Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate RECORD file using streams instead of reading in-memory #186

Merged
merged 3 commits into from
May 29, 2023
Merged

Validate RECORD file using streams instead of reading in-memory #186

merged 3 commits into from
May 29, 2023

Conversation

pradyunsg
Copy link
Member

Supercedes and closes #183
Fixes #185

This ensures that the validation can be performed without loading the entire file in-memory.

@pradyunsg
Add validate_stream methods to Record and Hash
b485921 
This ensures that the validation can be performed without loading a
file in-memory.
@pradyunsg
Validate RECORD file using streams instead of reading in-memory
176eed0 
This ensures that the hashing logic within the codebase does not attempt
to read large files into memory, which can cause OOM issues.
@pradyunsg pradyunsg added type: bug A confirmed bug or unintended behavior component: records Related to installer.records component: sources Related to WheelSource and friends labels May 29, 2023
@pradyunsg
Deprecate RecordEntry.validate
b52f72f 
This function is no longer meant to be used, since there's a superior
alternative available.
@pradyunsg pradyunsg mentioned this pull request May 29, 2023
Closed
@pradyunsg pradyunsg merged commit 5f281b8 into pypa:main May 29, 2023
@pradyunsg pradyunsg deleted the validate-stream branch May 29, 2023 20:10
@ralbertazzi
Copy link

Thank you @pradyunsg , your solution is cleaner :)

Another optimization that we can bring is performing hash validation just once, as we currently perform it during 1. wheel validation 2. wheel installation. I tried hacking it away in python-poetry/poetry#8027 but it would be clearly better to see this natively supported by installer. I first want to get a better understanding at the performance benefit and, if any, I will open an issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
component: records Related to installer.records component: sources Related to WheelSource and friends type: bug A confirmed bug or unintended behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

RECORD file validation loads the entire file in memory
2 participants
@pradyunsg @ralbertazzi