From: Alexandre Belloni <alexandre.belloni@bootlin.com>
To: dnagodra@cisco.com
Cc: openembedded-core@lists.openembedded.org, xe-linux-external@cisco.com
Subject: Re: [OE-core] [master] [PATCH] cve-update-nvd2-native: faster requests with API keys
Date: Fri, 8 Dec 2023 15:52:55 +0100 [thread overview]
Message-ID: <202312081452558ae892cc@mail.local> (raw)
In-Reply-To: <20231208025321.418459-1-dnagodra@cisco.com>
Please follow https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#fixing-your-from-identity
On 07/12/2023 18:53:22-0800, Dhairya Nagodra via lists.openembedded.org wrote:
> As per NVD, the public rate limit is 5 requests in 30s (6s delay).
> Using an API key increases the limit to 50 requests in 30s (0.6s delay).
> However, NVD still recommends sleeping for several seconds so that the
> other legitimate requests are serviced without denial or interruption.
> Keeping the default sleep at 6 seconds and 2 seconds with an API key.
>
> For failures, the wait time is unchanged (6 seconds).
>
> Reference: https://nvd.nist.gov/developers/start-here#RateLimits
>
> Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com>
> ---
> meta/recipes-core/meta/cve-update-nvd2-native.bb | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> index 9ab8dc6050..941fca34c6 100644
> --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
> +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> @@ -188,6 +188,11 @@ def update_db_file(db_tmp_file, d, database_time):
> api_key = d.getVar("NVDCVE_API_KEY") or None
> attempts = int(d.getVar("CVE_DB_UPDATE_ATTEMPTS"))
>
> + # Recommended by NVD
> + wait_time = 6
> + if api_key:
> + wait_time = 2
> +
> while True:
> req_args['startIndex'] = index
> raw_data = nvd_request_next(url, attempts, api_key, req_args)
> @@ -210,7 +215,7 @@ def update_db_file(db_tmp_file, d, database_time):
> break
>
> # Recommended by NVD
> - time.sleep(6)
> + time.sleep(wait_time)
>
> # Update success, set the date to cve_check file.
> cve_f.write('CVE database update : %s\n\n' % datetime.date.today())
> --
> 2.35.6
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#192008): https://lists.openembedded.org/g/openembedded-core/message/192008
> Mute This Topic: https://lists.openembedded.org/mt/103048465/3617179
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alexandre.belloni@bootlin.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
prev parent reply other threads:[~2023-12-08 14:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-08 2:53 [master] [PATCH] cve-update-nvd2-native: faster requests with API keys Dhairya Nagodra
2023-12-08 14:52 ` Alexandre Belloni [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202312081452558ae892cc@mail.local \
--to=alexandre.belloni@bootlin.com \
--cc=dnagodra@cisco.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=xe-linux-external@cisco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.