From d1caa0f15f67e9dc297d4cd9610cb1679be4857e Mon Sep 17 00:00:00 2001
From: mrT23 <tal.r@codium.ai>
Date: Wed, 1 Jan 2025 15:52:54 +0200
Subject: [PATCH] fix: improve CLI argument validation for sensitive parameters
 with dot notation

---
 pr_agent/agent/pr_agent.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pr_agent/agent/pr_agent.py b/pr_agent/agent/pr_agent.py
index 72e59470..86354da4 100644
--- a/pr_agent/agent/pr_agent.py
+++ b/pr_agent/agent/pr_agent.py
@@ -67,10 +67,12 @@ class PRAgent:
             for arg in args:
                 if arg.startswith('--'):
                     for forbidden_arg in forbidden_cli_args:
+                        arg_word = arg.lower()
+                        arg_word = arg_word.replace('__', '.') # replace double underscore with dot, e.g. --openai__key -> --openai.key
                         forbidden_arg_word = forbidden_arg.lower()
                         if '.' not in forbidden_arg_word:
                             forbidden_arg_word = '.' + forbidden_arg_word
-                        if forbidden_arg_word in arg.lower():
+                        if forbidden_arg_word in arg_word:
                             get_logger().error(
                                 f"CLI argument for param '{forbidden_arg}' is forbidden. Use instead a configuration file."
                             )