mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-18 10:41:49 -05:00
05aaf7a85e
The `LINEAR_API_KEY` environment variable name is too generic — it matches the key name used by integrations/blocks, meaning that if set globally, it could inadvertently grant all users access to Linear through the blocks system rather than restricting it to the copilot feature-request tool. This renames the setting to `COPILOT_LINEAR_API_KEY` to make it clear this key is scoped exclusively to the copilot's feature-request functionality, preventing it from being picked up as a general-purpose Linear credential. ### Changes 🏗️ - Renamed `linear_api_key` → `copilot_linear_api_key` in `Secrets` settings model (`backend/util/settings.py`) - Updated all references in the copilot feature-request tool (`backend/api/features/chat/tools/feature_requests.py`) ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verified the rename is consistent across all references (settings + feature_requests tool) - [x] No other files reference the old `linear_api_key` setting name #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) > **Note:** The env var changes from `LINEAR_API_KEY` to `COPILOT_LINEAR_API_KEY`. Any deployment using the old name will need to update accordingly. <!-- greptile_comment --> <details><summary><h3>Greptile Summary</h3></summary> Renamed `LINEAR_API_KEY` to `COPILOT_LINEAR_API_KEY` in settings and the copilot feature-request tool to prevent unintended access through Linear blocks. **Key changes:** - Updated `Secrets.linear_api_key` → `Secrets.copilot_linear_api_key` in `backend/util/settings.py` - Updated all references in `backend/api/features/chat/tools/feature_requests.py` - The rename prevents the copilot Linear key from being picked up by the Linear blocks integration (which uses `LINEAR_API_KEY` via `ProviderBuilder` in `backend/blocks/linear/_config.py`) **Issues found:** - `.env.default` still references `LINEAR_API_KEY` instead of `COPILOT_LINEAR_API_KEY` - Frontend styleguide has a hardcoded error message with the old variable name </details> <details><summary><h3>Confidence Score: 3/5</h3></summary> - Generally safe but requires fixing `.env.default` before deployment - The code changes are correct and achieve the intended security improvement by preventing scope leakage. However, the PR is incomplete - `.env.default` wasn't updated (critical for deployment) and a frontend error message reference was missed. These issues will cause configuration problems for anyone deploying with the new variable name. - Check `autogpt_platform/backend/.env.default` and `autogpt_platform/frontend/src/app/(platform)/copilot/styleguide/page.tsx` - both need updates to match the renamed variable </details> <details><summary><h3>Flowchart</h3></summary> ```mermaid flowchart TD A[".env file<br/>COPILOT_LINEAR_API_KEY"] --> B["Secrets model<br/>copilot_linear_api_key"] B --> C["feature_requests.py<br/>_get_linear_config()"] C --> D["Creates APIKeyCredentials<br/>for copilot feature requests"] E[".env file<br/>LINEAR_API_KEY"] --> F["ProviderBuilder<br/>in blocks/linear/_config.py"] F --> G["Linear blocks integration<br/>for user workflows"] style A fill:#90EE90 style B fill:#90EE90 style C fill:#90EE90 style D fill:#90EE90 style E fill:#FFD700 style F fill:#FFD700 style G fill:#FFD700 ``` </details> <sub>Last reviewed commit: 86dc57a</sub> <!-- greptile_other_comments_section --> <!-- /greptile_comment -->