Skip to content
This repository was archived by the owner on Jun 5, 2025. It is now read-only.

Fix copilot secret unredaction #1108

Merged
merged 1 commit into from
Feb 19, 2025
Merged

Fix copilot secret unredaction #1108

merged 1 commit into from
Feb 19, 2025

Conversation

jhrozek
Copy link
Contributor

@jhrozek jhrozek commented Feb 19, 2025

The copilot provider always sends cleanup_sensitive set to False as it
manages the context itself. On streams where finish_stream was set to
False as well, we would have yielded the rest of the context buffer though
which would break secret unredaction.

To reproduce, ask Copilot to make a simple modification in a file
containing secrets so that it's forced to print the secrets back to you.

@jhrozek
Fix copilot secret unredaction
651b7e4 
The copilot provider always sends `cleanup_sensitive` set to `False` as it
manages the context itself. On streams where `finish_stream` was set to
`False` as well, we would have yielded the rest of the context buffer though
which would break secret unredaction.

To reproduce, ask Copilot to make a simple modification in a file
containing secrets so that it's forced to print the secrets back to you.
@jhrozek jhrozek mentioned this pull request Feb 19, 2025
Merged
@jhrozek jhrozek merged commit 9555a03 into main Feb 19, 2025
11 checks passed
@jhrozek jhrozek deleted the copilot_secrets_fix branch February 19, 2025 14:03
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rdimitrov rdimitrov rdimitrov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jhrozek @rdimitrov