Comment by nicktikhonov

nicktikhonov 4 days ago parent

What I meant was that it isn't a web app and I don't store your connection strings or query results. I'll make this more clear

kokanee 4 days ago

It is a web app, though. You just aren't running the server, OpenAI is. And you're packaging the front end in electron instead of chrome to make it feel as if it all runs locally, even though it doesn't.

Side note: I don't see a license anywhere, so technically it isn't open source.

omega3 4 days ago

You might not but openai does.

doctorpangloss 4 days ago

API gateways could accept public keys instead of generating bearer tokens. Then the private key could reside in an HSM, and apps like this could give HSMs requests to sign. IMO even though this could be done in an afternoon, everyone - Apple and Google, the CDN / WAF provider, the service provider - is too addicted to the telemetry.

nicktikhonov OP 4 days ago

That makes no sense. OpenAI doesn't know the secret database connection string or any query results. Perhaps you should have read the code before making baseless claims.

nessbot 4 days ago

But it knows what you're querying, which depending on what you're doing may also give away a good bit about whats in the DB.

This item has no comments currently.