If you installed Github Copilot in your personal code editor/computer, be
aware that it uploads "snippets" of your input files to it and possibly to
third-party APIs (e.g., OpenAI). I think people are just beginning to
become aware of the implications of this due to their employers crafting
policies around what LLMs they can use and what-not, but it's still early
days and it's easy to accidentally screw up, so here are some thoughts
about this.
I think it's really easy to install Github Copilot to get code completions
in say, Emacs, and then to open up your ledger and it's in Copilot
minor-mode everywhere (for example if you enabled it via `(add-hook
'prog-mode-hook 'copilot-mode)` or similar, to be turned on everywhere
("it's amazing, right?")), which means you get completions on its contents.
AFAICT it's impossible to know how much context is sent up to the models
for queries. GH claims general "context" is sent:
Glad you brought this up. The first thing I did before installing Copilot
long ago was to solve for this. I use both Copilot and Codeium with Neovim
personally. In short, here are some options I found. These work well for
folks who use terminal based editors (vim/emacs, mostly):
1. configure Copilot/Codeium/AI in your editor to be disabled for
certain file types
2. configure your editor to disable the Copilot/Codeium/AI plugin for
certain file types
3. entirely disable network access from your editor
(1) involves trusting the plugin under question, which isn’t a great idea.
(2) is better, but I found how easy it was to mess this up and get it
wrong. Editor configurations for power users span many files and
directories, and it’s easy to overlook something when updating your config
(3) is best (most secure), and I use it for things I need most security for
(files with account numbers, passwords, cloud API keys, and other sensitive
data). My setup is to run a separate instance of neovim via flatpak. Under
the hood, it’s essentially containerized execution of neovim, which means
all one has to do is to disable the network interface on that container
like so:
my_editor_secure () { # my editor uses a gpg plugin for which it needs to
access the gpg-agent flatpak run --user --unshare=network
--socket=gpg-agent io.neovim.nvim $* + }
Which guarantees nothing will leave your computer. You could simply make
this your default editor command, and occasionally run it with network
access enabled if you need to update plugins and such.
--
You received this message because you are subscribed to the Google Groups
"Beancount" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to beancount+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/beancount/e955bcd7-6ab1-4e2f-bf35-e9d755858a02n%40googlegroups.com.
