But wait – it gets much, much worse
As I was finishing up the above post, I noticed something a little strange in the code – something I’d glossed over earlier. There are a ton of references to what looks to be functions related to Google’s #Firestore database.
This is why I said it is for developers and users to decide what is acceptable. The sensitivity of what you are doing, and the required threat model, determines what elements are acceptable to leak.