From e2be1f1ceea03d0be18c48cb3c61d0da519b2c77 Mon Sep 17 00:00:00 2001
From: mrT23 <tal.r@codium.ai>
Date: Wed, 1 Jan 2025 15:53:37 +0200
Subject: [PATCH] fix: improve CLI argument validation for sensitive parameters
 with dot notation

---
 pr_agent/agent/pr_agent.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pr_agent/agent/pr_agent.py b/pr_agent/agent/pr_agent.py
index 86354da4..8dea48a5 100644
--- a/pr_agent/agent/pr_agent.py
+++ b/pr_agent/agent/pr_agent.py
@@ -66,9 +66,9 @@ class PRAgent:
         if args:
             for arg in args:
                 if arg.startswith('--'):
+                    arg_word = arg.lower()
+                    arg_word = arg_word.replace('__', '.')  # replace double underscore with dot, e.g. --openai__key -> --openai.key
                     for forbidden_arg in forbidden_cli_args:
-                        arg_word = arg.lower()
-                        arg_word = arg_word.replace('__', '.') # replace double underscore with dot, e.g. --openai__key -> --openai.key
                         forbidden_arg_word = forbidden_arg.lower()
                         if '.' not in forbidden_arg_word:
                             forbidden_arg_word = '.' + forbidden_arg_word