Summary
A real individual's LinkedIn profile URL is hardcoded in the public example code. The URL identifies a specific private person by name and ID, constituting a privacy concern under GDPR/EU data protection standards for a publicly distributed code repository.
Location
- File:
examples/scrape_person.rs
- Line(s): 27
Severity
Low
Details
let person = scraper
.scrape("https://www.linkedin.com/in/elke-hartmann-68081a370")
.await?;The URL encodes a real person's full name and LinkedIn profile identifier. Publishing this in an open-source scraping tool's example code:
- May violate GDPR Article 5 (data minimisation) by unnecessarily exposing a data subject's identity in code that demonstrates scraping their profile.
- Could invite unwanted automated scraping of that individual's profile by anyone who runs the example without modification.
Suggested Fix
Replace the real profile URL with an obviously fictional placeholder:
let person = scraper
.scrape("https://www.linkedin.com/in/example-user-profile")
.await?;Or use a public figure's profile that is widely used as a canonical example (e.g., a company's official representative with explicit consent).
Automated finding by repo-monitor
Summary
A real individual's LinkedIn profile URL is hardcoded in the public example code. The URL identifies a specific private person by name and ID, constituting a privacy concern under GDPR/EU data protection standards for a publicly distributed code repository.
Location
examples/scrape_person.rsSeverity
Low
Details
The URL encodes a real person's full name and LinkedIn profile identifier. Publishing this in an open-source scraping tool's example code:
Suggested Fix
Replace the real profile URL with an obviously fictional placeholder:
Or use a public figure's profile that is widely used as a canonical example (e.g., a company's official representative with explicit consent).
Automated finding by repo-monitor