Fix OpenAI input image sanitization

[vikas5914]

Summary

1. Extend sanitize_openai_image to redact base64 data when OpenAI’s Responses API sends input_image items where image_url is a string (as documented here).

2. Restore the regression test for that payload format so we cover both dict-style image_url objects and string URLs.
   The previous check only handled { "type": "image_url", "image_url": { "url": ... } }. But OpenAI also allows:

{
    "type": "input_image",
    "image_url": f"data:image/jpeg;base64,{base64_image}",
}

Example from the official docs:

from openai import OpenAI

client = OpenAI()

response = client.responses.create(
    model="gpt-4.1-mini",
    input=[{
        "role": "user",
        "content": [
            {"type": "input_text", "text": "what's in this image?"},
            {
                "type": "input_image",
               "image_url": f"data:image/jpeg;base64,{base64_image}",
            },
        ],
    }],
)

print(response.output_text)

Without this fix, base64 strings in that shape weren’t redacted.

[greptile-apps]

Additional Comments (1)

1. posthog/ai/sanitization.py, line 99-102 (link)

   style: inconsistent type checking - sanitize_openai_image checks isinstance(item.get("image_url"), str) but this function only checks "image_url" in item

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[vikas5914]

@ablaszkiewicz Sorry for tagging you but any chance to review this?

[ablaszkiewicz]

lgtm ✅ Python pipeline is currently broken. We are fixing it

[vikas5914]

@ablaszkiewicz hey , any update on this

[ablaszkiewicz]

@vikas5914 can you please recreate this PR as a new one? You can tag me there

[ablaszkiewicz]

@vikas5914 nevermind. It went through

[ablaszkiewicz]

@vikas5914 Ooops there was no version.py change and no changelog. My bad I didn't check that. I've just opened this PR which will actually deploy this change #425