ruby_llm-top_secret 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1796e8abddf5610b5181651f7a68f127d6c943b41446dfb0f8fb5159d46e2201
+  data.tar.gz: 3ef4204b57a1e8f2c5d743d5d3ef851fe96785f19d3116f6292e7387314d9ca4
+SHA512:
+  metadata.gz: 471b718cbd0009c3c645111be4baa0aa5d1dd046bbbf9f96b7f3c503d38dc0f2f9a058f77c152ecbf8e00efd87ad6a4da9502f187769fc39d9dfcb46e3396955
+  data.tar.gz: b89e53615d7dcff0700665f2c498f7a88dfc17b85a757307d9da9eb0eacac1251f60056858fdfdf0d2be7e7baf8d39e9e3cc519c362c2dd8789034f3b3dd5754

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2026-04-14
+
+- Initial release

data/CODEOWNERS

@@ -0,0 +1,15 @@
+# Lines starting with '#' are comments.
+# Each line is a file pattern followed by one or more owners.
+
+# More details are here: https://help.github.com/articles/about-codeowners/
+
+# The '*' pattern is global owners.
+
+# Order is important. The last matching pattern has the most precedence.
+# The folders are ordered as follows:
+
+# In each subsection folders are ordered first by depth, then alphabetically.
+# This should make it easy to add new rules without breaking existing ones.
+
+# Global rule:
+* @stevepolitodesign

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,6 @@
+# Code of conduct
+
+By participating in this project, you agree to abide by the
+[thoughtbot code of conduct][1].
+
+[1]: https://thoughtbot.com/open-source-code-of-conduct

data/LICENSE.txt

@@ -0,0 +1,19 @@
+Copyright (c) Steve Polito and thoughtbot, inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,141 @@
+# RubyLLM::TopSecret
+
+[![Ruby](https://github.com/thoughtbot/ruby_llm-top_secret/actions/workflows/main.yml/badge.svg)](https://github.com/thoughtbot/ruby_llm-top_secret/actions/workflows/main.yml)
+
+Filter sensitive information from [RubyLLM](https://rubyllm.com) conversations using [Top Secret](https://github.com/thoughtbot/top_secret).
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem "ruby_llm-top_secret", github: "thoughtbot/ruby_llm-top_secret", branch: "main"
+```
+
+Then run:
+
+```bash
+bundle install
+```
+
+## Usage
+
+Requiring the gem patches `RubyLLM::Chat` to support filtering sensitive information before it reaches the LLM provider. Filtering is opt-in per conversation using `with_filtering`.
+
+```ruby
+RubyLLM::TopSecret.with_filtering do
+  chat = RubyLLM.chat
+  response = chat.ask("My name is Ralph and my email is ralph@thoughtbot.com")
+
+  # The provider receives: "My name is [PERSON_1] and my email is [EMAIL_1]"
+  # The response comes back with placeholders restored:
+  puts response.content
+  # => "Nice to meet you, Ralph!"
+end
+```
+
+Without `with_filtering`, conversations behave normally with no filtering overhead.
+
+### How it works
+
+1. Wrap your conversation in `RubyLLM::TopSecret.with_filtering`
+2. Before sending to the provider, all messages are filtered using `TopSecret::Text.filter_all`
+3. The provider only sees placeholders like `[PERSON_1]` and `[EMAIL_1]`
+4. The response is restored using `TopSecret::FilteredText.restore`
+5. Original message content is always preserved locally
+
+Filtering state is thread-isolated, so concurrent requests in a web server won't interfere with each other.
+
+### Rails integration
+
+In Rails apps with `acts_as_chat`, declare `acts_as_filtered_chat` on your model so that filtering works automatically — including from background jobs where a `with_filtering` block isn't possible.
+
+```ruby
+class Chat < ApplicationRecord
+  acts_as_chat
+  acts_as_filtered_chat
+end
+```
+
+Every call to `complete` on this model will filter automatically. The restored (not filtered) response is what gets saved to your database.
+
+> [!NOTE]
+> When filtering is active, the assistant message is written to the database twice — once by RubyLLM's built-in callback (with filtered placeholders), and again by this gem (with restored content). This is a known limitation of the current architecture.
+
+#### Per-chat filtering
+
+To control filtering per chat, pass an `if:` condition with a Symbol or Proc. The gem does not provide a database column — your application is responsible for storing the decision and exposing it via a method on the model.
+
+1. Add a boolean column to your chats table
+
+    ```
+    rails generate migration AddFilteredToChats filtered:boolean
+    ```
+
+2. Pass `if: :filtered?` to `acts_as_chat`
+
+    ```ruby
+    class Chat < ApplicationRecord
+      acts_as_chat
+      acts_as_filtered_chat if: :filtered?
+    end
+    ```
+
+> [!NOTE]
+> The `if:` option follows the same convention as [Rails callbacks](https://guides.rubyonrails.org/active_record_callbacks.html#conditional-callbacks) — it accepts a Symbol (method name) or a Proc:
+
+```ruby
+acts_as_filtered_chat if: -> { filtered? }
+```
+
+### Error handling
+
+Errors from Top Secret (filtering or restoring failures) are wrapped in `RubyLLM::TopSecret::Error`. Errors from RubyLLM itself (API failures, etc.) are passed through unchanged.
+
+```ruby
+RubyLLM::TopSecret.with_filtering do
+  chat.ask("Hello")
+rescue RubyLLM::TopSecret::Error => e
+  # Top Secret failed (e.g., NER model missing)
+rescue RubyLLM::Error => e
+  # RubyLLM API error
+end
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org)
+
+## Contributing
+
+[Bug reports](https://github.com/thoughtbot/ruby_llm-top_secret/issues/new?template=bug_report.md) and [pull requests](https://github.com/thoughtbot/ruby_llm-top_secret/pulls) are welcome on GitHub at [https://github.com/thoughtbot/ruby_llm-top_secret](https://github.com/thoughtbot/ruby_llm-top_secret).
+
+Please create a [new discussion](https://github.com/thoughtbot/ruby_llm-top_secret/discussions/new?category=ideas) if you want to share ideas for new features.
+
+## License
+
+ruby_llm-top_secret is Copyright (c) thoughtbot, inc.
+It is free software, and may be redistributed
+under the terms specified in the [LICENSE] file.
+
+[LICENSE]: /LICENSE.txt
+
+<!-- START /templates/footer.md -->
+
+## About thoughtbot
+
+![thoughtbot](https://thoughtbot.com/thoughtbot-logo-for-readmes.svg)
+
+This repo is maintained and funded by thoughtbot, inc.
+The names and logos for thoughtbot are trademarks of thoughtbot, inc.
+
+We love open source software!
+See [our other projects][community].
+We are [available for hire][hire].
+
+[community]: https://thoughtbot.com/community?utm_source=github
+[hire]: https://thoughtbot.com/hire-us?utm_source=github
+
+<!-- END /templates/footer.md -->

data/RELEASING.md

@@ -0,0 +1,43 @@
+# Releasing
+
+## 1. Update version file accordingly
+
+Include an RC (release candidate) number if appropriate, e.g. 2.0.0.rc.
+
+## 2. Update `CHANGELOG.md` to reflect the changes since last release
+
+You can copy [GitHub automatically generated release notes] for this step.
+
+## 3. Commit changes
+
+There shouldn't be code changes, and thus CI doesn't need to run. Add "[ci skip]" to the commit message.
+
+## 4. Tag the release: `git tag -s vVERSION`
+
+We recommend the [_quick guide on how to sign a release_] from git ready.
+
+## 5. Push changes
+
+Push the changes with `git push --tags`
+
+## 6. Build and publish
+
+```bash
+gem build ruby_llm-top_secret.gemspec
+gem push ruby_llm-top_secret-*.gem
+```
+
+If the project is hosted on RubyGems, consider using [RubyGems Trusted Publication] to automatically
+push the release using a GitHub action.
+
+## 7. Add a new GitHub release using the recent `CHANGELOG.md` as the content
+
+Sample URL: https://github.com/thoughtbot/ruby_llm-top_secret/releases/new?tag=vVERSION
+
+## 8. Announce the new release
+
+Make sure to say "thank you" to the contributors who helped shape this version!
+
+[RubyGems Trusted Publication]: https://github.com/rubygems/release-gem
+[_quick guide on how to sign a release_]: https://gitready.com/advanced/2014/11/02/gpg-sign-releases.html
+[GitHub automatically generated release notes]: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes#about-automatically-generated-release-notes

data/Rakefile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "standard/rake"
+
+task default: %i[spec standard]

data/SECURITY.md

@@ -0,0 +1,15 @@
+# Security Policy
+
+## Supported Versions
+
+Only the latest version of ruby_llm-top_secret is supported at a given time. If
+you find a security issue with an older version, please try updating to the
+latest version first.
+
+If for some reason you can't update to the latest version, please let us know
+your reasons so that we can have a better understanding of your situation.
+
+## Reporting a Vulnerability
+
+For security inquiries or vulnerability reports, visit
+<https://thoughtbot.com/security>.

data/lib/ruby_llm/top_secret/acts_as_filtered_chat.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module RubyLLM
+  module TopSecret
+    # Provides the +acts_as_filtered_chat+ class method for ActiveRecord
+    # models that use +acts_as_chat+. Declaring it automatically wraps
+    # +complete+ in {RubyLLM::TopSecret.with_filtering}, so filtering
+    # works across job boundaries without a manual block.
+    #
+    # The gem does not provide a database column. Your application is
+    # responsible for storing the per-chat filtering decision (e.g. a
+    # +filtered+ boolean column) and exposing it via a predicate method.
+    #
+    # @example Filter all chats for this model
+    #   class Chat < ApplicationRecord
+    #     acts_as_chat
+    #     acts_as_filtered_chat
+    #   end
+    #
+    # @example Filter per-chat with a symbol condition
+    #   class Chat < ApplicationRecord
+    #     acts_as_chat
+    #     acts_as_filtered_chat if: :filtered?
+    #   end
+    #
+    # @example Filter per-chat with a Proc condition
+    #   class Chat < ApplicationRecord
+    #     acts_as_chat
+    #     acts_as_filtered_chat if: -> { filtered? }
+    #   end
+    module ActsAsFilteredChat
+      extend ActiveSupport::Concern
+
+      class_methods do
+        # Enables automatic filtering for this model's chat completions.
+        #
+        # @param options [Hash]
+        # @option options [Symbol, Proc] :if A method name or lambda that
+        #   determines whether filtering is active for a given chat instance.
+        #   When omitted, all chats for this model are filtered.
+        def acts_as_filtered_chat(**options)
+          class_attribute :filter_condition, instance_writer: false
+          self.filter_condition = options[:if]
+
+          prepend AutoFiltering
+        end
+      end
+    end
+
+    # @api private
+    module AutoFiltering
+      def complete(...)
+        condition = filter_condition
+        should_filter = if condition
+          case condition
+          when Symbol then send(condition)
+          when Proc then instance_exec(&condition)
+          end
+        else
+          true
+        end
+
+        if should_filter
+          RubyLLM::TopSecret.with_filtering { super }
+        else
+          super
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/top_secret/patches/acts_as_chat.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module RubyLLM
+  module TopSecret
+    module Patches
+      # Patch for {RubyLLM::ActiveRecord::ChatMethods#complete} that persists
+      # the restored response content to the database.
+      #
+      # When filtering is active via {RubyLLM::TopSecret.with_filtering}
+      # (or automatically via {ActsAsFilteredChat}), the default
+      # persistence callback (+on_end_message+) fires inside
+      # {Patches::Chat#complete} before restoration occurs, saving filtered
+      # content. This patch updates the persisted assistant message with the
+      # restored content afterward.
+      #
+      # @see Patches::Chat
+      # @see ActsAsFilteredChat
+      module ActsAsChat
+        # @see RubyLLM::ActiveRecord::ChatMethods#complete
+        def complete(...)
+          response = super
+
+          @message.update!(content: response.content)
+
+          response
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/top_secret/patches/chat.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module RubyLLM
+  module TopSecret
+    module Patches
+      # Middleware that intercepts {RubyLLM::Chat#complete} to filter sensitive
+      # information from messages before they are sent to the LLM provider,
+      # and restore placeholders in the response with original values.
+      #
+      # Filtering only runs when opted in via {RubyLLM::TopSecret.with_filtering}.
+      # Delegates to {Payload} for filtering and restoring content.
+      # Original message content is preserved after the call via +ensure+.
+      #
+      # @raise [RubyLLM::TopSecret::Error] if filtering or restoring fails
+      #
+      # @example
+      #   RubyLLM::TopSecret.with_filtering do
+      #     chat = RubyLLM.chat
+      #     chat.ask("My name is Ralph")
+      #     # => Provider receives "My name is [PERSON_1]"
+      #     # => Response "[PERSON_1] is a great name" becomes "Ralph is a great name"
+      #   end
+      module Chat
+        # @see RubyLLM::Chat#complete
+        def complete(&)
+          return super unless RubyLLM::TopSecret.filtering?
+
+          originals = messages.to_h { |msg| [msg, msg.content] }
+
+          payload = Payload.new(messages)
+          payload.filter
+
+          response = super
+
+          response.content = payload.restore(response.content)
+
+          response
+        rescue RubyLLM::Error
+          raise
+        rescue => e
+          raise RubyLLM::TopSecret::Error, e.message
+        ensure
+          originals&.each { |msg, content| msg.content = content }
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/top_secret/payload.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module RubyLLM
+  module TopSecret
+    # Represents the sensitive content flowing between a RubyLLM chat and
+    # the LLM provider. Mirrors Top Secret's own vocabulary:
+    # {#filter} filters messages before sending, and {#restore} restores
+    # placeholders in the response.
+    #
+    # @example
+    #   payload = Payload.new(messages)
+    #   payload.filter
+    #   # ... send to provider ...
+    #   restored_content = payload.restore(response.content)
+    class Payload
+      # @param messages [Array<RubyLLM::Message>]
+      def initialize(messages)
+        @messages = messages
+        @mapping = {}
+      end
+
+      # Filters sensitive content from messages in place using
+      # {TopSecret::Text.filter_all} for consistent labels across turns.
+      # @return [void]
+      def filter
+        filterable = @messages.reject { |msg| msg.content.nil? || msg.content.empty? }
+        contents = filterable.map(&:content)
+        batch_result = ::TopSecret::Text.filter_all(contents)
+
+        filterable.zip(batch_result.items).each { |msg, item| msg.content = item.output }
+        @mapping = batch_result.mapping
+      end
+
+      # Restores filtered placeholders in the response content with original
+      # values. Handles both String and Hash (structured output) content.
+      #
+      # @param content [String, Hash] the response content to restore
+      # @return [String, Hash] content with placeholders replaced
+      def restore(content)
+        if content.is_a?(Hash)
+          json = JSON.generate(content)
+          restored = ::TopSecret::FilteredText.restore(json, mapping: @mapping)
+          JSON.parse(restored.output)
+        else
+          ::TopSecret::FilteredText.restore(content, mapping: @mapping).output
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/top_secret/railtie.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module RubyLLM
+  module TopSecret
+    # Automatically prepends {Patches::ActsAsChat} onto
+    # {RubyLLM::ActiveRecord::ChatMethods} after RubyLLM's own Railtie
+    # has loaded the ActiveRecord integration.
+    class Railtie < Rails::Railtie
+      initializer "ruby_llm_top_secret.active_record", after: "ruby_llm.active_record" do
+        ActiveSupport.on_load :active_record do
+          require "ruby_llm/top_secret/patches/acts_as_chat"
+          require "ruby_llm/top_secret/acts_as_filtered_chat"
+
+          RubyLLM::ActiveRecord::ChatMethods.module_eval do
+            prepend RubyLLM::TopSecret::Patches::ActsAsChat
+          end
+
+          ::ActiveRecord::Base.include RubyLLM::TopSecret::ActsAsFilteredChat
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/top_secret/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module RubyLLM
+  module TopSecret
+    VERSION = "0.1.0"
+  end
+end

data/lib/ruby_llm/top_secret.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require "ruby_llm"
+require "top_secret"
+require_relative "top_secret/version"
+require_relative "top_secret/payload"
+require_relative "top_secret/patches/chat"
+
+module RubyLLM
+  # Integrates Top Secret with RubyLLM to automatically filter sensitive
+  # information before it is sent to LLM providers.
+  module TopSecret
+    # Base error class for all RubyLLM::TopSecret errors.
+    class Error < StandardError; end
+
+    def self.with_filtering
+      was_filtering = Thread.current[:ruby_llm_top_secret_filter]
+      Thread.current[:ruby_llm_top_secret_filter] = true
+      yield
+    ensure
+      Thread.current[:ruby_llm_top_secret_filter] = was_filtering
+    end
+
+    def self.filtering?
+      Thread.current[:ruby_llm_top_secret_filter] == true
+    end
+  end
+end
+
+RubyLLM::Chat.prepend(RubyLLM::TopSecret::Patches::Chat)
+
+if defined?(Rails::Railtie)
+  require_relative "top_secret/railtie"
+end

data/sig/ruby_llm/top_secret.rbs

@@ -0,0 +1,6 @@
+module RubyLLM
+  module TopSecret
+    VERSION: String
+    # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+  end
+end

metadata

@@ -0,0 +1,90 @@
+--- !ruby/object:Gem::Specification
+name: ruby_llm-top_secret
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Steve Polito
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ruby_llm
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: top_secret
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: A RubyLLM plugin that integrates Top Secret to automatically filter sensitive
+  information from LLM interactions.
+email:
+- stevepolito@hey.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- CODEOWNERS
+- CODE_OF_CONDUCT.md
+- LICENSE.txt
+- README.md
+- RELEASING.md
+- Rakefile
+- SECURITY.md
+- lib/ruby_llm/top_secret.rb
+- lib/ruby_llm/top_secret/acts_as_filtered_chat.rb
+- lib/ruby_llm/top_secret/patches/acts_as_chat.rb
+- lib/ruby_llm/top_secret/patches/chat.rb
+- lib/ruby_llm/top_secret/payload.rb
+- lib/ruby_llm/top_secret/railtie.rb
+- lib/ruby_llm/top_secret/version.rb
+- sig/ruby_llm/top_secret.rbs
+homepage: https://github.com/thoughtbot/ruby_llm-top_secret
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/thoughtbot/ruby_llm-top_secret
+  source_code_uri: https://github.com/thoughtbot/ruby_llm-top_secret
+  changelog_uri: https://github.com/thoughtbot/ruby_llm-top_secret/blob/main/CHANGELOG.md
+  rubygems_mfa_required: 'true'
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.2.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.10
+specification_version: 4
+summary: Filter sensitive information from RubyLLM conversations using Top Secret.
+test_files: []