search

mitre / hipcheck

Automatically assess and score software repositories for supply chain risk.
https://mitre.github.io/hipcheck/
Apache License 2.0
80 stars 6 forks source link

fix: reduce unnecessary filesytem copies when spawning plugins #628

Closed patrickjcasey closed 1 week ago

patrickjcasey commented 1 week ago

Here is a video of this branch having two macOS hc check commands work at the same time!

https://github.com/user-attachments/assets/9c4a6355-8817-421e-85e4-00f903140946

To trigger this bug on macOS, the following steps were the easiest way I could find to reliably trigger this

  1. Have a plugin running
  2. While it is still running, copy over the running binary location on disk
  3. Attempt to run this new binary (it will fail)

To avoid this issue, hc now checks the sha256 of the source and destination before copying the files and skips the copy if the hashes are identical

j-lanson commented 1 week ago

Resolves #600 .

patrickjcasey commented 1 week ago

https://github.com/user-attachments/assets/3cd26b75-a576-4e9a-923a-e0642fe00fd8

hc check running simultaneously on the latest code in this branch