Merge pull request #1425 from Codium-ai/tr/limit_online_commenting

fix: restrict sensitive configuration parameters in CLI arguments
Codium-ai · Dec 30, 2024 · b3d4af6 · b3d4af6
2 parents 6a145af + 5df9698
commit b3d4af6
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/pr_agent/agent/pr_agent.py b/pr_agent/agent/pr_agent.py
@@ -46,7 +46,6 @@
 class PRAgent:
     def __init__(self, ai_handler: partial[BaseAiHandler,] = LiteLLMAIHandler):
         self.ai_handler = ai_handler  # will be initialized in run_action
-        self.forbidden_cli_args = ['enable_auto_approval']
 
     async def handle_request(self, pr_url, request, notify=None) -> bool:
         # First, apply repo specific settings if exists
@@ -61,8 +60,11 @@ async def handle_request(self, pr_url, request, notify=None) -> bool:
         else:
             action, *args = request
 
+        forbidden_cli_args = ['enable_auto_approval', 'base_url', 'url', 'app_name', 'secret_provider',
+                              'git_provider', 'skip_keys', 'key', 'ANALYTICS_FOLDER', 'uri', 'app_id', 'webhook_secret',
+                              'bearer_token', 'PERSONAL_ACCESS_TOKEN', 'override_deployment_type', 'private_key']
         if args:
-            for forbidden_arg in self.forbidden_cli_args:
+            for forbidden_arg in forbidden_cli_args:
                 for arg in args:
                     if forbidden_arg in arg:
                         get_logger().error(