Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Increase IAST propagation to StringBuilder append #8010

Merged
merged 5 commits into from
Dec 12, 2024

Conversation

Mariovido
Copy link
Contributor

@Mariovido Mariovido commented Nov 25, 2024

What Does This Do

This adds the instrumentation to propagate the taint values through the following methods of StringBuilder:

  • append(CharSequence, int, int)
  • append(StringBuffer)

Motivation

Increase propagation of StringBuilder methods.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-55358

@Mariovido Mariovido added type: enhancement comp: asm iast Application Security Management (IAST) inst: java Core Java language instrumentation labels Nov 25, 2024
@smola smola removed the inst: java Core Java language instrumentation label Nov 25, 2024
@smola smola changed the title Increase propagation to StringBuilder append Increase IAST propagation to StringBuilder append Nov 25, 2024
@pr-commenter
Copy link

pr-commenter bot commented Nov 25, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/taint_tracking_string_builder_append
git_commit_date 1733945488 1733997811
git_commit_sha aa7092b 454fad6
release_version 1.44.0-SNAPSHOT~aa7092b92b 1.44.0-SNAPSHOT~454fad6e2a
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1734000294 1734000294
ci_job_id 736268933 736268933
ci_pipeline_id 50931199 50931199
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 53 metrics, 10 unstable metrics.

Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.097 s) : 0, 1096674
Total [baseline] (10.489 s) : 0, 10488627
Agent [candidate] (1.108 s) : 0, 1108168
Total [candidate] (10.521 s) : 0, 10520963
section appsec
Agent [baseline] (1.231 s) : 0, 1231273
Total [baseline] (10.747 s) : 0, 10746646
Agent [candidate] (1.228 s) : 0, 1228159
Total [candidate] (10.752 s) : 0, 10752471
section iast
Agent [baseline] (1.229 s) : 0, 1229298
Total [baseline] (11.047 s) : 0, 11047244
Agent [candidate] (1.221 s) : 0, 1220916
Total [candidate] (11.014 s) : 0, 11013886
section profiling
Agent [baseline] (1.321 s) : 0, 1321484
Total [baseline] (10.836 s) : 0, 10836318
Agent [candidate] (1.325 s) : 0, 1324525
Total [candidate] (10.817 s) : 0, 10816518
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.097 s -
Agent appsec 1.231 s 134.599 ms (12.3%)
Agent iast 1.229 s 132.624 ms (12.1%)
Agent profiling 1.321 s 224.81 ms (20.5%)
Total tracing 10.489 s -
Total appsec 10.747 s 258.019 ms (2.5%)
Total iast 11.047 s 558.617 ms (5.3%)
Total profiling 10.836 s 347.691 ms (3.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.108 s -
Agent appsec 1.228 s 119.991 ms (10.8%)
Agent iast 1.221 s 112.748 ms (10.2%)
Agent profiling 1.325 s 216.357 ms (19.5%)
Total tracing 10.521 s -
Total appsec 10.752 s 231.508 ms (2.2%)
Total iast 11.014 s 492.923 ms (4.7%)
Total profiling 10.817 s 295.555 ms (2.8%)
gantt
    title petclinic - break down per module: candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (698.61 ms) : 0, 698610
BytebuddyAgent [candidate] (705.41 ms) : 0, 705410
GlobalTracer [baseline] (318.913 ms) : 0, 318913
GlobalTracer [candidate] (322.224 ms) : 0, 322224
AppSec [baseline] (54.719 ms) : 0, 54719
AppSec [candidate] (55.213 ms) : 0, 55213
Remote Config [baseline] (680.989 µs) : 0, 681
Remote Config [candidate] (707.133 µs) : 0, 707
Telemetry [baseline] (9.943 ms) : 0, 9943
Telemetry [candidate] (10.7 ms) : 0, 10700
section appsec
BytebuddyAgent [baseline] (715.062 ms) : 0, 715062
BytebuddyAgent [candidate] (712.757 ms) : 0, 712757
GlobalTracer [baseline] (315.567 ms) : 0, 315567
GlobalTracer [candidate] (315.071 ms) : 0, 315071
AppSec [baseline] (168.387 ms) : 0, 168387
AppSec [candidate] (167.814 ms) : 0, 167814
IAST [baseline] (19.112 ms) : 0, 19112
IAST [candidate] (19.108 ms) : 0, 19108
Remote Config [baseline] (1.038 ms) : 0, 1038
Remote Config [candidate] (657.488 µs) : 0, 657
Telemetry [baseline] (7.899 ms) : 0, 7899
Telemetry [candidate] (8.551 ms) : 0, 8551
section iast
BytebuddyAgent [baseline] (819.765 ms) : 0, 819765
BytebuddyAgent [candidate] (813.894 ms) : 0, 813894
GlobalTracer [baseline] (307.732 ms) : 0, 307732
GlobalTracer [candidate] (306.237 ms) : 0, 306237
AppSec [baseline] (58.295 ms) : 0, 58295
AppSec [candidate] (56.993 ms) : 0, 56993
IAST [baseline] (21.324 ms) : 0, 21324
IAST [candidate] (21.844 ms) : 0, 21844
Remote Config [baseline] (659.52 µs) : 0, 660
Remote Config [candidate] (649.281 µs) : 0, 649
Telemetry [baseline] (7.682 ms) : 0, 7682
Telemetry [candidate] (7.521 ms) : 0, 7521
section profiling
BytebuddyAgent [baseline] (691.05 ms) : 0, 691050
BytebuddyAgent [candidate] (695.424 ms) : 0, 695424
GlobalTracer [baseline] (434.913 ms) : 0, 434913
GlobalTracer [candidate] (433.597 ms) : 0, 433597
AppSec [baseline] (53.827 ms) : 0, 53827
AppSec [candidate] (53.818 ms) : 0, 53818
Remote Config [baseline] (677.855 µs) : 0, 678
Remote Config [candidate] (655.718 µs) : 0, 656
Telemetry [baseline] (7.756 ms) : 0, 7756
Telemetry [candidate] (7.733 ms) : 0, 7733
ProfilingAgent [baseline] (94.066 ms) : 0, 94066
ProfilingAgent [candidate] (93.844 ms) : 0, 93844
Profiling [baseline] (94.089 ms) : 0, 94089
Profiling [candidate] (93.868 ms) : 0, 93868
Loading
Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.1 s) : 0, 1100003
Total [baseline] (8.675 s) : 0, 8674846
Agent [candidate] (1.1 s) : 0, 1100188
Total [candidate] (8.698 s) : 0, 8697897
section iast
Agent [baseline] (1.22 s) : 0, 1219897
Total [baseline] (9.223 s) : 0, 9222533
Agent [candidate] (1.221 s) : 0, 1220975
Total [candidate] (9.214 s) : 0, 9214275
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.226 s) : 0, 1226132
Total [baseline] (9.153 s) : 0, 9153259
Agent [candidate] (1.22 s) : 0, 1219847
Total [candidate] (9.185 s) : 0, 9184702
section iast_TELEMETRY_OFF
Agent [baseline] (1.217 s) : 0, 1217236
Total [baseline] (9.173 s) : 0, 9173389
Agent [candidate] (1.215 s) : 0, 1215222
Total [candidate] (9.178 s) : 0, 9177722
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.1 s -
Agent iast 1.22 s 119.894 ms (10.9%)
Agent iast_HARDCODED_SECRET_DISABLED 1.226 s 126.13 ms (11.5%)
Agent iast_TELEMETRY_OFF 1.217 s 117.234 ms (10.7%)
Total tracing 8.675 s -
Total iast 9.223 s 547.687 ms (6.3%)
Total iast_HARDCODED_SECRET_DISABLED 9.153 s 478.414 ms (5.5%)
Total iast_TELEMETRY_OFF 9.173 s 498.543 ms (5.7%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.1 s -
Agent iast 1.221 s 120.787 ms (11.0%)
Agent iast_HARDCODED_SECRET_DISABLED 1.22 s 119.659 ms (10.9%)
Agent iast_TELEMETRY_OFF 1.215 s 115.034 ms (10.5%)
Total tracing 8.698 s -
Total iast 9.214 s 516.379 ms (5.9%)
Total iast_HARDCODED_SECRET_DISABLED 9.185 s 486.805 ms (5.6%)
Total iast_TELEMETRY_OFF 9.178 s 479.826 ms (5.5%)
gantt
    title insecure-bank - break down per module: candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (700.272 ms) : 0, 700272
BytebuddyAgent [candidate] (700.883 ms) : 0, 700883
GlobalTracer [baseline] (317.615 ms) : 0, 317615
GlobalTracer [candidate] (319.302 ms) : 0, 319302
AppSec [baseline] (54.861 ms) : 0, 54861
AppSec [candidate] (54.834 ms) : 0, 54834
Remote Config [baseline] (696.449 µs) : 0, 696
Remote Config [candidate] (687.395 µs) : 0, 687
Telemetry [baseline] (12.788 ms) : 0, 12788
Telemetry [candidate] (10.615 ms) : 0, 10615
section iast
BytebuddyAgent [baseline] (813.077 ms) : 0, 813077
BytebuddyAgent [candidate] (813.823 ms) : 0, 813823
GlobalTracer [baseline] (305.857 ms) : 0, 305857
GlobalTracer [candidate] (305.739 ms) : 0, 305739
AppSec [baseline] (57.194 ms) : 0, 57194
AppSec [candidate] (58.008 ms) : 0, 58008
IAST [baseline] (21.866 ms) : 0, 21866
IAST [candidate] (21.381 ms) : 0, 21381
Remote Config [baseline] (637.174 µs) : 0, 637
Remote Config [candidate] (667.338 µs) : 0, 667
Telemetry [baseline] (7.53 ms) : 0, 7530
Telemetry [candidate] (7.568 ms) : 0, 7568
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (818.487 ms) : 0, 818487
BytebuddyAgent [candidate] (813.234 ms) : 0, 813234
GlobalTracer [baseline] (306.433 ms) : 0, 306433
GlobalTracer [candidate] (305.469 ms) : 0, 305469
AppSec [baseline] (57.811 ms) : 0, 57811
AppSec [candidate] (56.428 ms) : 0, 56428
IAST [baseline] (21.203 ms) : 0, 21203
IAST [candidate] (22.794 ms) : 0, 22794
Remote Config [baseline] (650.366 µs) : 0, 650
Remote Config [candidate] (639.692 µs) : 0, 640
Telemetry [baseline] (7.579 ms) : 0, 7579
Telemetry [candidate] (7.486 ms) : 0, 7486
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (810.8 ms) : 0, 810800
BytebuddyAgent [candidate] (809.62 ms) : 0, 809620
GlobalTracer [baseline] (305.182 ms) : 0, 305182
GlobalTracer [candidate] (305.606 ms) : 0, 305606
AppSec [baseline] (57.735 ms) : 0, 57735
AppSec [candidate] (56.927 ms) : 0, 56927
IAST [baseline] (21.593 ms) : 0, 21593
IAST [candidate] (21.278 ms) : 0, 21278
Remote Config [baseline] (657.751 µs) : 0, 658
Remote Config [candidate] (623.921 µs) : 0, 624
Telemetry [baseline] (7.514 ms) : 0, 7514
Telemetry [candidate] (7.42 ms) : 0, 7420
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-12-12T10:14:59 2024-12-12T10:21:56
git_branch master mario.vidal/taint_tracking_string_builder_append
git_commit_date 1733945488 1733997811
git_commit_sha aa7092b 454fad6
release_version 1.44.0-SNAPSHOT~aa7092b92b 1.44.0-SNAPSHOT~454fad6e2a
start_time 2024-12-12T10:14:46 2024-12-12T10:21:43
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1733999268 1733999268
ci_job_id 736268934 736268934
ci_pipeline_id 50931199 50931199
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.353 ms) : 1333, 1372
.   : milestone, 1353,
appsec (1.748 ms) : 1723, 1773
.   : milestone, 1748,
appsec_no_iast (1.738 ms) : 1713, 1763
.   : milestone, 1738,
iast (1.494 ms) : 1470, 1517
.   : milestone, 1494,
profiling (1.502 ms) : 1479, 1525
.   : milestone, 1502,
tracing (1.492 ms) : 1467, 1517
.   : milestone, 1492,
section candidate
no_agent (1.343 ms) : 1323, 1362
.   : milestone, 1343,
appsec (1.728 ms) : 1705, 1752
.   : milestone, 1728,
appsec_no_iast (1.741 ms) : 1715, 1766
.   : milestone, 1741,
iast (1.495 ms) : 1472, 1518
.   : milestone, 1495,
profiling (1.479 ms) : 1456, 1503
.   : milestone, 1479,
tracing (1.477 ms) : 1453, 1501
.   : milestone, 1477,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.353 ms [1.333 ms, 1.372 ms] -
appsec 1.748 ms [1.723 ms, 1.773 ms] 395.482 µs (29.2%)
appsec_no_iast 1.738 ms [1.713 ms, 1.763 ms] 385.396 µs (28.5%)
iast 1.494 ms [1.47 ms, 1.517 ms] 141.074 µs (10.4%)
profiling 1.502 ms [1.479 ms, 1.525 ms] 149.653 µs (11.1%)
tracing 1.492 ms [1.467 ms, 1.517 ms] 139.689 µs (10.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.343 ms [1.323 ms, 1.362 ms] -
appsec 1.728 ms [1.705 ms, 1.752 ms] 385.5 µs (28.7%)
appsec_no_iast 1.741 ms [1.715 ms, 1.766 ms] 397.691 µs (29.6%)
iast 1.495 ms [1.472 ms, 1.518 ms] 151.935 µs (11.3%)
profiling 1.479 ms [1.456 ms, 1.503 ms] 136.257 µs (10.1%)
tracing 1.477 ms [1.453 ms, 1.501 ms] 133.931 µs (10.0%)
Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b
    dateFormat X
    axisFormat %s
section baseline
no_agent (370.356 µs) : 351, 390
.   : milestone, 370,
iast (487.494 µs) : 466, 509
.   : milestone, 487,
iast_FULL (647.204 µs) : 626, 669
.   : milestone, 647,
iast_GLOBAL (522.899 µs) : 500, 546
.   : milestone, 523,
iast_HARDCODED_SECRET_DISABLED (492.328 µs) : 470, 514
.   : milestone, 492,
iast_INACTIVE (446.687 µs) : 426, 468
.   : milestone, 447,
iast_TELEMETRY_OFF (474.577 µs) : 453, 496
.   : milestone, 475,
tracing (448.423 µs) : 427, 470
.   : milestone, 448,
section candidate
no_agent (374.946 µs) : 355, 395
.   : milestone, 375,
iast (492.24 µs) : 470, 514
.   : milestone, 492,
iast_FULL (649.224 µs) : 628, 671
.   : milestone, 649,
iast_GLOBAL (516.618 µs) : 495, 538
.   : milestone, 517,
iast_HARDCODED_SECRET_DISABLED (488.321 µs) : 467, 510
.   : milestone, 488,
iast_INACTIVE (454.794 µs) : 434, 476
.   : milestone, 455,
iast_TELEMETRY_OFF (478.609 µs) : 457, 500
.   : milestone, 479,
tracing (451.709 µs) : 430, 473
.   : milestone, 452,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.356 µs [350.727 µs, 389.985 µs] -
iast 487.494 µs [466.038 µs, 508.949 µs] 117.137 µs (31.6%)
iast_FULL 647.204 µs [625.628 µs, 668.781 µs] 276.848 µs (74.8%)
iast_GLOBAL 522.899 µs [499.887 µs, 545.911 µs] 152.543 µs (41.2%)
iast_HARDCODED_SECRET_DISABLED 492.328 µs [470.327 µs, 514.329 µs] 121.972 µs (32.9%)
iast_INACTIVE 446.687 µs [425.653 µs, 467.72 µs] 76.33 µs (20.6%)
iast_TELEMETRY_OFF 474.577 µs [453.351 µs, 495.804 µs] 104.221 µs (28.1%)
tracing 448.423 µs [426.856 µs, 469.99 µs] 78.067 µs (21.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 374.946 µs [354.689 µs, 395.203 µs] -
iast 492.24 µs [470.348 µs, 514.132 µs] 117.294 µs (31.3%)
iast_FULL 649.224 µs [627.608 µs, 670.841 µs] 274.278 µs (73.2%)
iast_GLOBAL 516.618 µs [494.978 µs, 538.259 µs] 141.672 µs (37.8%)
iast_HARDCODED_SECRET_DISABLED 488.321 µs [466.989 µs, 509.653 µs] 113.375 µs (30.2%)
iast_INACTIVE 454.794 µs [433.775 µs, 475.813 µs] 79.848 µs (21.3%)
iast_TELEMETRY_OFF 478.609 µs [456.988 µs, 500.229 µs] 103.662 µs (27.6%)
tracing 451.709 µs [430.033 µs, 473.384 µs] 76.762 µs (20.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/taint_tracking_string_builder_append
git_commit_date 1733945488 1733997811
git_commit_sha aa7092b 454fad6
release_version 1.44.0-SNAPSHOT~aa7092b92b 1.44.0-SNAPSHOT~454fad6e2a
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1733999998 1733999998
ci_job_id 736268935 736268935
ci_pipeline_id 50931199 50931199
cpu_model Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.483 ms) : 1471, 1494
.   : milestone, 1483,
appsec (2.626 ms) : 2557, 2694
.   : milestone, 2626,
iast (2.397 ms) : 2313, 2481
.   : milestone, 2397,
iast_GLOBAL (2.435 ms) : 2351, 2519
.   : milestone, 2435,
profiling (2.271 ms) : 2199, 2343
.   : milestone, 2271,
tracing (2.21 ms) : 2142, 2277
.   : milestone, 2210,
section candidate
no_agent (1.484 ms) : 1472, 1496
.   : milestone, 1484,
appsec (2.624 ms) : 2556, 2692
.   : milestone, 2624,
iast (2.4 ms) : 2316, 2484
.   : milestone, 2400,
iast_GLOBAL (2.444 ms) : 2359, 2528
.   : milestone, 2444,
profiling (2.264 ms) : 2192, 2335
.   : milestone, 2264,
tracing (2.209 ms) : 2141, 2277
.   : milestone, 2209,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.483 ms [1.471 ms, 1.494 ms] -
appsec 2.626 ms [2.557 ms, 2.694 ms] 1.143 ms (77.1%)
iast 2.397 ms [2.313 ms, 2.481 ms] 914.201 µs (61.7%)
iast_GLOBAL 2.435 ms [2.351 ms, 2.519 ms] 952.405 µs (64.2%)
profiling 2.271 ms [2.199 ms, 2.343 ms] 788.385 µs (53.2%)
tracing 2.21 ms [2.142 ms, 2.277 ms] 727.205 µs (49.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.484 ms [1.472 ms, 1.496 ms] -
appsec 2.624 ms [2.556 ms, 2.692 ms] 1.14 ms (76.8%)
iast 2.4 ms [2.316 ms, 2.484 ms] 915.495 µs (61.7%)
iast_GLOBAL 2.444 ms [2.359 ms, 2.528 ms] 959.744 µs (64.7%)
profiling 2.264 ms [2.192 ms, 2.335 ms] 779.373 µs (52.5%)
tracing 2.209 ms [2.141 ms, 2.277 ms] 724.778 µs (48.8%)
Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~454fad6e2a, baseline=1.44.0-SNAPSHOT~aa7092b92b
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.055 s) : 15055000, 15055000
.   : milestone, 15055000,
appsec (14.696 s) : 14696000, 14696000
.   : milestone, 14696000,
iast (18.274 s) : 18274000, 18274000
.   : milestone, 18274000,
iast_GLOBAL (17.225 s) : 17225000, 17225000
.   : milestone, 17225000,
profiling (15.353 s) : 15353000, 15353000
.   : milestone, 15353000,
tracing (14.577 s) : 14577000, 14577000
.   : milestone, 14577000,
section candidate
no_agent (14.936 s) : 14936000, 14936000
.   : milestone, 14936000,
appsec (14.853 s) : 14853000, 14853000
.   : milestone, 14853000,
iast (18.346 s) : 18346000, 18346000
.   : milestone, 18346000,
iast_GLOBAL (17.265 s) : 17265000, 17265000
.   : milestone, 17265000,
profiling (14.437 s) : 14437000, 14437000
.   : milestone, 14437000,
tracing (14.598 s) : 14598000, 14598000
.   : milestone, 14598000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.055 s [15.055 s, 15.055 s] -
appsec 14.696 s [14.696 s, 14.696 s] -359.0 ms (-2.4%)
iast 18.274 s [18.274 s, 18.274 s] 3.219 s (21.4%)
iast_GLOBAL 17.225 s [17.225 s, 17.225 s] 2.17 s (14.4%)
profiling 15.353 s [15.353 s, 15.353 s] 298.0 ms (2.0%)
tracing 14.577 s [14.577 s, 14.577 s] -478.0 ms (-3.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.936 s [14.936 s, 14.936 s] -
appsec 14.853 s [14.853 s, 14.853 s] -83.0 ms (-0.6%)
iast 18.346 s [18.346 s, 18.346 s] 3.41 s (22.8%)
iast_GLOBAL 17.265 s [17.265 s, 17.265 s] 2.329 s (15.6%)
profiling 14.437 s [14.437 s, 14.437 s] -499.0 ms (-3.3%)
tracing 14.598 s [14.598 s, 14.598 s] -338.0 ms (-2.3%)

@Mariovido Mariovido marked this pull request as ready for review November 25, 2024 11:23
@Mariovido Mariovido requested review from a team as code owners November 25, 2024 11:23
@Mariovido Mariovido requested a review from smola November 28, 2024 09:19
@Mariovido Mariovido merged commit bdbc145 into master Dec 12, 2024
150 checks passed
@Mariovido Mariovido deleted the mario.vidal/taint_tracking_string_builder_append branch December 12, 2024 10:49
@github-actions github-actions bot added this to the 1.44.0 milestone Dec 12, 2024
svc-squareup-copybara pushed a commit to cashapp/misk that referenced this pull request Dec 16, 2024
| Package | Type | Package file | Manager | Update | Change |
|---|---|---|---|---|---|
|
[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`2.49.0` -> `2.50.0` |
|
[com.google.cloud:google-cloud-core-http](https://github.com/googleapis/sdk-platform-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`2.48.0` -> `2.49.0` |
|
[com.google.cloud:google-cloud-spanner](https://github.com/googleapis/java-spanner)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`6.82.0` -> `6.83.0` |
|
[com.google.cloud:google-cloud-logging](https://github.com/googleapis/java-logging)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`3.20.7` -> `3.21.0` |
|
[com.google.cloud:google-cloud-datastore](https://github.com/googleapis/java-datastore)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`2.24.3` -> `2.25.1` |
|
[com.google.cloud:google-cloud-core](https://github.com/googleapis/sdk-platform-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`2.48.0` -> `2.49.0` |
| [com.google.api:gax](https://github.com/googleapis/sdk-platform-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`2.58.0` -> `2.59.0` |
|
[com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin)
| plugin | misk/gradle/libs.versions.toml | gradle | patch | `2.6.0` ->
`2.6.1` |
| [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`1.43.0` -> `1.44.1` |
| [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java)
| dependencies | misk/gradle/libs.versions.toml | gradle | minor |
`1.43.0` -> `1.44.1` |
| [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) |
dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
|
[software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava)
| dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
| [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) |
dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
| [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) |
dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
| [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) |
dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
| [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) |
dependencies | misk/gradle/libs.versions.toml | gradle | patch |
`2.29.32` -> `2.29.34` |
| [com.amazonaws:aws-java-sdk-sqs](https://aws.amazon.com/sdkforjava)
([source](https://github.com/aws/aws-sdk-java)) | dependencies |
misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` ->
`1.12.780` |
| [com.amazonaws:aws-java-sdk-s3](https://aws.amazon.com/sdkforjava)
([source](https://github.com/aws/aws-sdk-java)) | dependencies |
misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` ->
`1.12.780` |
|
[com.amazonaws:aws-java-sdk-dynamodb](https://aws.amazon.com/sdkforjava)
([source](https://github.com/aws/aws-sdk-java)) | dependencies |
misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` ->
`1.12.780` |
| [com.amazonaws:aws-java-sdk-core](https://aws.amazon.com/sdkforjava)
([source](https://github.com/aws/aws-sdk-java)) | dependencies |
misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` ->
`1.12.780` |

---

### Release Notes

<details>
<summary>googleapis/sdk-platform-java
(com.google.api.grpc:proto-google-common-protos)</summary>

###
[`v2.50.0`](https://github.com/googleapis/sdk-platform-java/blob/HEAD/CHANGELOG.md#2500-2024-11-14)

##### Features

- Add experimental S2A integration in client libraries grpc transport
([#&#8203;3326](googleapis/sdk-platform-java#3326))
([1138ca6](googleapis/sdk-platform-java@1138ca6))
- enable selective generation based on service config include list
([#&#8203;3323](googleapis/sdk-platform-java#3323))
([0cddadb](googleapis/sdk-platform-java@0cddadb))
- introduce `java.time` to java-core
([#&#8203;3330](googleapis/sdk-platform-java#3330))
([f202c3b](googleapis/sdk-platform-java@f202c3b))
- Update Gapic-Generator to generate libraries using `java.time` methods
([#&#8203;3321](googleapis/sdk-platform-java#3321))
([b21c9a4](googleapis/sdk-platform-java@b21c9a4))

##### Bug Fixes

- Fix flaky test
ScheduledRetryingExecutorTest.testCancelOuterFutureAfterStart
([#&#8203;3335](googleapis/sdk-platform-java#3335))
([e73740d](googleapis/sdk-platform-java@e73740d))
- httpjson callables to trace attempts (started, failed)
([#&#8203;3300](googleapis/sdk-platform-java#3300))
([15a64ee](googleapis/sdk-platform-java@15a64ee))
- instantiate GaxProperties at build time to ensure we get the protobuf
version
([#&#8203;3365](googleapis/sdk-platform-java#3365))
([bb2a3be](googleapis/sdk-platform-java@bb2a3be))
- protobuf version not always getting set in headers
([#&#8203;3322](googleapis/sdk-platform-java#3322))
([7f6e470](googleapis/sdk-platform-java@7f6e470))
- use BuildKit instead of legacy builder to build the Hermetic Build
images
([#&#8203;3338](googleapis/sdk-platform-java#3338))
([222fb45](googleapis/sdk-platform-java@222fb45))

##### Dependencies

- update google auth library dependencies to v1.30.0
([#&#8203;3367](googleapis/sdk-platform-java#3367))
([a31c682](googleapis/sdk-platform-java@a31c682))
- update grpc dependencies to v1.68.1
([#&#8203;3240](googleapis/sdk-platform-java#3240))
([c8e3941](googleapis/sdk-platform-java@c8e3941))

##### Documentation

- fix list num
([#&#8203;3356](googleapis/sdk-platform-java#3356))
([b7d6296](googleapis/sdk-platform-java@b7d6296))
- **hermetic-build:** indicate usage of Docker Buildkit in development
guide
([#&#8203;3337](googleapis/sdk-platform-java#3337))
([01e742d](googleapis/sdk-platform-java@01e742d))
- modify hermetic build docs
([#&#8203;3331](googleapis/sdk-platform-java#3331))
([25023af](googleapis/sdk-platform-java@25023af))

</details>

<details>
<summary>googleapis/java-spanner
(com.google.cloud:google-cloud-spanner)</summary>

###
[`v6.83.0`](https://github.com/googleapis/java-spanner/blob/HEAD/CHANGELOG.md#6830-2024-12-13)

##### Features

- Add Metrics host for built in metrics
([#&#8203;3519](googleapis/java-spanner#3519))
([4ed455a](googleapis/java-spanner@4ed455a))
- Add opt-in for using multiplexed sessions for blind writes
([#&#8203;3540](googleapis/java-spanner#3540))
([216f53e](googleapis/java-spanner@216f53e))
- Add UUID in Spanner TypeCode enum
([41f83dc](googleapis/java-spanner@41f83dc))
- Introduce java.time variables and methods
([#&#8203;3495](googleapis/java-spanner#3495))
([8a7d533](googleapis/java-spanner@8a7d533))
- **spanner:** Support multiplexed session for Partitioned operations
([#&#8203;3231](googleapis/java-spanner#3231))
([4501a3e](googleapis/java-spanner@4501a3e))
- Support 'set local' for retry_aborts_internally
([#&#8203;3532](googleapis/java-spanner#3532))
([331942f](googleapis/java-spanner@331942f))

##### Bug Fixes

- **deps:** Update the Java code generator (gapic-generator-java) to
2.51.0
([41f83dc](googleapis/java-spanner@41f83dc))

##### Dependencies

- Update sdk platform java dependencies
([#&#8203;3549](googleapis/java-spanner#3549))
([6235f0f](googleapis/java-spanner@6235f0f))

</details>

<details>
<summary>googleapis/java-logging
(com.google.cloud:google-cloud-logging)</summary>

###
[`v3.21.0`](https://github.com/googleapis/java-logging/blob/HEAD/CHANGELOG.md#3210-2024-12-13)

##### Features

- Introduce `java.time` methods
([#&#8203;1729](googleapis/java-logging#1729))
([323eb33](googleapis/java-logging@323eb33))

##### Bug Fixes

- **deps:** Update the Java code generator (gapic-generator-java) to
2.51.0
([04d8868](googleapis/java-logging@04d8868))

##### Dependencies

- Update dependency io.opentelemetry:opentelemetry-bom to v1.45.0
([#&#8203;1638](googleapis/java-logging#1638))
([7e007d4](googleapis/java-logging@7e007d4))
- Update sdk platform java dependencies
([#&#8203;1736](googleapis/java-logging#1736))
([88b4cdf](googleapis/java-logging@88b4cdf))

</details>

<details>
<summary>googleapis/java-datastore
(com.google.cloud:google-cloud-datastore)</summary>

###
[`v2.25.1`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2251-2024-12-13)

##### Bug Fixes

- **deps:** Update the Java code generator (gapic-generator-java) to
2.51.0
([106ee4d](googleapis/java-datastore@106ee4d))

##### Dependencies

- Update sdk platform java dependencies
([#&#8203;1685](googleapis/java-datastore#1685))
([4372350](googleapis/java-datastore@4372350))

###
[`v2.25.0`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2250-2024-12-11)

##### Features

- Introduce `java.time` methods and variables
([#&#8203;1671](googleapis/java-datastore#1671))
([5a78a80](googleapis/java-datastore@5a78a80))

##### Dependencies

- Update dependency com.google.cloud:gapic-libraries-bom to v1.48.0
([#&#8203;1605](googleapis/java-datastore#1605))
([5c6a678](googleapis/java-datastore@5c6a678))

##### Documentation

- Update gapic upgrade installation instructions
([#&#8203;1677](googleapis/java-datastore#1677))
([b3fbfcc](googleapis/java-datastore@b3fbfcc))

</details>

<details>
<summary>autonomousapps/dependency-analysis-android-gradle-plugin
(com.autonomousapps.dependency-analysis)</summary>

###
[`v2.6.1`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-261)

-   \[Fix]: `superClassName` can be null (Object has no superclass).

</details>

<details>
<summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary>

###
[`v1.44.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.1):
1.44.1

##### Components

##### Continuous Integration Visibility

- 🐛 Fix tracing JUnit5 tests in Maven projects with multiple forks
([#&#8203;8089](DataDog/dd-trace-java#8089) -
[@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog))

###
[`v1.44.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.0):
1.44.0

##### Known Issues

> \[!WARNING]\
> This release contains a known issue that causes failures when using
Test Optimization to trace JUnit 5 tests in a Maven project where Maven
Surefire is configured with `forkCount` > 1.
> The issue is fixed in v1.44.1

##### Breaking Changes

> \[!WARNING]\
> Support for `X-Forwarded` header is dropped from default client IP
resolution.
> It can still be re-activated using the
`dd.trace.client-ip-header=x-forwarded` system property, or the
`DD_TRACE_CLIENT_IP_HEADER=x-forwarded` environment variable. See
[#&#8203;7946](DataDog/dd-trace-java#7946).

##### Components

##### Application Security Management (IAST)

- ✨ Set unexpected IAST exceptions to debug log level
([#&#8203;8044](DataDog/dd-trace-java#8044) -
[@&#8203;smola](https://github.com/smola))
- ✨ Increase IAST propagation to StringBuffer subSequence
([#&#8203;8038](DataDog/dd-trace-java#8038) -
[@&#8203;Mariovido](https://github.com/Mariovido))
- ✨ Increase IAST propagation to StringBuilder subSequence
([#&#8203;8026](DataDog/dd-trace-java#8026) -
[@&#8203;Mariovido](https://github.com/Mariovido))
- ✨ Add IAST propagation to String valueOf
([#&#8203;8013](DataDog/dd-trace-java#8013) -
[@&#8203;Mariovido](https://github.com/Mariovido))
- ✨ Increase IAST propagation to StringBuilder append
([#&#8203;8010](DataDog/dd-trace-java#8010) -
[@&#8203;Mariovido](https://github.com/Mariovido))
- ✨ Expand SSRF support in IAST to apache-httpclient-5 and
apache-httpasyncclient-4
([#&#8203;7920](DataDog/dd-trace-java#7920) -
[@&#8203;Mariovido](https://github.com/Mariovido))

##### Build & Tooling

- ✨ Generate Muzzle classes for Groovy instrumentations
([#&#8203;8004](DataDog/dd-trace-java#8004) -
[@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog))

##### Continuous Integration Visibility

- ✨ Support distributed traces in tests
([#&#8203;8078](DataDog/dd-trace-java#8078) -
[@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog))
- ✨ Implement fail-fast tests ordering for JUnit 5
([#&#8203;8055](DataDog/dd-trace-java#8055) -
[@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog))
- ✨ Mark JUnit 5 setup and teardown action spans as failed if
there is an error
([#&#8203;8033](DataDog/dd-trace-java#8033) -
[@&#8203;nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog))
- ✨ Add tracing of setup and teardown actions in JUnit 4
([#&#8203;8030](DataDog/dd-trace-java#8030) -
[@&#8203;daniel-mohedano](https://github.com/daniel-mohedano))

##### Crash tracking

- ✨ Improve crash tracking install logging
([#&#8203;8045](DataDog/dd-trace-java#8045) -
[@&#8203;PerfectSlayer](https://github.com/PerfectSlayer))

##### Data Streams Monitoring

- 🐛 Add Data Streams support in AWS SQS without raw message delivery
([#&#8203;8071](DataDog/dd-trace-java#8071) -
[@&#8203;piochelepiotr](https://github.com/piochelepiotr))
- ✨ Add new tag for enabled products / features to DSM
checkpoints
([#&#8203;8051](DataDog/dd-trace-java#8051) -
[@&#8203;kr-igor](https://github.com/kr-igor))
- 💡 Instrument self hosted Kafka connectors
([#&#8203;7959](DataDog/dd-trace-java#7959) -
[@&#8203;piochelepiotr](https://github.com/piochelepiotr))

##### Dynamic Instrumentation

- ✨ Add Micronaut 4 support for code origin for spans
([#&#8203;8039](DataDog/dd-trace-java#8039) -
[@&#8203;jpbempel](https://github.com/jpbempel))
- ✨ Refactor probe matching for methods
([#&#8203;8021](DataDog/dd-trace-java#8021) -
[@&#8203;jpbempel](https://github.com/jpbempel))
- ✨ Update the CodeOriginProbe fingerprint to not rely on a
stack walk
([#&#8203;8016](DataDog/dd-trace-java#8016) -
[@&#8203;evanchooly](https://github.com/evanchooly))
- ✨ Implement code origin support for grpc server entry spans
([#&#8203;7942](DataDog/dd-trace-java#7942) -
[@&#8203;evanchooly](https://github.com/evanchooly))

##### GraalVM native-image

- 🐛 Update Graal build-time instrumentation config for
TracePropagationStyle
([#&#8203;8065](DataDog/dd-trace-java#8065) -
[@&#8203;MattAlp](https://github.com/MattAlp))
- 🐛 Fix NoClassDefFoundError: Could not initialize class
DDSpanLink$EncoderHolder in Graal native-image
([#&#8203;8036](DataDog/dd-trace-java#8036) -
[@&#8203;mcculls](https://github.com/mcculls))
- 🐛🧹 Fix native-image generation of reactive applications
([#&#8203;8012](DataDog/dd-trace-java#8012) -
[@&#8203;mcculls](https://github.com/mcculls))

##### OpenTracing

- 🧹 Custom ScopeManagers are deprecated and will be removed in a
future release of dd-trace-ot
([#&#8203;8058](DataDog/dd-trace-java#8058) -
[@&#8203;mcculls](https://github.com/mcculls))

##### Tracer core

- ✨🧪 Service naming: split by jee deployment
([#&#8203;8064](DataDog/dd-trace-java#8064) -
[@&#8203;amarziali](https://github.com/amarziali))
- ✨ Exclude jboss mdb proxies from instrumenting
([#&#8203;8061](DataDog/dd-trace-java#8061) -
[@&#8203;amarziali](https://github.com/amarziali))
- ✨ Add a built-in trace interceptor for keeping traces
depending of their latency
([#&#8203;8040](DataDog/dd-trace-java#8040) -
[@&#8203;cecile75](https://github.com/cecile75))
- 💡 Introduce marker mechanism for eagerly initializing helpers
([#&#8203;8028](DataDog/dd-trace-java#8028) -
[@&#8203;mcculls](https://github.com/mcculls))
- 💡 Add JSON component
([#&#8203;7973](DataDog/dd-trace-java#7973) -
[@&#8203;PerfectSlayer](https://github.com/PerfectSlayer))
- ✨⚠️ Remove support for X-Forwarded in client IP
resolution
([#&#8203;7946](DataDog/dd-trace-java#7946) -
[@&#8203;smola](https://github.com/smola))

##### Instrumentations

##### Apache HttpComponents

- ✨ Expand SSRF support in IAST to apache-httpclient-5 and
apache-httpasyncclient-4
([#&#8203;7920](DataDog/dd-trace-java#7920) -
[@&#8203;Mariovido](https://github.com/Mariovido))

##### gRPC instrumentation

- 🐛 Use lower priorities for grpc server errors
([#&#8203;8043](DataDog/dd-trace-java#8043) -
[@&#8203;amarziali](https://github.com/amarziali))

##### JDBC instrumentation

- ✨ Add trace injection for prepared statements in Postgres
([#&#8203;7940](DataDog/dd-trace-java#7940) -
[@&#8203;nenadnoveljic](https://github.com/nenadnoveljic))

##### JMS instrumentation

- 🐛 Protect mdb from instrumenting multiple time the same event
([#&#8203;8062](DataDog/dd-trace-java#8062) -
[@&#8203;amarziali](https://github.com/amarziali))

##### Kafka instrumentation

- 💡 Instrument self hosted Kafka connectors
([#&#8203;7959](DataDog/dd-trace-java#7959) -
[@&#8203;piochelepiotr](https://github.com/piochelepiotr))

##### OpenTelemetry instrumentation

- 🐛 Support using OpenTelemetry Event API inside `@WithSpan`
annotated method
([#&#8203;8019](DataDog/dd-trace-java#8019) -
[@&#8203;mcculls](https://github.com/mcculls))

##### Reactor instrumentation

- 🐛🧹 Fix native-image generation of reactive applications
([#&#8203;8012](DataDog/dd-trace-java#8012) -
[@&#8203;mcculls](https://github.com/mcculls))

##### Spring instrumentation

- 🐛 Avoid double instrumenting lambdas on latest spring scheduling
([#&#8203;8005](DataDog/dd-trace-java#8005) -
[@&#8203;amarziali](https://github.com/amarziali))

##### All other instrumentations

- 🐛 Twilio: allow service name flattening
([#&#8203;8025](DataDog/dd-trace-java#8025) -
[@&#8203;amarziali](https://github.com/amarziali))
- ✨ Instrument Mulesoft 4.5.0+
([#&#8203;7981](DataDog/dd-trace-java#7981) -
[@&#8203;amarziali](https://github.com/amarziali))

</details>

<details>
<summary>aws/aws-sdk-java (com.amazonaws:aws-java-sdk-sqs)</summary>

###
[`v1.12.780`](https://github.com/aws/aws-sdk-java/blob/HEAD/CHANGELOG.md#112780-2024-12-11)

[Compare
Source](aws/aws-sdk-java@1.12.779...1.12.780)

#### **Amazon Simple Storage Service**

-   ### Bugfixes
- AWS SDK for Java 1.x now includes additional validation for Amazon S3
client APIs to handle scenarios where an empty string ('') is passed as
the key argument to the following operations: PutObject, DeleteObject,
ListObjects, GetObjectMetaData, ListObjectsV2, SetObjectTagging,
GetObjectTagging, SetObjectAcl, GetObjectAcl, SetObjectLegalHold,
GetObjectLegalHold, CopyObject, CopyPart, SelectObjectContent,
SetObjectRetention, GetObjectRetention, AbortMultipartUpload,
CompleteMultipartUpload, InitiateMultipartUpload, ListParts, UploadPart,
RestoreObjectV2, and RestoreObject. The SDK will validate the key
argument and throw an exception if it is an empty string, ensuring
correct and expected behavior.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am
every weekday" in timezone Australia/Melbourne, Automerge - At any time
(no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://github.com/renovatebot/renovate).

GitOrigin-RevId: 69831bc62ea4d80cdcd42cef2aa9bd8eda28ae8c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm iast Application Security Management (IAST) type: enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants