-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exclude dev.failsafe from IAST instrumentation #7938
Conversation
Hi! 👋 Thanks for your pull request! 🎉 To help us review it, please make sure to:
If you need help, please check our contributing guidelines. |
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 53 metrics, 10 unstable metrics. Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.092 s) : 0, 1091676
Total [baseline] (8.608 s) : 0, 8607823
Agent [candidate] (1.082 s) : 0, 1081548
Total [candidate] (8.566 s) : 0, 8565844
section iast
Agent [baseline] (1.219 s) : 0, 1219164
Total [baseline] (9.15 s) : 0, 9150476
Agent [candidate] (1.213 s) : 0, 1212975
Total [candidate] (9.112 s) : 0, 9112053
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.204 s) : 0, 1204257
Total [baseline] (9.061 s) : 0, 9061345
Agent [candidate] (1.214 s) : 0, 1214183
Total [candidate] (9.096 s) : 0, 9096141
section iast_TELEMETRY_OFF
Agent [baseline] (1.204 s) : 0, 1204089
Total [baseline] (9.116 s) : 0, 9116225
Agent [candidate] (1.203 s) : 0, 1203060
Total [candidate] (9.109 s) : 0, 9108747
gantt
title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (694.46 ms) : 0, 694460
BytebuddyAgent [candidate] (686.847 ms) : 0, 686847
GlobalTracer [baseline] (316.895 ms) : 0, 316895
GlobalTracer [candidate] (315.725 ms) : 0, 315725
AppSec [baseline] (54.319 ms) : 0, 54319
AppSec [candidate] (53.949 ms) : 0, 53949
Remote Config [baseline] (686.248 µs) : 0, 686
Remote Config [candidate] (681.121 µs) : 0, 681
Telemetry [baseline] (11.459 ms) : 0, 11459
Telemetry [candidate] (10.651 ms) : 0, 10651
section iast
BytebuddyAgent [baseline] (813.088 ms) : 0, 813088
BytebuddyAgent [candidate] (806.907 ms) : 0, 806907
GlobalTracer [baseline] (306.608 ms) : 0, 306608
GlobalTracer [candidate] (305.996 ms) : 0, 305996
AppSec [baseline] (57.191 ms) : 0, 57191
AppSec [candidate] (57.602 ms) : 0, 57602
IAST [baseline] (20.429 ms) : 0, 20429
IAST [candidate] (20.616 ms) : 0, 20616
Remote Config [baseline] (612.271 µs) : 0, 612
Remote Config [candidate] (614.744 µs) : 0, 615
Telemetry [baseline] (7.38 ms) : 0, 7380
Telemetry [candidate] (7.483 ms) : 0, 7483
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (800.413 ms) : 0, 800413
BytebuddyAgent [candidate] (807.285 ms) : 0, 807285
GlobalTracer [baseline] (303.955 ms) : 0, 303955
GlobalTracer [candidate] (306.425 ms) : 0, 306425
AppSec [baseline] (55.191 ms) : 0, 55191
AppSec [candidate] (56.164 ms) : 0, 56164
IAST [baseline] (23.01 ms) : 0, 23010
IAST [candidate] (22.422 ms) : 0, 22422
Remote Config [baseline] (597.938 µs) : 0, 598
Remote Config [candidate] (613.138 µs) : 0, 613
Telemetry [baseline] (7.429 ms) : 0, 7429
Telemetry [candidate] (7.511 ms) : 0, 7511
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (800.109 ms) : 0, 800109
BytebuddyAgent [candidate] (799.177 ms) : 0, 799177
GlobalTracer [baseline] (304.168 ms) : 0, 304168
GlobalTracer [candidate] (304.456 ms) : 0, 304456
AppSec [baseline] (56.216 ms) : 0, 56216
AppSec [candidate] (57.512 ms) : 0, 57512
IAST [baseline] (21.899 ms) : 0, 21899
IAST [candidate] (20.239 ms) : 0, 20239
Remote Config [baseline] (605.487 µs) : 0, 605
Remote Config [candidate] (601.709 µs) : 0, 602
Telemetry [baseline] (7.432 ms) : 0, 7432
Telemetry [candidate] (7.388 ms) : 0, 7388
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.103 s) : 0, 1102785
Total [baseline] (10.438 s) : 0, 10437767
Agent [candidate] (1.092 s) : 0, 1092096
Total [candidate] (10.41 s) : 0, 10410261
section appsec
Agent [baseline] (1.216 s) : 0, 1216093
Total [baseline] (10.68 s) : 0, 10680372
Agent [candidate] (1.215 s) : 0, 1214708
Total [candidate] (10.685 s) : 0, 10684681
section iast
Agent [baseline] (1.208 s) : 0, 1207654
Total [baseline] (10.941 s) : 0, 10941435
Agent [candidate] (1.217 s) : 0, 1217078
Total [candidate] (10.967 s) : 0, 10966725
section profiling
Agent [baseline] (1.275 s) : 0, 1275204
Total [baseline] (10.685 s) : 0, 10684558
Agent [candidate] (1.285 s) : 0, 1284546
Total [candidate] (10.739 s) : 0, 10739235
gantt
title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (701.206 ms) : 0, 701206
BytebuddyAgent [candidate] (693.138 ms) : 0, 693138
GlobalTracer [baseline] (322.24 ms) : 0, 322240
GlobalTracer [candidate] (320.551 ms) : 0, 320551
AppSec [baseline] (54.75 ms) : 0, 54750
AppSec [candidate] (54.69 ms) : 0, 54690
Remote Config [baseline] (676.931 µs) : 0, 677
Remote Config [candidate] (683.795 µs) : 0, 684
Telemetry [baseline] (9.946 ms) : 0, 9946
Telemetry [candidate] (9.236 ms) : 0, 9236
section appsec
BytebuddyAgent [baseline] (704.935 ms) : 0, 704935
BytebuddyAgent [candidate] (703.551 ms) : 0, 703551
GlobalTracer [baseline] (313.837 ms) : 0, 313837
GlobalTracer [candidate] (312.77 ms) : 0, 312770
AppSec [baseline] (164.778 ms) : 0, 164778
AppSec [candidate] (165.922 ms) : 0, 165922
IAST [baseline] (20.187 ms) : 0, 20187
IAST [candidate] (20.069 ms) : 0, 20069
Remote Config [baseline] (634.492 µs) : 0, 634
Remote Config [candidate] (641.004 µs) : 0, 641
Telemetry [baseline] (8.165 ms) : 0, 8165
Telemetry [candidate] (8.156 ms) : 0, 8156
section iast
BytebuddyAgent [baseline] (803.021 ms) : 0, 803021
BytebuddyAgent [candidate] (809.835 ms) : 0, 809835
GlobalTracer [baseline] (304.954 ms) : 0, 304954
GlobalTracer [candidate] (306.784 ms) : 0, 306784
AppSec [baseline] (57.363 ms) : 0, 57363
AppSec [candidate] (56.878 ms) : 0, 56878
IAST [baseline] (20.539 ms) : 0, 20539
IAST [candidate] (21.699 ms) : 0, 21699
Remote Config [baseline] (605.233 µs) : 0, 605
Remote Config [candidate] (621.564 µs) : 0, 622
Telemetry [baseline] (7.495 ms) : 0, 7495
Telemetry [candidate] (7.484 ms) : 0, 7484
section profiling
BytebuddyAgent [baseline] (678.743 ms) : 0, 678743
BytebuddyAgent [candidate] (684.472 ms) : 0, 684472
GlobalTracer [baseline] (398.553 ms) : 0, 398553
GlobalTracer [candidate] (401.446 ms) : 0, 401446
AppSec [baseline] (54.54 ms) : 0, 54540
AppSec [candidate] (54.624 ms) : 0, 54624
Remote Config [baseline] (654.114 µs) : 0, 654
Remote Config [candidate] (668.361 µs) : 0, 668
Telemetry [baseline] (11.919 ms) : 0, 11919
Telemetry [candidate] (11.884 ms) : 0, 11884
ProfilingAgent [baseline] (92.012 ms) : 0, 92012
ProfilingAgent [candidate] (92.396 ms) : 0, 92396
Profiling [baseline] (92.035 ms) : 0, 92035
Profiling [candidate] (92.419 ms) : 0, 92419
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics. Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section baseline
no_agent (374.75 µs) : 354, 396
. : milestone, 375,
iast (492.664 µs) : 472, 513
. : milestone, 493,
iast_FULL (656.278 µs) : 635, 678
. : milestone, 656,
iast_GLOBAL (521.659 µs) : 500, 543
. : milestone, 522,
iast_HARDCODED_SECRET_DISABLED (492.816 µs) : 471, 514
. : milestone, 493,
iast_INACTIVE (448.47 µs) : 428, 469
. : milestone, 448,
iast_TELEMETRY_OFF (479.439 µs) : 458, 500
. : milestone, 479,
tracing (447.186 µs) : 427, 468
. : milestone, 447,
section candidate
no_agent (376.03 µs) : 356, 397
. : milestone, 376,
iast (495.633 µs) : 474, 517
. : milestone, 496,
iast_FULL (646.599 µs) : 625, 668
. : milestone, 647,
iast_GLOBAL (527.097 µs) : 505, 549
. : milestone, 527,
iast_HARDCODED_SECRET_DISABLED (491.475 µs) : 470, 513
. : milestone, 491,
iast_INACTIVE (449.11 µs) : 428, 470
. : milestone, 449,
iast_TELEMETRY_OFF (474.735 µs) : 453, 496
. : milestone, 475,
tracing (445.975 µs) : 425, 466
. : milestone, 446,
Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section baseline
no_agent (1.36 ms) : 1340, 1379
. : milestone, 1360,
appsec (1.734 ms) : 1709, 1759
. : milestone, 1734,
appsec_no_iast (1.709 ms) : 1683, 1734
. : milestone, 1709,
iast (1.5 ms) : 1477, 1522
. : milestone, 1500,
profiling (1.532 ms) : 1508, 1556
. : milestone, 1532,
tracing (1.468 ms) : 1443, 1492
. : milestone, 1468,
section candidate
no_agent (1.337 ms) : 1317, 1357
. : milestone, 1337,
appsec (1.709 ms) : 1685, 1732
. : milestone, 1709,
appsec_no_iast (1.764 ms) : 1740, 1788
. : milestone, 1764,
iast (1.492 ms) : 1469, 1515
. : milestone, 1492,
profiling (1.552 ms) : 1528, 1575
. : milestone, 1552,
tracing (1.493 ms) : 1469, 1518
. : milestone, 1493,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics. Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section baseline
no_agent (15.075 s) : 15075000, 15075000
. : milestone, 15075000,
appsec (14.947 s) : 14947000, 14947000
. : milestone, 14947000,
iast (18.93 s) : 18930000, 18930000
. : milestone, 18930000,
iast_GLOBAL (18.556 s) : 18556000, 18556000
. : milestone, 18556000,
profiling (15.049 s) : 15049000, 15049000
. : milestone, 15049000,
tracing (14.766 s) : 14766000, 14766000
. : milestone, 14766000,
section candidate
no_agent (15.028 s) : 15028000, 15028000
. : milestone, 15028000,
appsec (15.081 s) : 15081000, 15081000
. : milestone, 15081000,
iast (19.085 s) : 19085000, 19085000
. : milestone, 19085000,
iast_GLOBAL (18.506 s) : 18506000, 18506000
. : milestone, 18506000,
profiling (15.563 s) : 15563000, 15563000
. : milestone, 15563000,
tracing (15.144 s) : 15144000, 15144000
. : milestone, 15144000,
Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~c7ded8b5a1, baseline=1.43.0-SNAPSHOT~cb6a6fcd72
dateFormat X
axisFormat %s
section baseline
no_agent (1.467 ms) : 1455, 1478
. : milestone, 1467,
appsec (2.317 ms) : 2276, 2358
. : milestone, 2317,
iast (2.077 ms) : 2026, 2129
. : milestone, 2077,
iast_GLOBAL (2.126 ms) : 2073, 2178
. : milestone, 2126,
profiling (1.943 ms) : 1902, 1985
. : milestone, 1943,
tracing (1.909 ms) : 1870, 1948
. : milestone, 1909,
section candidate
no_agent (1.47 ms) : 1458, 1481
. : milestone, 1470,
appsec (2.329 ms) : 2288, 2370
. : milestone, 2329,
iast (2.072 ms) : 2020, 2124
. : milestone, 2072,
iast_GLOBAL (2.126 ms) : 2074, 2179
. : milestone, 2126,
profiling (2.388 ms) : 2211, 2565
. : milestone, 2388,
tracing (1.928 ms) : 1888, 1968
. : milestone, 1928,
|
What Does This Do
Exclude IAST instrumentation from
dev.failsafe.*
.Motivation
Avoids weak randomness false positive. Instrumentation fully exclude since there's little value in running for this library (retry operations).
Additional Notes
Contributor Checklist
type:
and (comp:
orinst:
) labels in addition to any usefull labelsclose
,fix
or any linking keywords when referencing an issue.Use
solves
instead, and assign the PR milestone to the issue[ ] Update the public documentation in case of new configuration flag or behaviorJira ticket: APPSEC-55801