-
-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve CSX execution time #28
Comments
Hi @alirezanet IMO you can try to compile scripts when you detect a change and only execute them when it's required, you can minimize the execution process time by doing this I don't know if it's possible it's just an idea 😄 |
Hi, Thank you for the suggestion, I agree. Compiling scripts probably is the best solution that comes to mind but I didn't find any documentation of Roslyn APIs that can be used yet although I didn't spend enough time searching. |
Heya. Joining the discussion. |
I checked it quickly var cachePath = System.IO.Path.Combine(workingDirectory, ".cache");
var ouputDllPath = System.IO.Path.Combine(cachePath, "output.dll");
var outputPdbPath = System.IO.Path.Combine(cachePath, "output.pdb");
if (!Directory.Exists(cachePath))
{
Directory.CreateDirectory(cachePath);
}
if (File.Exists(ouputDllPath) && File.Exists(outputPdbPath))
{
using var ilstream = new MemoryStream();
using var pdbstream = new MemoryStream();
using var ouputDllPathStream = new FileStream(ouputDllPath, FileMode.Open);
ouputDllPathStream.CopyTo(ilstream);
using var outputPdbPathStream = new FileStream(outputPdbPath, FileMode.Open);
outputPdbPathStream.CopyTo(pdbstream);
var assembly = Assembly.Load(ilstream.GetBuffer(), pdbstream.GetBuffer());
var type = assembly.GetType("Submission#0");
var factory = type.GetMethod("<Factory>");
var submissionArray = new object[2];
var task = (Task<object>)factory.Invoke(null, new object[] { submissionArray });
await task;
"Command executed.".Log(ConsoleColor.Green);
return;
}
else
{
using var ouputDllPathStream = new FileStream(ouputDllPath, FileMode.OpenOrCreate);
using var outputPdbPathStream = new FileStream(outputPdbPath, FileMode.OpenOrCreate);
var emitResult = compilation.Emit(ouputDllPathStream, outputPdbPathStream);
} It seems to be better, but I need to spend more time to benchmark it 😄 Todo :
Thks for the idea @Xemrox |
Interesting ... I think we don't need a global cache folder and we can use |
@acesyde why do you copy the |
@Xemrox When I said fast it was fast, now it's time to clean up and improve 😃 |
@Xemrox what do you mean by SHA512 is standard? SHA1 looks good tho |
@alirezanet with benchmarkdotnet |
Nice. I'm not sure it performs better but can you include also Crc32.NET? because here we just care about performance. It could be faster. |
Not a huge difference, IMO using the official cryptographic library instead of an external lib may be better for the future
|
We are responsible to avoid collision attacks. It's not about the performance of md5 vs sha512. If you hash the code and compile the assembly we must be sure to execute it only if the source matches our fingerprint of that assembly. Thinking further we only store a source fingerprint and no assembly fingerprint that relates to that... Am 01.03.2022 10:26 schrieb AliReZa Sabouri ***@***.***>:
@Xemrox what do you mean by SHA512 is standard?
In our case using SHA algorithms is unnecessary because they are slower and more CPU intensive than something like crc32 or md5. the thing is we don't need a secure hash algorithm here. anything with a checksum works fine.
but when we implemented this feature we can do some benchmarking.
—Reply to this email directly, view it on GitHub, or unsubscribe.Triage notifications on the go with GitHub Mobile for iOS or Android.
You are receiving this because you were mentioned.Message ID: ***@***.***>
|
I get your point but even hashes like SHA-256 are SHA-512 are not collision-free, also in our case the source code (CSX) is available for the attackers and we don't share or commit compiled versions anywhere. so IMO thinking about security is a little bit over-engineering. let's say you wanna somehow attack this system, how it is possible when you don't have any access to other contributors' compiled files. I'm not saying using SHA-512 is a bad choice, on the contrary, I personally have a strong interest in safer algorithms but I don't see any real-world vulnerabilities yet. |
@alirezanet maybe in the future we can add the capability to consume shared libraries from another repo (like pre-commit) so the SHA-512 can be a solution |
You both voted for SHA-512, hands up 🙌 😉. so SHA-512 it is. 😅 |
But in the case of "pre-commit" they use an external database (sqlite) to store all this information |
What do you think about the default behavior? should |
Like you say a |
I'll go with |
So i made a benchmark between compiled vs actual solution and the compiled version is a little bit faster 🤣
The csx file only contains a Console.WriteLine |
added in |
Details
Currently, CSX execution is not so efficient it takes about 2 seconds on the first run which is not ideal, I opened this issue to evaluate possible options to solve this problem. the expected behavior is to minimize the Roslyn compiler warming up process.
the minimum execution time for the bellow command currently is about 1-2 seconds.
The text was updated successfully, but these errors were encountered: