I found the major flaw in the plugin which is causing colossal performance slowdowns.
The problem is that TUF is being asked to get the length of, basically, every release of a given package -- even if it's not going to install those releases. That's because we're calling Updater::getLength() in configurePackageTransportOptions(), which is called for every Package object -- that is, every release -- of a given package in a repository.
The solution is to only get the length just before the package is actually downloaded -- that is, where we handle the PRE_PACKAGE_DOWNLOAD event. We're already doing it for metadata; we just also need to do the same thing for packages.
I found the major flaw in the plugin which is causing colossal performance slowdowns.
The problem is that TUF is being asked to get the length of, basically, every release of a given package -- even if it's not going to install those releases. That's because we're calling Updater::getLength() in
configurePackageTransportOptions(), which is called for everyPackageobject -- that is, every release -- of a given package in a repository.The solution is to only get the length just before the package is actually downloaded -- that is, where we handle the
PRE_PACKAGE_DOWNLOADevent. We're already doing it for metadata; we just also need to do the same thing for packages.