Resolve This Vulnerability - Service classes to retrieve a code fix suggestion for a respective vulnerability
Resolve Vulnerability's behaviour is primarily backend driven using a variety of established GitLab behaviour to provide new functionality. We will need to write a few new services to facilitate this functionality.
In short, ResolveVulnerability will need to:
- Receive and handle a mutation request from a user to provide a vulnerability resolution for a specific vulnerability.
- Process the request asynchronously
- Generate a prompt request a patch or diff from the AI provider
- Receive the response, and parse it for quality
- Attempt to form a valid diff with the provided code
- Create a branch, and apply the diff to the branch
- Create an MR for the branch
- Link the new MR to the original Vulnerability
- Respond to the User with the link to the new MR
Flow Diagram
Implementation Plan
-
Implement The ResolveVulnerability AiAction using the existing Ai mutation pattern used by ExplainThisVulnerability -
Implement ResolveVulnerabilityCompletion and Template services to generate a Resolve prompt for the vulnerability and request the result from the AI provider -
Implement a ResolveVulnerabilityService which uses the Ai response, attempts to form an appropriate diff with it, and then applies it to a new Branch and MR which can be sent back to the user.
Edited by Gregory Havenga