Merge pull request #1425 from Codium-ai/tr/limit_online_commenting

fix: restrict sensitive configuration parameters in CLI arguments
2025-07-03 04:10:49 +08:00 · 2024-12-30 14:11:28 +02:00
parent 6a145af159 5df9698bae
commit b3d4af6cbf
1 changed files with 4 additions and 2 deletions
--- a/pr_agent/agent/pr_agent.py
+++ b/pr_agent/agent/pr_agent.py
@ -46,7 +46,6 @@ commands = list(command2class.keys())
 class PRAgent:
    def __init__(self, ai_handler: partial[BaseAiHandler,] = LiteLLMAIHandler):
        self.ai_handler = ai_handler  # will be initialized in run_action
-        self.forbidden_cli_args = ['enable_auto_approval']

    async def handle_request(self, pr_url, request, notify=None) -> bool:
        # First, apply repo specific settings if exists
@ -61,8 +60,11 @@ class PRAgent:
        else:
            action, *args = request

+        forbidden_cli_args = ['enable_auto_approval', 'base_url', 'url', 'app_name', 'secret_provider',
+                              'git_provider', 'skip_keys', 'key', 'ANALYTICS_FOLDER', 'uri', 'app_id', 'webhook_secret',
+                              'bearer_token', 'PERSONAL_ACCESS_TOKEN', 'override_deployment_type', 'private_key']
        if args:
-            for forbidden_arg in self.forbidden_cli_args:
+            for forbidden_arg in forbidden_cli_args:
                for arg in args:
                    if forbidden_arg in arg:
                        get_logger().error(