Apply same security pattern fix to IntelliJ implementation

Remove credentials.* and token.* patterns from IntelliJ security ignore list to match the TypeScript core changes. This ensures consistent behavior across both IDE extensions. Co-authored-by: nate <nate@continue.dev>
Update tests to reflect removed token.* and credentials.* patterns
2025-12-09 20:26:06 +00:00 · 2025-12-09 20:24:56 +00:00 · 2025-12-10 03:01:26 +07:00
3 changed files with 13 additions and 5 deletions
--- a/core/indexing/ignore.ts
+++ b/core/indexing/ignore.ts
@@ -39,10 +39,8 @@ export const DEFAULT_SECURITY_IGNORE_FILETYPES = [
  "*.secret",
  "*.secrets",
  "credentials",
-  "credentials.*",
  "auth.json",
  "token",
-  "token.*",
  "*.token",

  // Backup files that might contain sensitive data
--- a/core/indexing/ignore.vitest.ts
+++ b/core/indexing/ignore.vitest.ts
@@ -48,7 +48,6 @@ describe("isSecurityConcern", () => {
      expect(isSecurityConcern("app.secret")).toBe(true);
      expect(isSecurityConcern("api.secrets")).toBe(true);
      expect(isSecurityConcern("credentials")).toBe(true);
-      expect(isSecurityConcern("credentials.json")).toBe(true);
      expect(isSecurityConcern("auth.json")).toBe(true);
      expect(isSecurityConcern("token")).toBe(true);
      expect(isSecurityConcern("api.token")).toBe(true);
@@ -183,6 +182,17 @@ describe("isSecurityConcern", () => {
      expect(isSecurityConcern("secret-utils.js")).toBe(false);
      expect(isSecurityConcern("token-validator.ts")).toBe(false);
    });
+
+    it("should not flag legitimate source files with token/credentials in name", () => {
+      expect(isSecurityConcern("tokens.py")).toBe(false);
+      expect(isSecurityConcern("tokens.go")).toBe(false);
+      expect(isSecurityConcern("tokens.js")).toBe(false);
+      expect(isSecurityConcern("credentials.py")).toBe(false);
+      expect(isSecurityConcern("credentials.go")).toBe(false);
+      expect(isSecurityConcern("credentials.ts")).toBe(false);
+      expect(isSecurityConcern("token_manager.py")).toBe(false);
+      expect(isSecurityConcern("credential_helper.js")).toBe(false);
+    });
  });

  describe("Edge cases", () => {
--- a/extensions/intellij/src/main/kotlin/com/github/continuedev/continueintellijextension/continue/IntelliJIde.kt
+++ b/extensions/intellij/src/main/kotlin/com/github/continuedev/continueintellijextension/continue/IntelliJIde.kt
@@ -60,8 +60,8 @@ class IntelliJIDE(
        "*.db", "*.sqlite", "*.sqlite3", "*.mdb", "*.accdb",
        
        // Credential and secret files
-        "*.secret", "*.secrets", "credentials", "credentials.*", "auth.json",
-        "token", "token.*", "*.token",
+        "*.secret", "*.secrets", "credentials", "auth.json",
+        "token", "*.token",
        
        // Backup files that might contain sensitive data
        "*.bak", "*.backup", "*.old", "*.orig",