Is there a way to isolate files (e.g. .env) from being used in anything touched by AI (and possibly sent to the analytics service) ?
2 Likes
you can put them in a .cursorignore anywhere in your repository
Thanks! Was looking exactly for this.
Idk if that’s the same thing, but based on recent discoveries how GPT exposes some data (https://twitter.com/petergyang/status/1722846616896651336), might I suggest ignoring indexing of known sensitive files (like .env) by default? I’ve been using Cursor for 2 months and had no idea about this, wasn’t even considering it as a security risk up until now. Granted, my own uneducated mistake, but I think it’ll be a good onboarding step to cover to ensure end-user security.
Just a suggestion thought!
2 Likes
I would back this fully. I would like to have a full guarantee that if I add a file to .gitignore and/or .cursorignore that it will in no circumstances being indexed and uploaded in any form to any server. I need to have a guarantee that a .env file NEVER leaves my machine. Is this possible in the meantime?