Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[8.x] [Security Solution] Fixes multi-line diff algorithm performance…
… in the `upgrade/_review` endpoint (elastic#199388) (elastic#200096) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (elastic#199388)](elastic#199388) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-13T20:59:15Z","message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (elastic#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","impact:critical","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.17.0","v8.16.1"],"title":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint","number":199388,"url":"https://github.com/elastic/kibana/pull/199388","mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (elastic#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199388","number":199388,"mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (elastic#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
- Loading branch information