-
Notifications
You must be signed in to change notification settings - Fork 18
Some tips on prompting to improve DevSecOps
K. C. Ramakrishna edited this page Nov 8, 2024
·
3 revisions
LLMs and genAI tools are very sensitive to prompting. The right prompt will solve a vexing problem in an instant while a wrong prompt can take you off on a wild goose chase and waste hours before you give up in frustrations. While we listed some prompting tips below, we strongly recommend a formal course like https://www.coursera.org/specializations/prompt-engineering . While there are other tutorials available, we found this one to be the most structured and comprehensive.
- Give a lot of context. This is especially useful in complex scenarios. Try to give as much context as possible.
- Example for ngnix: If we want to investigate an ngnix log file, You can give it your ngnix config file in addition to the error message that you see in the logs. genAi can find connections between the configuration and the log files.
- Try to go through a multi step process. This is very similar to 'chain of thought' prompting techniques. Let's take an example of trying to improve a tsconfig.json file . Upload the file and
- Prompt 1 (Analysis): "Analyse the uploaded tsconfig file and list all the ways to improve this file to implement all best practices of modularity, performance optimisations and security. Do not generate a file yet. Just list the possible improvements and explain in detail. Remember that we are using Typescript version x.y.z"
- Follow up prompt: "Is this an exhaustive list? Can you suggest some more improvements?"
- Finally: "Please re-write the uploaded tsconfig file to include all above suggestions. Explain each improvement in detail. Assess this for completeness and provide a summary comparison of the uploaded file and the new file."
- Prompt 1 (Analysis): "Analyse the uploaded tsconfig file and list all the ways to improve this file to implement all best practices of modularity, performance optimisations and security. Do not generate a file yet. Just list the possible improvements and explain in detail. Remember that we are using Typescript version x.y.z"
- Remember to thoroughly read up the official documentation of the package relating to the suggestions from genAI. i.e. Typescript official documentation in this case.
- Try and make incremental changes to help you debug. Try to avoid bulk updates. If genAI gave you 5 improvements, first implement just the first suggestion and compile the project. Then, implement the second and compile the project and so on... This approach will help you accurately diagnose errors, irrelevant changes and genAI hallucinations.
Tips when generating unit tests, performance optimisations for code etc.