-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[🍒 7764] Limit the collections that the iast visitor can handle #7768
Merged
manuel-alvarez-alvarez
merged 1 commit into
release/v1.40.x
from
malvarez/backport-pr-7764
Oct 16, 2024
Merged
[🍒 7764] Limit the collections that the iast visitor can handle #7768
manuel-alvarez-alvarez
merged 1 commit into
release/v1.40.x
from
malvarez/backport-pr-7764
Oct 16, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
manuel-alvarez-alvarez
added
the
comp: asm iast
Application Security Management (IAST)
label
Oct 16, 2024
smola
approved these changes
Oct 16, 2024
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 9 unstable metrics. Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.075 s) : 0, 1074720
Total [baseline] (8.575 s) : 0, 8575192
Agent [candidate] (1.072 s) : 0, 1072236
Total [candidate] (8.566 s) : 0, 8565998
section iast
Agent [baseline] (1.201 s) : 0, 1200878
Total [baseline] (9.117 s) : 0, 9116610
Agent [candidate] (1.194 s) : 0, 1193663
Total [candidate] (9.118 s) : 0, 9117975
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.2 s) : 0, 1200353
Total [baseline] (9.101 s) : 0, 9101132
Agent [candidate] (1.195 s) : 0, 1194858
Total [candidate] (9.082 s) : 0, 9081927
section iast_TELEMETRY_OFF
Agent [baseline] (1.207 s) : 0, 1207395
Total [baseline] (9.12 s) : 0, 9120286
Agent [candidate] (1.189 s) : 0, 1188572
Total [candidate] (9.07 s) : 0, 9070223
gantt
title insecure-bank - break down per module: candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (684.377 ms) : 0, 684377
BytebuddyAgent [candidate] (685.759 ms) : 0, 685759
GlobalTracer [baseline] (314.326 ms) : 0, 314326
GlobalTracer [candidate] (310.313 ms) : 0, 310313
AppSec [baseline] (54.143 ms) : 0, 54143
AppSec [candidate] (53.999 ms) : 0, 53999
Remote Config [baseline] (659.809 µs) : 0, 660
Remote Config [candidate] (666.931 µs) : 0, 667
Telemetry [baseline] (7.451 ms) : 0, 7451
Telemetry [candidate] (7.677 ms) : 0, 7677
section iast
BytebuddyAgent [baseline] (798.754 ms) : 0, 798754
BytebuddyAgent [candidate] (794.856 ms) : 0, 794856
GlobalTracer [baseline] (301.474 ms) : 0, 301474
GlobalTracer [candidate] (299.781 ms) : 0, 299781
AppSec [baseline] (55.43 ms) : 0, 55430
AppSec [candidate] (54.653 ms) : 0, 54653
IAST [baseline] (23.783 ms) : 0, 23783
IAST [candidate] (22.956 ms) : 0, 22956
Remote Config [baseline] (617.067 µs) : 0, 617
Remote Config [candidate] (621.233 µs) : 0, 621
Telemetry [baseline] (7.045 ms) : 0, 7045
Telemetry [candidate] (7.029 ms) : 0, 7029
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (797.686 ms) : 0, 797686
BytebuddyAgent [candidate] (795.186 ms) : 0, 795186
GlobalTracer [baseline] (302.4 ms) : 0, 302400
GlobalTracer [candidate] (299.532 ms) : 0, 299532
AppSec [baseline] (57.35 ms) : 0, 57350
AppSec [candidate] (54.873 ms) : 0, 54873
IAST [baseline] (21.402 ms) : 0, 21402
IAST [candidate] (23.773 ms) : 0, 23773
Remote Config [baseline] (611.461 µs) : 0, 611
Remote Config [candidate] (623.516 µs) : 0, 624
Telemetry [baseline] (7.113 ms) : 0, 7113
Telemetry [candidate] (7.051 ms) : 0, 7051
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (800.854 ms) : 0, 800854
BytebuddyAgent [candidate] (790.053 ms) : 0, 790053
GlobalTracer [baseline] (305.707 ms) : 0, 305707
GlobalTracer [candidate] (298.973 ms) : 0, 298973
AppSec [baseline] (55.487 ms) : 0, 55487
AppSec [candidate] (52.587 ms) : 0, 52587
IAST [baseline] (23.775 ms) : 0, 23775
IAST [candidate] (25.737 ms) : 0, 25737
Remote Config [baseline] (624.933 µs) : 0, 625
Remote Config [candidate] (613.724 µs) : 0, 614
Telemetry [baseline] (7.09 ms) : 0, 7090
Telemetry [candidate] (6.866 ms) : 0, 6866
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.072 s) : 0, 1071803
Total [baseline] (10.428 s) : 0, 10428326
Agent [candidate] (1.071 s) : 0, 1070526
Total [candidate] (10.457 s) : 0, 10457099
section appsec
Agent [baseline] (1.206 s) : 0, 1206384
Total [baseline] (10.677 s) : 0, 10676605
Agent [candidate] (1.209 s) : 0, 1208783
Total [candidate] (10.694 s) : 0, 10693581
section iast
Agent [baseline] (1.21 s) : 0, 1209657
Total [baseline] (10.906 s) : 0, 10905743
Agent [candidate] (1.196 s) : 0, 1196010
Total [candidate] (10.842 s) : 0, 10841988
section profiling
Agent [baseline] (1.271 s) : 0, 1271462
Total [baseline] (10.72 s) : 0, 10720095
Agent [candidate] (1.27 s) : 0, 1269561
Total [candidate] (10.67 s) : 0, 10669680
gantt
title petclinic - break down per module: candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (682.83 ms) : 0, 682830
BytebuddyAgent [candidate] (682.761 ms) : 0, 682761
GlobalTracer [baseline] (312.959 ms) : 0, 312959
GlobalTracer [candidate] (311.507 ms) : 0, 311507
AppSec [baseline] (54.148 ms) : 0, 54148
AppSec [candidate] (54.208 ms) : 0, 54208
Remote Config [baseline] (660.14 µs) : 0, 660
Remote Config [candidate] (658.741 µs) : 0, 659
Telemetry [baseline] (7.478 ms) : 0, 7478
Telemetry [candidate] (7.699 ms) : 0, 7699
section appsec
BytebuddyAgent [baseline] (699.623 ms) : 0, 699623
BytebuddyAgent [candidate] (704.446 ms) : 0, 704446
GlobalTracer [baseline] (310.172 ms) : 0, 310172
GlobalTracer [candidate] (308.966 ms) : 0, 308966
AppSec [baseline] (162.855 ms) : 0, 162855
AppSec [candidate] (163.616 ms) : 0, 163616
Remote Config [baseline] (639.648 µs) : 0, 640
Remote Config [candidate] (648.982 µs) : 0, 649
Telemetry [baseline] (8.936 ms) : 0, 8936
Telemetry [candidate] (7.208 ms) : 0, 7208
IAST [baseline] (20.872 ms) : 0, 20872
IAST [candidate] (20.137 ms) : 0, 20137
section iast
BytebuddyAgent [baseline] (804.93 ms) : 0, 804930
BytebuddyAgent [candidate] (795.727 ms) : 0, 795727
GlobalTracer [baseline] (304.083 ms) : 0, 304083
GlobalTracer [candidate] (299.951 ms) : 0, 299951
AppSec [baseline] (55.291 ms) : 0, 55291
AppSec [candidate] (55.069 ms) : 0, 55069
Remote Config [baseline] (604.869 µs) : 0, 605
Remote Config [candidate] (616.302 µs) : 0, 616
Telemetry [baseline] (7.078 ms) : 0, 7078
Telemetry [candidate] (7.006 ms) : 0, 7006
IAST [baseline] (23.817 ms) : 0, 23817
IAST [candidate] (23.886 ms) : 0, 23886
section profiling
ProfilingAgent [baseline] (96.823 ms) : 0, 96823
ProfilingAgent [candidate] (96.896 ms) : 0, 96896
BytebuddyAgent [baseline] (676.868 ms) : 0, 676868
BytebuddyAgent [candidate] (676.073 ms) : 0, 676073
GlobalTracer [baseline] (395.975 ms) : 0, 395975
GlobalTracer [candidate] (395.15 ms) : 0, 395150
AppSec [baseline] (54.904 ms) : 0, 54904
AppSec [candidate] (54.62 ms) : 0, 54620
Remote Config [baseline] (651.259 µs) : 0, 651
Remote Config [candidate] (655.019 µs) : 0, 655
Telemetry [baseline] (7.501 ms) : 0, 7501
Telemetry [candidate] (7.452 ms) : 0, 7452
Profiling [baseline] (96.846 ms) : 0, 96846
Profiling [candidate] (96.92 ms) : 0, 96920
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section baseline
no_agent (1.332 ms) : 1313, 1352
. : milestone, 1332,
appsec (1.715 ms) : 1691, 1740
. : milestone, 1715,
appsec_no_iast (1.697 ms) : 1671, 1722
. : milestone, 1697,
iast (1.472 ms) : 1450, 1495
. : milestone, 1472,
profiling (1.48 ms) : 1455, 1505
. : milestone, 1480,
tracing (1.441 ms) : 1417, 1466
. : milestone, 1441,
section candidate
no_agent (1.333 ms) : 1313, 1353
. : milestone, 1333,
appsec (1.725 ms) : 1701, 1749
. : milestone, 1725,
appsec_no_iast (1.717 ms) : 1694, 1741
. : milestone, 1717,
iast (1.473 ms) : 1450, 1496
. : milestone, 1473,
profiling (1.489 ms) : 1466, 1513
. : milestone, 1489,
tracing (1.468 ms) : 1444, 1492
. : milestone, 1468,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section baseline
no_agent (366.83 µs) : 347, 387
. : milestone, 367,
iast (481.889 µs) : 461, 503
. : milestone, 482,
iast_FULL (557.818 µs) : 537, 579
. : milestone, 558,
iast_GLOBAL (498.171 µs) : 477, 519
. : milestone, 498,
iast_HARDCODED_SECRET_DISABLED (479.8 µs) : 459, 501
. : milestone, 480,
iast_INACTIVE (442.087 µs) : 422, 463
. : milestone, 442,
iast_TELEMETRY_OFF (470.3 µs) : 449, 492
. : milestone, 470,
tracing (445.489 µs) : 425, 466
. : milestone, 445,
section candidate
no_agent (370.476 µs) : 349, 392
. : milestone, 370,
iast (486.81 µs) : 465, 509
. : milestone, 487,
iast_FULL (548.246 µs) : 527, 569
. : milestone, 548,
iast_GLOBAL (510.488 µs) : 488, 533
. : milestone, 510,
iast_HARDCODED_SECRET_DISABLED (487.067 µs) : 466, 509
. : milestone, 487,
iast_INACTIVE (443.584 µs) : 423, 464
. : milestone, 444,
iast_TELEMETRY_OFF (477.29 µs) : 455, 499
. : milestone, 477,
tracing (440.413 µs) : 419, 461
. : milestone, 440,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics. Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section baseline
no_agent (1.464 ms) : 1453, 1476
. : milestone, 1464,
appsec (2.336 ms) : 2295, 2377
. : milestone, 2336,
iast (2.07 ms) : 2018, 2122
. : milestone, 2070,
iast_GLOBAL (2.101 ms) : 2050, 2153
. : milestone, 2101,
profiling (1.92 ms) : 1879, 1962
. : milestone, 1920,
tracing (1.906 ms) : 1866, 1945
. : milestone, 1906,
section candidate
no_agent (1.468 ms) : 1456, 1479
. : milestone, 1468,
appsec (2.31 ms) : 2269, 2351
. : milestone, 2310,
iast (2.054 ms) : 2003, 2104
. : milestone, 2054,
iast_GLOBAL (2.11 ms) : 2058, 2163
. : milestone, 2110,
profiling (2.378 ms) : 2196, 2560
. : milestone, 2378,
tracing (1.905 ms) : 1866, 1944
. : milestone, 1905,
Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~35aaca6ce7, baseline=1.41.0-SNAPSHOT~f74856b0fd
dateFormat X
axisFormat %s
section baseline
no_agent (15.072 s) : 15072000, 15072000
. : milestone, 15072000,
appsec (15.077 s) : 15077000, 15077000
. : milestone, 15077000,
iast (19.06 s) : 19060000, 19060000
. : milestone, 19060000,
iast_GLOBAL (18.125 s) : 18125000, 18125000
. : milestone, 18125000,
profiling (15.153 s) : 15153000, 15153000
. : milestone, 15153000,
tracing (15.264 s) : 15264000, 15264000
. : milestone, 15264000,
section candidate
no_agent (15.079 s) : 15079000, 15079000
. : milestone, 15079000,
appsec (15.288 s) : 15288000, 15288000
. : milestone, 15288000,
iast (18.881 s) : 18881000, 18881000
. : milestone, 18881000,
iast_GLOBAL (17.862 s) : 17862000, 17862000
. : milestone, 17862000,
profiling (15.716 s) : 15716000, 15716000
. : milestone, 15716000,
tracing (15.14 s) : 15140000, 15140000
. : milestone, 15140000,
|
manuel-alvarez-alvarez
merged commit Oct 16, 2024
68a5267
into
release/v1.40.x
94 of 98 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport #7764 to release/v1.40.x