#117 initial sharing acknowledgement

[jamesmarkchan]

summary of changes:

1. moved sharing controls to dedicated sharing tab, no longer password locked

   

2. one time prompt on a version's install (if we want to not prompt per version) we can store the designation in a more permanent location of cross version config file... let me know what you guys think!!!

   

3. about dialog has link to our website

   

4. systemId replacing user name to avoid collecting PII before the user has authenticated

   • allows users to later link their anonymous uploads to their profiles if they authenticate
   • allows to a way to combat abuse against a system if submitted anonymously (its spoof able, so we should not publish this info)

[Copilot]

Pull request overview

This PR implements issue #117 by moving portal-sharing controls into a dedicated “Sharing” tab, introducing a one-time first-run consent prompt for uploads, adding a clickable website link in the About dialog, and replacing OS-username attribution with a non-PII systemId.

Changes:

• Add a new SharingPanel tab and hide the legacy Help-menu portal sharing controls.
• Introduce first-run portal-consent persistence (portalConsentAsked) and a stable hashed systemId derived from OS machine identifiers.
• Update benchmark attribution to use systemId instead of OS username; add a regression test for the new consent flag default.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
jdm-core/src/test/java/jdiskmark/AppTest.java	Adds a regression test asserting the new first-run consent flag defaults to false.
jdm-core/src/main/java/jdiskmark/UtilOs.java	Adds cross-platform machine identifier retrieval and hashing to derive a stable systemId.
jdm-core/src/main/java/jdiskmark/SharingPanel.java	Introduces the new Sharing tab UI and wires it to App/Portal config state.
jdm-core/src/main/java/jdiskmark/MainFrame.java	Adds the Sharing tab to the main UI and hides the now-redundant portal menu items.
jdm-core/src/main/java/jdiskmark/Gui.java	Updates About dialog to show a clickable website link.
jdm-core/src/main/java/jdiskmark/BenchmarkRunner.java	Populates Benchmark.systemId during benchmark creation instead of username.
jdm-core/src/main/java/jdiskmark/Benchmark.java	Adds persisted systemId field and alters username handling to avoid exposing PII.
jdm-core/src/main/java/jdiskmark/App.java	Adds first-run consent flow, persists consent + systemId, and adjusts portal upload startup behavior.

Comments suppressed due to low confidence (1)

jdm-core/src/main/java/jdiskmark/BenchmarkRunner.java:326

• locationDir is populated with the full selected path (often including the OS username, e.g. /Users/alice/...). Since Portal.upload() serializes the full Benchmark object, this path will be sent to the portal, undermining the goal of avoiding PII before authentication. Consider excluding locationDir (and any other path-like fields) from the upload payload (e.g., @JsonIgnore on BenchmarkSystemInfo.locationDir or uploading a dedicated DTO).

    private void mapEnvironment(Benchmark b, String model, String partId, DiskUsageInfo u) {
        b.systemId = (App.systemId != null) ? App.systemId : "";

        b.systemInfo.processorName = App.processorName;
        b.systemInfo.os = App.os;
        b.systemInfo.arch = App.arch;
        b.systemInfo.jdk = App.jdk;
        b.systemInfo.locationDir = App.locationDir.toString();
        

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jslcom]

Seems good. I noticed the "HTTP" box is checked instead of the "HTTPS" box. I don't know if this is the default, but I recommend changing it to HTTPS, only because some users may be paranoid about their information being transmitted over an insecure connection.

[jamesmarkchan]

Seems good. I noticed the "HTTP" box is checked instead of the "HTTPS" box. I don't know if this is the default, but I recommend changing it to HTTPS, only because some users may be paranoid about their information being transmitted over an insecure connection.

I wasn't able to just switch, i think we need to do somethings to get this working. maybe once @eSteemRoller gets his upload configured we can get https uploads going for better security. I think it should be relatively easy to get https to work with our client that we should do it for the initial launch.

[jamesmarkchan]

okay here is our current sharing prompt:

merging!