trufflehog

mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00

History

Cody Rose 239f35921d Log when a detector ignores the timeout (#3201 ) If a detector ignores the configured timeout it is probably because of I/O blocking, which degrades the efficiency of the detector worker pool when it happens a lot. In the worst case, a detector that fully hangs will zombify its worker, causing really bad performance problems. When this happens, we don't really have a good way to notice other than seeing scan throughput drop suspiciously. This PR adds explicit logging when detection takes longer than it should so we have a better chance of catching this. (This problem theoretically can spring up anywhere, in any worker, but the detector fleet is vast, uses network I/O, and is implemented by a much larger group of people, so this sort of problem is much more likely to slip into detector implementations than anywhere else in the codebase. We could generalize this mechanism, but I don't want to make that investment before seeing if this smaller change captures the information we need.)	2024-08-08 14:58:23 -04:00
..
ahocorasickcore.go	Log when a detector ignores the timeout (#3201 )	2024-08-08 14:58:23 -04:00
ahocorasickcore_test.go	[feat] - Update span calculation logic to use offset magnitude (#2957 )	2024-06-11 09:12:31 -07:00

Log when a detector ignores the timeout (#3201 )

If a detector ignores the configured timeout it is probably because of I/O blocking, which degrades the efficiency of the detector worker pool when it happens a lot. In the worst case, a detector that fully hangs will zombify its worker, causing really bad performance problems. When this happens, we don't really have a good way to notice other than seeing scan throughput drop suspiciously. This PR adds explicit logging when detection takes longer than it should so we have a better chance of catching this.

(This problem theoretically can spring up anywhere, in any worker, but the detector fleet is vast, uses network I/O, and is implemented by a much larger group of people, so this sort of problem is much more likely to slip into detector implementations than anywhere else in the codebase. We could generalize this mechanism, but I don't want to make that investment before seeing if this smaller change captures the information we need.)

2024-08-08 14:58:23 -04:00

ahocorasickcore.go

Log when a detector ignores the timeout (#3201 )

2024-08-08 14:58:23 -04:00

ahocorasickcore_test.go

[feat] - Update span calculation logic to use offset magnitude (#2957 )

2024-06-11 09:12:31 -07:00