Altinn / ai

Generative AI exploration
MIT License
0 stars 0 forks source link

Review Github Copilot content exclusion list #18

Open bdb-dd opened 10 months ago

bdb-dd commented 10 months ago

Description

Verify that our repositories are correctly configured to meet our unique file naming conventions.

https://docs.github.com/en/copilot/managing-copilot-business/configuring-content-exclusions-for-github-copilot

Additional Information

No response

Tasks

No response

Acceptance Criterias

No response

bdb-dd commented 10 months ago

@altinnadmin

bdb-dd commented 10 months ago

This is also an relevant analysis https://blog.gitguardian.com/yes-github-copilot-can-leak-secrets/

altinnadmin commented 10 months ago

@bdb-dd Nice issue! :)

First, we should never store secrets in any of our repositores. This is the responsibility of each product team. We've also enabled both secret scanning and push protection across all repos to help avoiding this.

Verify that our repositories are correctly configured to meet our unique file naming conventions.

If there are files with known names with secrets/environment variables, used for local testing, we should configure those at the top level in our github org.

This is also an relevant analysis

Seems like this is only relevant if secrets are hardcoded in a repo, something we should never do.

ivarne commented 10 months ago

Seems like this is only relevant if secrets are hardcoded in a repo, something we should never do.

This is relevant also if we store secrets in files inside the repo (but ignored with ‘.gitignore’), because copilot runs in the cloud and obviously needs to transfer parts of your LOCAL repo in order to analyze and provide suggestions. I’m not sure how that data will be used, but it’s a rather obvious problem if your secrets are processed on a server, regardless of how the vendor states they will be used.

bdb-dd commented 10 months ago

Indeed, this issue i meant to cover the sensitive files are excluded from Git, but not yet excluded from Github Copilot. As Ivar mentions, the risk is that all files in the local file system can and will be transferred to Github APIs as a part of the normal operation of Copilot. Given that all content processed by Copilot is subject to some form of content supervision, it is also highly likely that it can be accessed by Github personnel as well.

bdb-dd commented 10 months ago

Interestingly, this exclusion functionality has been rolled back after an initial deploy that didn't go well.

https://github.blog/changelog/2023-11-20-copilot-content-exclusions-temporary-rollback-and-upcoming-fix/