From cbf53ba2514a0a19ba8fc45348e0e6610cb88859 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauren=C8=9Biu=20Nicola?= Date: Tue, 15 Jun 2021 20:05:16 +0300 Subject: Consolidate the privacy notes --- docs/user/manual.adoc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'docs/user') diff --git a/docs/user/manual.adoc b/docs/user/manual.adoc index 9a8d76700..d5f8dbb1d 100644 --- a/docs/user/manual.adoc +++ b/docs/user/manual.adoc @@ -609,9 +609,14 @@ Here is a **non-exhaustive** list of ways to make rust-analyzer execute arbitrar * VS Code plugin reads configuration from project directory, and that can be used to override paths to various executables, like `rustfmt` or `rust-analyzer` itself. * rust-analyzer's syntax trees library uses a lot of `unsafe` and hasn't been properly audited for memory safety. -rust-analyzer itself doesn't access the network. -The VS Code plugin doesn't access the network unless the nightly channel is selected in the settings. -In that case, the plugin uses the GitHub API to check for and download updates. +== Privacy + +The LSP server performs no network access in itself, but runs `cargo metadata` which will update or download the crate registry and the source code of the project dependencies. +If enabled (the default), build scripts and procedural macros can do anything. + +The Code extension automatically connects to GitHub to download updated LSP binaries and, if the nightly channel is selected, to perform update checks using the GitHub API. For `rust-analyzer` developers, using `cargo xtask release` uses the same API to put together the release notes. + +Any other editor plugins are not under the control of the `rust-analyzer` developers. For any privacy concerns, you should check with their respective developers. == Features -- cgit v1.2.3