New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve validation duration for pushed packages #5560

Closed
skofman1 opened this Issue Feb 28, 2018 · 1 comment

Comments

Projects
None yet
1 participant
@skofman1
Contributor

skofman1 commented Feb 28, 2018

Packages that are pushed to nuget.org undergo a series of validations before they are made publicly available. The purpose of those validations is to ensure security of packages.

Lately, package authors experienced slow validation times. Those times spiked to multiple hours.
There root causes for this can be split into three classes of issues:
1. Live site incidents on nuget.org side - caused slow validation times and validation failures in December-January. We fixed multiple reliability related issues, and have been stable in this aspect in the past month.
2. Live site incidents on the side of our scanning provider - caused the delays in validation in the last few weeks.
3. Susceptibility to spikes in traffic - we have experienced spikes in traffic from major publishers in the last few weeks. Our pipeline is slow to handle cases when multiple packages are pushed in a short period of time.

To resolve validation delays caused by (2), (3) we plan to onboard to a new scanning provider.

image

@skofman1

This comment has been minimized.

Contributor

skofman1 commented Aug 24, 2018

This was done.

@skofman1 skofman1 closed this Aug 24, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment