dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #47245
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
Halvdan,
Far-fetched it might be, but the fact is that all war versions from 2.18
and up have had only minor size fluctuations (<1mb) up to now - I've been
keeping a set & updating them regularly for the last 2 years. That 20mb+
change is clearly abnormal, in particular when you consider the smaller
size of 2.25 (which means the bloating of 2.24 cannot be a result of
additional libraries now added to the code bundle)
For now, I'm not deploying those bloated versions anywhere - better safe
than sorry and all that
Regards
calle
On 17 October 2016 at 19:00, Halvdan Hoem Grelland <halvdan@xxxxxxxxx>
wrote:
> The idea that this is caused by malicious code is a bit far fetched.
>
> An educated guess:
>
> All of our "bundled" apps are now developed outside of the core code
> repository. They are then pulled in at build time and bundled into the
> final distribution war-file.
>
> In practice this means that it's possible for a distribution built from
> the same code base but at different times to contain different (minor)
> versions of the bundles app(s). This would reflect in the file size of the
> final artifact (and the hashes would differ, of course).
>
> That said, 20 or so megs is a lot, so not sure exactly what's been going
> on there. Maybe someone from the frontend team (Mark, looking at you) could
> shed some light (or disprove my theory).
>
> On Mon, Oct 17, 2016 at 6:26 PM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
> wrote:
>
>> Dan,
>>
>> Maybe - but then why is the 2.25 war file size much small again? It makes
>> no sense to introduce a new set of libraries at the same time as 2.25 is
>> releases WITHOUT the same libs.
>>
>> Let's hope somebody from the core team can throw some light on this when
>> they sober up ;-)
>>
>> Regards
>> Calle
>>
>> On 17 October 2016 at 18:24, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>
>>> This is the commit where it increased in size
>>> https://github.com/dhis2/dhis2-core/commit/7f702badae3d701b8
>>> 64b0938c728f5993fb1ecd0
>>> 9d1eb33 is 136.4MB
>>> 7f702ba is 164.7MB
>>>
>>> I don't see anything obvious but maybe a new set of libs were
>>> introduced?
>>>
>>>
>>>
>>> On Oct 17, 2016, at 12:14 PM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>> wrote:
>>>
>>> Dan
>>>
>>> OK, but that's really weird. The 2.24 build from 5 days ago was 138mb....
>>>
>>> Anybody from the core team have an explanation? I don't want to use the
>>> new version before I know if there are nails in the soup....
>>>
>>> Regards
>>> Calle
>>>
>>> On 17 October 2016 at 17:31, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>>
>>>> Our build shows the same, 2.24 latest is 164MB
>>>>
>>>> On Oct 16, 2016, at 9:59 AM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>>> wrote:
>>>>
>>>> Dan,
>>>>
>>>> The latest one, from this morning (see http://ci.dhis2.org/job/d
>>>> his2-2.24/, number #89)
>>>>
>>>> Regards
>>>> Calle
>>>>
>>>> On 16 October 2016 at 15:34, Dan Cocos <dcocos@xxxxxxxxx> wrote:
>>>>
>>>>> Hi Calle,
>>>>>
>>>>> Is there a specific revision that I can look at? We maintain our own
>>>>> build server and I can compare.
>>>>>
>>>>> Thanks,
>>>>> Dan
>>>>>
>>>>>
>>>>> *Dan Cocos*
>>>>> Principal, BAO Systems
>>>>> dcocos@xxxxxxxxxxxxxx <nhobby@xxxxxxxxxxxxxx> | http:/
>>>>> /www.baosystems.com | 2900 K Street, Suite 404, Washington D.C. 20007
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Oct 16, 2016, at 6:39 AM, Calle Hedberg <calle.hedberg@xxxxxxxxx>
>>>>> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I've downloaded the latest war files for 2.21 to 2.25 from the
>>>>> continuation server, and I noticed some very strange and LARGE changes in
>>>>> war file sizes compared to 2-3 days ago:
>>>>>
>>>>> - 2.21 and 2.22 are more or less as before.
>>>>> - 2.23 have increased from 118mb to 119mb (should be OK).
>>>>> BUT
>>>>> - 2.24 have jumped from 136mb to 164mb (SUSPECT)
>>>>> - 2.25 are more or less as before (144mb)
>>>>>
>>>>> Can somebody explain why 2.24 size has expanded like that, and verify
>>>>> that it does not contain additional foreign malicious code?
>>>>>
>>>>> Regards
>>>>> Calle
>>>>>
>>>>> *******************************************
>>>>>
>>>>> Calle Hedberg
>>>>>
>>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>>
>>>>> Tel/fax (home): +27-21-685-6472
>>>>>
>>>>> Cell: +27-82-853-5352
>>>>>
>>>>> Iridium SatPhone: +8816-315-19119
>>>>>
>>>>> Email: calle.hedberg@xxxxxxxxx
>>>>>
>>>>> Skype: calle_hedberg
>>>>>
>>>>> *******************************************
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list: https://launchpad.net/~dhis2-devs
>>>>> Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs
>>>>> More help : https://help.launchpad.net/ListHelp
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *******************************************
>>>>
>>>> Calle Hedberg
>>>>
>>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>>
>>>> Tel/fax (home): +27-21-685-6472
>>>>
>>>> Cell: +27-82-853-5352
>>>>
>>>> Iridium SatPhone: +8816-315-19119
>>>>
>>>> Email: calle.hedberg@xxxxxxxxx
>>>>
>>>> Skype: calle_hedberg
>>>>
>>>> *******************************************
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>>
>>> *******************************************
>>>
>>> Calle Hedberg
>>>
>>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>>
>>> Tel/fax (home): +27-21-685-6472
>>>
>>> Cell: +27-82-853-5352
>>>
>>> Iridium SatPhone: +8816-315-19119
>>>
>>> Email: calle.hedberg@xxxxxxxxx
>>>
>>> Skype: calle_hedberg
>>>
>>> *******************************************
>>>
>>>
>>>
>>
>>
>> --
>>
>> *******************************************
>>
>> Calle Hedberg
>>
>> 46D Alma Road, 7700 Rosebank, SOUTH AFRICA
>>
>> Tel/fax (home): +27-21-685-6472
>>
>> Cell: +27-82-853-5352
>>
>> Iridium SatPhone: +8816-315-19119
>>
>> Email: calle.hedberg@xxxxxxxxx
>>
>> Skype: calle_hedberg
>>
>> *******************************************
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~dhis2-devs
>> Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~dhis2-devs
>> More help : https://help.launchpad.net/ListHelp
>>
>>
>
>
> --
> Halvdan Hoem Grelland
> Software developer, DHIS 2
> University of Oslo
> http://www.dhis2.org <https://www.dhis2.org/>
>
>
--
*******************************************
Calle Hedberg
46D Alma Road, 7700 Rosebank, SOUTH AFRICA
Tel/fax (home): +27-21-685-6472
Cell: +27-82-853-5352
Iridium SatPhone: +8816-315-19119
Email: calle.hedberg@xxxxxxxxx
Skype: calle_hedberg
*******************************************
Follow ups
References
-
Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-16
-
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-16
-
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-17
-
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Calle Hedberg, 2016-10-17
-
Re: Weird, large change in war file size for 2.24 on continuation server - virus payload?
From: Halvdan Hoem Grelland, 2016-10-17