Closed Zaffer closed 4 months ago
storage-label-videos
Visit this section of the extension code: https://github.com/GoogleCloudPlatform/firebase-extensions/blob/a027bae2a2a7bff0d3ebcd2b118627c121ddde56/firestore-genai-chatbot/functions/src/generative-client/vertex_ai.ts#L103
There is a //TODO comment in the Vertex AI version of the generative client stating the API key get leaked. I have not tested this but it indicates a security with the API being used.
No API key leakage comments.
Comment indicating API key will be leaked.
Hi thanks for raising this! You are correct, the API has since fixed this security issue. I will remove the comment.
storage-label-videos
, etc)Steps to reproduce:
Visit this section of the extension code: https://github.com/GoogleCloudPlatform/firebase-extensions/blob/a027bae2a2a7bff0d3ebcd2b118627c121ddde56/firestore-genai-chatbot/functions/src/generative-client/vertex_ai.ts#L103
There is a //TODO comment in the Vertex AI version of the generative client stating the API key get leaked. I have not tested this but it indicates a security with the API being used.
Expected result
No API key leakage comments.
Actual result
Comment indicating API key will be leaked.