Skip to content

The-PR-Agent/pr-agent

v0.34 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo Developer Productivity
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

code-review codereview coding-assistant devtools gpt-4 openai
+2 more
pull-request pull-requests

Affected surfaces

auth

Summary

AI summary

Fixed dummy_key override that could replace provider-specific API keys.

Full changelog

What's Changed

  • fix: Gemini API key invalid due to Ollama Cloud key overwrite by @shine911 in https://github.com/qodo-ai/pr-agent/pull/2288
  • Expand and fix auto-generated file filtering in is_valid_file() by @PeterDaveHello in https://github.com/qodo-ai/pr-agent/pull/2289
  • fix: prevent dummy_key from overriding provider-specific API keys by @yanukadeneth99 in https://github.com/qodo-ai/pr-agent/pull/2293

New Contributors

  • @shine911 made their first contribution in https://github.com/qodo-ai/pr-agent/pull/2288
  • @yanukadeneth99 made their first contribution in https://github.com/qodo-ai/pr-agent/pull/2293

Full Changelog: https://github.com/qodo-ai/pr-agent/compare/v0.33...v0.34

Security Fixes

  • prevent dummy_key from overriding provider-specific API keys
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track The-PR-Agent/pr-agent

Get notified when new releases ship.

Sign up free

About The-PR-Agent/pr-agent

All releases →

Related context

Beta — feedback welcome: [email protected]