The Code GPT extension for VS-code looks very useful, however with Samsung etc. being in the news for leaking code via ChatGPT, I’m wondering if there are security concerns with allowing a plugin like this to access your code-base while it interfaces with external LLM’s?
I’ve searched around but haven’t found anyone addressing this specifically for this plugin.
2
Answers
Dont do it. Every data input you use will be utilized by the ai whether openai says so or not
If you’re worried about the security of the CodeGPT extension in VS Code, I get it, especially with recent code leaks. A way to handle this is by using the extension with local models through Ollama. This lets you run open-source language models on your own machine using Docker, so your code doesn’t get sent to external servers. It’s a solid way to keep your data private and deal with security worries.
Check the doc: https://docs.codegpt.co/docs/tutorial-ai-providers/ollama
In this video I am using Ollama in the middle of a flight and without internet
https://x.com/dani_avila7/status/1723066390020510148?s=46