I like to self-host my own services. I have my own email server. I have my own cloud storage and sync and backup. I want to have this secure and safe while having my data private.
But I need to learn and be up to date with current technology.
I decided to use Junie with my own, self hosted models that I run on my own hardware. In the docs they say it can be run on top your own custom provider and model. But it does not work with Rider plugin. You are limited to their own limited list of models.
In docs they are also stating that you can set your own provider via json.
Sadly you cannot extend built-in set of models that way.
{
"baseUrl": "http://local-llm:8080/v1",
"id": "medium:instruct_reasoning",
"apiType": "OpenAICompletion",
"extraHeaders": {
"X-Custom-Source": "Junie"
},
"fasterModel": {
"id": "medium:instruct_reasoning"
}
}
It does not work via project local settings, nor with global ones in HOME directory.
- User-scope: $JUNIE_HOME/models/*.json. - Project-scope: .junie/models/*.json.
I decided that I will try to run CLI, that according to docs can be run with custom settings like that. Of course official installation method is:
curl -fsSL https://junie.jetbrains.com/install.sh | bash
I usually open such script and read through it, I am not familiar with bash much (by choice mostly, because IMHO it is terrible), but this way if my computer will be infected at least I can blame someone else, because I tried to do what I could to avoid it. Short of not installing something that does not have apt package.
Just out of curiosity I asked Junie to read through this file. It gave me short summary with statement:
The script is a standard, robust installer pattern for command-line tools. If you have any specific questions about its implementation or need help adapting it, please let me know.
I do not think it is robust. Nor I do think that it should be standard. But hey! We are living of the future of an AI that does not care about such silliness as security and breaches.
I asked directly:
Is it safe to run such script on my PC?
And I got and answer:
Summary: While the script is almost certainly safe given its official origin, downloading and reviewing the script before execution is the professional standard for security-conscious developers. If you have specific concerns about any section of the script, I can help you decode it.
And I do not know about my readers, but it gave me a chuckle. So if I think about my as ‘security-conscious’ I probably should not install it the official way according to the agent itself. And if I will do that anyway I am no thinking of security of my private and professional development environment?
We are truly living in wonderful future of AI that does not care about security.