Skip to content

Fix weak randomness in oracle.ucp.util.OpaqueString #8609

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Mar 25, 2025
Merged

Fix weak randomness in oracle.ucp.util.OpaqueString #8609

merged 6 commits into from
Mar 25, 2025

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Mar 24, 2025
edited
Loading

What Does This Do

Exclude oracle.ucp.util.OpaqueString in IAST

Motivation

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-57044
@jandro996 jandro996 requested a review from a team as a code owner March 24, 2025 08:16
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 24, 2025
edited
Loading

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.
@jandro996 jandro996 added type: enhancement Enhancements and improvements comp: asm iast Application Security Management (IAST) labels Mar 24, 2025
@pr-commenter
Copy link

pr-commenter bot commented Mar 24, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-57044-2
git_commit_date 1742897910 1742898373
git_commit_sha 771fa81 7db2f9d
release_version 1.48.0-SNAPSHOT~771fa819aa 1.48.0-SNAPSHOT~7db2f9d6a5
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1742901447 1742901447
ci_job_id 863032651 863032651
ci_pipeline_id 59871426 59871426
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-jzzy7jrd-project-304-concurrent-2-ml2l8wx0 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-jzzy7jrd-project-304-concurrent-2-ml2l8wx0 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 65 metrics, 6 unstable metrics.

Startup time reports for insecure-bank 
gantt title insecure-bank - global startup overhead: candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section tracing Agent [baseline] (1.05 s) : 0, 1049861 Total [baseline] (8.64 s) : 0, 8639670 Agent [candidate] (1.052 s) : 0, 1051708 Total [candidate] (8.677 s) : 0, 8676843 section iast Agent [baseline] (1.175 s) : 0, 1174680 Total [baseline] (9.245 s) : 0, 9244951 Agent [candidate] (1.184 s) : 0, 1183736 Total [candidate] (9.293 s) : 0, 9292632 section iast_HARDCODED_SECRET_DISABLED Agent [baseline] (1.175 s) : 0, 1174526 Total [baseline] (9.176 s) : 0, 9176018 Agent [candidate] (1.189 s) : 0, 1188539 Total [candidate] (9.281 s) : 0, 9280826 section iast_TELEMETRY_OFF Agent [baseline] (1.174 s) : 0, 1174114 Total [baseline] (9.24 s) : 0, 9239990 Agent [candidate] (1.173 s) : 0, 1173175 Total [candidate] (9.233 s) : 0, 9233362
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.05 s -
Agent iast 1.175 s 124.819 ms (11.9%)
Agent iast_HARDCODED_SECRET_DISABLED 1.175 s 124.665 ms (11.9%)
Agent iast_TELEMETRY_OFF 1.174 s 124.253 ms (11.8%)
Total tracing 8.64 s -
Total iast 9.245 s 605.28 ms (7.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.176 s 536.348 ms (6.2%)
Total iast_TELEMETRY_OFF 9.24 s 600.32 ms (6.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.052 s -
Agent iast 1.184 s 132.028 ms (12.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.189 s 136.831 ms (13.0%)
Agent iast_TELEMETRY_OFF 1.173 s 121.467 ms (11.5%)
Total tracing 8.677 s -
Total iast 9.293 s 615.789 ms (7.1%)
Total iast_HARDCODED_SECRET_DISABLED 9.281 s 603.983 ms (7.0%)
Total iast_TELEMETRY_OFF 9.233 s 556.519 ms (6.4%) 
gantt title insecure-bank - break down per module: candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (719.491 ms) : 0, 719491 BytebuddyAgent [candidate] (719.368 ms) : 0, 719368 GlobalTracer [baseline] (239.397 ms) : 0, 239397 GlobalTracer [candidate] (240.504 ms) : 0, 240504 AppSec [baseline] (54.347 ms) : 0, 54347 AppSec [candidate] (55.052 ms) : 0, 55052 Debugger [baseline] (4.378 ms) : 0, 4378 Debugger [candidate] (4.406 ms) : 0, 4406 Remote Config [baseline] (706.249 µs) : 0, 706 Remote Config [candidate] (700.909 µs) : 0, 701 Telemetry [baseline] (15.5 ms) : 0, 15500 Telemetry [candidate] (15.67 ms) : 0, 15670 section iast BytebuddyAgent [baseline] (836.949 ms) : 0, 836949 BytebuddyAgent [candidate] (844.358 ms) : 0, 844358 GlobalTracer [baseline] (229.481 ms) : 0, 229481 GlobalTracer [candidate] (230.486 ms) : 0, 230486 IAST [baseline] (22.841 ms) : 0, 22841 IAST [candidate] (22.816 ms) : 0, 22816 AppSec [baseline] (55.996 ms) : 0, 55996 AppSec [candidate] (56.384 ms) : 0, 56384 Debugger [baseline] (4.124 ms) : 0, 4124 Debugger [candidate] (4.213 ms) : 0, 4213 Remote Config [baseline] (618.456 µs) : 0, 618 Remote Config [candidate] (615.878 µs) : 0, 616 Telemetry [baseline] (8.695 ms) : 0, 8695 Telemetry [candidate] (8.782 ms) : 0, 8782 section iast_HARDCODED_SECRET_DISABLED BytebuddyAgent [baseline] (836.423 ms) : 0, 836423 BytebuddyAgent [candidate] (846.768 ms) : 0, 846768 GlobalTracer [baseline] (229.909 ms) : 0, 229909 GlobalTracer [candidate] (232.429 ms) : 0, 232429 IAST [baseline] (22.892 ms) : 0, 22892 IAST [candidate] (23.155 ms) : 0, 23155 AppSec [baseline] (55.877 ms) : 0, 55877 AppSec [candidate] (56.475 ms) : 0, 56475 Debugger [baseline] (4.164 ms) : 0, 4164 Debugger [candidate] (4.176 ms) : 0, 4176 Remote Config [baseline] (595.098 µs) : 0, 595 Remote Config [candidate] (604.295 µs) : 0, 604 Telemetry [baseline] (8.724 ms) : 0, 8724 Telemetry [candidate] (8.861 ms) : 0, 8861 section iast_TELEMETRY_OFF BytebuddyAgent [baseline] (835.562 ms) : 0, 835562 BytebuddyAgent [candidate] (835.053 ms) : 0, 835053 GlobalTracer [baseline] (230.398 ms) : 0, 230398 GlobalTracer [candidate] (230.133 ms) : 0, 230133 IAST [baseline] (22.628 ms) : 0, 22628 IAST [candidate] (22.363 ms) : 0, 22363 AppSec [baseline] (56.162 ms) : 0, 56162 AppSec [candidate] (56.273 ms) : 0, 56273 Debugger [baseline] (4.149 ms) : 0, 4149 Debugger [candidate] (4.2 ms) : 0, 4200 Remote Config [baseline] (608.036 µs) : 0, 608 Remote Config [candidate] (609.599 µs) : 0, 610 Telemetry [baseline] (8.628 ms) : 0, 8628 Telemetry [candidate] (8.612 ms) : 0, 8612
Loading
Startup time reports for petclinic 
gantt title petclinic - global startup overhead: candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section tracing Agent [baseline] (1.06 s) : 0, 1059693 Total [baseline] (10.538 s) : 0, 10538369 Agent [candidate] (1.048 s) : 0, 1047647 Total [candidate] (10.441 s) : 0, 10440752 section appsec Agent [baseline] (1.193 s) : 0, 1192607 Total [baseline] (10.78 s) : 0, 10780014 Agent [candidate] (1.193 s) : 0, 1193124 Total [candidate] (10.748 s) : 0, 10748024 section iast Agent [baseline] (1.191 s) : 0, 1191104 Total [baseline] (11.143 s) : 0, 11143009 Agent [candidate] (1.178 s) : 0, 1178369 Total [candidate] (11.037 s) : 0, 11037367 section profiling Agent [baseline] (1.27 s) : 0, 1270139 Total [baseline] (10.831 s) : 0, 10830754 Agent [candidate] (1.272 s) : 0, 1272448 Total [candidate] (10.858 s) : 0, 10857971
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.06 s -
Agent appsec 1.193 s 132.914 ms (12.5%)
Agent iast 1.191 s 131.411 ms (12.4%)
Agent profiling 1.27 s 210.446 ms (19.9%)
Total tracing 10.538 s -
Total appsec 10.78 s 241.646 ms (2.3%)
Total iast 11.143 s 604.64 ms (5.7%)
Total profiling 10.831 s 292.385 ms (2.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.048 s -
Agent appsec 1.193 s 145.477 ms (13.9%)
Agent iast 1.178 s 130.723 ms (12.5%)
Agent profiling 1.272 s 224.802 ms (21.5%)
Total tracing 10.441 s -
Total appsec 10.748 s 307.272 ms (2.9%)
Total iast 11.037 s 596.615 ms (5.7%)
Total profiling 10.858 s 417.219 ms (4.0%) 
gantt title petclinic - break down per module: candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (728.666 ms) : 0, 728666 BytebuddyAgent [candidate] (719.539 ms) : 0, 719539 GlobalTracer [baseline] (241.815 ms) : 0, 241815 GlobalTracer [candidate] (239.476 ms) : 0, 239476 AppSec [baseline] (54.58 ms) : 0, 54580 AppSec [candidate] (54.747 ms) : 0, 54747 Debugger [baseline] (4.41 ms) : 0, 4410 Debugger [candidate] (5.121 ms) : 0, 5121 Remote Config [baseline] (728.64 µs) : 0, 729 Remote Config [candidate] (704.303 µs) : 0, 704 Telemetry [baseline] (13.305 ms) : 0, 13305 Telemetry [candidate] (12.059 ms) : 0, 12059 section appsec BytebuddyAgent [baseline] (738.653 ms) : 0, 738653 BytebuddyAgent [candidate] (739.452 ms) : 0, 739452 GlobalTracer [baseline] (237.147 ms) : 0, 237147 GlobalTracer [candidate] (237.069 ms) : 0, 237069 IAST [baseline] (21.68 ms) : 0, 21680 IAST [candidate] (21.586 ms) : 0, 21586 AppSec [baseline] (176.735 ms) : 0, 176735 AppSec [candidate] (175.874 ms) : 0, 175874 Debugger [baseline] (4.313 ms) : 0, 4313 Debugger [candidate] (4.307 ms) : 0, 4307 Remote Config [baseline] (650.323 µs) : 0, 650 Remote Config [candidate] (638.039 µs) : 0, 638 Telemetry [baseline] (8.221 ms) : 0, 8221 Telemetry [candidate] (8.952 ms) : 0, 8952 section iast BytebuddyAgent [baseline] (850.849 ms) : 0, 850849 BytebuddyAgent [candidate] (839.165 ms) : 0, 839165 GlobalTracer [baseline] (231.591 ms) : 0, 231591 GlobalTracer [candidate] (230.595 ms) : 0, 230595 IAST [baseline] (22.983 ms) : 0, 22983 IAST [candidate] (22.925 ms) : 0, 22925 AppSec [baseline] (56.041 ms) : 0, 56041 AppSec [candidate] (56.145 ms) : 0, 56145 Debugger [baseline] (4.164 ms) : 0, 4164 Debugger [candidate] (4.191 ms) : 0, 4191 Remote Config [baseline] (593.553 µs) : 0, 594 Remote Config [candidate] (591.244 µs) : 0, 591 Telemetry [baseline] (8.774 ms) : 0, 8774 Telemetry [candidate] (8.743 ms) : 0, 8743 section profiling BytebuddyAgent [baseline] (709.564 ms) : 0, 709564 BytebuddyAgent [candidate] (710.206 ms) : 0, 710206 GlobalTracer [baseline] (349.701 ms) : 0, 349701 GlobalTracer [candidate] (350.769 ms) : 0, 350769 AppSec [baseline] (54.239 ms) : 0, 54239 AppSec [candidate] (53.706 ms) : 0, 53706 Debugger [baseline] (4.257 ms) : 0, 4257 Debugger [candidate] (4.309 ms) : 0, 4309 Remote Config [baseline] (692.366 µs) : 0, 692 Remote Config [candidate] (714.249 µs) : 0, 714 Telemetry [baseline] (8.911 ms) : 0, 8911 Telemetry [candidate] (9.002 ms) : 0, 9002 ProfilingAgent [baseline] (101.257 ms) : 0, 101257 ProfilingAgent [candidate] (101.98 ms) : 0, 101980 Profiling [baseline] (101.283 ms) : 0, 101283 Profiling [candidate] (102.006 ms) : 0, 102006
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-03-25T10:49:32 2025-03-25T10:57:15
git_branch master alejandro.gonzalez/APPSEC-57044-2
git_commit_date 1742897910 1742898373
git_commit_sha 771fa81 7db2f9d
release_version 1.48.0-SNAPSHOT~771fa819aa 1.48.0-SNAPSHOT~7db2f9d6a5
start_time 2025-03-25T10:49:18 2025-03-25T10:57:01
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1742900630 1742900630
ci_job_id 863032652 863032652
ci_pipeline_id 59871426 59871426
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-5gca-jya-project-304-concurrent-0-n78ysxgj 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-5gca-jya-project-304-concurrent-0-n78ysxgj 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 17 unstable metrics.

Request duration reports for insecure-bank 
gantt title insecure-bank - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section baseline no_agent (374.901 µs) : 355, 395 . : milestone, 375, iast (516.551 µs) : 494, 539 . : milestone, 517, iast_FULL (730.39 µs) : 708, 752 . : milestone, 730, iast_GLOBAL (560.269 µs) : 537, 583 . : milestone, 560, iast_HARDCODED_SECRET_DISABLED (503.267 µs) : 482, 525 . : milestone, 503, iast_INACTIVE (463.517 µs) : 442, 485 . : milestone, 464, iast_TELEMETRY_OFF (497.324 µs) : 476, 519 . : milestone, 497, tracing (460.128 µs) : 439, 481 . : milestone, 460, section candidate no_agent (380.629 µs) : 359, 403 . : milestone, 381, iast (510.592 µs) : 489, 533 . : milestone, 511, iast_FULL (721.013 µs) : 699, 743 . : milestone, 721, iast_GLOBAL (559.302 µs) : 537, 582 . : milestone, 559, iast_HARDCODED_SECRET_DISABLED (512.764 µs) : 491, 535 . : milestone, 513, iast_INACTIVE (463.905 µs) : 442, 486 . : milestone, 464, iast_TELEMETRY_OFF (498.368 µs) : 476, 521 . : milestone, 498, tracing (459.572 µs) : 439, 480 . : milestone, 460,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 374.901 µs [354.664 µs, 395.138 µs] -
iast 516.551 µs [494.177 µs, 538.924 µs] 141.65 µs (37.8%)
iast_FULL 730.39 µs [708.381 µs, 752.4 µs] 355.489 µs (94.8%)
iast_GLOBAL 560.269 µs [537.315 µs, 583.223 µs] 185.368 µs (49.4%)
iast_HARDCODED_SECRET_DISABLED 503.267 µs [481.563 µs, 524.972 µs] 128.366 µs (34.2%)
iast_INACTIVE 463.517 µs [441.787 µs, 485.247 µs] 88.616 µs (23.6%)
iast_TELEMETRY_OFF 497.324 µs [475.699 µs, 518.949 µs] 122.423 µs (32.7%)
tracing 460.128 µs [439.319 µs, 480.937 µs] 85.227 µs (22.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 380.629 µs [358.652 µs, 402.606 µs] -
iast 510.592 µs [488.656 µs, 532.528 µs] 129.963 µs (34.1%)
iast_FULL 721.013 µs [699.208 µs, 742.818 µs] 340.384 µs (89.4%)
iast_GLOBAL 559.302 µs [536.858 µs, 581.746 µs] 178.673 µs (46.9%)
iast_HARDCODED_SECRET_DISABLED 512.764 µs [490.744 µs, 534.783 µs] 132.134 µs (34.7%)
iast_INACTIVE 463.905 µs [442.297 µs, 485.513 µs] 83.276 µs (21.9%)
iast_TELEMETRY_OFF 498.368 µs [475.728 µs, 521.008 µs] 117.739 µs (30.9%)
tracing 459.572 µs [438.722 µs, 480.422 µs] 78.943 µs (20.7%)
Request duration reports for petclinic 
gantt title petclinic - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section baseline no_agent (1.343 ms) : 1324, 1362 . : milestone, 1343, appsec (1.722 ms) : 1699, 1745 . : milestone, 1722, appsec_no_iast (1.736 ms) : 1713, 1759 . : milestone, 1736, code_origins (1.67 ms) : 1644, 1696 . : milestone, 1670, iast (1.503 ms) : 1478, 1528 . : milestone, 1503, profiling (1.545 ms) : 1519, 1570 . : milestone, 1545, tracing (1.486 ms) : 1461, 1510 . : milestone, 1486, section candidate no_agent (1.353 ms) : 1333, 1373 . : milestone, 1353, appsec (1.704 ms) : 1680, 1728 . : milestone, 1704, appsec_no_iast (1.725 ms) : 1702, 1749 . : milestone, 1725, code_origins (1.671 ms) : 1643, 1699 . : milestone, 1671, iast (1.492 ms) : 1466, 1518 . : milestone, 1492, profiling (1.515 ms) : 1492, 1538 . : milestone, 1515, tracing (1.512 ms) : 1488, 1536 . : milestone, 1512,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.343 ms [1.324 ms, 1.362 ms] -
appsec 1.722 ms [1.699 ms, 1.745 ms] 379.036 µs (28.2%)
appsec_no_iast 1.736 ms [1.713 ms, 1.759 ms] 393.008 µs (29.3%)
code_origins 1.67 ms [1.644 ms, 1.696 ms] 326.874 µs (24.3%)
iast 1.503 ms [1.478 ms, 1.528 ms] 160.094 µs (11.9%)
profiling 1.545 ms [1.519 ms, 1.57 ms] 201.611 µs (15.0%)
tracing 1.486 ms [1.461 ms, 1.51 ms] 142.71 µs (10.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.353 ms [1.333 ms, 1.373 ms] -
appsec 1.704 ms [1.68 ms, 1.728 ms] 351.004 µs (25.9%)
appsec_no_iast 1.725 ms [1.702 ms, 1.749 ms] 372.339 µs (27.5%)
code_origins 1.671 ms [1.643 ms, 1.699 ms] 317.674 µs (23.5%)
iast 1.492 ms [1.466 ms, 1.518 ms] 138.835 µs (10.3%)
profiling 1.515 ms [1.492 ms, 1.538 ms] 161.687 µs (11.9%)
tracing 1.512 ms [1.488 ms, 1.536 ms] 158.676 µs (11.7%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-57044-2
git_commit_date 1742897910 1742898373
git_commit_sha 771fa81 7db2f9d
release_version 1.48.0-SNAPSHOT~771fa819aa 1.48.0-SNAPSHOT~7db2f9d6a5
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1742901027 1742901027
ci_job_id 863032653 863032653
ci_pipeline_id 59871426 59871426
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-jzzy7jrd-project-304-concurrent-3-bxptcx08 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-jzzy7jrd-project-304-concurrent-3-bxptcx08 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt title biojava - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section baseline no_agent (14.929 s) : 14929000, 14929000 . : milestone, 14929000, appsec (15.015 s) : 15015000, 15015000 . : milestone, 15015000, iast (18.395 s) : 18395000, 18395000 . : milestone, 18395000, iast_GLOBAL (18.076 s) : 18076000, 18076000 . : milestone, 18076000, profiling (15.182 s) : 15182000, 15182000 . : milestone, 15182000, tracing (15.203 s) : 15203000, 15203000 . : milestone, 15203000, section candidate no_agent (15.485 s) : 15485000, 15485000 . : milestone, 15485000, appsec (15.049 s) : 15049000, 15049000 . : milestone, 15049000, iast (18.857 s) : 18857000, 18857000 . : milestone, 18857000, iast_GLOBAL (17.853 s) : 17853000, 17853000 . : milestone, 17853000, profiling (15.185 s) : 15185000, 15185000 . : milestone, 15185000, tracing (15.046 s) : 15046000, 15046000 . : milestone, 15046000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.929 s [14.929 s, 14.929 s] -
appsec 15.015 s [15.015 s, 15.015 s] 86.0 ms (0.6%)
iast 18.395 s [18.395 s, 18.395 s] 3.466 s (23.2%)
iast_GLOBAL 18.076 s [18.076 s, 18.076 s] 3.147 s (21.1%)
profiling 15.182 s [15.182 s, 15.182 s] 253.0 ms (1.7%)
tracing 15.203 s [15.203 s, 15.203 s] 274.0 ms (1.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.485 s [15.485 s, 15.485 s] -
appsec 15.049 s [15.049 s, 15.049 s] -436.0 ms (-2.8%)
iast 18.857 s [18.857 s, 18.857 s] 3.372 s (21.8%)
iast_GLOBAL 17.853 s [17.853 s, 17.853 s] 2.368 s (15.3%)
profiling 15.185 s [15.185 s, 15.185 s] -300.0 ms (-1.9%)
tracing 15.046 s [15.046 s, 15.046 s] -439.0 ms (-2.8%)
Execution time for tomcat 
gantt title tomcat - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~7db2f9d6a5, baseline=1.48.0-SNAPSHOT~771fa819aa dateFormat X axisFormat %s section baseline no_agent (1.475 ms) : 1464, 1487 . : milestone, 1475, appsec (2.343 ms) : 2299, 2386 . : milestone, 2343, iast (2.118 ms) : 2063, 2174 . : milestone, 2118, iast_GLOBAL (2.168 ms) : 2112, 2224 . : milestone, 2168, profiling (1.994 ms) : 1949, 2039 . : milestone, 1994, tracing (1.945 ms) : 1903, 1988 . : milestone, 1945, section candidate no_agent (1.474 ms) : 1463, 1486 . : milestone, 1474, appsec (2.338 ms) : 2295, 2381 . : milestone, 2338, iast (2.127 ms) : 2072, 2182 . : milestone, 2127, iast_GLOBAL (2.164 ms) : 2108, 2219 . : milestone, 2164, profiling (1.978 ms) : 1934, 2023 . : milestone, 1978, tracing (1.945 ms) : 1903, 1987 . : milestone, 1945,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.475 ms [1.464 ms, 1.487 ms] -
appsec 2.343 ms [2.299 ms, 2.386 ms] 867.397 µs (58.8%)
iast 2.118 ms [2.063 ms, 2.174 ms] 642.97 µs (43.6%)
iast_GLOBAL 2.168 ms [2.112 ms, 2.224 ms] 692.421 µs (46.9%)
profiling 1.994 ms [1.949 ms, 2.039 ms] 518.794 µs (35.2%)
tracing 1.945 ms [1.903 ms, 1.988 ms] 469.757 µs (31.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.474 ms [1.463 ms, 1.486 ms] -
appsec 2.338 ms [2.295 ms, 2.381 ms] 863.715 µs (58.6%)
iast 2.127 ms [2.072 ms, 2.182 ms] 652.426 µs (44.3%)
iast_GLOBAL 2.164 ms [2.108 ms, 2.219 ms] 689.675 µs (46.8%)
profiling 1.978 ms [1.934 ms, 2.023 ms] 503.867 µs (34.2%)
tracing 1.945 ms [1.903 ms, 1.987 ms] 470.695 µs (31.9%)
@jandro996 jandro996 added this to the 1.48.0 milestone Mar 25, 2025
@jandro996 jandro996 added comp: asm iast Application Security Management (IAST) and removed comp: asm iast Application Security Management (IAST) labels Mar 25, 2025
@jandro996 jandro996 merged commit 7554714 into master Mar 25, 2025
259 of 269 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/APPSEC-57044-2 branch March 25, 2025 11:41
svc-squareup-copybara pushed a commit to cashapp/misk that referenced this pull request Apr 11, 2025
@github-cash-renovate-jvm-2 @svc-squareup-copybara
This PR contains the following updates:
d84dd5e 
| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | org.flywaydb.flyway | plugin | misk/gradle/libs.versions.toml | gradle | minor | `11.6.0` -> `11.7.0` | | [com.squareup.okio:okio-fakefilesystem](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.squareup.okio:okio](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `2.15.0` -> `2.16.0` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | --- ### Release Notes <details> <summary>square/okio (com.squareup.okio:okio-fakefilesystem)</summary> ### [`v3.11.0`](https://github.com/square/okio/blob/HEAD/CHANGELOG.md#Version-3110) *2025-04-09* - Fix: Clear the deflater's byte array reference - New: Faster implementation of `String.decodeHex()` on Kotlin/JS. - New: Declare `EXACTLY_ONCE` execution for blocks like `Closeable.use {}` and `FileSystem.read {}`. - Upgrade: \[Kotlin 2.1.20]\[kotlin\_2\_1\_20]. </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.16.0`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-2160) - \[Feat]: support `com.android.test` projects. - \[Feat]: support typesafe project accessors with opt-in. ```kotlin dependencyAnalysis { useTypesafeProjectAccessors(true) // false by default } ``` </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.48.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.1): 1.48.1 ### Components #### Tracer internal logging - 🐛 Remove print line causing unnecessary logs ([#&#8203;8687](DataDog/dd-trace-java#8687) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) ### [`v1.48.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.0): 1.48.0 ### Known Bugs > \[!NOTE] > If you are experiencing issues with spamming timeout logs, please update to the [latest version](https://github.com/DataDog/dd-trace-java/releases/latest) or set [JDK_SOCKET_ENABLED](https://github.com/DataDog/dd-trace-java/blob/33fc3c9a9b7cda3beda88b8b3e5224ae2b10764a/dd-trace-api/src/main/java/datadog/trace/api/config/GeneralConfig.java#L98) to false. ### Components #### Application Security Management (IAST) - ✨ Fix vulnerability location org.jose4j.lang.HashUtil ([#&#8203;8610](DataDog/dd-trace-java#8610) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Fix weak randomness in oracle.ucp.util.OpaqueString ([#&#8203;8609](DataDog/dd-trace-java#8609) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Fix weak hash false positive in oracle.security.o5logon.O5Logon ([#&#8203;8608](DataDog/dd-trace-java#8608) - [@&#8203;jandro996](https://github.com/jandro996)) - 🐛 Prevent before callsites targeting constructors in super calls ([#&#8203;8549](DataDog/dd-trace-java#8549) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### Application Security Management (WAF) - ✨ Update login events public SDK to V2 ([#&#8203;8620](DataDog/dd-trace-java#8620) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#&#8203;8573](DataDog/dd-trace-java#8573) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Improve detection of missing request end events ([#&#8203;8510](DataDog/dd-trace-java#8510) - [@&#8203;smola](https://github.com/smola)) - 🧹 Remove remote configuration for API Security sampling rate ([#&#8203;8486](DataDog/dd-trace-java#8486) - [@&#8203;smola](https://github.com/smola)) - ✨ Add setUser to user monitoring SDK ([#&#8203;8482](DataDog/dd-trace-java#8482) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add missing address for signup event ([#&#8203;8469](DataDog/dd-trace-java#8469) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Allow login events SDK to be used with appsec disabled ([#&#8203;8464](DataDog/dd-trace-java#8464) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add support for endpoint discovery in spring mvc ([#&#8203;8352](DataDog/dd-trace-java#8352) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ New API Security sampling algorithm ([#&#8203;8178](DataDog/dd-trace-java#8178) - [@&#8203;ValentinZakharov](https://github.com/ValentinZakharov)) #### Build & Tooling - ✨ Add buffer size customizability to JDK UDS support ([#&#8203;8629](DataDog/dd-trace-java#8629) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) - ✨ Add JDK built-in support for UDS on Java 16+ ([#&#8203;8314](DataDog/dd-trace-java#8314) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) #### Configuration at Runtime - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#&#8203;8573](DataDog/dd-trace-java#8573) - [@&#8203;jandro996](https://github.com/jandro996)) #### Continuous Integration Visibility - 🐛 Prevent double reporting of Scalatest events when using SBT with test forking ([#&#8203;8682](DataDog/dd-trace-java#8682) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Shutdown CI Visibility test event handlers before tracer ([#&#8203;8677](DataDog/dd-trace-java#8677) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Do not apply JUnit 4 instrumentation to MUnit runners ([#&#8203;8675](DataDog/dd-trace-java#8675), [#&#8203;8683](DataDog/dd-trace-java#8683) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Remove error log when source path resolution fails on isModified check ([#&#8203;8663](DataDog/dd-trace-java#8663) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Implement tests reordering for JUnit 4 ([#&#8203;8650](DataDog/dd-trace-java#8650) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - 🐛 Set default Attempt to Fix retries if none provided from the backend ([#&#8203;8615](DataDog/dd-trace-java#8615) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Allow to manually set PR info ([#&#8203;8566](DataDog/dd-trace-java#8566) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Fix Test Optimization init when repo root cannot be determined ([#&#8203;8533](DataDog/dd-trace-java#8533) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add capabilities tagging ([#&#8203;8499](DataDog/dd-trace-java#8499), [#&#8203;8540](DataDog/dd-trace-java#8540) - [@&#8203;daniel-mohedano](https://github.com/daniel-mohedano)) #### Crash tracking - 🐛 Remove dependency on bash from crash/oome uploder scripts ([#&#8203;8652](DataDog/dd-trace-java#8652) - [@&#8203;jbachorik](https://github.com/jbachorik)) #### Data Streams Monitoring - ✨ e2e pipeline configuration when data jobs is enabled ([#&#8203;8553](DataDog/dd-trace-java#8553) - [@&#8203;kr-igor](https://github.com/kr-igor)) #### Dynamic Instrumentation - 🐛 Fix In-Product when config is empty ([#&#8203;8679](DataDog/dd-trace-java#8679) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨ Add support for filtering shaded third-party libs ([#&#8203;8612](DataDog/dd-trace-java#8612) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨ Add In-Product Enablement ([#&#8203;8587](DataDog/dd-trace-java#8587) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨⚡ Reduce footprint of SourceFile tracking ([#&#8203;8524](DataDog/dd-trace-java#8524) - [@&#8203;jpbempel](https://github.com/jpbempel)) - ✨⚡ Optimize the SourceFile tracking ([#&#8203;8520](DataDog/dd-trace-java#8520) - [@&#8203;jpbempel](https://github.com/jpbempel)) #### OpenTracing - 🧹 Remove activeScope() use in OpenTracing shim ([#&#8203;8478](DataDog/dd-trace-java#8478) - [@&#8203;mcculls](https://github.com/mcculls)) #### Profiling - ✨ Add profiler env check command to AgentCLI ([#&#8203;8671](DataDog/dd-trace-java#8671) - [@&#8203;jbachorik](https://github.com/jbachorik)) - ✨ Bump ddprof to 1.23.0 ([#&#8203;8668](DataDog/dd-trace-java#8668) - [@&#8203;jbachorik](https://github.com/jbachorik)) - Fix a crash related to ElfParser::loadSymbolTable ([#&#8203;191](DataDog/dd-trace-java#191)) by [@&#8203;yanglong1010](https://github.com/yanglong1010) in DataDog/java-profiler#192 - Unwind String.indexOf intrinsic on AArch64 by [@&#8203;MattAlp](https://github.com/MattAlp) in DataDog/java-profiler#193 - Fix Java 24 support by [@&#8203;jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#194 - A set of fixes related to clang, aarch64 and musl pecularities of vmstructs stack unwinder by [@&#8203;jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#199 - 🐛 Remove process information from JFR recording ([#&#8203;8661](DataDog/dd-trace-java#8661) - [@&#8203;r1viollet](https://github.com/r1viollet)) - 🐛 Make TempLocationManager USER aware ([#&#8203;8605](DataDog/dd-trace-java#8605) - [@&#8203;jbachorik](https://github.com/jbachorik)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#&#8203;8561](DataDog/dd-trace-java#8561) - [@&#8203;wmouchere](https://github.com/wmouchere)) #### Telemetry - 🐛 Fix appsec.rasp.error and appsec.waf.error telemetry metrics ([#&#8203;8624](DataDog/dd-trace-java#8624) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Create metric: appsec.rasp.rule.skipped ([#&#8203;8618](DataDog/dd-trace-java#8618) - [@&#8203;jandro996](https://github.com/jandro996)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#&#8203;8561](DataDog/dd-trace-java#8561) - [@&#8203;wmouchere](https://github.com/wmouchere)) #### Testing - 🧹 Simplify ssi tests one-pipeline ([#&#8203;8558](DataDog/dd-trace-java#8558) - [@&#8203;robertomonteromiguel](https://github.com/robertomonteromiguel)) - ✨ Add smoke tests for java's concurrent API ([#&#8203;8438](DataDog/dd-trace-java#8438) - [@&#8203;sarahchen6](https://github.com/sarahchen6)) #### Trace context propagation - ✨ Adding Support for `TRACE_PROPAGATION_BEHAVIOR_EXTRACT` ([#&#8203;8535](DataDog/dd-trace-java#8535) - [@&#8203;mhlidd](https://github.com/mhlidd)) #### Tracer core - 🐛 Ensure shaded helpers have unique names ([#&#8203;8559](DataDog/dd-trace-java#8559) - [@&#8203;amarziali](https://github.com/amarziali)) - ✨ Support common config sources for user-provided git info ([#&#8203;8547](DataDog/dd-trace-java#8547) - [@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Make the default config sources more robust when a security manager is installed ([#&#8203;8544](DataDog/dd-trace-java#8544) - [@&#8203;mcculls](https://github.com/mcculls)) - ✨ Support targeting services with configurations in stable configuration file ([#&#8203;8526](DataDog/dd-trace-java#8526) - [@&#8203;mtoffl01](https://github.com/mtoffl01)) - ✨ Add new parser for `DD_TAGS` and prioritizing `DD_SERVICE` ([#&#8203;8296](DataDog/dd-trace-java#8296) - [@&#8203;mhlidd](https://github.com/mhlidd)) #### Tracer internal logging - 🐛 Add missing debug log for the cloudPayloadTaggingServices config ([#&#8203;8600](DataDog/dd-trace-java#8600) - [@&#8203;ygree](https://github.com/ygree)) - ✨ Add the possibility to output the logs of the Java tracer in JSON ([#&#8203;8083](DataDog/dd-trace-java#8083) - [@&#8203;cecile75](https://github.com/cecile75)) #### Tracer public API - ✨ Introducing `DD_TRACE_EXPERIMENTAL_FEATURES_ENABLED` Config ([#&#8203;8536](DataDog/dd-trace-java#8536) - [@&#8203;mhlidd](https://github.com/mhlidd)) - ✨ Config Consistency Round 2 ([#&#8203;8489](DataDog/dd-trace-java#8489) - [@&#8203;mhlidd](https://github.com/mhlidd)) ### Instrumentations #### - 🐛 Fix NPE in getMdcCopy of LoggingEventInstrumentation ([#&#8203;8599](DataDog/dd-trace-java#8599) - [@&#8203;ygree](https://github.com/ygree)) #### Apache Spark instrumentation - ✨ Instrument Runtime.exit() to finish spark application spans ([#&#8203;8572](DataDog/dd-trace-java#8572) - [@&#8203;paul-laffon-dd](https://github.com/paul-laffon-dd)) - ✨ Configure OpenLineage if present in Spark instrumentation ([#&#8203;8541](DataDog/dd-trace-java#8541) - [@&#8203;mobuchowski](https://github.com/mobuchowski)) #### Armeria Instrumentation - ✨ Support armeria grpc 1.32.3 ([#&#8203;8606](DataDog/dd-trace-java#8606) - [@&#8203;github-actions](https://github.com/github-actions)\[bot]) #### AWS DynamoDB Instrumentation - ✨ Create DynamoDB instrumentation + add span pointers for `updateItem` and `deleteItem` ([#&#8203;8490](DataDog/dd-trace-java#8490) - [@&#8203;nhulston](https://github.com/nhulston)) #### AWS SDK instrumentation - ✨ Add DynamoDB in DEFAULT_TRACE_CLOUD_PAYLOAD_TAGGING_SERVICES ([#&#8203;8595](DataDog/dd-trace-java#8595) - [@&#8203;joeyzhao2018](https://github.com/joeyzhao2018)) #### Azure Functions instrumentation - ✨ Enable tracer computed trace metrics by default for Azure Functions ([#&#8203;8518](DataDog/dd-trace-java#8518) - [@&#8203;duncanpharvey](https://github.com/duncanpharvey)) - 💡 Add azure-functions instrumentation ([#&#8203;8432](DataDog/dd-trace-java#8432) - [@&#8203;duncanpharvey](https://github.com/duncanpharvey)) #### Core Java language instrumentation - 🐛 Fix ForkJoinPool.execute() instrumentation on Java 21+ ([#&#8203;8560](DataDog/dd-trace-java#8560) - [@&#8203;PerfectSlayer](https://github.com/PerfectSlayer)) #### Eclipse Vert.x instrumentation - ✨ Add vertx postgresql client instrumentation ([#&#8203;8471](DataDog/dd-trace-java#8471) - [@&#8203;vandonr](https://github.com/vandonr) - thanks for the contribution!) #### Kafka instrumentation - ✨ Support and test kafka-clients 4 ([#&#8203;8581](DataDog/dd-trace-java#8581) - [@&#8203;amarziali](https://github.com/amarziali)) #### Kotlin instrumentation - ✨ Avoid disconnected traces when using Kotlin flowOn ([#&#8203;8651](DataDog/dd-trace-java#8651) - [@&#8203;mcculls](https://github.com/mcculls)) #### OpenTelemetry instrumentation - 🧹 Migrate OtelContext wrapper to new internal Context API ([#&#8203;8645](DataDog/dd-trace-java#8645) - [@&#8203;mcculls](https://github.com/mcculls)) #### Spring instrumentation - 🐛 Support CompletableFuture on spring webmvc controllers ([#&#8203;8659](DataDog/dd-trace-java#8659) - [@&#8203;amarziali](https://github.com/amarziali)) - ✨ Add support for endpoint discovery in spring mvc ([#&#8203;8352](DataDog/dd-trace-java#8352) - [@&#8203;manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### WebSocket Instrumentation - ✨ Instrument Jetty websocket pojo ([#&#8203;8562](DataDog/dd-trace-java#8562) - [@&#8203;amarziali](https://github.com/amarziali)) - 💡 Instrument Java Websocket API (JSR356) ([#&#8203;8440](DataDog/dd-trace-java#8440) - [@&#8203;amarziali](https://github.com/amarziali)) #### All other instrumentations - ✨ Introduce cache for peer.hostname lookup ([#&#8203;8601](DataDog/dd-trace-java#8601) - [@&#8203;mcculls](https://github.com/mcculls)) - ✨ Support pekko http 1.1 ([#&#8203;8532](DataDog/dd-trace-java#8532) - [@&#8203;amarziali](https://github.com/amarziali)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 331314f71acaced3adc75ea5d7e855c248d593fc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp: asm iast Application Security Management (IAST) type: enhancement Enhancements and improvements

3 participants

@jandro996 @smola @manuel-alvarez-alvarez