Disable "allow making builds public" by default and explain implications

Invocations shared publicly also provide access to the artifacts they reference, which organizations may rightly be cautious about. Allowing developers access to this features should require a conscious decision.
buildbuddy-io · Dec 18, 2024 · 0296bbc · 0296bbc
1 parent c0fd006
commit 0296bbc
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/enterprise/app/org/org_form.tsx b/enterprise/app/org/org_form.tsx
@@ -193,7 +193,7 @@ export default abstract class OrgForm<T extends GroupRequest> extends React.Comp
               name="sharingEnabled"
               checked={request.sharingEnabled}
             />
-            <span>Allow members of this org to make builds public (viewable by anyone with a link)</span>
+            <span>Allow members of this org to make builds public (viewable by anyone with a link, including all build artifacts)</span>
           </label>
         )}
         {capabilities.userOwnedExecutors && (

diff --git a/server/tables/tables.go b/server/tables/tables.go
@@ -225,7 +225,7 @@ type Group struct {
 	GithubToken *string
 	Model
 
-	SharingEnabled                    bool `gorm:"default:1"`
+	SharingEnabled                    bool `gorm:"default:0"`
 	UserOwnedKeysEnabled              bool `gorm:"not null;default:0"`
 	BotSuggestionsEnabled             bool `gorm:"not null;default:1"`
 	CodeSearchEnabled                 bool `gorm:"not null;default:0"`