Skip to content

fix: prevent sensitive files in next edit diffs #8658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
RomneyDa merged 1 commit into from
Nov 10, 2025
Merged

fix: prevent sensitive files in next edit diffs #8658

RomneyDa merged 1 commit into from
Nov 10, 2025

Conversation

@uinstinct
Copy link
Contributor

@uinstinct uinstinct commented Nov 10, 2025
edited by cubic-dev-ai bot
Loading

Description

Prevent sensitive files like .env to be not included in next edit diffs.

closes #8363

AI Code Review

  • Team members only: AI review runs automatically when PR is opened or marked ready for review
  • Team members can also trigger a review by commenting @continue-review

Checklist

  • [] I've read the contributing guide
  • [] The relevant docs, if any, have been updated or created
  • [] The relevant tests, if any, have been updated or created

Screen recording or screenshot

[ When applicable, please include a short screen recording or screenshot - this makes it much easier for us as contributors to review and understand your changes. See this PR as a good example. ]

Tests

[ What tests were added or updated to ensure the changes work as expected? ]

Summary by cubic

Prevent sensitive files (e.g., .env) from being included in Next Edit diffs. We now skip diff creation when isSecurityConcern(filePath) returns true.

Written for commit c77a10a. Summary will update automatically on new commits.

@uinstinct uinstinct requested a review from a team as a code owner November 10, 2025 08:00
@uinstinct uinstinct requested review from RomneyDa and removed request for a team November 10, 2025 08:00
@dosubot dosubot bot added the size:S This PR changes 10-29 lines, ignoring generated files. label Nov 10, 2025
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Nov 10, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

RomneyDa
RomneyDa approved these changes Nov 10, 2025
View reviewed changes
Copy link
Collaborator

@RomneyDa RomneyDa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@github-project-automation github-project-automation bot moved this from Todo to In Progress in Issues and PRs Nov 10, 2025
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Nov 10, 2025
@RomneyDa RomneyDa merged commit cf95d5b into continuedev:main Nov 10, 2025
57 of 59 checks passed
@github-project-automation github-project-automation bot moved this from In Progress to Done in Issues and PRs Nov 10, 2025
@github-actions github-actions bot locked and limited conversation to collaborators Nov 10, 2025
@uinstinct uinstinct deleted the sensitive-diffs-nextedit branch November 10, 2025 20:19
@sestinj
Copy link
Contributor

sestinj commented Nov 18, 2025

🎉 This PR is included in version 1.29.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@sestinj
Copy link
Contributor

sestinj commented Nov 19, 2025

🎉 This PR is included in version 1.5.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@sestinj
Copy link
Contributor

sestinj commented Nov 20, 2025

🎉 This PR is included in version 1.6.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@RomneyDa RomneyDa RomneyDa approved these changes

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer released size:S This PR changes 10-29 lines, ignoring generated files.

Projects

Issues and PRs
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Sensitive Diffs included in diffContext for Next Edit

3 participants

@uinstinct @sestinj @RomneyDa