03ee69834d
- Run cargo fmt on all crates - Fix regex patterns using unsupported lookahead in patterns.rs - Replace unwrap() calls with compile_regex() helper - Fix never type fallback in GitHub tracker - Fix redundant field name in findings page - Allow enum_variant_names for Dioxus Route enum - Fix &mut Vec -> &mut [T] clippy lint in sbom.rs - Mark unused-but-intended APIs with #[allow(dead_code)] Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
25 lines
972 B
Rust
25 lines
972 B
Rust
use std::sync::Arc;
|
|
|
|
use compliance_core::models::Finding;
|
|
|
|
use crate::error::AgentError;
|
|
use crate::llm::LlmClient;
|
|
|
|
const FIX_SYSTEM_PROMPT: &str = r#"You are a security engineer. Given a security finding with code context, suggest a concrete code fix. Return ONLY the fixed code snippet that can directly replace the vulnerable code. Include brief inline comments explaining the fix."#;
|
|
|
|
pub async fn suggest_fix(llm: &Arc<LlmClient>, finding: &Finding) -> Result<String, AgentError> {
|
|
let user_prompt = format!(
|
|
"Suggest a fix for this vulnerability:\n\
|
|
Language context from file: {}\n\
|
|
Rule: {}\n\
|
|
Description: {}\n\
|
|
Vulnerable code:\n```\n{}\n```",
|
|
finding.file_path.as_deref().unwrap_or("unknown"),
|
|
finding.rule_id.as_deref().unwrap_or("N/A"),
|
|
finding.description,
|
|
finding.code_snippet.as_deref().unwrap_or("N/A"),
|
|
);
|
|
|
|
llm.chat(FIX_SYSTEM_PROMPT, &user_prompt, Some(0.2)).await
|
|
}
|