Skip to content

Add `user.id` to `explain_vulnerability` cache key

What does this MR do and why?

We have a 5 minute cache for the "explain this vulnerability" AI response. We did not have the user ID in the cache key, which had the effect of users using the feature on the same vulnerability (within the 5 minute ttl) to share the same AI response This is no longer the desired behavior, so this change adds the user's ID to the cache key


EE: true
Changelog: changed

Screenshots

before after
image image

How to set up and validate locally

prerequisites

  1. enable AI features
  2. set up a vertex integration

local test

  1. log into gdk as a user in a browser window
  2. in a separate browser or private window log in as a separate user
  3. go to a project with a vulnerability in both user sessions
  4. use the explain this vulnerability feature in both sessions
  5. you should see 2 separate requests to vertex AI in the logs

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #420006 (closed)

Edited by Michael Becker

Merge request reports

Loading