> For compliance though, the AI integration should probably be a separate binary that you can access via the command line. Maybe with an optional setting "assign this keyboard shortcut to the AI binary".
There's no difference at all between a code path that's never called and another binary that's never called.
You are simply wrong for even trying to argue about privacy concerns when it is a feature that is entirely off by default (and also doesn't send anything that you don't enter in the box dedicated to it).
It makes absolutely 0 sense to have any concern about this but not have concerns about the capability of the terminal to perform any other call over the network.
Almost. The never-called code path may nonetheless reside in memory under control of a process with certain privileges, which does make it a tad less secure than a binary resting on disk. It’s also far more likely to be invoked by mistake (a bug) and you can’t totally remove it or take away its execute flag to drop that risk to basically zero.
I think the issue that people here are expressing are not necessarily their personal concerns, but concerns that their employers may now have if they learn about the feature.
If they're worried about your terminal calling OpenAI servers if you ask it to call OpenAI servers, why are they not worried about all the many more damaging things you can do with your terminal when you ask it to?
Guess what? My terminal has always been able to call ChatGPT, even before this curl wrapper was released :O
There's no difference at all between a code path that's never called and another binary that's never called.
You are simply wrong for even trying to argue about privacy concerns when it is a feature that is entirely off by default (and also doesn't send anything that you don't enter in the box dedicated to it).
It makes absolutely 0 sense to have any concern about this but not have concerns about the capability of the terminal to perform any other call over the network.