The current behavior is inconsistent and somewhat confusing, prevents a few reasonable things from happening, and serves no real purpose that we're aware of. It works like it does for legacy reasons and because we're generally very hesitant to remove policy barriers that users may expect to be protecting private information.
There is some more detailed discussion in T9410. Briefly:
- Today, users can see the effects of personal rules in the transcript (all the conditions that evaluated, any effects which occurred), but not the actual rules.
- Today, users can also see almost all effects of Herald rules (like adding subscribers and reviewers) when they apply (you can always see that "Herald added subscribers: ..." to your revision).
- However, you can't view the actual rule at /Hxxx, even though you can see almost all of it in any transcript, and almost always see its effects if it's relevant.
- Since you can effectively see most of the content of rules in most cases, rules aren't meaningfully private today anyway.
- Making them quasi-private is confusing and somewhat inconsistent (as in T9410) and prevents useful things like looking at someone else's rule to write a similar one, sharing a rule you've made, or checking if a rule looks right for someone.
To resolve and simplify this, we're going to make personal rules public (like object and global rules currently are). This means:
- Other users will be able to view the content of your personal rules by browsing to the /Hxxxx rule detail page.
This will hit stable no earlier than August 12th. If we're missing use cases where this distinction is important and should consider this change more carefully, please let us know.
We're generally very cautious about making changes which lower privacy barriers -- it's scary to update Phabricator and have policies weaken in unexpected ways, and leaking sensitive information is potentially even worse than destroying it. This is an exceptional case where the policy barrier is ineffective anyway and serves no practical or conceivable purpose that we're aware of.