libopenapi icon indicating copy to clipboard operation
libopenapi copied to clipboard

Published 20 hours ago verified publisher icon pb33f

Make the timeout in `FindNodesWithoutDeserializing` configurable

Open TristanSpeakEasy opened this issue 1 year ago • 1 comments

This timeout for reference https://github.com/pb33f/libopenapi/blob/main/utils/utils.go#L118

Will submit a PR to bump it to 500ms for now if that is okay

TristanSpeakEasy avatar Feb 13 '24 18:02 TristanSpeakEasy

This timeout exists to prevent run-away lookups. This does not happen with any of the built in vacuum rules anymore, but it used to with the OWASP rules, which means any built-in functions have the potential to run-away into an endless loop.

The timeout should be configurable.

daveshanley avatar Feb 14 '24 13:02 daveshanley