PSA: Deactivate Windows Security for your Source Repository

Or: How I cut my compile times in half

I’m very happy that I have been moving to a somewhat large Rust project recently ;-) And because of the COVID mandated home-office, I have started doing a lot more development on my Desktop, which runs Windows for gaming reasons.

Anyhow. So far I had no reason to complain about compile times, since my (still, but not for long) oil cooled Ryzen has a lot of cores and power. But I was noticing that quite a lot of annoying Windows Security notifications have been popping up when doing compiles, or in general when rust-analyzer was running in the background. I also noticed that for some reason, the CPU was also not being utilized fully when doing builds.

So I began researching, and profiling. Running nightly cargo with -Z timings revealed that especially custom build scripts were taking a very long time. My research yielded this cargo issue which was talking about windows defender. There is also an official windows guide on how to disable windows security for a whole directory tree.

I just went ahead and tried doing that. Disabling Windows Security for my whole coding directory improved my clean cargo test times of sentry-rust from 3m17s to 1m22s. What a jaw dropping difference. My compile times are cut by more than half !!!, and the annoying notifications are gone as well.

So for anyone on Windows, go ahead and add a security exception, and save yourself some headaches!

A word of caution though, as I advocate for disabling a security feature. I think as developers, we are all a bit more cautious than regular people when it comes to internet security. On the other hand, we download and run tons of third party software from package archives all the time. And software supply chain attacks are a real thing, should I remind everyone of the event-stream fiasco? Nonetheless, I don’t think Windows Security would actually help in such a case, so I doubt we are worse off disabling it.