From: Alexandre Belloni <alexandre.belloni@bootlin.com>
To: dnagodra@cisco.com
Cc: openembedded-core@lists.openembedded.org, xe-linux-external@cisco.com
Subject: Re: [OE-core] [master] [PATCH] cve-update-nvd2-native: faster requests with API keys
Date: Fri, 8 Dec 2023 15:52:55 +0100 [thread overview]
Message-ID: <202312081452558ae892cc@mail.local> (raw)
In-Reply-To: <20231208025321.418459-1-dnagodra@cisco.com>
Please follow https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#fixing-your-from-identity
On 07/12/2023 18:53:22-0800, Dhairya Nagodra via lists.openembedded.org wrote:
> As per NVD, the public rate limit is 5 requests in 30s (6s delay).
> Using an API key increases the limit to 50 requests in 30s (0.6s delay).
> However, NVD still recommends sleeping for several seconds so that the
> other legitimate requests are serviced without denial or interruption.
> Keeping the default sleep at 6 seconds and 2 seconds with an API key.
>
> For failures, the wait time is unchanged (6 seconds).
>
> Reference: https://nvd.nist.gov/developers/start-here#RateLimits
>
> Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com>
> ---
> meta/recipes-core/meta/cve-update-nvd2-native.bb | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> index 9ab8dc6050..941fca34c6 100644
> --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
> +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
> @@ -188,6 +188,11 @@ def update_db_file(db_tmp_file, d, database_time):
> api_key = d.getVar("NVDCVE_API_KEY") or None
> attempts = int(d.getVar("CVE_DB_UPDATE_ATTEMPTS"))
>
> + # Recommended by NVD
> + wait_time = 6
> + if api_key:
> + wait_time = 2
> +
> while True:
> req_args['startIndex'] = index
> raw_data = nvd_request_next(url, attempts, api_key, req_args)
> @@ -210,7 +215,7 @@ def update_db_file(db_tmp_file, d, database_time):
> break
>
> # Recommended by NVD
> - time.sleep(6)
> + time.sleep(wait_time)
>
> # Update success, set the date to cve_check file.
> cve_f.write('CVE database update : %s\n\n' % datetime.date.today())
> --
> 2.35.6
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#192008): https://lists.openembedded.org/g/openembedded-core/message/192008
> Mute This Topic: https://lists.openembedded.org/mt/103048465/3617179
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alexandre.belloni@bootlin.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
prev parent reply other threads:[~2023-12-08 14:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-08 2:53 [master] [PATCH] cve-update-nvd2-native: faster requests with API keys Dhairya Nagodra
2023-12-08 14:52 ` Alexandre Belloni [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202312081452558ae892cc@mail.local \
--to=alexandre.belloni@bootlin.com \
--cc=dnagodra@cisco.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=xe-linux-external@cisco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox