The Direct Messages on Masto are broken in a way that is potentially dangerous

It has happened more than once that someone has tried to contact me in my admin persona about another user using a "Direct" privacy toot

And they try to talk *about* the other person

But Masto helpfully auto-fills their name, so now they're *in* the conversation

And suddenly someone who absolutely should NOT be in a private conversation is added by accident

So far, in the cases where I've been involved it's been somewhere between "embarrassing" and "very unfortunate"

But it is not hard to imagine a situation where a call for help from someone who is dealing with an abusive user could suddenly and unexpectedly turn into a very, unnecessarily BAD situation

This happens often enough, and the feature that's involved is sensitive enough that this needs to be addressed, and SOON

@Gargron

For clarity, the problem isn't the auto-filling

It's that many people think they're only *mentioning* another user to the recipient of a Direct Message, when in fact they are *including* another user as a recipient of that message

Enough users don't expect this, and it is a sensitive enough feature that it is a bug, and a serious one