SShortSingh.
TopTechnologyAI & MLStartupsProgrammingScienceBusinessFinanceCrypto & Web3World
Back to feed
Programming

Developer fixes memory and goroutine leaks in open-source Nuclei vulnerability scanner

0
·1 views

A developer identified and resolved persistent memory and goroutine leaks in ProjectDiscovery's Nuclei vulnerability scanner engine, documented in Issue #7503 and Pull Request #7508 on GitHub. The leaks surfaced when Nuclei was embedded as an SDK inside long-running microservices, where memory usage grew steadily and orphaned goroutines persisted even after the engine was closed. Three root causes were found: an unbounded sync.Map storing host-port mappings, unreleased per-host rate limiter goroutines, and cached template parsers that were never purged between engine instances. Fixes included replacing the unbounded map with a capacity-capped, expirable LRU cache, updating the protocol state teardown to release rate limiter workers, and adding a thread-safe cache purge method invoked during engine shutdown.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

CEO's Nephew Named VP of Engineering After Veteran Team Laid Off, Client Exits Within Weeks

A fictional account published on DEV Community depicts a senior engineer who spent six years building an AI diagnostic platform processing four million daily requests for major clients, only to be laid off alongside his 12-person team during a corporate 'restructuring.' The CEO's nephew, Kevin Whitfield, was simultaneously appointed VP of Engineering despite having no apparent industry experience. Kevin's first company-wide email signaled plans to overhaul the platform's architecture, raising alarm among remaining staff. Within a month, the company's largest client, Merit Manufacturing, reportedly walked away. The story, presented as fiction, is framed as a bonus chapter in a series exploring ego and regret in the AI industry.

0 comments Read more at DEV Community
0
ProgrammingHacker News ·

Wayfinder Router Routes AI Queries Between Local and Hosted LLMs Deterministically

Wayfinder Router is an open-source tool published on GitHub that enables deterministic routing of queries between local and cloud-hosted large language models. The project aims to help developers intelligently direct AI workloads based on defined criteria rather than random or unpredictable selection. By routing queries deterministically, it offers more control over cost, latency, and privacy trade-offs when using multiple LLM backends. The tool was shared on Hacker News, where it received modest early attention with a small number of points and no comments at the time of posting.

0 comments Read more at Hacker News
0
ProgrammingDEV Community ·

Budget Home Lab Guide: Hardware Picks for Developers Tired of Cloud Bills

Rising cloud compute costs are pushing developers toward building personal home labs as a more cost-effective alternative to rented infrastructure. A home lab eliminates recurring cloud expenses while offering full control over hardware, kernel configurations, and network simulations without billing concerns. The guide outlines four developer archetypes — Web Dev/CI-CD, DevOps/Kubernetes, Homeserver/NAS, and Networking — each with tailored hardware priorities. Three budget tiers are proposed: under $150 for entry-level setups, $150–$400 for capable mini PCs like the Beelink SER5 Pro, and $400–$700 for multi-node configurations. Beyond cost savings, maintaining a home lab with self-hosted tools and Kubernetes clusters can also strengthen a developer's profile during technical job interviews.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Developer Launches Free Browser-Based Image Toolkit, Eyes Future Monetisation

A developer has built SmartImgKit, a free browser-based platform offering 20+ image tools including a compressor, background remover, GIF editor, and HEIC converter, requiring no signup or file uploads. The project was inspired by broader community discussions on Hacker News about the viability of free web tools. Unlike desktop software or subscription-based SaaS platforms, SmartImgKit processes all images locally using WebAssembly and ONNX models, keeping user files private. The developer outlined several potential revenue paths, including freemium plans, enterprise tiers, and adjacent-product models, but has yet to commit to one. A monetisation strategy is still being evaluated, with the creator prioritising genuine utility and user privacy first.

0 comments Read more at DEV Community
Developer fixes memory and goroutine leaks in open-source Nuclei vulnerability scanner · ShortSingh