refactor(security): Remove hardcoded API keys and secure configuration#1
Merged
refactor(security): Remove hardcoded API keys and secure configuration#1
Conversation
Foundation Cleanup - Step 1 Complete ✅ Security improvements: - Removed hardcoded Google API key from state_llm_integration.py - All API keys now managed via .env file through SecureConfig - Added support for OpenAI, Anthropic, DeepSeek API keys in .env.example - Added detect-secrets pre-commit hook to prevent future leaks - Added detect-private-key hook for additional protection Configuration improvements: - Updated config.yaml with FreeCAD AppImage path configuration - Documented FreeCAD path for AppImage location - Prepared for multi-provider LLM architecture (litellm) Files modified: - src/ai_designer/core/state_llm_integration.py - .env.example - config/config.yaml - .pre-commit-config.yaml - docs/EXECUTION_PLAN.md - docs/IMPLEMENTATION_PLAN.md Next: Step 2 - Replace exec() with safe execution sandbox
- Remove CI/CD workflows (.github/workflows/) - Re-enable mypy in pre-commit configuration - Consolidate 28 docs into 14 organized files (50% reduction) - Create docs/guides/ and docs/advanced/ structure - Preserve EXECUTION_PLAN.md as requested - Delete IMPLEMENTATION_PLAN.md and redundant summaries - Update README.md with new documentation structure Consolidated docs: - DeepSeek R1: 3 files → DEEPSEEK_R1_GUIDE.md - Complex Shapes: 3 files → COMPLEX_SHAPES_GUIDE.md - State Management: 2 files → STATE_GUIDE.md - Security: 2 files → SECURITY_GUIDE.md - Summaries: 5 files → PROJECT_STATUS.md Linting improvements: - mypy type checking re-enabled - All security checks maintained (bandit, detect-secrets) - Code formatting preserved (black, isort, flake8)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Foundation Cleanup -
Security improvements:
Configuration improvements:
Files modified: