Users that do not belong to a project are offered when filtering merge requests for an assignee

This happens when you open the merge requests through the link tooltipped “Merge requests”, on the top right (opens<my_username>). If I start setting up a filter and choose “Assignee” (or “Approver”), and then choose “=” or “!=”, I get myself and then a list of users that do not belong to our project (not a single user from our project).

The url of the AJAX call is missing a value for the project_id:
So I guess it simply searches the complete user base.

If I open the merge requests from the left navigation pane (opening just, and filter for an assignee, only users from within our project are offered.
The AJAX url being<project_id>&current_user=true&search=n
(with proper project id given)

I assume that the top navigation is not project specific, hence opening merge requests from there covers all merge requests, independent of the project, hence the user search searches all users. But as our projects are private it appears a bit curious to see user names that do not belong to any of our projects in that list.

Maybe my concern is based on false expectations, however I wanted to mention it, also to see what other users think about it.