From 60c0682bb47aaad3f7cf501f49fd037a8354baa7 Mon Sep 17 00:00:00 2001
From: Lucas Rodriguez <lucas.rodriguez9616@gmail.com>
Date: Tue, 17 Sep 2024 14:04:51 -0500
Subject: [PATCH] fix: hash vuln db only once on load (#2054)

Signed-off-by: Lucas Rodriguez <lucas.rodriguez9616@gmail.com>
---
 grype/db/curator.go                       |  2 +-
 grype/load_vulnerability_db_bench_test.go | 26 +++++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 grype/load_vulnerability_db_bench_test.go

diff --git a/grype/db/curator.go b/grype/db/curator.go
index 7af7d3415a3..0ac906e8ac1 100644
--- a/grype/db/curator.go
+++ b/grype/db/curator.go
@@ -122,7 +122,7 @@ func (c *Curator) Status() Status {
 		SchemaVersion: metadata.Version,
 		Location:      c.dbDir,
 		Checksum:      metadata.Checksum,
-		Err:           c.Validate(),
+		Err:           nil,
 	}
 }
 
diff --git a/grype/load_vulnerability_db_bench_test.go b/grype/load_vulnerability_db_bench_test.go
new file mode 100644
index 00000000000..735a1d0d6dd
--- /dev/null
+++ b/grype/load_vulnerability_db_bench_test.go
@@ -0,0 +1,26 @@
+package grype
+
+import (
+	"path/filepath"
+	"testing"
+
+	"github.com/anchore/grype/grype/db"
+	"github.com/anchore/grype/internal"
+)
+
+// this benchmark was added to measure the performance
+// of LoadVulnerabilityDB, specifically in regards to hash validation.
+// https://github.com/anchore/grype/issues/1502
+func BenchmarkLoadVulnerabilityDB(b *testing.B) {
+	cfg := db.Config{
+		DBRootDir:           filepath.Join(".tmp", "grype-db"),
+		ListingURL:          internal.DBUpdateURL,
+		ValidateByHashOnGet: true,
+	}
+	for range b.N {
+		_, _, _, err := LoadVulnerabilityDB(cfg, true)
+		if err != nil {
+			b.Fatal(err)
+		}
+	}
+}