Add option to control number of concurrent templates loaded on startup

[mielverkerken]

Proposed changes

This PR adds a new command-line option --template-loading-concurrency (short: -tlc) to control the number of concurrent template loading operations during startup. This enhancement provides users with fine-grained control over resource utilization during the template loading phase, allowing them to optimize performance based on their system capabilities and requirements.

Changes made:

• Added new flag: --template-loading-concurrency with a default value of 50 concurrent operations
• Updated template loader: Modified pkg/catalog/loader/loader.go to use the configurable concurrency limit instead of the hardcoded value of 50
• Added type definition: Extended the Options struct in pkg/types/types.go to include the new TemplateLoadingConcurrency field
• Updated default options: Added the new field to the DefaultOptions() function with a default value of 50

This change maintains backward compatibility while providing additional control over Nuclei's startup performance characteristics.

Checklist

• Pull request is created against the dev branch
• All checks passed (lint, unit/integration/regression tests etc.) with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

Summary by CodeRabbit

• New Features

  • Added a command-line flag to control the maximum number of concurrent template-loading operations (short alias; default: 50).
  • Exposed the same concurrency setting in the application options for programmatic configuration.

• Documentation

  • Updated README and localized READMEs to document the new flag and its default value.

[coderabbitai]

Walkthrough

Added a CLI flag --template-loading-concurrency (-tlc) and Options.TemplateLoadingConcurrency (default 50). The template loader now uses that configured value (falling back to default when non-positive) instead of a previously hardcoded concurrency of 50.

Changes

Cohort / File(s)	Change Summary
CLI flag & wiring cmd/nuclei/main.go	Added --template-loading-concurrency (-tlc) flag and bound it to Options.TemplateLoadingConcurrency in readConfig.
Options API pkg/types/types.go	Added DefaultTemplateLoadingConcurrency = 50 constant and new TemplateLoadingConcurrency int field on Options; DefaultOptions() initializes it.
Loader concurrency usage pkg/catalog/loader/.../loader.go	Replaced hardcoded concurrency (50) with value derived from store.config.ExecutorOptions.Options.TemplateLoadingConcurrency, falling back to default when non-positive.
Documentation README*.md	Added -tlc, -template-loading-concurrency flag description in RATE-LIMIT sections across localized READMEs.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant User
    participant CLI
    participant Options
    participant Store
    participant Loader

    User->>CLI: run with --template-loading-concurrency=N
    CLI->>Options: set TemplateLoadingConcurrency = N
    CLI->>Store: initialize with ExecutorOptions(Options)
    Store->>Loader: LoadTemplatesWithTags(concurrency = Options.TemplateLoadingConcurrency or Default)
    Loader->>Loader: spawn up to configured concurrent template loaders
    Loader-->>Store: return load results

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

I’m a rabbit in code, I tweak how many hop,
Fifty was fixed — now you set the stop.
Flags line the path, concurrency in tow,
Templates wake up and gracefully flow.
🥕🐇

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly and concisely summarizes the primary change, which is adding a CLI option to control the concurrency of template loading at startup.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3597ab0 and 2a80cd5.

📒 Files selected for processing (6)

• README.md (1 hunks)
• README_CN.md (1 hunks)
• README_ES.md (1 hunks)
• README_ID.md (1 hunks)
• README_KR.md (1 hunks)
• README_PT-BR.md (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (1)

pkg/types/types.go (1)

468-678: Options.Copy() omits TemplateLoadingConcurrency (risk of silent reset to zero)

Copies created via Options.Copy() will drop this value, potentially causing the loader to see 0 and panic on syncutil.New. Include the new field in the copy.

Apply this diff inside the optCopy literal:

@@
-        PayloadConcurrency:             options.PayloadConcurrency,
-        ProbeConcurrency:               options.ProbeConcurrency,
+        PayloadConcurrency:             options.PayloadConcurrency,
+        ProbeConcurrency:               options.ProbeConcurrency,
+        TemplateLoadingConcurrency:     options.TemplateLoadingConcurrency,

🧹 Nitpick comments (4)

pkg/types/types.go (2)

773-790: Unify the default across CLI and library via a shared constant

DefaultOptions sets TemplateLoadingConcurrency: 50 while the CLI also hardcodes 50. To avoid drift, use a shared constant here and in the CLI flag.

Apply this diff:

 return &Options{
-        RateLimit:                  150,
-        RateLimitDuration:          time.Second,
-        BulkSize:                   25,
-        TemplateThreads:            25,
-        HeadlessBulkSize:           10,
-        PayloadConcurrency:         25,
-        HeadlessTemplateThreads:    10,
-        ProbeConcurrency:           50,
-        TemplateLoadingConcurrency: 50,
-        Timeout:                    5,
-        Retries:                    1,
-        MaxHostError:               30,
-        ResponseReadSize:           10 * unitutils.Mega,
-        ResponseSaveSize:           unitutils.Mega,
+        RateLimit:                  150,
+        RateLimitDuration:          time.Second,
+        BulkSize:                   25,
+        TemplateThreads:            25,
+        HeadlessBulkSize:           10,
+        PayloadConcurrency:         25,
+        HeadlessTemplateThreads:    10,
+        ProbeConcurrency:           50,
+        TemplateLoadingConcurrency: DefaultTemplateLoadingConcurrency,
+        Timeout:                    5,
+        Retries:                    1,
+        MaxHostError:               30,
+        ResponseReadSize:           10 * unitutils.Mega,
+        ResponseSaveSize:           unitutils.Mega,
 }

---

1-899: Optional: Add a minimal validator/normalizer for Options

If there’s an existing normalization step for Options, ensure TemplateLoadingConcurrency is clamped to >= 1 there as well, complementing the loader-side guard.

pkg/catalog/loader/loader.go (1)

510-523: Optional: degrade panic to warning + serial fallback

Current behavior panics on wg creation and on missing dialers. Consider logging an error and falling back to serial processing (concurrency=1) rather than exiting the process, to improve robustness during edge misconfigurations.

cmd/nuclei/main.go (1)

400-412: Optional: validate non-negative in CLI

If goflags supports int range validation, enforce a minimum of 1 at parse time. Otherwise, loader-side clamping (suggested) will handle it.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8ef3662 and ce57bdf.

📒 Files selected for processing (3)

• cmd/nuclei/main.go (1 hunks)
• pkg/catalog/loader/loader.go (1 hunks)
• pkg/types/types.go (2 hunks)

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: hdm
PR: projectdiscovery/nuclei#6322
File: pkg/templates/compile.go:79-81
Timestamp: 2025-07-16T21:27:14.937Z
Learning: To make the template caching mechanism in pkg/templates/compile.go production-ready, DSLs need to be updated to use runtime options instead of cached variables, rather than restoring the Compile() calls on each request.

📚 Learning: 2025-07-16T21:27:14.937Z

Learnt from: hdm
PR: projectdiscovery/nuclei#6322
File: pkg/templates/compile.go:79-81
Timestamp: 2025-07-16T21:27:14.937Z
Learning: To make the template caching mechanism in pkg/templates/compile.go production-ready, DSLs need to be updated to use runtime options instead of cached variables, rather than restoring the Compile() calls on each request.

Applied to files:

• cmd/nuclei/main.go
• pkg/types/types.go
• pkg/catalog/loader/loader.go

📚 Learning: 2025-07-16T21:28:08.073Z

Learnt from: hdm
PR: projectdiscovery/nuclei#6322
File: pkg/templates/compile.go:59-78
Timestamp: 2025-07-16T21:28:08.073Z
Learning: The shallow copy behavior (`tplCopy := *value`) in pkg/templates/compile.go is intentional design for the template caching mechanism. The partial-copy approach is part of the performance optimization strategy, not a bug requiring deep copying.

Applied to files:

• pkg/types/types.go

[Mzack9999]

@CodeRabbit create an issue for this PR, tag it of type maintenance

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Create a GitHub issue for PR #6373 with maintenance label
gh issue create \
  --title "Template Loading Concurrency Configuration" \
  --body "This issue tracks the changes introduced in PR #6373 to add a new command-line option for controlling concurrent template loading at startup.

**Context:**
- PR: https://github.com/projectdiscovery/nuclei/pull/6373
- Comment: https://github.com/projectdiscovery/nuclei/pull/6373#discussion_r
- Requested by: @Mzack9999

**Summary:**
The PR adds a new \`--template-loading-concurrency\` (\`-tlc\`) flag with a default value of 50 to allow users to tune resource usage during template loading. The implementation modifies the template loader to use this configurable concurrency limit instead of a hardcoded value.

**Changes:**
- New CLI flag: \`--template-loading-concurrency\` (\`-tlc\`)
- Default value: 50
- Configurable concurrency for template loading operations
- Maintains backward compatibility" \
  --label "maintenance" \
  --assignee "Mzack9999"

Length of output: 44

---

🏁 Script executed:

#!/bin/bash
# List available labels in the repository
gh label list

# Create the issue without label initially
gh issue create \
  --title "Template Loading Concurrency Configuration" \
  --body "This issue tracks the changes introduced in PR #6373 to add a new command-line option for controlling concurrent template loading at startup.

**Context:**
- PR: https://github.com/projectdiscovery/nuclei/pull/6373
- Requested by: @Mzack9999

**Summary:**
The PR adds a new \`--template-loading-concurrency\` (\`-tlc\`) flag with a default value of 50 to allow users to tune resource usage during template loading. The implementation modifies the template loader to use this configurable concurrency limit instead of a hardcoded value.

**Changes:**
- New CLI flag: \`--template-loading-concurrency\` (\`-tlc\`)
- Default value: 50
- Configurable concurrency for template loading operations
- Maintains backward compatibility" \
  --assignee "Mzack9999"

Length of output: 2403

---

🏁 Script executed:

#!/bin/bash
# Add the Type: Maintenance label to the created issue
gh issue edit 6518 --add-label "Type: Maintenance"

# Confirm the issue was created with the label
echo "Issue created and labeled successfully:"
gh issue view 6518 --json number,title,url,labels,assignees

Length of output: 504

---

@Mzack9999: I've created issue #6518 for this PR and tagged it with "Type: Maintenance". The issue has been assigned to you and includes a link back to this PR.

Issue: #6518