feat(ai): add OpenAI and custom API provider support (#1424)

* feat(ai): add OpenAI and custom API provider support - Expand AI provider support to include OpenAI (gpt-4o, gpt-4o-mini) and custom OpenAI-compatible APIs - Add support for configuring AI API base URL and skipping SSL verification - Update documentation to list all supported AI providers and clarify configuration options with examples - Refactor AI client initialization to fallback on OpenAI-compatible API for unknown models - Add OpenAI client implementation using openai-go library - Update tests to validate OpenAI-compatible fallback behavior - Add openai-go dependency to go.mod Signed-off-by: appleboy <appleboy.tw@gmail.com> * Fix info message after merge Change-Id: I1cb556a42e2bd9e9b2051d6db99889c6c9f7ccdb Signed-off-by: Cosmin Cojocar <ccojocar@google.com> * Fix lint warning Change-Id: I3689b96205f494920dbbd03344e8f132a30f40b3 Signed-off-by: Cosmin Cojocar <ccojocar@google.com> --------- Signed-off-by: appleboy <appleboy.tw@gmail.com> Signed-off-by: Cosmin Cojocar <ccojocar@google.com> Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch> Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2026-01-15 01:33:41 +08:00 · 2025-12-11 16:53:19 +08:00
parent b6eea26df8
commit aa2e2fb1bd
7 changed files with 196 additions and 14 deletions
--- a/cmd/gosec/main.go
+++ b/cmd/gosec/main.go
@@ -159,6 +159,12 @@ var (
 	// key to implementing AI provider services
 	flagAiAPIKey = flag.String("ai-api-key", "", "Key to access the AI API")

+	// base URL for AI API (optional, for OpenAI-compatible APIs)
+	flagAiBaseURL = flag.String("ai-base-url", "", "Base URL for AI API (e.g., for OpenAI-compatible services)")
+
+	// skip SSL verification for AI API
+	flagAiSkipSSL = flag.Bool("ai-skip-ssl", false, "Skip SSL certificate verification for AI API")
+
 	// exclude the folders from scan
 	flagDirsExclude arrayFlags

@@ -501,7 +507,7 @@ func main() {
 	aiEnabled := *flagAiAPIProvider != ""

 	if len(issues) > 0 && aiEnabled {
-		err := autofix.GenerateSolution(*flagAiAPIProvider, aiAPIKey, issues)
+		err := autofix.GenerateSolution(*flagAiAPIProvider, aiAPIKey, *flagAiBaseURL, *flagAiSkipSSL, issues)
 		if err != nil {
 			logger.Print(err)
 		}