feat: use gix for parsing git information in mitre/git plugin #663
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
patrickjcasey
force-pushed
the
patrickjcasey/replace-nom-parser-with-libgit2
branch
from
fa18ac5 to
dbb86eb
Compare
patrickjcasey
changed the title
patrickjcasey
force-pushed
the
patrickjcasey/replace-nom-parser-with-libgit2
branch
4 times, most recently
from
3dec9dc to
ece0bb6
Compare
|
Closes #575 |
j-lanson
reviewed
Dec 11, 2024
j-lanson
reviewed
Dec 11, 2024
patrickjcasey
force-pushed
the
patrickjcasey/replace-nom-parser-with-libgit2
branch
3 times, most recently
from
36f3d7a to
521431e
Compare
Signed-off-by: Patrick Casey <[email protected]>
patrickjcasey
force-pushed
the
patrickjcasey/replace-nom-parser-with-libgit2
branch
from
521431e to
c5c049e
Compare
patrickjcasey
deleted the
patrickjcasey/replace-nom-parser-with-libgit2
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request removes the need for a custom
nom-based parser for parsing git information in themitre/gitplugin, by swapping over to usinggixhttps://github.com/GitoxideLabs/gitoxide for parsing git information. As a part of this change, I got some data from the following repos:testing on
https://github.com/linux/torvaldswas skipped for time reasonsI investigated using
libgit2first, but the performance on larger repos was not ideal, and it was difficult to integrate caching into the code.gix(https://github.com/GitoxideLabs/gitoxide) has better support for caching and is written in pure Rust which is also nice for memory safety reasons.for determining execution speed, the following command was run with the
releaseversion ofhcon my M1 Macbook Pro with 32 GB RAM, themitre/gitplugin was also configured to run thereleaseversion:time ./target/release/hc check --policy config/Hipcheck.kdl <REPO>for testing
main, commit4f205afd6ba0afd98d0ba91dc742f2038f6ddc89was usedmainmitre/hipcheckgixmitre/hipcheckmainnumpy/numpygixnumpy/numpygit rev-list --count HEADresults:mitre/hipcheck: 529 is returned, which matches both implementationsnumpy/numpy: 37617 is returned, which matches thegiximplementationgit log --pretty="%an %ae%n%cn %ce" | LC_ALL=C sort -u | wc -lresults:mitre/hipcheck: 20 is returned, which matches both implementationsnumpy/numpy: 2243 is returned, which matchesgiximplementationThe main highlight of this pull request is the fact that the parsing of git-related information is handled by a git library, rather than our
nom-based parser, which was missing commits and contributors for larger repos. At some point, a pass can be made to dive into the performance of thegitplugin to find places for optimization