Filter runtime keys

[ilopezluna]

This pull request implements an allowlist for runtime flags for different inference backends to improve security and prevent the use of dangerous flags, especially those involving file paths.
The validation logic now checks each flag against a backend-specific allowlist and still enforces path safety as a defense-in-depth measure.

[gemini-code-assist]

Summary of Changes

Hello @ilopezluna, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly bolsters the security posture of runtime flag handling by introducing a robust allowlist-based validation system. It ensures that only explicitly approved flags can be used for each inference backend, while simultaneously maintaining and reinforcing existing safeguards against file path manipulation. This layered approach minimizes the risk of malicious users exploiting runtime arguments.

Highlights

• Enhanced Runtime Flag Validation: Implemented a new validation mechanism for runtime flags that utilizes backend-specific allowlists, significantly improving security by preventing the use of dangerous or unauthorized flags.
• Defense-in-Depth Path Safety: The existing path safety checks, which prevent flags from containing file paths (e.g., '/etc/passwd'), have been retained and integrated as a defense-in-depth measure, ensuring that even allowed flags cannot be exploited for path traversal.
• Modular Allowlist Management: Introduced a dedicated file (runtime_flags_allowlist.go) to manage allowlists for different inference backends (e.g., llama.cpp, vLLM), making it easier to maintain and extend allowed flags for each backend.
• Comprehensive Testing: Added extensive unit tests for the new allowlist logic, including tests for flag parsing, backend-specific allowlists, and explicit checks to ensure dangerous file-path-related flags are not inadvertently allowed.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sourcery-ai]

Hey - I've left some high level feedback:

• Consider explicitly handling unknown backends in ValidateRuntimeFlags (e.g., by checking the presence of backendName in AllowedFlags and returning a clear error like "no allowlist configured for backend"), rather than silently treating an unknown backend as having an empty allowlist.
• ParseFlagKey treats any string starting with - as a flag, which will misclassify negative numeric values (e.g., -1) when passed as separate args; if those are expected, you may want to special-case pure numeric negatives as values rather than flags.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Consider explicitly handling unknown backends in `ValidateRuntimeFlags` (e.g., by checking the presence of `backendName` in `AllowedFlags` and returning a clear error like "no allowlist configured for backend"), rather than silently treating an unknown backend as having an empty allowlist.
- `ParseFlagKey` treats any string starting with `-` as a flag, which will misclassify negative numeric values (e.g., `-1`) when passed as separate args; if those are expected, you may want to special-case pure numeric negatives as values rather than flags.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[gemini-code-assist]

Code Review

This pull request introduces a significant security enhancement by implementing an allowlist for runtime flags for different inference backends. The changes are well-structured, with new files for the allowlist logic and comprehensive tests. The core validation logic in ValidateRuntimeFlags is updated to check against backend-specific allowlists, while retaining path safety checks as a defense-in-depth measure. The test suite is also improved with new tests for the allowlist functionality, including checks for dangerous flags. My review includes one suggestion to improve maintainability in the test code by using the standard library.