Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BLUE-209 Profiler for receipt validation on the archiver #61

Closed
wants to merge 4 commits into from
Closed

BLUE-209 Profiler for receipt validation on the archiver #61

wants to merge 4 commits into from

Conversation

jairajdev
Copy link
Contributor

No description provided.

@jairajdev jairajdev changed the base branch from dev to db-per-datatype August 7, 2024 17:17
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 7, 2024

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
🧪 No relevant tests
🔒 No security concerns identified
⚡ Key issues to review

Code Duplication
The verifyReceiptData boolean is added twice in the configuration object. This might be a mistake or an oversight. Please check if this duplication is intentional or if one of them should be removed or renamed.

Profiling Overhead
The addition of multiple profiling start and end calls around verification checks could introduce significant overhead, especially if these verifications are frequent or the profiler itself is resource-intensive. Consider the impact on performance and whether this level of detailed profiling is necessary.

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 7, 2024
View reviewed changes
src/Data/Collector.ts
`The account verification failed from robustQuery nodes ${receipt.tx.txId} , ${receipt.cycle}, ${receipt.tx.timestamp}`
)
continue
if (config.verifyAccountData) {

Check failure

Code scanning / CodeQL

User-controlled bypass of security check High

This condition guards a sensitive
action
Loading
, but a
user-provided value
Loading
controls it.
src/Data/Collector.ts
`The receipt validation failed from robustQuery nodes ${receipt.tx.txId} , ${receipt.cycle}, ${receipt.tx.timestamp}`
)
continue
if (config.verifyReceiptData) {

Check failure

Code scanning / CodeQL

User-controlled bypass of security check High

This condition guards a sensitive
action
Loading
, but a
user-provided value
Loading
controls it.
src/Data/Collector.ts
timestamp
)
receiptsInValidationMap.delete(txId)
if (config.verifyAccountData) {

Check failure

Code scanning / CodeQL

User-controlled bypass of security check High

This condition guards a sensitive
action
Loading
, but a
user-provided value
Loading
controls it.
src/Data/Collector.ts
nestedCountersInstance.countEvent('receipt', 'Invalid_receipt_verification_failed')
if (profilerInstance) profilerInstance.profileSectionEnd('Validate_receipt')
continue
if (config.verifyReceiptData) {

Check failure

Code scanning / CodeQL

User-controlled bypass of security check High

This condition guards a sensitive
action
Loading
, but a
user-provided value
Loading
controls it.
thantsintoe
thantsintoe reviewed Aug 21, 2024
View reviewed changes
Copy link
Contributor

@thantsintoe thantsintoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes looks good to me.

achal-singh
achal-singh previously approved these changes Aug 21, 2024
View reviewed changes
@jairajdev jairajdev changed the base branch from db-per-datatype to dev September 1, 2024 10:37
@jairajdev jairajdev dismissed achal-singh’s stale review September 1, 2024 10:37

The base branch was changed.

@mhanson-github
Copy link
Contributor

Its in dev.

@mhanson-github mhanson-github deleted the profiler-improvements branch September 2, 2024 04:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thantsintoe thantsintoe thantsintoe left review comments

@achal-singh achal-singh achal-singh left review comments

Assignees
No one assigned
Labels
Review effort [1-5]: 3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jairajdev @mhanson-github @thantsintoe @achal-singh