sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity
e928011839
tftsr-devops_investigation/src-tauri/src/ai/anthropic.rs
Shaun Arman a04d6fc8f5
Some checks failed
Test / frontend-typecheck (pull_request) Successful in 1m52s
Details
Test / frontend-tests (pull_request) Successful in 1m51s
Details
Test / rust-fmt-check (pull_request) Failing after 1m58s
Details
Test / rust-clippy (pull_request) Failing after 3m4s
Details
Test / rust-tests (pull_request) Successful in 4m31s
Details
PR Review Automation / review (pull_request) Successful in 4m43s
Details
fix(security): backend-only PII redaction; fix fmt CI failure 
Resolves all three findings from the second automated review and
fixes the cargo fmt --check CI failure (formatting drift in analysis.rs
from a prior merge).

[BLOCKER 1 + BLOCKER 2 + WARNING]
Frontend no longer performs any PII scanning or redaction. All three
concerns stemmed from the same root cause: outMessage was derived
on the frontend and used for display, DB storage (via lastUserMsgRef
and the chat bubble), and the AI payload — causing the original message
to be silently replaced before the backend received it.

Fix: frontend sends the original message verbatim. Backend is now the
sole authority. chat_message auto-redacts the typed message text using
PiiDetector + apply_redactions() before building the full payload, logs
the PII types via tracing::warn, and stores only the redacted form in
ai_messages and the audit log. The redacted form is returned to the
caller as ChatResponse.user_message (Option<String>, absent from direct
provider calls).

Frontend uses message (original) for the chat bubble and
lastUserMsgRef — resolution steps show natural language, not
[Password] tokens. The AI and DB see only the redacted version.

CI fix: cargo fmt applied to analysis.rs; all format checks now pass.
2026-05-31 19:36:44 -05:00

124 lines
3.7 KiB
Rust
Raw Blame History

use async_trait::async_trait;
use std::time::Duration;
use crate::ai::provider::Provider;
use crate::ai::{ChatResponse, Message, ProviderInfo, TokenUsage};
use crate::state::ProviderConfig;
pub struct AnthropicProvider;
#[async_trait]
impl Provider for AnthropicProvider {
fn name(&self) -> &str {
"anthropic"
}
fn info(&self) -> ProviderInfo {
ProviderInfo {
name: "Anthropic".to_string(),
supports_streaming: true,
models: vec![
"claude-sonnet-4-20250514".to_string(),
"claude-haiku-4-20250414".to_string(),
"claude-3-5-sonnet-20241022".to_string(),
],
}
}
async fn chat(
&self,
messages: Vec<Message>,
config: &ProviderConfig,
_tools: Option<Vec<crate::ai::Tool>>,
) -> anyhow::Result<ChatResponse> {
let client = reqwest::Client::builder()
.timeout(Duration::from_secs(60))
.build()?;
let url = format!(
"{}/v1/messages",
config
.api_url
.trim_end_matches('/')
.trim_end_matches("/v1/messages")
);
// Extract system message if the first message has role "system"
let (system_text, chat_messages): (Option<String>, Vec<&Message>) = {
let mut sys = None;
let mut msgs = Vec::new();
for msg in &messages {
if msg.role == "system" && sys.is_none() {
sys = Some(msg.content.clone());
} else {
msgs.push(msg);
}
}
(sys, msgs)
};
// Build Anthropic messages format
let api_messages: Vec<serde_json::Value> = chat_messages
.iter()
.map(|m| {
serde_json::json!({
"role": if m.role == "assistant" { "assistant" } else { "user" },
"content": m.content,
})
})
.collect();
let mut body = serde_json::json!({
"model": config.model,
"messages": api_messages,
"max_tokens": 4096,
});
if let Some(sys) = &system_text {
body["system"] = serde_json::Value::String(sys.clone());
}
let resp = client
.post(&url)
.header("x-api-key", &config.api_key)
.header("anthropic-version", "2023-06-01")
.header("Content-Type", "application/json")
.json(&body)
.send()
.await?;
if !resp.status().is_success() {
let status = resp.status();
let text = resp.text().await?;
anyhow::bail!("Anthropic API error {status}: {text}");
}
let json: serde_json::Value = resp.json().await?;
// Parse content from response.content[0].text
let content = json["content"]
.as_array()
.and_then(|arr| arr.first())
.and_then(|block| block["text"].as_str())
.ok_or_else(|| anyhow::anyhow!("No text content in Anthropic response"))?
.to_string();
let usage = json.get("usage").and_then(|u| {
Some(TokenUsage {
prompt_tokens: u["input_tokens"].as_u64()? as u32,
completion_tokens: u["output_tokens"].as_u64()? as u32,
total_tokens: (u["input_tokens"].as_u64()? + u["output_tokens"].as_u64()?) as u32,
})
});
let model = json["model"].as_str().unwrap_or(&config.model).to_string();
Ok(ChatResponse {
content,
model,
usage,
user_message: None,
tool_calls: None,
})
}
}
Reference in New Issue View Git Blame Copy Permalink