-
Notifications
You must be signed in to change notification settings - Fork 44.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(platform): Fix marketplace leaking secrets #8281
Conversation
PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
✅ Deploy Preview for auto-gpt-docs canceled.
|
autogpt_platform/frontend/src/lib/autogpt-server-api/baseClient.ts
Outdated
Show resolved
Hide resolved
Co-authored-by: Reinier van der Leer <pwuts@agpt.co>
…t.ts Co-authored-by: Reinier van der Leer <pwuts@agpt.co>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Background
Marketplace wasn't implemented with secret hiding. It downloads the agent as is and then submits it as is, with secrets in cleartext.
Changes 🏗️
Made the graph endpoint hideable. Added query param to hide secrets, which should hide the input data in the nodes when fetching
Testing 🔍
Note
Only for the new autogpt platform, currently in autogpt_platform/