Contrib.social

Allow alttext.ai to use the keys module

Open on Drupal.org →
Created on 13 September 2023, about 1 year ago
Updated 17 January 2024, 8 months ago

This is a great module, but just wondering whether this feature would be in scope for the module.

Currently the alttext.ai plugin requires the key to be stored within the config rather than allowing the key module to store the API key (which is already made use of for the azure vision plugin). It would make sense for both backend plugins to allow the same functionality.

Additional to this the api_key should only be stored in config if local config has been selected as the credential provider, otherwise the user is almost certainly under the impression that their key would not be stored within their repo (which it currently would be) and could potentially cause a security risk if the repo was public. I have spoken with a member of the security team on this and they confirmed this would not need to be raised as a security issue (based on previous similar security tickets being raised and moved to the public issue queue). Fortunately the existing AutoAlterCredentials class already circumvents the need for this.

The only other change relating to the above would be to prevent storing unvalidated config, currently the config is stored even if validation fails, potentially causing the auto alt module to start throwing errors while someone is half-way through updating settings.

Feature request
Status

Fixed

Version

2.0

Component

Code

Created by

🇬🇧United Kingdom andy_w

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024