Migrate Backend to Duo Chat
During the VE development sync, a new work flow was proposed using /explain_vulnerability
. Our current backend implementation may need to be updated or even migrated over.
Workflow:
- Keep the current vulnerability explanation section
- User clicks on "explain vulnerability" button
- Which opens the Duo chat drawer
- It triggers the
/vulnerability_explain
slash command - Displays AI response
Things that may need updating or migration:
- Prompt Message: explain_vulnerability.rb
- GraphQL Mutation:
AiExplainVulnerabilityInput
- ...possibly others
Other Notes:
- make sure you also implement the
/explain_vulnerability
command fully, so that users don't have to click the button but can also just type this command. Read more here - ~~Also supporting
explain_vulnerability_with_source_code
, ~~read more here@sming-gitlab
will verify with PM on this and confirm actual text,.link
- The default is "send with code". Ignore secret and preflight checks.
- We're going to proceed with Anthropic per latest discussion with model validation team.
- But keep in mind: "We need the flexibility to change depending on the result of the model validation"
Implementation Plan
...
Edited by Samantha Ming