[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation #209314
+212
−29
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KDKHD
added
release_note:skip
KDKHD
changed the title
KDKHD
changed the title
|
@elasticmachine merge upstream |
KDKHD
commented
Feb 4, 2025
| const endTime = performance.now(); // End timing | ||
| const executionTime = endTime - startTime; // Time in milliseconds | ||
|
|
||
| expect(executionTime).toBeLessThan(1000); // Assert under 1 second |
There was a problem hiding this comment.
Executes in < 1ms so this won't become a flakey test.
There was a problem hiding this comment.
Executes in < 1ms so this won't become a flakey test.
😂 auto reply from CI: hold my 🍺
Jokes aside, to test this test locally, I restored the original implementation of removeContentReferences:
export const removeContentReferences = (content: string) => {
return content.replaceAll(/\{reference\(.*?\)\}/g, '');
};and re-ran the test. It failed with:
✕ removesContentReferences does not run in polynomial time (41169 ms)
● utils › removesContentReferences does not run in polynomial time
expect(received).toBeLessThan(expected)
Expected: < 1000
Received: 41167.3355
38 | const executionTime = endTime - startTime; // Time in milliseconds
39 |
> 40 | expect(executionTime).toBeLessThan(1000); // Assert under 1 second
| ^
41 | });
42 | });
43 |
at Object.toBeLessThan (x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/content_references/references/utils.test.ts:40:27)
After restoring the PR version of removeContentReferences, the test once again passes locally with:
✓ removesContentReferences does not run in polynomial time (2 ms)
KDKHD
commented
Feb 4, 2025
| @@ -20,7 +20,7 @@ const BASE_GEMINI_PROMPT = | |||
| const KB_CATCH = | |||
| 'If the knowledge base tool gives empty results, do your best to answer the question from the perspective of an expert security analyst.'; | |||
| export const GEMINI_SYSTEM_PROMPT = `${BASE_GEMINI_PROMPT} ${KB_CATCH} {include_citations_prompt_placeholder}`; | |||
| export const BEDROCK_SYSTEM_PROMPT = `Use tools as often as possible, as they have access to the latest data and syntax. Never return <thinking> tags in the response, but make sure to include <result> tags content in the response. Do not reflect on the quality of the returned search results in your response. ALWAYS return the exact response from NaturalLanguageESQLTool verbatim in the final response, without adding further description.`; | |||
| export const BEDROCK_SYSTEM_PROMPT = `${DEFAULT_SYSTEM_PROMPT} Use tools as often as possible, as they have access to the latest data and syntax. Never return <thinking> tags in the response, but make sure to include <result> tags content in the response. Do not reflect on the quality of the returned search results in your response. {include_citations_prompt_placeholder} ALWAYS return the exact response from NaturalLanguageESQLTool verbatim in the final response, without adding further description.`; | |||
There was a problem hiding this comment.
I have added the DEFAULT_SYSTEM_PROMPT to the BEDROCK_SYSTEM_PROMPT.
Regarding the INCLUDE_CITATIONS prompt, I have included it as a langchain prompt template. Making it a templated string has these 2 benefits:
- The INCLUDE_CITATIONS prompt can be placed in the middle of one of the other prompts.
- The INCLUDE_CITATIONS prompt can be toggled on and off conditionally. This is done here.
I think using a prompt template makes the most sense here as I do not know how else I could incorporate the INCLUDE_CITATIONS prompt using the local_prompt data structure.
| ['{reference(1234', '{reference(1234'], | ||
| ['{reference(1234)', '{reference(1234)'], | ||
| ['{reference(1234)}{reference(1234)}{reference(1234)}', ''], | ||
| ['{reference(1234)}reference(1234)}{reference(1234)}', 'reference(1234)}'], |
There was a problem hiding this comment.
I observed the following unexpected output while desk testing:
I attempted to reproduce it via a test case, but the following test passes:
[
`With a wagging tail and a wet, cold nose,{reference(ccaSI)}
A furry friend, from head to toes.{reference(ccaSI)}
Loyal companion, always near,{reference(ccaSI)}
Chasing squirrels, full of cheer.{reference(ccaSI)}
A paw to hold, a gentle nudge,{reference(ccaSI)}
A furry alarm, a playful judge.{reference(ccaSI)}
From golden retrievers to tiny Chihuahuas,{reference(ccaSI)}
Their love's a gift, that always conquers.{reference(ccaSI)}
So cherish your dog, with all your might,{reference(ccaSI)}
Their love's a beacon, shining bright.{reference(ccaSI)}`,
`With a wagging tail and a wet, cold nose,
A furry friend, from head to toes.
Loyal companion, always near,
Chasing squirrels, full of cheer.
A paw to hold, a gentle nudge,
A furry alarm, a playful judge.
From golden retrievers to tiny Chihuahuas,
Their love's a gift, that always conquers.
So cherish your dog, with all your might,
Their love's a beacon, shining bright.`,
],The unreplaced references are still visible when the conversation is re-opened, and when the Show citations toggle is clicked, as illustrated by the animated gif below:
There was a problem hiding this comment.
observation: The poem contains a single entry Knowledge base entry: Favorite Color, however that KB entry does not appear to be related to the poem:
There was a problem hiding this comment.
So there are 2 problems here:
- The {reference(...)} strings are not getting parsed correctly. This has been fixed here
- Irrelevant references are being added. I will tweak the prompts to fix this in a separate PR.
…m:KDKHD/kibana into bug/content-references-regex-performance
…:KDKHD/kibana into bug/content-references-regex-performance
KDKHD
force-pushed
the
bug/content-references-regex-performance
branch
from
015ac28 to
fcfaccd
Compare
💚 Build Succeeded
Metrics [docs]Async chunks
History
|
| ['{reference(1234)', '{reference(1234)'], | ||
| ['{reference(1234)}{reference(1234)}{reference(1234)}', ''], | ||
| ['{reference(1234)}reference(1234)}{reference(1234)}', 'reference(1234)}'], | ||
| ])('removesContentReferences from "%s"', async (input: string, expected: string) => { |
There was a problem hiding this comment.
nit: is async required for the tests in this file?
| [BEDROCK_SYSTEM_PROMPT, 'You are a security analyst', 1], | ||
| ])( | ||
| '"%s" contains "%s" %s times', | ||
| async (prompt: string, containedString: string, expectedCount: number) => { |
There was a problem hiding this comment.
nit: Consider removing async
| path: `alerts`, | ||
| openInNewTab: true, | ||
| }); | ||
| openAlertsPageWithFilters( |
There was a problem hiding this comment.
Thanks for adding these filters!
…/prompt/prompts.test.ts
andrew-goldstein
approved these changes
Feb 6, 2025
There was a problem hiding this comment.
Thanks for these updates @KDKHD!
✅ Desk tested locally
LGTM 🚀
|
Starting backport for target branches: 8.18, 9.0 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 7, 2025
…ion with constant time string manipulation (elastic#209314) ## Summary Fixes elastic/kibana-team#1442 This PR replaces a poorly performing regular expression with a constant time string manipulation approach. Context: The regex is used to remove all references from a string when a user copies a message from the assistant and when conversation history is passed to the LLM e.g. ``` "The sky is blue{reference(1234)} and the grass is green{reference(4321)}" -> "The sky is blue and the grass is green" ``` Changes: - Replace the regular expression inside of `removeContentReferences()` - Add tests to verify new logic is correct. - Fix a bug in the contentReference markdown parser that was found by @andrew-goldstein [here](https://github.com/elastic/kibana/pull/209314/files#r1943198510) - For alerts page citations, add a filter for open and acknowledge alerts within the last 24 hours [here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36) ### How to test new regex: One of the changes in this PR improves the performance of a regex. In real life, no one has ever reached any performance issues with this regex's and I don't think it is realistically possible to reach that limit without other things breaking (i.e. the message sent to/returned by the assistant would need to be so large that it would exceed the context window). Therefore, all we can test is that the functionality still works as expected after this change. - Enable the feature flag ```yaml # kibana.dev.yml xpack.securitySolution.enableExperimental: ['contentReferencesEnabled'] ``` - Open the security assistant - Ask the assistant a question about your alerts or a document in your KB. The assistant response should contain citations. - Copy the response to the clipboard using the copy button. <img width="785" alt="image" src="https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22" /> - Your clipboard should contain the response without any citations ### How to test the alerts page filter - Ask a question about your open alerts and make sure a citation is returned. - Click on the citation - Verify a new tab is opened and the alerts page is visible with a filter for open and acknowledge alerts and there is a now-24h time window filter. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [X] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [X] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [X] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [X] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [X] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit 2bf8a24)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 7, 2025
…ion with constant time string manipulation (elastic#209314) ## Summary Fixes elastic/kibana-team#1442 This PR replaces a poorly performing regular expression with a constant time string manipulation approach. Context: The regex is used to remove all references from a string when a user copies a message from the assistant and when conversation history is passed to the LLM e.g. ``` "The sky is blue{reference(1234)} and the grass is green{reference(4321)}" -> "The sky is blue and the grass is green" ``` Changes: - Replace the regular expression inside of `removeContentReferences()` - Add tests to verify new logic is correct. - Fix a bug in the contentReference markdown parser that was found by @andrew-goldstein [here](https://github.com/elastic/kibana/pull/209314/files#r1943198510) - For alerts page citations, add a filter for open and acknowledge alerts within the last 24 hours [here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36) ### How to test new regex: One of the changes in this PR improves the performance of a regex. In real life, no one has ever reached any performance issues with this regex's and I don't think it is realistically possible to reach that limit without other things breaking (i.e. the message sent to/returned by the assistant would need to be so large that it would exceed the context window). Therefore, all we can test is that the functionality still works as expected after this change. - Enable the feature flag ```yaml # kibana.dev.yml xpack.securitySolution.enableExperimental: ['contentReferencesEnabled'] ``` - Open the security assistant - Ask the assistant a question about your alerts or a document in your KB. The assistant response should contain citations. - Copy the response to the clipboard using the copy button. <img width="785" alt="image" src="https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22" /> - Your clipboard should contain the response without any citations ### How to test the alerts page filter - Ask a question about your open alerts and make sure a citation is returned. - Click on the citation - Verify a new tab is opened and the alerts page is visible with a filter for open and acknowledge alerts and there is a now-24h time window filter. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [X] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [X] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [X] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [X] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [X] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit 2bf8a24)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
KDKHD
added a commit
to KDKHD/kibana
that referenced
this pull request
Feb 7, 2025
…ion with constant time string manipulation (elastic#209314) ## Summary Fixes elastic/kibana-team#1442 This PR replaces a poorly performing regular expression with a constant time string manipulation approach. Context: The regex is used to remove all references from a string when a user copies a message from the assistant and when conversation history is passed to the LLM e.g. ``` "The sky is blue{reference(1234)} and the grass is green{reference(4321)}" -> "The sky is blue and the grass is green" ``` Changes: - Replace the regular expression inside of `removeContentReferences()` - Add tests to verify new logic is correct. - Fix a bug in the contentReference markdown parser that was found by @andrew-goldstein [here](https://github.com/elastic/kibana/pull/209314/files#r1943198510) - For alerts page citations, add a filter for open and acknowledge alerts within the last 24 hours [here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36) ### How to test new regex: One of the changes in this PR improves the performance of a regex. In real life, no one has ever reached any performance issues with this regex's and I don't think it is realistically possible to reach that limit without other things breaking (i.e. the message sent to/returned by the assistant would need to be so large that it would exceed the context window). Therefore, all we can test is that the functionality still works as expected after this change. - Enable the feature flag ```yaml # kibana.dev.yml xpack.securitySolution.enableExperimental: ['contentReferencesEnabled'] ``` - Open the security assistant - Ask the assistant a question about your alerts or a document in your KB. The assistant response should contain citations. - Copy the response to the clipboard using the copy button. <img width="785" alt="image" src="https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22" /> - Your clipboard should contain the response without any citations ### How to test the alerts page filter - Ask a question about your open alerts and make sure a citation is returned. - Click on the citation - Verify a new tab is opened and the alerts page is visible with a filter for open and acknowledge alerts and there is a now-24h time window filter. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [X] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [X] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [X] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [X] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [X] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit 2bf8a24)
kibanamachine
added a commit
that referenced
this pull request
Feb 7, 2025
…expression with constant time string manipulation (#209314) (#210145) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)](#209314) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kenneth Kreindler","email":"42113355+KDKHD@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-02-07T09:22:37Z","message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Security Generative AI","backport:version","v8.18.0","v9.1.0"],"title":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation","number":209314,"url":"https://github.com/elastic/kibana/pull/209314","mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209314","number":209314,"mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}}]}] BACKPORT--> Co-authored-by: Kenneth Kreindler <42113355+KDKHD@users.noreply.github.com>
mariairiartef
pushed a commit
to mariairiartef/kibana
that referenced
this pull request
Feb 7, 2025
…ion with constant time string manipulation (elastic#209314) ## Summary Fixes elastic/kibana-team#1442 This PR replaces a poorly performing regular expression with a constant time string manipulation approach. Context: The regex is used to remove all references from a string when a user copies a message from the assistant and when conversation history is passed to the LLM e.g. ``` "The sky is blue{reference(1234)} and the grass is green{reference(4321)}" -> "The sky is blue and the grass is green" ``` Changes: - Replace the regular expression inside of `removeContentReferences()` - Add tests to verify new logic is correct. - Fix a bug in the contentReference markdown parser that was found by @andrew-goldstein [here](https://github.com/elastic/kibana/pull/209314/files#r1943198510) - For alerts page citations, add a filter for open and acknowledge alerts within the last 24 hours [here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36) ### How to test new regex: One of the changes in this PR improves the performance of a regex. In real life, no one has ever reached any performance issues with this regex's and I don't think it is realistically possible to reach that limit without other things breaking (i.e. the message sent to/returned by the assistant would need to be so large that it would exceed the context window). Therefore, all we can test is that the functionality still works as expected after this change. - Enable the feature flag ```yaml # kibana.dev.yml xpack.securitySolution.enableExperimental: ['contentReferencesEnabled'] ``` - Open the security assistant - Ask the assistant a question about your alerts or a document in your KB. The assistant response should contain citations. - Copy the response to the clipboard using the copy button. <img width="785" alt="image" src="https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22" /> - Your clipboard should contain the response without any citations ### How to test the alerts page filter - Ask a question about your open alerts and make sure a citation is returned. - Click on the citation - Verify a new tab is opened and the alerts page is visible with a filter for open and acknowledge alerts and there is a now-24h time window filter. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [X] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [X] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [X] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [X] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [X] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ### Identify risks Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss. Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging. - [ ] [See some risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) - [ ] ... --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
KDKHD
added a commit
that referenced
this pull request
Feb 7, 2025
…xpression with constant time string manipulation (#209314) (#210147) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)](#209314) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kenneth Kreindler","email":"42113355+KDKHD@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-02-07T09:22:37Z","message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Security Generative AI","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation","number":209314,"url":"https://github.com/elastic/kibana/pull/209314","mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/210146","number":210146,"state":"OPEN"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/210145","number":210145,"state":"OPEN"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209314","number":209314,"mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
kibanamachine
added
the
backport missing
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
kibanamachine
added a commit
that referenced
this pull request
Feb 10, 2025
…xpression with constant time string manipulation (#209314) (#210146) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)](#209314) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kenneth Kreindler","email":"42113355+KDKHD@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-02-07T09:22:37Z","message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Security Generative AI","backport:version","v8.18.0","v9.1.0"],"title":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation","number":209314,"url":"https://github.com/elastic/kibana/pull/209314","mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209314","number":209314,"mergeCommit":{"message":"[Security Solution] [AI Assistant] Replace polynomial regular expression with constant time string manipulation (#209314)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana-team/issues/1442\r\n\r\nThis PR replaces a poorly performing regular expression with a constant\r\ntime string manipulation approach.\r\n\r\nContext:\r\nThe regex is used to remove all references from a string when a user\r\ncopies a message from the assistant and when conversation history is\r\npassed to the LLM e.g.\r\n```\r\n\"The sky is blue{reference(1234)} and the grass is green{reference(4321)}\" -> \"The sky is blue and the grass is green\"\r\n```\r\n\r\nChanges:\r\n- Replace the regular expression inside of `removeContentReferences()`\r\n- Add tests to verify new logic is correct.\r\n- Fix a bug in the contentReference markdown parser that was found by\r\n@andrew-goldstein\r\n[here](https://github.com/elastic/kibana/pull/209314/files#r1943198510)\r\n- For alerts page citations, add a filter for open and acknowledge\r\nalerts within the last 24 hours\r\n[here](https://github.com/elastic/kibana/pull/209314/files#diff-f17fbe7edfe72943fecbe5ddd8dca6c024a48fe4f90bf4f66650cef16091b769R36)\r\n\r\n\r\n### How to test new regex:\r\nOne of the changes in this PR improves the performance of a regex. In\r\nreal life, no one has ever reached any performance issues with this\r\nregex's and I don't think it is realistically possible to reach that\r\nlimit without other things breaking (i.e. the message sent to/returned\r\nby the assistant would need to be so large that it would exceed the\r\ncontext window). Therefore, all we can test is that the functionality\r\nstill works as expected after this change.\r\n- Enable the feature flag\r\n```yaml\r\n# kibana.dev.yml\r\nxpack.securitySolution.enableExperimental: ['contentReferencesEnabled']\r\n```\r\n- Open the security assistant\r\n- Ask the assistant a question about your alerts or a document in your\r\nKB. The assistant response should contain citations.\r\n- Copy the response to the clipboard using the copy button.\r\n<img width=\"785\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/edded3a3-8cb9-40a8-918e-a9718e7afc22\"\r\n/>\r\n- Your clipboard should contain the response without any citations\r\n\r\n### How to test the alerts page filter\r\n- Ask a question about your open alerts and make sure a citation is\r\nreturned.\r\n- Click on the citation\r\n- Verify a new tab is opened and the alerts page is visible with a\r\nfilter for open and acknowledge alerts and there is a now-24h time\r\nwindow filter.\r\n\r\n### Checklist\r\n\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [X]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [X] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n- [X] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n- [X] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [X] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"2bf8a24c5cb56b2ccb16e6c38f18cc9c39d65fcd"}}]}] BACKPORT--> Co-authored-by: Kenneth Kreindler <42113355+KDKHD@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
kibanamachine
removed
the
backport missing
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes https://github.com/elastic/kibana-team/issues/1442
This PR replaces a poorly performing regular expression with a constant time string manipulation approach.
Context:
The regex is used to remove all references from a string when a user copies a message from the assistant and when conversation history is passed to the LLM e.g.
Changes:
removeContentReferences()How to test new regex:
One of the changes in this PR improves the performance of a regex. In real life, no one has ever reached any performance issues with this regex's and I don't think it is realistically possible to reach that limit without other things breaking (i.e. the message sent to/returned by the assistant would need to be so large that it would exceed the context window). Therefore, all we can test is that the functionality still works as expected after this change.
How to test the alerts page filter
Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
release_note:breakinglabel should be applied in these situations.release_note:*label is applied per the guidelinesIdentify risks
Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss.
Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging.