Skip to content

Send RASP LFI capability only when AppSec is statically enabled #8573

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 17, 2025
Merged

Send RASP LFI capability only when AppSec is statically enabled #8573

merged 2 commits into from
Mar 17, 2025

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Mar 17, 2025
edited by atlassian bot
Loading

What Does This Do

Only send RASP LFI capability if appsec is fully enabled

Motivation

Some RASP features have been implemented using callsite instrumentation, specifically LFI and partially SSRF.

Since callsite instrumentation requires activation at application startup to function correctly, it will not work properly when RASP is dynamically enabled via 1-click activation.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-57025
@jandro996 jandro996 added type: enhancement Enhancements and improvements comp: asm waf Application Security Management (WAF) comp: remote config Configuration at Runtime type: bug Bug report and fix and removed type: enhancement Enhancements and improvements labels Mar 17, 2025
@jandro996 jandro996 marked this pull request as ready for review March 17, 2025 13:41
@jandro996 jandro996 requested a review from a team as a code owner March 17, 2025 13:41
@smola smola changed the title RASP LFI capability should not be sent when RASP is not fully enabled Send RASP LFI capability only when AppSec is statically enabled Mar 17, 2025
@pr-commenter
Copy link

pr-commenter bot commented Mar 17, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/conditional-lfi-capability
git_commit_date 1742221809 1742221930
git_commit_sha 5fb00dc 22799cb
release_version 1.48.0-SNAPSHOT~5fb00dc125 1.48.0-SNAPSHOT~22799cbf16
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1742224273 1742224273
ci_job_id 850777491 850777491
ci_pipeline_id 59036424 59036424
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-xgmmukrd-project-304-concurrent-0-0q121vuk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-xgmmukrd-project-304-concurrent-0-0q121vuk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 59 metrics, 3 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:startup:petclinic:iast:Remote Config better
[-65.346µs; -13.112µs] or [-10.417%; -2.090%]		 588.062µs 627.291µs
Startup time reports for insecure-bank 
gantt title insecure-bank - global startup overhead: candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section tracing Agent [baseline] (1.049 s) : 0, 1048901 Total [baseline] (8.717 s) : 0, 8717149 Agent [candidate] (1.042 s) : 0, 1041513 Total [candidate] (8.704 s) : 0, 8703984 section iast Agent [baseline] (1.177 s) : 0, 1177258 Total [baseline] (9.273 s) : 0, 9273011 Agent [candidate] (1.186 s) : 0, 1186142 Total [candidate] (9.258 s) : 0, 9258102 section iast_HARDCODED_SECRET_DISABLED Agent [baseline] (1.174 s) : 0, 1173999 Total [baseline] (9.202 s) : 0, 9201780 Agent [candidate] (1.175 s) : 0, 1174784 Total [candidate] (9.208 s) : 0, 9208141 section iast_TELEMETRY_OFF Agent [baseline] (1.171 s) : 0, 1171416 Total [baseline] (9.262 s) : 0, 9262300 Agent [candidate] (1.177 s) : 0, 1177462 Total [candidate] (9.268 s) : 0, 9267686
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.049 s -
Agent iast 1.177 s 128.357 ms (12.2%)
Agent iast_HARDCODED_SECRET_DISABLED 1.174 s 125.098 ms (11.9%)
Agent iast_TELEMETRY_OFF 1.171 s 122.516 ms (11.7%)
Total tracing 8.717 s -
Total iast 9.273 s 555.862 ms (6.4%)
Total iast_HARDCODED_SECRET_DISABLED 9.202 s 484.631 ms (5.6%)
Total iast_TELEMETRY_OFF 9.262 s 545.151 ms (6.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.042 s -
Agent iast 1.186 s 144.629 ms (13.9%)
Agent iast_HARDCODED_SECRET_DISABLED 1.175 s 133.271 ms (12.8%)
Agent iast_TELEMETRY_OFF 1.177 s 135.949 ms (13.1%)
Total tracing 8.704 s -
Total iast 9.258 s 554.118 ms (6.4%)
Total iast_HARDCODED_SECRET_DISABLED 9.208 s 504.157 ms (5.8%)
Total iast_TELEMETRY_OFF 9.268 s 563.702 ms (6.5%) 
gantt title insecure-bank - break down per module: candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (724.049 ms) : 0, 724049 BytebuddyAgent [candidate] (717.673 ms) : 0, 717673 GlobalTracer [baseline] (241.282 ms) : 0, 241282 GlobalTracer [candidate] (239.767 ms) : 0, 239767 AppSec [baseline] (54.626 ms) : 0, 54626 AppSec [candidate] (54.662 ms) : 0, 54662 Remote Config [baseline] (685.487 µs) : 0, 685 Remote Config [candidate] (697.779 µs) : 0, 698 Telemetry [baseline] (13.031 ms) : 0, 13031 Telemetry [candidate] (13.564 ms) : 0, 13564 section iast BytebuddyAgent [baseline] (842.216 ms) : 0, 842216 BytebuddyAgent [candidate] (849.528 ms) : 0, 849528 GlobalTracer [baseline] (230.98 ms) : 0, 230980 GlobalTracer [candidate] (232.303 ms) : 0, 232303 IAST [baseline] (23.032 ms) : 0, 23032 IAST [candidate] (23.965 ms) : 0, 23965 AppSec [baseline] (56.392 ms) : 0, 56392 AppSec [candidate] (55.49 ms) : 0, 55490 Remote Config [baseline] (619.577 µs) : 0, 620 Remote Config [candidate] (610.332 µs) : 0, 610 Telemetry [baseline] (8.797 ms) : 0, 8797 Telemetry [candidate] (8.815 ms) : 0, 8815 section iast_HARDCODED_SECRET_DISABLED BytebuddyAgent [baseline] (839.441 ms) : 0, 839441 BytebuddyAgent [candidate] (840.685 ms) : 0, 840685 GlobalTracer [baseline] (230.746 ms) : 0, 230746 GlobalTracer [candidate] (231.136 ms) : 0, 231136 IAST [baseline] (22.99 ms) : 0, 22990 IAST [candidate] (22.775 ms) : 0, 22775 AppSec [baseline] (56.218 ms) : 0, 56218 AppSec [candidate] (55.527 ms) : 0, 55527 Remote Config [baseline] (601.196 µs) : 0, 601 Remote Config [candidate] (594.323 µs) : 0, 594 Telemetry [baseline] (8.757 ms) : 0, 8757 Telemetry [candidate] (8.747 ms) : 0, 8747 section iast_TELEMETRY_OFF BytebuddyAgent [baseline] (837.685 ms) : 0, 837685 BytebuddyAgent [candidate] (842.096 ms) : 0, 842096 GlobalTracer [baseline] (230.456 ms) : 0, 230456 GlobalTracer [candidate] (231.584 ms) : 0, 231584 IAST [baseline] (22.458 ms) : 0, 22458 IAST [candidate] (22.602 ms) : 0, 22602 AppSec [baseline] (56.306 ms) : 0, 56306 AppSec [candidate] (56.491 ms) : 0, 56491 Remote Config [baseline] (611.93 µs) : 0, 612 Remote Config [candidate] (608.422 µs) : 0, 608 Telemetry [baseline] (8.667 ms) : 0, 8667 Telemetry [candidate] (8.728 ms) : 0, 8728
Loading
Startup time reports for petclinic 
gantt title petclinic - global startup overhead: candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section tracing Agent [baseline] (1.047 s) : 0, 1046656 Total [baseline] (10.498 s) : 0, 10498038 Agent [candidate] (1.042 s) : 0, 1041694 Total [candidate] (10.452 s) : 0, 10451813 section appsec Agent [baseline] (1.195 s) : 0, 1194614 Total [baseline] (10.805 s) : 0, 10805309 Agent [candidate] (1.188 s) : 0, 1188166 Total [candidate] (10.83 s) : 0, 10830095 section iast Agent [baseline] (1.199 s) : 0, 1198740 Total [baseline] (11.027 s) : 0, 11026604 Agent [candidate] (1.174 s) : 0, 1173821 Total [candidate] (11.031 s) : 0, 11031306 section profiling Agent [baseline] (1.261 s) : 0, 1260998 Total [baseline] (10.829 s) : 0, 10828931 Agent [candidate] (1.259 s) : 0, 1258831 Total [candidate] (10.902 s) : 0, 10901833
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.047 s -
Agent appsec 1.195 s 147.957 ms (14.1%)
Agent iast 1.199 s 152.084 ms (14.5%)
Agent profiling 1.261 s 214.342 ms (20.5%)
Total tracing 10.498 s -
Total appsec 10.805 s 307.271 ms (2.9%)
Total iast 11.027 s 528.565 ms (5.0%)
Total profiling 10.829 s 330.893 ms (3.2%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.042 s -
Agent appsec 1.188 s 146.472 ms (14.1%)
Agent iast 1.174 s 132.127 ms (12.7%)
Agent profiling 1.259 s 217.137 ms (20.8%)
Total tracing 10.452 s -
Total appsec 10.83 s 378.282 ms (3.6%)
Total iast 11.031 s 579.494 ms (5.5%)
Total profiling 10.902 s 450.021 ms (4.3%) 
gantt title petclinic - break down per module: candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (722.964 ms) : 0, 722964 BytebuddyAgent [candidate] (718.42 ms) : 0, 718420 GlobalTracer [baseline] (240.93 ms) : 0, 240930 GlobalTracer [candidate] (240.01 ms) : 0, 240010 AppSec [baseline] (55.27 ms) : 0, 55270 AppSec [candidate] (55.042 ms) : 0, 55042 Remote Config [baseline] (712.896 µs) : 0, 713 Remote Config [candidate] (690.546 µs) : 0, 691 Telemetry [baseline] (11.538 ms) : 0, 11538 Telemetry [candidate] (12.266 ms) : 0, 12266 section appsec BytebuddyAgent [baseline] (743.41 ms) : 0, 743410 BytebuddyAgent [candidate] (740.156 ms) : 0, 740156 GlobalTracer [baseline] (238.577 ms) : 0, 238577 GlobalTracer [candidate] (237.386 ms) : 0, 237386 AppSec [baseline] (177.491 ms) : 0, 177491 AppSec [candidate] (175.46 ms) : 0, 175460 Remote Config [baseline] (668.037 µs) : 0, 668 Remote Config [candidate] (666.069 µs) : 0, 666 Telemetry [baseline] (8.311 ms) : 0, 8311 Telemetry [candidate] (8.302 ms) : 0, 8302 IAST [baseline] (21.684 ms) : 0, 21684 IAST [candidate] (21.898 ms) : 0, 21898 section iast BytebuddyAgent [baseline] (859.756 ms) : 0, 859756 BytebuddyAgent [candidate] (840.0 ms) : 0, 840000 GlobalTracer [baseline] (233.859 ms) : 0, 233859 GlobalTracer [candidate] (230.692 ms) : 0, 230692 AppSec [baseline] (56.75 ms) : 0, 56750 AppSec [candidate] (56.014 ms) : 0, 56014 Remote Config [baseline] (627.291 µs) : 0, 627 Remote Config [candidate] (588.062 µs) : 0, 588 Telemetry [baseline] (8.867 ms) : 0, 8867 Telemetry [candidate] (8.615 ms) : 0, 8615 IAST [baseline] (23.33 ms) : 0, 23330 IAST [candidate] (22.768 ms) : 0, 22768 section profiling ProfilingAgent [baseline] (96.725 ms) : 0, 96725 ProfilingAgent [candidate] (96.026 ms) : 0, 96026 BytebuddyAgent [baseline] (709.44 ms) : 0, 709440 BytebuddyAgent [candidate] (709.04 ms) : 0, 709040 GlobalTracer [baseline] (350.153 ms) : 0, 350153 GlobalTracer [candidate] (350.078 ms) : 0, 350078 AppSec [baseline] (54.354 ms) : 0, 54354 AppSec [candidate] (53.441 ms) : 0, 53441 Remote Config [baseline] (690.379 µs) : 0, 690 Remote Config [candidate] (669.978 µs) : 0, 670 Telemetry [baseline] (8.943 ms) : 0, 8943 Telemetry [candidate] (8.844 ms) : 0, 8844 Profiling [baseline] (96.749 ms) : 0, 96749 Profiling [candidate] (96.049 ms) : 0, 96049
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-03-17T14:41:19 2025-03-17T14:49:02
git_branch master alejandro.gonzalez/conditional-lfi-capability
git_commit_date 1742221809 1742221930
git_commit_sha 5fb00dc 22799cb
release_version 1.48.0-SNAPSHOT~5fb00dc125 1.48.0-SNAPSHOT~22799cbf16
start_time 2025-03-17T14:41:05 2025-03-17T14:48:48
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1742223339 1742223339
ci_job_id 850777492 850777492
ci_pipeline_id 59036424 59036424
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-skryryjy-project-304-concurrent-0-mqwy8k9t 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-skryryjy-project-304-concurrent-0-mqwy8k9t 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 16 unstable metrics.

Request duration reports for insecure-bank 
gantt title insecure-bank - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section baseline no_agent (377.681 µs) : 358, 398 . : milestone, 378, iast (505.423 µs) : 483, 527 . : milestone, 505, iast_FULL (726.9 µs) : 705, 749 . : milestone, 727, iast_GLOBAL (552.424 µs) : 531, 574 . : milestone, 552, iast_HARDCODED_SECRET_DISABLED (504.082 µs) : 483, 526 . : milestone, 504, iast_INACTIVE (466.246 µs) : 444, 488 . : milestone, 466, iast_TELEMETRY_OFF (494.145 µs) : 473, 516 . : milestone, 494, tracing (458.686 µs) : 437, 480 . : milestone, 459, section candidate no_agent (379.811 µs) : 360, 399 . : milestone, 380, iast (517.617 µs) : 495, 540 . : milestone, 518, iast_FULL (723.662 µs) : 702, 745 . : milestone, 724, iast_GLOBAL (552.203 µs) : 531, 574 . : milestone, 552, iast_HARDCODED_SECRET_DISABLED (515.251 µs) : 493, 537 . : milestone, 515, iast_INACTIVE (461.502 µs) : 441, 482 . : milestone, 462, iast_TELEMETRY_OFF (500.657 µs) : 479, 523 . : milestone, 501, tracing (457.519 µs) : 436, 479 . : milestone, 458,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 377.681 µs [357.554 µs, 397.808 µs] -
iast 505.423 µs [483.487 µs, 527.36 µs] 127.742 µs (33.8%)
iast_FULL 726.9 µs [704.7 µs, 749.101 µs] 349.219 µs (92.5%)
iast_GLOBAL 552.424 µs [530.969 µs, 573.879 µs] 174.743 µs (46.3%)
iast_HARDCODED_SECRET_DISABLED 504.082 µs [482.53 µs, 525.634 µs] 126.401 µs (33.5%)
iast_INACTIVE 466.246 µs [444.309 µs, 488.183 µs] 88.565 µs (23.4%)
iast_TELEMETRY_OFF 494.145 µs [472.589 µs, 515.701 µs] 116.463 µs (30.8%)
tracing 458.686 µs [437.304 µs, 480.068 µs] 81.005 µs (21.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 379.811 µs [360.252 µs, 399.369 µs] -
iast 517.617 µs [495.435 µs, 539.798 µs] 137.806 µs (36.3%)
iast_FULL 723.662 µs [701.896 µs, 745.427 µs] 343.851 µs (90.5%)
iast_GLOBAL 552.203 µs [530.506 µs, 573.901 µs] 172.393 µs (45.4%)
iast_HARDCODED_SECRET_DISABLED 515.251 µs [493.481 µs, 537.021 µs] 135.44 µs (35.7%)
iast_INACTIVE 461.502 µs [440.574 µs, 482.429 µs] 81.691 µs (21.5%)
iast_TELEMETRY_OFF 500.657 µs [478.542 µs, 522.772 µs] 120.846 µs (31.8%)
tracing 457.519 µs [436.353 µs, 478.685 µs] 77.708 µs (20.5%)
Request duration reports for petclinic 
gantt title petclinic - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section baseline no_agent (1.355 ms) : 1335, 1375 . : milestone, 1355, appsec (1.715 ms) : 1692, 1739 . : milestone, 1715, appsec_no_iast (1.739 ms) : 1714, 1764 . : milestone, 1739, code_origins (1.671 ms) : 1643, 1698 . : milestone, 1671, iast (1.503 ms) : 1478, 1528 . : milestone, 1503, profiling (1.51 ms) : 1487, 1534 . : milestone, 1510, tracing (1.5 ms) : 1475, 1524 . : milestone, 1500, section candidate no_agent (1.349 ms) : 1329, 1369 . : milestone, 1349, appsec (1.735 ms) : 1712, 1757 . : milestone, 1735, appsec_no_iast (1.729 ms) : 1704, 1755 . : milestone, 1729, code_origins (1.661 ms) : 1634, 1688 . : milestone, 1661, iast (1.514 ms) : 1489, 1540 . : milestone, 1514, profiling (1.544 ms) : 1520, 1568 . : milestone, 1544, tracing (1.501 ms) : 1477, 1526 . : milestone, 1501,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.355 ms [1.335 ms, 1.375 ms] -
appsec 1.715 ms [1.692 ms, 1.739 ms] 360.015 µs (26.6%)
appsec_no_iast 1.739 ms [1.714 ms, 1.764 ms] 383.407 µs (28.3%)
code_origins 1.671 ms [1.643 ms, 1.698 ms] 315.416 µs (23.3%)
iast 1.503 ms [1.478 ms, 1.528 ms] 147.761 µs (10.9%)
profiling 1.51 ms [1.487 ms, 1.534 ms] 155.075 µs (11.4%)
tracing 1.5 ms [1.475 ms, 1.524 ms] 144.274 µs (10.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.349 ms [1.329 ms, 1.369 ms] -
appsec 1.735 ms [1.712 ms, 1.757 ms] 385.952 µs (28.6%)
appsec_no_iast 1.729 ms [1.704 ms, 1.755 ms] 380.833 µs (28.2%)
code_origins 1.661 ms [1.634 ms, 1.688 ms] 312.373 µs (23.2%)
iast 1.514 ms [1.489 ms, 1.54 ms] 165.688 µs (12.3%)
profiling 1.544 ms [1.52 ms, 1.568 ms] 195.825 µs (14.5%)
tracing 1.501 ms [1.477 ms, 1.526 ms] 152.71 µs (11.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/conditional-lfi-capability
git_commit_date 1742221809 1742221930
git_commit_sha 5fb00dc 22799cb
release_version 1.48.0-SNAPSHOT~5fb00dc125 1.48.0-SNAPSHOT~22799cbf16
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1742223823 1742223823
ci_job_id 850777493 850777493
ci_pipeline_id 59036424 59036424
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-xgmmukrd-project-304-concurrent-1-fqwt3ag5 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-xgmmukrd-project-304-concurrent-1-fqwt3ag5 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt title biojava - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section baseline no_agent (15.274 s) : 15274000, 15274000 . : milestone, 15274000, appsec (14.782 s) : 14782000, 14782000 . : milestone, 14782000, iast (18.988 s) : 18988000, 18988000 . : milestone, 18988000, iast_GLOBAL (18.225 s) : 18225000, 18225000 . : milestone, 18225000, profiling (15.628 s) : 15628000, 15628000 . : milestone, 15628000, tracing (14.68 s) : 14680000, 14680000 . : milestone, 14680000, section candidate no_agent (15.114 s) : 15114000, 15114000 . : milestone, 15114000, appsec (14.76 s) : 14760000, 14760000 . : milestone, 14760000, iast (18.694 s) : 18694000, 18694000 . : milestone, 18694000, iast_GLOBAL (18.055 s) : 18055000, 18055000 . : milestone, 18055000, profiling (15.788 s) : 15788000, 15788000 . : milestone, 15788000, tracing (14.8 s) : 14800000, 14800000 . : milestone, 14800000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.274 s [15.274 s, 15.274 s] -
appsec 14.782 s [14.782 s, 14.782 s] -492.0 ms (-3.2%)
iast 18.988 s [18.988 s, 18.988 s] 3.714 s (24.3%)
iast_GLOBAL 18.225 s [18.225 s, 18.225 s] 2.951 s (19.3%)
profiling 15.628 s [15.628 s, 15.628 s] 354.0 ms (2.3%)
tracing 14.68 s [14.68 s, 14.68 s] -594.0 ms (-3.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.114 s [15.114 s, 15.114 s] -
appsec 14.76 s [14.76 s, 14.76 s] -354.0 ms (-2.3%)
iast 18.694 s [18.694 s, 18.694 s] 3.58 s (23.7%)
iast_GLOBAL 18.055 s [18.055 s, 18.055 s] 2.941 s (19.5%)
profiling 15.788 s [15.788 s, 15.788 s] 674.0 ms (4.5%)
tracing 14.8 s [14.8 s, 14.8 s] -314.0 ms (-2.1%)
Execution time for tomcat 
gantt title tomcat - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~22799cbf16, baseline=1.48.0-SNAPSHOT~5fb00dc125 dateFormat X axisFormat %s section baseline no_agent (1.469 ms) : 1457, 1480 . : milestone, 1469, appsec (2.347 ms) : 2302, 2391 . : milestone, 2347, iast (2.125 ms) : 2069, 2181 . : milestone, 2125, iast_GLOBAL (2.182 ms) : 2124, 2240 . : milestone, 2182, profiling (1.987 ms) : 1942, 2033 . : milestone, 1987, tracing (1.937 ms) : 1894, 1979 . : milestone, 1937, section candidate no_agent (1.47 ms) : 1459, 1482 . : milestone, 1470, appsec (2.328 ms) : 2284, 2372 . : milestone, 2328, iast (2.132 ms) : 2075, 2189 . : milestone, 2132, iast_GLOBAL (2.155 ms) : 2099, 2211 . : milestone, 2155, profiling (1.97 ms) : 1926, 2014 . : milestone, 1970, tracing (1.955 ms) : 1912, 1999 . : milestone, 1955,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.469 ms [1.457 ms, 1.48 ms] -
appsec 2.347 ms [2.302 ms, 2.391 ms] 878.125 µs (59.8%)
iast 2.125 ms [2.069 ms, 2.181 ms] 656.365 µs (44.7%)
iast_GLOBAL 2.182 ms [2.124 ms, 2.24 ms] 713.481 µs (48.6%)
profiling 1.987 ms [1.942 ms, 2.033 ms] 518.735 µs (35.3%)
tracing 1.937 ms [1.894 ms, 1.979 ms] 468.06 µs (31.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.47 ms [1.459 ms, 1.482 ms] -
appsec 2.328 ms [2.284 ms, 2.372 ms] 857.787 µs (58.3%)
iast 2.132 ms [2.075 ms, 2.189 ms] 661.18 µs (45.0%)
iast_GLOBAL 2.155 ms [2.099 ms, 2.211 ms] 684.442 µs (46.5%)
profiling 1.97 ms [1.926 ms, 2.014 ms] 499.542 µs (34.0%)
tracing 1.955 ms [1.912 ms, 1.999 ms] 484.933 µs (33.0%)
@jandro996 jandro996 merged commit 1c3133b into master Mar 17, 2025
263 of 269 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/conditional-lfi-capability branch March 17, 2025 18:05
@github-actions github-actions bot added this to the 1.48.0 milestone Mar 17, 2025
mtoffl01 pushed a commit that referenced this pull request Mar 24, 2025
@jandro996 @mtoffl01
RASP capabilities for LFI is not sent when RASP is not fully enabled (#…
b5b31c3 
…8573) What Does This Do Only send RASP LFI capability if appsec is fully enabled Motivation Some RASP features have been implemented using callsite instrumentation, specifically LFI and partially SSRF. Since callsite instrumentation requires activation at application startup to function correctly, it will not work properly when RASP is dynamically enabled via 1-click activation.
svc-squareup-copybara pushed a commit to cashapp/misk that referenced this pull request Apr 11, 2025
@github-cash-renovate-jvm-2 @svc-squareup-copybara
This PR contains the following updates:
d84dd5e 
| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | org.flywaydb.flyway | plugin | misk/gradle/libs.versions.toml | gradle | minor | `11.6.0` -> `11.7.0` | | [com.squareup.okio:okio-fakefilesystem](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.squareup.okio:okio](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `2.15.0` -> `2.16.0` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | --- ### Release Notes <details> <summary>square/okio (com.squareup.okio:okio-fakefilesystem)</summary> ### [`v3.11.0`](https://github.com/square/okio/blob/HEAD/CHANGELOG.md#Version-3110) *2025-04-09* - Fix: Clear the deflater's byte array reference - New: Faster implementation of `String.decodeHex()` on Kotlin/JS. - New: Declare `EXACTLY_ONCE` execution for blocks like `Closeable.use {}` and `FileSystem.read {}`. - Upgrade: \[Kotlin 2.1.20]\[kotlin\_2\_1\_20]. </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.16.0`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-2160) - \[Feat]: support `com.android.test` projects. - \[Feat]: support typesafe project accessors with opt-in. ```kotlin dependencyAnalysis { useTypesafeProjectAccessors(true) // false by default } ``` </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.48.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.1): 1.48.1 ### Components #### Tracer internal logging - 🐛 Remove print line causing unnecessary logs ([#&#8203;8687](DataDog/dd-trace-java#8687) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) ### [`v1.48.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.0): 1.48.0 ### Known Bugs > \[!NOTE] > If you are experiencing issues with spamming timeout logs, please update to the [latest version](https://github.com/DataDog/dd-trace-java/releases/latest) or set [JDK_SOCKET_ENABLED](https://github.com/DataDog/dd-trace-java/blob/33fc3c9a9b7cda3beda88b8b3e5224ae2b10764a/dd-trace-api/src/main/java/datadog/trace/api/config/GeneralConfig.java#L98) to false. ### Components #### Application Security Management (IAST) - ✨ Fix vulnerability location org.jose4j.lang.HashUtil ([#&#8203;8610](DataDog/dd-trace-java#8610) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Fix weak randomness in oracle.ucp.util.OpaqueString ([#&#8203;8609](DataDog/dd-trace-java#8609) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Fix weak hash false positive in oracle.security.o5logon.O5Logon ([#&#8203;8608](DataDog/dd-trace-java#8608) - [@&#8203;jandro996](https://github.com/jandro996)) - 🐛 Prevent before callsites targeting constructors in super calls ([#&#8203;8549](DataDog/dd-trace-java#8549) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### Application Security Management (WAF) - ✨ Update login events public SDK to V2 ([#&#8203;8620](DataDog/dd-trace-java#8620) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#&#8203;8573](DataDog/dd-trace-java#8573) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Improve detection of missing request end events ([#&#8203;8510](DataDog/dd-trace-java#8510) - [@&#8203;smola](https://github.com/smola)) - 🧹 Remove remote configuration for API Security sampling rate ([#&#8203;8486](DataDog/dd-trace-java#8486) - [@&#8203;smola](https://github.com/smola)) - ✨ Add setUser to user monitoring SDK ([#&#8203;8482](DataDog/dd-trace-java#8482) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add missing address for signup event ([#&#8203;8469](DataDog/dd-trace-java#8469) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Allow login events SDK to be used with appsec disabled ([#&#8203;8464](DataDog/dd-trace-java#8464) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add support for endpoint discovery in spring mvc ([#&#8203;8352](DataDog/dd-trace-java#8352) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ New API Security sampling algorithm ([#&#8203;8178](DataDog/dd-trace-java#8178) - [@&#8203;ValentinZakharov](https://github.com/ValentinZakharov)) #### Build & Tooling - ✨ Add buffer size customizability to JDK UDS support ([#&#8203;8629](DataDog/dd-trace-java#8629) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) - ✨ Add JDK built-in support for UDS on Java 16+ ([#&#8203;8314](DataDog/dd-trace-java#8314) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) #### Configuration at Runtime - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#&#8203;8573](DataDog/dd-trace-java#8573) - [@&#8203;jandro996](https://github.com/jandro996)) #### Continuous Integration Visibility - 🐛 Prevent double reporting of Scalatest events when using SBT with test forking ([#&#8203;8682](DataDog/dd-trace-java#8682) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Shutdown CI Visibility test event handlers before tracer ([#&#8203;8677](DataDog/dd-trace-java#8677) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Do not apply JUnit 4 instrumentation to MUnit runners ([#&#8203;8675](DataDog/dd-trace-java#8675), [#&#8203;8683](DataDog/dd-trace-java#8683) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Remove error log when source path resolution fails on isModified check ([#&#8203;8663](DataDog/dd-trace-java#8663) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Implement tests reordering for JUnit 4 ([#&#8203;8650](DataDog/dd-trace-java#8650) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - 🐛 Set default Attempt to Fix retries if none provided from the backend ([#&#8203;8615](DataDog/dd-trace-java#8615) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Allow to manually set PR info ([#&#8203;8566](DataDog/dd-trace-java#8566) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Fix Test Optimization init when repo root cannot be determined ([#&#8203;8533](DataDog/dd-trace-java#8533) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add capabilities tagging ([#&#8203;8499](DataDog/dd-trace-java#8499), [#&#8203;8540](DataDog/dd-trace-java#8540) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) #### Crash tracking - 🐛 Remove dependency on bash from crash/oome uploder scripts ([#&#8203;8652](DataDog/dd-trace-java#8652) - [@&#8203;jbachorik](https://github.com/jbachorik)) #### Data Streams Monitoring - ✨ e2e pipeline configuration when data jobs is enabled ([#&#8203;8553](DataDog/dd-trace-java#8553) - [@&#8203;kr-igor](https://github.com/kr-igor)) #### Dynamic Instrumentation - 🐛 Fix In-Product when config is empty ([#&#8203;8679](DataDog/dd-trace-java#8679) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨ Add support for filtering shaded third-party libs ([#&#8203;8612](DataDog/dd-trace-java#8612) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨ Add In-Product Enablement ([#&#8203;8587](DataDog/dd-trace-java#8587) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨⚡ Reduce footprint of SourceFile tracking ([#&#8203;8524](DataDog/dd-trace-java#8524) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨⚡ Optimize the SourceFile tracking ([#&#8203;8520](DataDog/dd-trace-java#8520) - [@&#8203;jpbempel](https://github.com/jpbempel)) #### OpenTracing - 🧹 Remove activeScope() use in OpenTracing shim ([#&#8203;8478](DataDog/dd-trace-java#8478) - [@&#8203;mcculls](https://github.com/mcculls)) #### Profiling - ✨ Add profiler env check command to AgentCLI ([#&#8203;8671](DataDog/dd-trace-java#8671) - [@&#8203;jbachorik](https://github.com/jbachorik)) - ✨ Bump ddprof to 1.23.0 ([#&#8203;8668](DataDog/dd-trace-java#8668) - [@&#8203;jbachorik](https://github.com/jbachorik)) - Fix a crash related to ElfParser::loadSymbolTable ([#&#8203;191](DataDog/dd-trace-java#191)) by [@&#8203;yanglong1010](https://github.com/yanglong1010) in DataDog/java-profiler#192 - Unwind String.indexOf intrinsic on AArch64 by [@&#8203;MattAlp](https://github.com/MattAlp) in DataDog/java-profiler#193 - Fix Java 24 support by [@&#8203;jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#194 - A set of fixes related to clang, aarch64 and musl pecularities of vmstructs stack unwinder by [@&#8203;jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#199 - 🐛 Remove process information from JFR recording ([#&#8203;8661](DataDog/dd-trace-java#8661) - [@&#8203;r1viollet](https://github.com/r1viollet)) - 🐛 Make TempLocationManager USER aware ([#&#8203;8605](DataDog/dd-trace-java#8605) - [@&#8203;jbachorik](https://github.com/jbachorik)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#&#8203;8561](DataDog/dd-trace-java#8561) - [@&#8203;wmouchere](https://github.com/wmouchere)) #### Telemetry - 🐛 Fix appsec.rasp.error and appsec.waf.error telemetry metrics ([#&#8203;8624](DataDog/dd-trace-java#8624) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Create metric: appsec.rasp.rule.skipped ([#&#8203;8618](DataDog/dd-trace-java#8618) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#&#8203;8561](DataDog/dd-trace-java#8561) - [@&#8203;wmouchere](https://github.com/wmouchere)) #### Testing - 🧹 Simplify ssi tests one-pipeline ([#&#8203;8558](DataDog/dd-trace-java#8558) - [@&#8203;robertomonteromiguel](https://github.com/robertomonteromiguel)) - ✨ Add smoke tests for java's concurrent API ([#&#8203;8438](DataDog/dd-trace-java#8438) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) #### Trace context propagation - ✨ Adding Support for `TRACE_PROPAGATION_BEHAVIOR_EXTRACT` ([#&#8203;8535](DataDog/dd-trace-java#8535) - [@&#8203;mhlidd](https://github.com/mhlidd)) #### Tracer core - 🐛 Ensure shaded helpers have unique names ([#&#8203;8559](DataDog/dd-trace-java#8559) - [@&#8203;amarziali](https://github.com/amarziali)) - ✨ Support common config sources for user-provided git info ([#&#8203;8547](DataDog/dd-trace-java#8547) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Make the default config sources more robust when a security manager is installed ([#&#8203;8544](DataDog/dd-trace-java#8544) - [@&#8203;mcculls](https://github.com/mcculls)) - ✨ Support targeting services with configurations in stable configuration file ([#&#8203;8526](DataDog/dd-trace-java#8526) - [@&#8203;mtoffl01](https://github.com/mtoffl01)) - ✨ Add new parser for `DD_TAGS` and prioritizing `DD_SERVICE` ([#&#8203;8296](DataDog/dd-trace-java#8296) - [@&#8203;mhlidd](https://github.com/mhlidd)) #### Tracer internal logging - 🐛 Add missing debug log for the cloudPayloadTaggingServices config ([#&#8203;8600](DataDog/dd-trace-java#8600) - [@&#8203;ygree](https://github.com/ygree)) - ✨ Add the possibility to output the logs of the Java tracer in JSON ([#&#8203;8083](DataDog/dd-trace-java#8083) - [@&#8203;cecile75](https://github.com/cecile75)) #### Tracer public API - ✨ Introducing `DD_TRACE_EXPERIMENTAL_FEATURES_ENABLED` Config ([#&#8203;8536](DataDog/dd-trace-java#8536) - [@&#8203;mhlidd](https://github.com/mhlidd)) - ✨ Config Consistency Round 2 ([#&#8203;8489](DataDog/dd-trace-java#8489) - [@&#8203;mhlidd](https://github.com/mhlidd)) ### Instrumentations #### - 🐛 Fix NPE in getMdcCopy of LoggingEventInstrumentation ([#&#8203;8599](DataDog/dd-trace-java#8599) - [@&#8203;ygree](https://github.com/ygree)) #### Apache Spark instrumentation - ✨ Instrument Runtime.exit() to finish spark application spans ([#&#8203;8572](DataDog/dd-trace-java#8572) - [@&#8203;paul-laffon-dd](https://github.com/paul-laffon-dd)) - ✨ Configure OpenLineage if present in Spark instrumentation ([#&#8203;8541](DataDog/dd-trace-java#8541) - [@&#8203;mobuchowski](https://github.com/mobuchowski)) #### Armeria Instrumentation - ✨ Support armeria grpc 1.32.3 ([#&#8203;8606](DataDog/dd-trace-java#8606) - [@&#8203;github-actions](https://github.com/github-actions)\[bot]) #### AWS DynamoDB Instrumentation - ✨ Create DynamoDB instrumentation + add span pointers for `updateItem` and `deleteItem` ([#&#8203;8490](DataDog/dd-trace-java#8490) - [@&#8203;nhulston](https://github.com/nhulston)) #### AWS SDK instrumentation - ✨ Add DynamoDB in DEFAULT_TRACE_CLOUD_PAYLOAD_TAGGING_SERVICES ([#&#8203;8595](DataDog/dd-trace-java#8595) - [@&#8203;joeyzhao2018](https://github.com/joeyzhao2018)) #### Azure Functions instrumentation - ✨ Enable tracer computed trace metrics by default for Azure Functions ([#&#8203;8518](DataDog/dd-trace-java#8518) - [@&#8203;duncanpharvey](https://github.com/duncanpharvey)) - 💡 Add azure-functions instrumentation ([#&#8203;8432](DataDog/dd-trace-java#8432) - [@&#8203;duncanpharvey](https://github.com/duncanpharvey)) #### Core Java language instrumentation - 🐛 Fix ForkJoinPool.execute() instrumentation on Java 21+ ([#&#8203;8560](DataDog/dd-trace-java#8560) - [@&#8203;PerfectSlayer](https://github.com/PerfectSlayer)) #### Eclipse Vert.x instrumentation - ✨ Add vertx postgresql client instrumentation ([#&#8203;8471](DataDog/dd-trace-java#8471) - [@&#8203;vandonr](https://github.com/vandonr) - thanks for the contribution!) #### Kafka instrumentation - ✨ Support and test kafka-clients 4 ([#&#8203;8581](DataDog/dd-trace-java#8581) - [@&#8203;amarziali](https://github.com/amarziali)) #### Kotlin instrumentation - ✨ Avoid disconnected traces when using Kotlin flowOn ([#&#8203;8651](DataDog/dd-trace-java#8651) - [@&#8203;mcculls](https://github.com/mcculls)) #### OpenTelemetry instrumentation - 🧹 Migrate OtelContext wrapper to new internal Context API ([#&#8203;8645](DataDog/dd-trace-java#8645) - [@&#8203;mcculls](https://github.com/mcculls)) #### Spring instrumentation - 🐛 Support CompletableFuture on spring webmvc controllers ([#&#8203;8659](DataDog/dd-trace-java#8659) - [@&#8203;amarziali](https://github.com/amarziali)) - ✨ Add support for endpoint discovery in spring mvc ([#&#8203;8352](DataDog/dd-trace-java#8352) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### WebSocket Instrumentation - ✨ Instrument Jetty websocket pojo ([#&#8203;8562](DataDog/dd-trace-java#8562) - [@&#8203;amarziali](https://github.com/amarziali)) - 💡 Instrument Java Websocket API (JSR356) ([#&#8203;8440](DataDog/dd-trace-java#8440) - [@&#8203;amarziali](https://github.com/amarziali)) #### All other instrumentations - ✨ Introduce cache for peer.hostname lookup ([#&#8203;8601](DataDog/dd-trace-java#8601) - [@&#8203;mcculls](https://github.com/mcculls)) - ✨ Support pekko http 1.1 ([#&#8203;8532](DataDog/dd-trace-java#8532) - [@&#8203;amarziali](https://github.com/amarziali)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 331314f71acaced3adc75ea5d7e855c248d593fc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp: asm waf Application Security Management (WAF) comp: remote config Configuration at Runtime type: bug Bug report and fix

3 participants

@jandro996 @smola @manuel-alvarez-alvarez