Square Enix | Lodestone font download (once) | HTTPS request for the font file; your IP | <https://www.square-enix.com/privacy> |
| GitHub (Microsoft) | Plugin distribution via custom repo, issue tracker | Whatever GitHub sees from any HTTPS request to a public repo | <https://docs.github.com/site-policy/privacy-policies/github-general-privacy-statement> |
| Dalamud / XIVLauncher (goatcorp) | Plugin loader, font subsystem, repo polling | Whatever Dalamud reports for itself; out of HellionChat's scope | <https://github.com/goatcorp/Dalamud> |
Square Enix and GitHub are unavoidable for anyone playing FFXIV
through Dalamud at all. BetterTTV is the only third party HellionChat
introduces on top of the baseline that is not also part of using FFXIV
or Dalamud, and BetterTTV is opt-out via settings.
---
## Dependencies that touch the network
For a full dependency inventory see `THIRD_PARTY_NOTICES.md`. Of the
direct dependencies the plugin pulls in:
- `MessagePack` — local serialisation, no network.
- `Microsoft.Data.Sqlite` — local SQLite access, no network.
- `morelinq` — LINQ helpers, no network.
- `Pidgin` — parser combinators, no network.
- `SixLabors.ImageSharp` — image decoding (used for the BetterTTV
emote pipeline), no network on its own.
The two network calls listed under "Outbound network calls" are
written directly in HellionChat's own source, not delegated to a
dependency.
---
## Changes to this notice
If a future release changes what HellionChat stores, sends or caches,
this document will be updated and the change called out in the
changelog block of that release. The "Last reviewed" date at the top
tracks the version this document is accurate for.
---
## Questions
For privacy-related questions specific to HellionChat:
- Email: `kontakt@hellion-media.de`
- Discord DM: `@j.j_kazama`
Security-relevant findings (e.g. the plugin storing or sending
something this document says it does not) go through the private
advisory in `SECURITY.md`, not a public issue.