Fix flaky test_regex_performance timing test

rodrigo.nogueira · rodrigo.nogueira · commit cd1e76d4d0b7 · 2026-01-24T17:29:34.000-03:00
diff --git a/tests/test_client_middleware_digest_auth.py b/tests/test_client_middleware_digest_auth.py
@@ -1331,13 +1331,25 @@ async def handler(request: Request) -> Response:
     assert auth_algorithms[0] == "MD5-sess"  # Not "MD5-SESS"
 
 
+import time
+
 def test_regex_performance() -> None:
     value = "0" * 54773 + "\\0=a"
-    start = time.perf_counter()
-    matches = _HEADER_PAIRS_PATTERN.findall(value)
-    end = time.perf_counter()
-
-    # If this is taking more than 10ms, there's probably a performance/ReDoS issue.
-    assert (end - start) < 0.01
+    
+    best_time = float("inf")
+    best_matches: list[tuple[str, str]] = []
+    
+    for _ in range(5):
+        start = time.perf_counter()
+        matches = _HEADER_PAIRS_PATTERN.findall(value)
+        elapsed = time.perf_counter() - start
+        
+        if elapsed < best_time:
+            best_time = elapsed
+            best_matches = matches
+    
+    # Relaxed for CI/platform variability (e.g., macOS runners ~40-50ms observed)
+    assert best_time < 0.1, f"Regex took {best_time * 1000:.1f}ms, expected <100ms - potential ReDoS issue"
+    
     # This example probably shouldn't produce a match either.
-    assert not matches
+    assert not best_matches
