Fix copilot secret unredaction #1108

jhrozek · 2025-02-19T13:40:24Z

The copilot provider always sends cleanup_sensitive set to False as it
manages the context itself. On streams where finish_stream was set to
False as well, we would have yielded the rest of the context buffer though
which would break secret unredaction.

To reproduce, ask Copilot to make a simple modification in a file
containing secrets so that it's forced to print the secrets back to you.

The copilot provider always sends `cleanup_sensitive` set to `False` as it manages the context itself. On streams where `finish_stream` was set to `False` as well, we would have yielded the rest of the context buffer though which would break secret unredaction. To reproduce, ask Copilot to make a simple modification in a file containing secrets so that it's forced to print the secrets back to you.

jhrozek mentioned this pull request Feb 19, 2025

Make copilot integration tests pass on the replace-litellm branch #1109

Merged

rdimitrov approved these changes Feb 19, 2025

View reviewed changes

jhrozek merged commit 9555a03 into main Feb 19, 2025
11 checks passed

jhrozek deleted the copilot_secrets_fix branch February 19, 2025 14:03

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix copilot secret unredaction #1108

Fix copilot secret unredaction #1108

jhrozek commented Feb 19, 2025

Fix copilot secret unredaction #1108

Fix copilot secret unredaction #1108

Conversation

jhrozek commented Feb 19, 2025