Parse affected ranges only once
Previously, the version range matchers used by vulnerability scanning always constructed a new affected range when calling the `affected?` method. If called sparingly, the performance of the method can be seen as acceptable, but if done continuously - in a loop for example - then the performance of the matcher begins to suffer. To address this, the matcher class now initializes the affected range only once at the beginning, and re-uses the same instance for future comparisons. This means that we improve the memory footprint significantly when it's called in loops as is the case with Continous Vulnerability Scanning where we've seen allocations in the realm of GiB. By proxy, this improves the performance of the Sidekiq instance that CVS runs on because the garbage collector does not need to prune as many unreachable objects in memory. Changelog: performance
显示
- Gemfile.checksum 1 个添加, 1 个删除Gemfile.checksum
- Gemfile.lock 1 个添加, 1 个删除Gemfile.lock
- ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb 18 个添加, 9 个删除ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb
- ee/lib/gitlab/vulnerability_scanning/container_scanning/affected_version_range_matcher.rb 27 个添加, 13 个删除...ning/container_scanning/affected_version_range_matcher.rb
- ee/lib/gitlab/vulnerability_scanning/dependency_scanning/affected_version_range_matcher.rb 20 个添加, 9 个删除...ing/dependency_scanning/affected_version_range_matcher.rb
- ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb 2 个添加, 0 个删除...ib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb
- ee/spec/lib/gitlab/vulnerability_scanning/container_scanning/affected_version_range_matcher_spec.rb 18 个添加, 16 个删除...container_scanning/affected_version_range_matcher_spec.rb
- ee/spec/lib/gitlab/vulnerability_scanning/dependency_scanning/affected_version_range_matcher_spec.rb 3 个添加, 3 个删除...ependency_scanning/affected_version_range_matcher_spec.rb
加载中
想要评论请 注册 或 登录