I am glad we’re talking about this; thank you @harry and @jashkenas While I am a huge fan of file attachments, I worry a bit that this complicates the issue of accidentally publishing private data.
A vignette and some reflection:
Prior to attachments, I was in the practice of linking data files from a CORS-enabled data store. In September, I left a job where I was referencing public data, and when I left and I closed the data store I was using for work, all my notebooks broke I wished at that moment that attachments had come out sooner, as then my notebooks would still work without me having to track back and now re-link all the data.
But the opposite case is now our (potential) concern: If I were to have uploaded some file as an attachment, and then later some supervisor came along and was bothered that I was sharing ‘sensitive’ information (even if it was already public in one or another format—a situation that got a friend of mine in deep trouble once), that’s it: the notebook may have already been forked (copying the attachment), and now these data are out in the wild. In the current context, this damage can be mitigated slightly with Jeremy’s solution: fork the public notebook and then trash it. But how would this look with persistent copies of the notebook available for imports? Would imports somehow be limited so that data in attachments aren’t exportable, but only functions that are written into Observable cells? If information is persistent, does this effectively mean that users cannot truly delete their data? How does that play out by geographical location of users[related]? And does it mean that all Observable notebooks remain ‘owned’ [cross-ref] by Observable?