Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exclude okio from vulnerability locations #7937

Merged
merged 1 commit into from
Nov 13, 2024
Merged

Conversation

smola
Copy link
Member

@smola smola commented Nov 12, 2024

What Does This Do

Exclude okio.* from vunerability locations

Motivation

Avoid okio.* as vulnerability location (e.g. weak hash being reported at okio itself when using okio.ByteString#digest. The vulnerabilities will still be reported, but with the caller code as location.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-55765

@smola smola added the comp: asm iast Application Security Management (IAST) label Nov 12, 2024
@smola smola requested a review from a team as a code owner November 12, 2024 16:29
Copy link
Contributor

github-actions bot commented Nov 12, 2024

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@pr-commenter
Copy link

pr-commenter bot commented Nov 12, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/exclude-okio-loc
git_commit_date 1731426404 1731428849
git_commit_sha cb6a6fc 04ac849
release_version 1.43.0-SNAPSHOT~cb6a6fcd72 1.43.0-SNAPSHOT~04ac849498
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1731431250 1731431250
ci_job_id 704006352 704006352
ci_pipeline_id 48816750 48816750
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 9 unstable metrics.

Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.082 s) : 0, 1081735
Total [baseline] (10.311 s) : 0, 10311456
Agent [candidate] (1.079 s) : 0, 1079044
Total [candidate] (10.397 s) : 0, 10396795
section appsec
Agent [baseline] (1.219 s) : 0, 1218786
Total [baseline] (10.641 s) : 0, 10640696
Agent [candidate] (1.214 s) : 0, 1213824
Total [candidate] (10.568 s) : 0, 10567895
section iast
Agent [baseline] (1.201 s) : 0, 1200711
Total [baseline] (10.936 s) : 0, 10935528
Agent [candidate] (1.214 s) : 0, 1214156
Total [candidate] (10.877 s) : 0, 10877068
section profiling
Agent [baseline] (1.276 s) : 0, 1275921
Total [baseline] (10.719 s) : 0, 10719480
Agent [candidate] (1.282 s) : 0, 1282137
Total [candidate] (10.664 s) : 0, 10663800
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.082 s -
Agent appsec 1.219 s 137.051 ms (12.7%)
Agent iast 1.201 s 118.976 ms (11.0%)
Agent profiling 1.276 s 194.186 ms (18.0%)
Total tracing 10.311 s -
Total appsec 10.641 s 329.241 ms (3.2%)
Total iast 10.936 s 624.072 ms (6.1%)
Total profiling 10.719 s 408.024 ms (4.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.079 s -
Agent appsec 1.214 s 134.78 ms (12.5%)
Agent iast 1.214 s 135.112 ms (12.5%)
Agent profiling 1.282 s 203.093 ms (18.8%)
Total tracing 10.397 s -
Total appsec 10.568 s 171.1 ms (1.6%)
Total iast 10.877 s 480.273 ms (4.6%)
Total profiling 10.664 s 267.005 ms (2.6%)
gantt
    title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (686.962 ms) : 0, 686962
BytebuddyAgent [candidate] (686.005 ms) : 0, 686005
GlobalTracer [baseline] (314.528 ms) : 0, 314528
GlobalTracer [candidate] (314.268 ms) : 0, 314268
AppSec [baseline] (54.151 ms) : 0, 54151
AppSec [candidate] (53.946 ms) : 0, 53946
Remote Config [baseline] (676.181 µs) : 0, 676
Remote Config [candidate] (673.306 µs) : 0, 673
Telemetry [baseline] (11.831 ms) : 0, 11831
Telemetry [candidate] (10.542 ms) : 0, 10542
section appsec
BytebuddyAgent [baseline] (706.796 ms) : 0, 706796
BytebuddyAgent [candidate] (704.882 ms) : 0, 704882
GlobalTracer [baseline] (313.585 ms) : 0, 313585
GlobalTracer [candidate] (312.243 ms) : 0, 312243
AppSec [baseline] (166.686 ms) : 0, 166686
AppSec [candidate] (165.332 ms) : 0, 165332
Remote Config [baseline] (634.548 µs) : 0, 635
Remote Config [candidate] (636.368 µs) : 0, 636
Telemetry [baseline] (7.715 ms) : 0, 7715
Telemetry [candidate] (7.773 ms) : 0, 7773
IAST [baseline] (19.416 ms) : 0, 19416
IAST [candidate] (18.605 ms) : 0, 18605
section iast
BytebuddyAgent [baseline] (799.044 ms) : 0, 799044
BytebuddyAgent [candidate] (808.704 ms) : 0, 808704
GlobalTracer [baseline] (302.153 ms) : 0, 302153
GlobalTracer [candidate] (305.312 ms) : 0, 305312
AppSec [baseline] (56.35 ms) : 0, 56350
AppSec [candidate] (56.113 ms) : 0, 56113
Remote Config [baseline] (608.986 µs) : 0, 609
Remote Config [candidate] (625.658 µs) : 0, 626
Telemetry [baseline] (7.448 ms) : 0, 7448
Telemetry [candidate] (7.441 ms) : 0, 7441
IAST [baseline] (21.564 ms) : 0, 21564
IAST [candidate] (22.217 ms) : 0, 22217
section profiling
ProfilingAgent [baseline] (91.537 ms) : 0, 91537
ProfilingAgent [candidate] (91.624 ms) : 0, 91624
BytebuddyAgent [baseline] (679.998 ms) : 0, 679998
BytebuddyAgent [candidate] (683.941 ms) : 0, 683941
GlobalTracer [baseline] (397.754 ms) : 0, 397754
GlobalTracer [candidate] (399.637 ms) : 0, 399637
AppSec [baseline] (54.576 ms) : 0, 54576
AppSec [candidate] (54.768 ms) : 0, 54768
Remote Config [baseline] (656.642 µs) : 0, 657
Remote Config [candidate] (661.521 µs) : 0, 662
Telemetry [baseline] (12.578 ms) : 0, 12578
Telemetry [candidate] (12.529 ms) : 0, 12529
Profiling [baseline] (91.56 ms) : 0, 91560
Profiling [candidate] (91.648 ms) : 0, 91648
Loading
Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.096 s) : 0, 1095516
Total [baseline] (8.589 s) : 0, 8588769
Agent [candidate] (1.09 s) : 0, 1089552
Total [candidate] (8.591 s) : 0, 8591031
section iast
Agent [baseline] (1.202 s) : 0, 1202251
Total [baseline] (9.107 s) : 0, 9106687
Agent [candidate] (1.216 s) : 0, 1216362
Total [candidate] (9.198 s) : 0, 9197952
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.209 s) : 0, 1208627
Total [baseline] (9.125 s) : 0, 9124581
Agent [candidate] (1.205 s) : 0, 1204846
Total [candidate] (9.066 s) : 0, 9066192
section iast_TELEMETRY_OFF
Agent [baseline] (1.2 s) : 0, 1200244
Total [baseline] (9.076 s) : 0, 9076313
Agent [candidate] (1.204 s) : 0, 1204335
Total [candidate] (9.096 s) : 0, 9095618
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.096 s -
Agent iast 1.202 s 106.735 ms (9.7%)
Agent iast_HARDCODED_SECRET_DISABLED 1.209 s 113.111 ms (10.3%)
Agent iast_TELEMETRY_OFF 1.2 s 104.729 ms (9.6%)
Total tracing 8.589 s -
Total iast 9.107 s 517.918 ms (6.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.125 s 535.812 ms (6.2%)
Total iast_TELEMETRY_OFF 9.076 s 487.545 ms (5.7%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.09 s -
Agent iast 1.216 s 126.81 ms (11.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.205 s 115.294 ms (10.6%)
Agent iast_TELEMETRY_OFF 1.204 s 114.784 ms (10.5%)
Total tracing 8.591 s -
Total iast 9.198 s 606.921 ms (7.1%)
Total iast_HARDCODED_SECRET_DISABLED 9.066 s 475.16 ms (5.5%)
Total iast_TELEMETRY_OFF 9.096 s 504.586 ms (5.9%)
gantt
    title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (699.145 ms) : 0, 699145
BytebuddyAgent [candidate] (692.556 ms) : 0, 692556
GlobalTracer [baseline] (317.821 ms) : 0, 317821
GlobalTracer [candidate] (316.248 ms) : 0, 316248
AppSec [baseline] (54.703 ms) : 0, 54703
AppSec [candidate] (54.311 ms) : 0, 54311
Remote Config [baseline] (683.49 µs) : 0, 683
Remote Config [candidate] (681.514 µs) : 0, 682
Telemetry [baseline] (9.265 ms) : 0, 9265
Telemetry [candidate] (12.022 ms) : 0, 12022
section iast
BytebuddyAgent [baseline] (800.098 ms) : 0, 800098
BytebuddyAgent [candidate] (808.913 ms) : 0, 808913
GlobalTracer [baseline] (302.959 ms) : 0, 302959
GlobalTracer [candidate] (306.698 ms) : 0, 306698
AppSec [baseline] (55.474 ms) : 0, 55474
AppSec [candidate] (56.425 ms) : 0, 56425
Remote Config [baseline] (619.685 µs) : 0, 620
Remote Config [candidate] (616.668 µs) : 0, 617
Telemetry [baseline] (7.373 ms) : 0, 7373
Telemetry [candidate] (7.471 ms) : 0, 7471
IAST [baseline] (22.088 ms) : 0, 22088
IAST [candidate] (22.461 ms) : 0, 22461
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (805.909 ms) : 0, 805909
BytebuddyAgent [candidate] (801.319 ms) : 0, 801319
GlobalTracer [baseline] (302.898 ms) : 0, 302898
GlobalTracer [candidate] (303.514 ms) : 0, 303514
AppSec [baseline] (56.449 ms) : 0, 56449
AppSec [candidate] (56.839 ms) : 0, 56839
Remote Config [baseline] (608.229 µs) : 0, 608
Remote Config [candidate] (605.427 µs) : 0, 605
Telemetry [baseline] (7.532 ms) : 0, 7532
Telemetry [candidate] (7.514 ms) : 0, 7514
IAST [baseline] (21.547 ms) : 0, 21547
IAST [candidate] (21.354 ms) : 0, 21354
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (798.196 ms) : 0, 798196
BytebuddyAgent [candidate] (799.962 ms) : 0, 799962
GlobalTracer [baseline] (302.794 ms) : 0, 302794
GlobalTracer [candidate] (304.642 ms) : 0, 304642
AppSec [baseline] (56.972 ms) : 0, 56972
AppSec [candidate] (57.187 ms) : 0, 57187
Remote Config [baseline] (581.705 µs) : 0, 582
Remote Config [candidate] (586.299 µs) : 0, 586
Telemetry [baseline] (7.289 ms) : 0, 7289
Telemetry [candidate] (7.336 ms) : 0, 7336
IAST [baseline] (20.804 ms) : 0, 20804
IAST [candidate] (20.948 ms) : 0, 20948
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-11-12T16:38:03 2024-11-12T16:44:59
git_branch master smola/exclude-okio-loc
git_commit_date 1731426404 1731428849
git_commit_sha cb6a6fc 04ac849
release_version 1.43.0-SNAPSHOT~cb6a6fcd72 1.43.0-SNAPSHOT~04ac849498
start_time 2024-11-12T16:37:49 2024-11-12T16:44:46
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1731430252 1731430252
ci_job_id 704006353 704006353
ci_pipeline_id 48816750 48816750
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.345 ms) : 1326, 1364
.   : milestone, 1345,
appsec (1.741 ms) : 1717, 1766
.   : milestone, 1741,
appsec_no_iast (1.74 ms) : 1715, 1764
.   : milestone, 1740,
iast (1.473 ms) : 1450, 1496
.   : milestone, 1473,
profiling (1.497 ms) : 1474, 1519
.   : milestone, 1497,
tracing (1.467 ms) : 1442, 1492
.   : milestone, 1467,
section candidate
no_agent (1.348 ms) : 1329, 1367
.   : milestone, 1348,
appsec (1.736 ms) : 1712, 1760
.   : milestone, 1736,
appsec_no_iast (1.758 ms) : 1735, 1782
.   : milestone, 1758,
iast (1.483 ms) : 1461, 1505
.   : milestone, 1483,
profiling (1.493 ms) : 1470, 1516
.   : milestone, 1493,
tracing (1.484 ms) : 1460, 1509
.   : milestone, 1484,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.345 ms [1.326 ms, 1.364 ms] -
appsec 1.741 ms [1.717 ms, 1.766 ms] 395.903 µs (29.4%)
appsec_no_iast 1.74 ms [1.715 ms, 1.764 ms] 394.253 µs (29.3%)
iast 1.473 ms [1.45 ms, 1.496 ms] 127.486 µs (9.5%)
profiling 1.497 ms [1.474 ms, 1.519 ms] 151.246 µs (11.2%)
tracing 1.467 ms [1.442 ms, 1.492 ms] 121.908 µs (9.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.348 ms [1.329 ms, 1.367 ms] -
appsec 1.736 ms [1.712 ms, 1.76 ms] 388.537 µs (28.8%)
appsec_no_iast 1.758 ms [1.735 ms, 1.782 ms] 410.943 µs (30.5%)
iast 1.483 ms [1.461 ms, 1.505 ms] 135.705 µs (10.1%)
profiling 1.493 ms [1.47 ms, 1.516 ms] 145.388 µs (10.8%)
tracing 1.484 ms [1.46 ms, 1.509 ms] 136.705 µs (10.1%)
Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
    dateFormat X
    axisFormat %s
section baseline
no_agent (373.311 µs) : 353, 394
.   : milestone, 373,
iast (496.917 µs) : 475, 519
.   : milestone, 497,
iast_FULL (648.231 µs) : 627, 670
.   : milestone, 648,
iast_GLOBAL (531.824 µs) : 510, 554
.   : milestone, 532,
iast_HARDCODED_SECRET_DISABLED (494.899 µs) : 474, 516
.   : milestone, 495,
iast_INACTIVE (449.431 µs) : 429, 470
.   : milestone, 449,
iast_TELEMETRY_OFF (476.94 µs) : 456, 498
.   : milestone, 477,
tracing (453.445 µs) : 430, 477
.   : milestone, 453,
section candidate
no_agent (379.692 µs) : 360, 399
.   : milestone, 380,
iast (487.607 µs) : 466, 509
.   : milestone, 488,
iast_FULL (650.113 µs) : 629, 672
.   : milestone, 650,
iast_GLOBAL (517.663 µs) : 497, 539
.   : milestone, 518,
iast_HARDCODED_SECRET_DISABLED (490.699 µs) : 469, 512
.   : milestone, 491,
iast_INACTIVE (453.974 µs) : 433, 475
.   : milestone, 454,
iast_TELEMETRY_OFF (485.123 µs) : 464, 506
.   : milestone, 485,
tracing (448.185 µs) : 427, 469
.   : milestone, 448,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 373.311 µs [352.993 µs, 393.629 µs] -
iast 496.917 µs [475.317 µs, 518.518 µs] 123.607 µs (33.1%)
iast_FULL 648.231 µs [626.734 µs, 669.728 µs] 274.92 µs (73.6%)
iast_GLOBAL 531.824 µs [509.862 µs, 553.786 µs] 158.513 µs (42.5%)
iast_HARDCODED_SECRET_DISABLED 494.899 µs [473.6 µs, 516.197 µs] 121.588 µs (32.6%)
iast_INACTIVE 449.431 µs [428.902 µs, 469.961 µs] 76.121 µs (20.4%)
iast_TELEMETRY_OFF 476.94 µs [455.827 µs, 498.052 µs] 103.629 µs (27.8%)
tracing 453.445 µs [430.329 µs, 476.56 µs] 80.134 µs (21.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 379.692 µs [360.046 µs, 399.337 µs] -
iast 487.607 µs [466.48 µs, 508.734 µs] 107.915 µs (28.4%)
iast_FULL 650.113 µs [628.718 µs, 671.508 µs] 270.421 µs (71.2%)
iast_GLOBAL 517.663 µs [496.503 µs, 538.824 µs] 137.972 µs (36.3%)
iast_HARDCODED_SECRET_DISABLED 490.699 µs [469.465 µs, 511.934 µs] 111.008 µs (29.2%)
iast_INACTIVE 453.974 µs [433.214 µs, 474.734 µs] 74.282 µs (19.6%)
iast_TELEMETRY_OFF 485.123 µs [463.974 µs, 506.272 µs] 105.431 µs (27.8%)
tracing 448.185 µs [427.426 µs, 468.944 µs] 68.493 µs (18.0%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/exclude-okio-loc
git_commit_date 1731426404 1731428849
git_commit_sha cb6a6fc 04ac849
release_version 1.43.0-SNAPSHOT~cb6a6fcd72 1.43.0-SNAPSHOT~04ac849498
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1731430850 1731430850
ci_job_id 704006354 704006354
ci_pipeline_id 48816750 48816750
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.563 s) : 15563000, 15563000
.   : milestone, 15563000,
appsec (15.303 s) : 15303000, 15303000
.   : milestone, 15303000,
iast (18.829 s) : 18829000, 18829000
.   : milestone, 18829000,
iast_GLOBAL (18.203 s) : 18203000, 18203000
.   : milestone, 18203000,
profiling (15.673 s) : 15673000, 15673000
.   : milestone, 15673000,
tracing (15.169 s) : 15169000, 15169000
.   : milestone, 15169000,
section candidate
no_agent (15.237 s) : 15237000, 15237000
.   : milestone, 15237000,
appsec (15.123 s) : 15123000, 15123000
.   : milestone, 15123000,
iast (18.859 s) : 18859000, 18859000
.   : milestone, 18859000,
iast_GLOBAL (18.287 s) : 18287000, 18287000
.   : milestone, 18287000,
profiling (15.049 s) : 15049000, 15049000
.   : milestone, 15049000,
tracing (14.9 s) : 14900000, 14900000
.   : milestone, 14900000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.563 s [15.563 s, 15.563 s] -
appsec 15.303 s [15.303 s, 15.303 s] -260.0 ms (-1.7%)
iast 18.829 s [18.829 s, 18.829 s] 3.266 s (21.0%)
iast_GLOBAL 18.203 s [18.203 s, 18.203 s] 2.64 s (17.0%)
profiling 15.673 s [15.673 s, 15.673 s] 110.0 ms (0.7%)
tracing 15.169 s [15.169 s, 15.169 s] -394.0 ms (-2.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.237 s [15.237 s, 15.237 s] -
appsec 15.123 s [15.123 s, 15.123 s] -114.0 ms (-0.7%)
iast 18.859 s [18.859 s, 18.859 s] 3.622 s (23.8%)
iast_GLOBAL 18.287 s [18.287 s, 18.287 s] 3.05 s (20.0%)
profiling 15.049 s [15.049 s, 15.049 s] -188.0 ms (-1.2%)
tracing 14.9 s [14.9 s, 14.9 s] -337.0 ms (-2.2%)
Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~04ac849498, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.47 ms) : 1458, 1481
.   : milestone, 1470,
appsec (2.314 ms) : 2273, 2354
.   : milestone, 2314,
iast (2.07 ms) : 2018, 2123
.   : milestone, 2070,
iast_GLOBAL (2.112 ms) : 2060, 2164
.   : milestone, 2112,
profiling (1.944 ms) : 1902, 1986
.   : milestone, 1944,
tracing (1.914 ms) : 1875, 1954
.   : milestone, 1914,
section candidate
no_agent (1.468 ms) : 1456, 1479
.   : milestone, 1468,
appsec (2.343 ms) : 2301, 2384
.   : milestone, 2343,
iast (2.076 ms) : 2023, 2128
.   : milestone, 2076,
iast_GLOBAL (2.111 ms) : 2060, 2163
.   : milestone, 2111,
profiling (1.942 ms) : 1901, 1983
.   : milestone, 1942,
tracing (1.909 ms) : 1869, 1948
.   : milestone, 1909,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.47 ms [1.458 ms, 1.481 ms] -
appsec 2.314 ms [2.273 ms, 2.354 ms] 844.142 µs (57.4%)
iast 2.07 ms [2.018 ms, 2.123 ms] 600.729 µs (40.9%)
iast_GLOBAL 2.112 ms [2.06 ms, 2.164 ms] 642.442 µs (43.7%)
profiling 1.944 ms [1.902 ms, 1.986 ms] 474.809 µs (32.3%)
tracing 1.914 ms [1.875 ms, 1.954 ms] 444.564 µs (30.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.468 ms [1.456 ms, 1.479 ms] -
appsec 2.343 ms [2.301 ms, 2.384 ms] 874.94 µs (59.6%)
iast 2.076 ms [2.023 ms, 2.128 ms] 607.903 µs (41.4%)
iast_GLOBAL 2.111 ms [2.06 ms, 2.163 ms] 643.731 µs (43.9%)
profiling 1.942 ms [1.901 ms, 1.983 ms] 474.367 µs (32.3%)
tracing 1.909 ms [1.869 ms, 1.948 ms] 440.955 µs (30.0%)

@smola smola merged commit 59388f1 into master Nov 13, 2024
104 of 109 checks passed
@smola smola deleted the smola/exclude-okio-loc branch November 13, 2024 09:13
@github-actions github-actions bot added this to the 1.43.0 milestone Nov 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm iast Application Security Management (IAST) type: enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants