fix: improve CLI argument validation for sensitive parameters with dot notation

2025-07-06 05:40:38 +08:00 · 2025-01-01 15:52:54 +02:00
parent 2c2af93eed
commit d1caa0f15f
1 changed files with 3 additions and 1 deletions
--- a/pr_agent/agent/pr_agent.py
+++ b/pr_agent/agent/pr_agent.py
@ -67,10 +67,12 @@ class PRAgent:
            for arg in args:
                if arg.startswith('--'):
                    for forbidden_arg in forbidden_cli_args:
+                        arg_word = arg.lower()
+                        arg_word = arg_word.replace('__', '.') # replace double underscore with dot, e.g. --openai__key -> --openai.key
                        forbidden_arg_word = forbidden_arg.lower()
                        if '.' not in forbidden_arg_word:
                            forbidden_arg_word = '.' + forbidden_arg_word
-                        if forbidden_arg_word in arg.lower():
+                        if forbidden_arg_word in arg_word:
                            get_logger().error(
                                f"CLI argument for param '{forbidden_arg}' is forbidden. Use instead a configuration file."
                            )