So the security review missed sending in the clear local file names to a remote source ? Oops.
And given "If there are any issues we can a) remove the package or b) disable the server, and in both cases the users will not see any difference from the standard experience" how about you just do one of those now ?
So the security review missed sending in the clear local file names to a remote source ? Oops.
And given "If there are any issues we can a) remove the package or b) disable the server, and in both cases the users will not see any difference from the standard experience" how about you just do one of those now ?