Clarification Needed on Request Handling and Authentication

[eracle]

Hello,

I recently started using the ChatGPT Visual Studio Code plugin and encountered some confusion regarding how the requests are being handled. Specifically, I did not log in with any account or provide an API key during the setup or usage process. Despite this, the plugin seems to be functioning correctly.

Could you please clarify the following:

Request Handling: Where are the requests made by the plugin being sent? Are they proxied through your servers, or are they directly sent to the ChatGPT API?

Authentication: How is the plugin authenticated with the ChatGPT service if no account login or API key is required from the user? Is there an embedded key or a different method being used?

Understanding these aspects is crucial for me to assess the security and privacy implications of using the plugin. I appreciate any details you can provide regarding how user requests are managed and the security measures in place.

Thank you for your assistance and for providing this useful tool.

Best regards,

[zhangrenyang]

Request Handling: If the user's network can directly access OpenAI's servers, the plugin sends requests directly to OpenAI's servers without going through any intermediary servers. If the user's network cannot directly access OpenAI's servers, the requests will be routed through an intermediary server.

Authentication: If the user has linked their own API key, the plugin will use the user's API key. If the user has not linked their own API key, the plugin will use the free API key provided by me.