From d94742b9fa0bf1f3a3547ed77041f275d657aa21 Mon Sep 17 00:00:00 2001
From: Lucas Rodriguez <lucas.rodriguez9616@gmail.com>
Date: Sat, 7 Sep 2024 19:59:44 -0500
Subject: [PATCH] fix: hash vuln db only once on load

Signed-off-by: Lucas Rodriguez <lucas.rodriguez9616@gmail.com>
---
 grype/db/curator.go                       |  2 +-
 grype/load_vulnerability_db_bench_test.go | 26 +++++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 grype/load_vulnerability_db_bench_test.go

diff --git a/grype/db/curator.go b/grype/db/curator.go
index 0c5c1dd00f2..df55edb1fc2 100644
--- a/grype/db/curator.go
+++ b/grype/db/curator.go
@@ -120,7 +120,7 @@ func (c *Curator) Status() Status {
 		SchemaVersion: metadata.Version,
 		Location:      c.dbDir,
 		Checksum:      metadata.Checksum,
-		Err:           c.Validate(),
+		Err:           nil,
 	}
 }
 
diff --git a/grype/load_vulnerability_db_bench_test.go b/grype/load_vulnerability_db_bench_test.go
new file mode 100644
index 00000000000..735a1d0d6dd
--- /dev/null
+++ b/grype/load_vulnerability_db_bench_test.go
@@ -0,0 +1,26 @@
+package grype
+
+import (
+	"path/filepath"
+	"testing"
+
+	"github.com/anchore/grype/grype/db"
+	"github.com/anchore/grype/internal"
+)
+
+// this benchmark was added to measure the performance
+// of LoadVulnerabilityDB, specifically in regards to hash validation.
+// https://github.com/anchore/grype/issues/1502
+func BenchmarkLoadVulnerabilityDB(b *testing.B) {
+	cfg := db.Config{
+		DBRootDir:           filepath.Join(".tmp", "grype-db"),
+		ListingURL:          internal.DBUpdateURL,
+		ValidateByHashOnGet: true,
+	}
+	for range b.N {
+		_, _, _, err := LoadVulnerabilityDB(cfg, true)
+		if err != nil {
+			b.Fatal(err)
+		}
+	}
+}