False Positive Detection in Vulnerability Resolution
What does this MR do and why?
Vulnerability Resolution might be asked to produce a fix for a vulnerability which turns out to be a false positive finding.
In such situation, we've discovered an edge case where the LLM is writing a textual explanation instead of code (see screenshot).
This apparently happens because the LLM is not given a proper place in the template for indicating that this is a false positive.
The proposed solution is:
- Add a place in the output template so that the LLM can indicate if a false positive has been detected
- Parse this in the backend
- Display a proper error message in the UI
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Related to https://gitlab.com/gitlab-org/gitlab/-/issues/480019+s