Create an .duoignore file to ignore some files when sending context to AI LLM

Release notes

We are progressing toward sending more context to the LLM. We are already sending all open tabs with Code Suggestions.

However, some company/individuals may want to prevent some specific files to be sent to the LLM (eg: id_rsa, aws.key, ...)

Problem to solve

Some files in the IDE store critical data. These should never go out. Some customers want to be sure they never leave the local IDE. GitLab should propose a mechanism to enforce this behavior.

Proposal

Exactly like .dockerignore and .gitignore, we should add a .duoignore to ensure that some specific files never leave the local IDE.

Another approach could be (and both can be implemented separately) to have a list of extensions to never handle with Duo in the extension settings. Like the list of additional languages, but somehow reverse way.

Intended users

• Delaney (Development Team Lead)

• Sasha (Software Developer)
• Priyanka (Platform Engineer)

• Simone (Software Engineer in Test)
• Allison (Application Ops)
• Ingrid (Infrastructure Operator)

• Amy (Application Security Engineer)
• Isaac (Infrastructure Engineer)
• Alex (Security Operations Engineer)
• Cameron (Compliance Manager)

Feature Usage Metrics

Does this feature require an audit event?

Certainly. Being able to track from a group which sub-groups and projects have enforced data protection seems to be very valuable.