Fix Explain This Vulnerability Disregarding `include_source_code`
What does this MR do and why?
This MR modifies the Explain This Vulnerability completions class to properly pass the include_source_code
parameter to template class when requesting an AI response, ensuring that user code is not sent to the LLM against the user directive.
How to set up and validate locally
Gitlab::Llm::Templates::ExplainVulnerability.new(Vulnerability.dast.last).to_prompt(include_source_code: true)
Executing the above should return nil as DAST vulnerabilities are not applicable for Explain This Vulnerability. If you follow the verification steps directed here for our null prompt handling, you should receive a null prompt error instead of a AI response.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #424157 (closed)