Add `includeSourceCode` to `ExplainVulnerability` cache key
What does this MR do and why?
While working on the frontend of the "Explain This Vulnerability"
feature, it was discovered that the cached AI response does not
differentiate between the includeSourceCode: true
and
includeSourceCode: false
versions of a request.
It will return whichever one it has in its cache, even if the user changes the checkbox selection.
We need to address this because it would be alarming for a user if they unchecked the checkbox, yet they receive a response that was clearly passed the source code.
This is because the cache key was not factoring in any request options
This change includes the include_source_code
option as part of the cache key
Rather than splatting the entire options
hash into the key, I have
opted to be explicit in the options
I check for
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- follow this guide to set up local vertex access
- clone this project into your local instance
- use the explain this vulnerability feature, make sure the "include source code" option is checked
- you should see some source code in the response
- un-check the "include source code" check box, make another request
- you should see a different response, source code should not be included in the response
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #419236 (closed)