Route resolve vulnerability through the Anthropic client
What does this MR do and why?
Route vulnerability resolution AI requests through Anthropic client.
Issue: #457232 (closed)
How to set up and validate locally
- Enable the
resolve_vulnerability_ai_gateway
feature flag:Feature.enable(:resolve_vulnerability_ai_gateway)
- Setup local AI Gateway
- Create a vulnerability in a project with a file:
source = <<~SOURCE #include <stdio.h> int main(int argc, char *argv[]) { char buf[8]; memcpy(&buf, "123456789"); printf("hello, world!"); } SOURCE project = Project.find(<my-project-id>) project.repository.create_file(User.find(<my-user-id>), 'src/main.c', source, message: 'Vulnerable file', branch_name: 'main') finding = FactoryBot.create(:vulnerabilities_finding, :sast, project: project, location: { 'file' => 'src/main.c', 'start_line' => 5, 'end_line' => 6 }) FactoryBot.create(:vulnerability, findings: [finding], project: project)
- Go to http://localhost:3000//-/security/vulnerabilities/1 and click
Resolve with merge request
Edited by Alex Buijs