Builds of jf with the AI Assistant disabled

[themowski]

While upgrading our local copy of jf today, we noticed that an AI Assistant was introduced in version 2.69. Our team would like to disable this functionality to prevent accidental leakage of sensitive company data. Further, there are industries/deployment scenarios in which the existence of this built-in AI support would make installing jf impossible in the first place, due to concerns about sensitive user input being sent to an offsite/third-party location.

Would it be possible to distribute releases of the CLI that have the AI Assistant functionality completely removed, or at least disabled/inaccessible (e.g., commenting out https://github.com/jfrog/jfrog-cli/blob/v2/main.go#L276-L282 and then building)? Or is our only option to build from (modified) source?

[sverdlov93]

Hi @themowski

Thank you for reaching out to us with your concerns regarding the AI Assistant functionality introduced in version 2.69 of JFrog CLI.

We fully understand the sensitivity of the issue you’re raising, and we want to assure you that we take customer data privacy and confidentiality very seriously. We are committed to protecting your information, and we do not store any questions or answers provided by users, nor do we use them for training our models. For more details, you can review our privacy policy here

Please let us know if the following solution is feasible for you. In case it isn't, we will come up with a different solution.
Would it be possible to block the AI server URL on your organization’s network, which would effectively disable the AI functionality. The URL to block is: https://cli-ai-app.jfrog.io
Would this be a feasible solution for your team?

Best regards.