feat(llm): mask API keys in UI responses and prevent masked-key leakage in fetch/test/save payloads
- Add mask_api_key() and is_masked_or_placeholder() to llm_provider service - Return masked keys in all provider CRUD endpoints - Reject masked/placeholder keys in fetch_models and test_provider_config - Show masked key with Change button in ProviderConfig.svelte edit form - Exclude masked keys from fetch-models, test, and submit payloads on frontend - Update semantics-core skill with clarified complexity tier rules - Switch agent modes from subagent to all
This commit is contained in:
38
docs/openapi/superset/paths/cachekey.json
Normal file
38
docs/openapi/superset/paths/cachekey.json
Normal file
@@ -0,0 +1,38 @@
|
||||
{
|
||||
"/api/v1/cachekey/invalidate": {
|
||||
"post": {
|
||||
"description": "Takes a list of datasources, finds and invalidates the associated cache records and removes the database records.",
|
||||
"requestBody": {
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/CacheInvalidationRequestSchema"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description": "A list of datasources uuid or the tuples of database and datasource names",
|
||||
"required": true
|
||||
},
|
||||
"responses": {
|
||||
"201": {
|
||||
"description": "cache was successfully invalidated"
|
||||
},
|
||||
"400": {
|
||||
"$ref": "#/components/responses/400"
|
||||
},
|
||||
"500": {
|
||||
"$ref": "#/components/responses/500"
|
||||
}
|
||||
},
|
||||
"security": [
|
||||
{
|
||||
"jwt": []
|
||||
}
|
||||
],
|
||||
"summary": "Invalidate cache records and remove the database records",
|
||||
"tags": [
|
||||
"CacheRestApi"
|
||||
]
|
||||
}
|
||||
}
|
||||
}\n
|
||||
Reference in New Issue
Block a user