xiaxinhang/pr-agent
1
0
Fork 0
mirror of https://github.com/qodo-ai/pr-agent.git synced 2025-07-04 04:40:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: improve CLI argument validation for sensitive parameters

Browse Source
This commit is contained in:
mrT23
2025-01-01 15:19:27 +02:00
parent 04197a9271
commit 2c2af93eed
1 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pr_agent/agent/pr_agent.py
View File

@ -64,13 +64,17 @@ class PRAgent:
'git_provider', 'skip_keys', 'key', 'ANALYTICS_FOLDER', 'uri', 'app_id', 'webhook_secret', 'git_provider', 'skip_keys', 'key', 'ANALYTICS_FOLDER', 'uri', 'app_id', 'webhook_secret',
'bearer_token', 'PERSONAL_ACCESS_TOKEN', 'override_deployment_type', 'private_key', 'api_base', 'api_type', 'api_version'] 'bearer_token', 'PERSONAL_ACCESS_TOKEN', 'override_deployment_type', 'private_key', 'api_base', 'api_type', 'api_version']
if args: if args:
for forbidden_arg in forbidden_cli_args: for arg in args:
for arg in args: if arg.startswith('--'):
if forbidden_arg.lower() in arg.lower(): for forbidden_arg in forbidden_cli_args:
get_logger().error( forbidden_arg_word = forbidden_arg.lower()
f"CLI argument for param '{forbidden_arg}' is forbidden. Use instead a configuration file." if '.' not in forbidden_arg_word:
) forbidden_arg_word = '.' + forbidden_arg_word
return False if forbidden_arg_word in arg.lower():
get_logger().error(
f"CLI argument for param '{forbidden_arg}' is forbidden. Use instead a configuration file."
)
return False
args = update_settings_from_args(args) args = update_settings_from_args(args)
action = action.lstrip("/").lower() action = action.lstrip("/").lower()