Add `user.id` to `explain_vulnerability` cache key
requested to merge 420006-include-user-in-the-cache-key-for-explain-vulnerability-llm-cache into master
What does this MR do and why?
We have a 5 minute cache for the "explain this vulnerability" AI response. We did not have the user ID in the cache key, which had the effect of users using the feature on the same vulnerability (within the 5 minute ttl) to share the same AI response This is no longer the desired behavior, so this change adds the user's ID to the cache key
EE: true
Changelog: changed
Screenshots
before | after |
---|---|
How to set up and validate locally
prerequisites
local test
- log into gdk as a user in a browser window
- in a separate browser or private window log in as a separate user
- go to a project with a vulnerability in both user sessions
- use the explain this vulnerability feature in both sessions
- you should see 2 separate requests to vertex AI in the logs
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #420006 (closed)
Edited by Michael Becker