Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: LEAP-509: Optimize regular expression for improved performance #5310

Merged
merged 14 commits into from
Jan 24, 2024
Merged

fix: LEAP-509: Optimize regular expression for improved performance #5310

merged 14 commits into from
Jan 24, 2024

Conversation

juliosgarbi
Copy link
Contributor

@juliosgarbi juliosgarbi commented Jan 19, 2024
edited by robot-ci-heartex
Loading

This PR addresses inefficient regular expressions in the code, as identified by GitHub's code scan. In particular, the regular expression "(?""|[^""]+)*" has been causing performance issues and potential security risks. The goal is to enhance performance and mitigate the risk of Denial of Service ("DoS") attacks. https://github.com/HumanSignal/label-studio/security/code-scanning/760

PR fulfills these requirements

  • Commit message(s) and PR title follows the format [fix|feat|ci|chore|doc]: TICKET-ID: Short description of change made ex. fix: DEV-XXXX: Removed inconsistent code usage causing intermittent errors
  • Tests for the changes have been added/updated (for bug fixes/features)
  • Docs have been added/updated (for bug fixes/features)
  • Best efforts were made to ensure docs/code are concise and coherent (checked for spelling/grammatical errors, commented out code, debug logs etc.)
  • Self-reviewed and ran all changes on a local instance (for bug fixes/features)

Change has impacts in these area(s)

  • Product design
  • Backend (Database)
  • Backend (API)
  • Frontend

What does this fix?

By optimizing the regular expression, this change improves code performance and reduces the risk of DoS attacks. It ensures that the regular expression matching process is more efficient and not negatively affecting the application's responsiveness.

Does this change affect performance?

Yes, this change positively affects performance. The replacement of the inefficient regular expression with the optimized regex "(?:""|[^"])*" significantly improves matching efficiency. It reduces the risk of performance issues, making the regular expression matching process more efficient and responsive.

@netlify Netlify
Copy link

netlify bot commented Jan 19, 2024
edited
Loading

Deploy Preview for label-studio-docs-new-theme canceled.

Name Link
🔨 Latest commit 7aa83b2
🔍 Latest deploy log https://app.netlify.com/sites/label-studio-docs-new-theme/deploys/65b17798e02e68000860675a

@netlify Netlify
Copy link

netlify bot commented Jan 19, 2024
edited
Loading

Deploy Preview for heartex-docs canceled.

Name Link
🔨 Latest commit 7aa83b2
🔍 Latest deploy log https://app.netlify.com/sites/heartex-docs/deploys/65b177985eca7800085c75e3

@github-actions github-actions bot added the fix label Jan 19, 2024
@robot-ci-heartex robot-ci-heartex enabled auto-merge (squash) January 24, 2024 20:48
@robot-ci-heartex robot-ci-heartex merged commit 59fc751 into develop Jan 24, 2024
23 of 25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AndrejOros AndrejOros AndrejOros approved these changes

@hlomzik hlomzik hlomzik approved these changes

Assignees
No one assigned
Labels
Confirmed fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@juliosgarbi @hlomzik @AndrejOros @robot-ci-heartex