Add IAST propagation to String valueOf #8013

Mariovido · 2024-11-25T14:04:05Z

What Does This Do

This adds the instrumentation to propagate the taint values through the following method of String:

valueOf(Object)

Motivation

Increase IAST propagation of String methods.

Additional Notes

Contributor Checklist

Format the title according the contribution guidelines
Assign the type: and (comp: or inst:) labels in addition to any usefull labels
Squash your commits prior merging or merge using GitHub's Squash and merge
Don't use close, fix or any linking keywords when referencing an issue.
Use solves instead, and assign the PR milestone to the issue
Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-55357

pr-commenter · 2024-11-25T14:40:39Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	mario.vidal/taint_tracking_string_valueof
git_commit_date	1732656091	1732702574
git_commit_sha	`9eaf5a0`	`28eeeba`
release_version	1.44.0-SNAPSHOT~9eaf5a01bb	1.44.0-SNAPSHOT~28eeeba907

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1732704979	1732704979
ci_job_id	721790720	721790720
ci_pipeline_id	50049347	50049347
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 52 metrics, 11 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.09 s) : 0, 1089817
Total [baseline] (10.491 s) : 0, 10491372
Agent [candidate] (1.096 s) : 0, 1096169
Total [candidate] (10.483 s) : 0, 10482844
section appsec
Agent [baseline] (1.225 s) : 0, 1224505
Total [baseline] (10.741 s) : 0, 10740571
Agent [candidate] (1.237 s) : 0, 1236756
Total [candidate] (10.731 s) : 0, 10730798
section iast
Agent [baseline] (1.218 s) : 0, 1218182
Total [baseline] (10.956 s) : 0, 10956205
Agent [candidate] (1.221 s) : 0, 1220582
Total [candidate] (10.899 s) : 0, 10899094
section profiling
Agent [baseline] (1.326 s) : 0, 1326296
Total [baseline] (10.829 s) : 0, 10828748
Agent [candidate] (1.325 s) : 0, 1324539
Total [candidate] (10.814 s) : 0, 10813950

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.09 s	-
Agent	appsec	1.225 s	134.687 ms (12.4%)
Agent	iast	1.218 s	128.365 ms (11.8%)
Agent	profiling	1.326 s	236.478 ms (21.7%)
Total	tracing	10.491 s	-
Total	appsec	10.741 s	249.2 ms (2.4%)
Total	iast	10.956 s	464.834 ms (4.4%)
Total	profiling	10.829 s	337.377 ms (3.2%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.096 s	-
Agent	appsec	1.237 s	140.586 ms (12.8%)
Agent	iast	1.221 s	124.413 ms (11.3%)
Agent	profiling	1.325 s	228.369 ms (20.8%)
Total	tracing	10.483 s	-
Total	appsec	10.731 s	247.953 ms (2.4%)
Total	iast	10.899 s	416.25 ms (4.0%)
Total	profiling	10.814 s	331.106 ms (3.2%)

gantt
    title petclinic - break down per module: candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (692.844 ms) : 0, 692844
BytebuddyAgent [candidate] (696.05 ms) : 0, 696050
GlobalTracer [baseline] (317.304 ms) : 0, 317304
GlobalTracer [candidate] (319.403 ms) : 0, 319403
AppSec [baseline] (54.837 ms) : 0, 54837
AppSec [candidate] (55.025 ms) : 0, 55025
Remote Config [baseline] (690.97 µs) : 0, 691
Remote Config [candidate] (690.819 µs) : 0, 691
Telemetry [baseline] (10.479 ms) : 0, 10479
Telemetry [candidate] (11.28 ms) : 0, 11280
section appsec
BytebuddyAgent [baseline] (710.885 ms) : 0, 710885
BytebuddyAgent [candidate] (718.605 ms) : 0, 718605
GlobalTracer [baseline] (314.272 ms) : 0, 314272
GlobalTracer [candidate] (317.585 ms) : 0, 317585
AppSec [baseline] (166.577 ms) : 0, 166577
AppSec [candidate] (168.108 ms) : 0, 168108
IAST [baseline] (19.745 ms) : 0, 19745
IAST [candidate] (19.742 ms) : 0, 19742
Remote Config [baseline] (640.252 µs) : 0, 640
Remote Config [candidate] (639.399 µs) : 0, 639
Telemetry [baseline] (8.556 ms) : 0, 8556
Telemetry [candidate] (8.089 ms) : 0, 8089
section iast
BytebuddyAgent [baseline] (811.69 ms) : 0, 811690
BytebuddyAgent [candidate] (812.537 ms) : 0, 812537
GlobalTracer [baseline] (305.9 ms) : 0, 305900
GlobalTracer [candidate] (307.067 ms) : 0, 307067
AppSec [baseline] (58.009 ms) : 0, 58009
AppSec [candidate] (57.189 ms) : 0, 57189
IAST [baseline] (20.736 ms) : 0, 20736
IAST [candidate] (21.871 ms) : 0, 21871
Remote Config [baseline] (628.788 µs) : 0, 629
Remote Config [candidate] (632.424 µs) : 0, 632
Telemetry [baseline] (7.515 ms) : 0, 7515
Telemetry [candidate] (7.538 ms) : 0, 7538
section profiling
BytebuddyAgent [baseline] (692.307 ms) : 0, 692307
BytebuddyAgent [candidate] (692.987 ms) : 0, 692987
GlobalTracer [baseline] (437.641 ms) : 0, 437641
GlobalTracer [candidate] (435.723 ms) : 0, 435723
AppSec [baseline] (54.437 ms) : 0, 54437
AppSec [candidate] (54.346 ms) : 0, 54346
Remote Config [baseline] (674.128 µs) : 0, 674
Remote Config [candidate] (661.308 µs) : 0, 661
Telemetry [baseline] (7.794 ms) : 0, 7794
Telemetry [candidate] (7.792 ms) : 0, 7792
ProfilingAgent [baseline] (94.123 ms) : 0, 94123
ProfilingAgent [candidate] (93.582 ms) : 0, 93582
Profiling [baseline] (94.148 ms) : 0, 94148
Profiling [candidate] (93.606 ms) : 0, 93606

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.097 s) : 0, 1096541
Total [baseline] (8.666 s) : 0, 8666350
Agent [candidate] (1.105 s) : 0, 1104559
Total [candidate] (8.72 s) : 0, 8720139
section iast
Agent [baseline] (1.218 s) : 0, 1217911
Total [baseline] (9.224 s) : 0, 9224365
Agent [candidate] (1.223 s) : 0, 1223285
Total [candidate] (9.245 s) : 0, 9245291
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.215 s) : 0, 1215171
Total [baseline] (9.227 s) : 0, 9226784
Agent [candidate] (1.219 s) : 0, 1218512
Total [candidate] (9.177 s) : 0, 9176809
section iast_TELEMETRY_OFF
Agent [baseline] (1.222 s) : 0, 1221812
Total [baseline] (9.183 s) : 0, 9183251
Agent [candidate] (1.229 s) : 0, 1228849
Total [candidate] (9.222 s) : 0, 9222212

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.097 s	-
Agent	iast	1.218 s	121.37 ms (11.1%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.215 s	118.63 ms (10.8%)
Agent	iast_TELEMETRY_OFF	1.222 s	125.27 ms (11.4%)
Total	tracing	8.666 s	-
Total	iast	9.224 s	558.015 ms (6.4%)
Total	iast_HARDCODED_SECRET_DISABLED	9.227 s	560.434 ms (6.5%)
Total	iast_TELEMETRY_OFF	9.183 s	516.901 ms (6.0%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.105 s	-
Agent	iast	1.223 s	118.726 ms (10.7%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.219 s	113.953 ms (10.3%)
Agent	iast_TELEMETRY_OFF	1.229 s	124.29 ms (11.3%)
Total	tracing	8.72 s	-
Total	iast	9.245 s	525.151 ms (6.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.177 s	456.67 ms (5.2%)
Total	iast_TELEMETRY_OFF	9.222 s	502.072 ms (5.8%)

gantt
    title insecure-bank - break down per module: candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (698.059 ms) : 0, 698059
BytebuddyAgent [candidate] (703.624 ms) : 0, 703624
GlobalTracer [baseline] (319.102 ms) : 0, 319102
GlobalTracer [candidate] (321.926 ms) : 0, 321926
AppSec [baseline] (55.032 ms) : 0, 55032
AppSec [candidate] (55.094 ms) : 0, 55094
Remote Config [baseline] (681.976 µs) : 0, 682
Remote Config [candidate] (701.646 µs) : 0, 702
Telemetry [baseline] (9.87 ms) : 0, 9870
Telemetry [candidate] (9.328 ms) : 0, 9328
section iast
BytebuddyAgent [baseline] (811.076 ms) : 0, 811076
BytebuddyAgent [candidate] (815.587 ms) : 0, 815587
GlobalTracer [baseline] (306.526 ms) : 0, 306526
GlobalTracer [candidate] (307.695 ms) : 0, 307695
AppSec [baseline] (56.2 ms) : 0, 56200
AppSec [candidate] (57.504 ms) : 0, 57504
IAST [baseline] (22.359 ms) : 0, 22359
IAST [candidate] (20.702 ms) : 0, 20702
Remote Config [baseline] (612.998 µs) : 0, 613
Remote Config [candidate] (631.289 µs) : 0, 631
Telemetry [baseline] (7.432 ms) : 0, 7432
Telemetry [candidate] (7.481 ms) : 0, 7481
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (808.861 ms) : 0, 808861
BytebuddyAgent [candidate] (811.741 ms) : 0, 811741
GlobalTracer [baseline] (305.521 ms) : 0, 305521
GlobalTracer [candidate] (306.579 ms) : 0, 306579
AppSec [baseline] (58.044 ms) : 0, 58044
AppSec [candidate] (56.928 ms) : 0, 56928
IAST [baseline] (20.922 ms) : 0, 20922
IAST [candidate] (21.458 ms) : 0, 21458
Remote Config [baseline] (620.007 µs) : 0, 620
Remote Config [candidate] (625.529 µs) : 0, 626
Telemetry [baseline] (7.534 ms) : 0, 7534
Telemetry [candidate] (7.465 ms) : 0, 7465
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (813.401 ms) : 0, 813401
BytebuddyAgent [candidate] (817.74 ms) : 0, 817740
GlobalTracer [baseline] (307.83 ms) : 0, 307830
GlobalTracer [candidate] (309.83 ms) : 0, 309830
AppSec [baseline] (57.565 ms) : 0, 57565
AppSec [candidate] (58.814 ms) : 0, 58814
IAST [baseline] (21.229 ms) : 0, 21229
IAST [candidate] (20.513 ms) : 0, 20513
Remote Config [baseline] (622.27 µs) : 0, 622
Remote Config [candidate] (634.494 µs) : 0, 634
Telemetry [baseline] (7.372 ms) : 0, 7372
Telemetry [candidate] (7.562 ms) : 0, 7562

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2024-11-27T10:28:36	2024-11-27T10:35:34
git_branch	master	mario.vidal/taint_tracking_string_valueof
git_commit_date	1732656091	1732702574
git_commit_sha	`9eaf5a0`	`28eeeba`
release_version	1.44.0-SNAPSHOT~9eaf5a01bb	1.44.0-SNAPSHOT~28eeeba907
start_time	2024-11-27T10:28:22	2024-11-27T10:35:21

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1732704085	1732704085
ci_job_id	721790721	721790721
ci_pipeline_id	50049347	50049347
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	iast	iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 17 unstable metrics.

scenario	Δ mean http_req_duration	Δ mean throughput	candidate mean http_req_duration	candidate mean throughput	baseline mean http_req_duration	baseline mean throughput
scenario:load:petclinic:profiling	better [-90.412µs; -39.536µs] or [-5.727%; -2.504%]	unstable [-448.033op/s; +675.954op/s] or [-15.121%; +22.813%]	1.514ms	3076.923op/s	1.579ms	2962.963op/s

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb
    dateFormat X
    axisFormat %s
section baseline
no_agent (374.558 µs) : 355, 395
.   : milestone, 375,
iast (490.01 µs) : 468, 512
.   : milestone, 490,
iast_FULL (648.906 µs) : 628, 670
.   : milestone, 649,
iast_GLOBAL (511.347 µs) : 490, 533
.   : milestone, 511,
iast_HARDCODED_SECRET_DISABLED (489.33 µs) : 468, 511
.   : milestone, 489,
iast_INACTIVE (451.288 µs) : 430, 473
.   : milestone, 451,
iast_TELEMETRY_OFF (484.321 µs) : 461, 508
.   : milestone, 484,
tracing (452.952 µs) : 431, 475
.   : milestone, 453,
section candidate
no_agent (378.805 µs) : 358, 399
.   : milestone, 379,
iast (491.236 µs) : 469, 513
.   : milestone, 491,
iast_FULL (648.485 µs) : 627, 670
.   : milestone, 648,
iast_GLOBAL (516.3 µs) : 494, 538
.   : milestone, 516,
iast_HARDCODED_SECRET_DISABLED (493.493 µs) : 471, 516
.   : milestone, 493,
iast_INACTIVE (448.427 µs) : 427, 470
.   : milestone, 448,
iast_TELEMETRY_OFF (472.648 µs) : 452, 494
.   : milestone, 473,
tracing (442.181 µs) : 422, 463
.   : milestone, 442,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	374.558 µs [354.512 µs, 394.604 µs]	-
iast	490.01 µs [468.235 µs, 511.785 µs]	115.452 µs (30.8%)
iast_FULL	648.906 µs [627.502 µs, 670.31 µs]	274.348 µs (73.2%)
iast_GLOBAL	511.347 µs [490.083 µs, 532.611 µs]	136.789 µs (36.5%)
iast_HARDCODED_SECRET_DISABLED	489.33 µs [467.896 µs, 510.764 µs]	114.772 µs (30.6%)
iast_INACTIVE	451.288 µs [429.841 µs, 472.734 µs]	76.73 µs (20.5%)
iast_TELEMETRY_OFF	484.321 µs [460.652 µs, 507.99 µs]	109.763 µs (29.3%)
tracing	452.952 µs [430.755 µs, 475.15 µs]	78.394 µs (20.9%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	378.805 µs [358.439 µs, 399.17 µs]	-
iast	491.236 µs [469.494 µs, 512.979 µs]	112.431 µs (29.7%)
iast_FULL	648.485 µs [626.929 µs, 670.042 µs]	269.681 µs (71.2%)
iast_GLOBAL	516.3 µs [494.177 µs, 538.423 µs]	137.495 µs (36.3%)
iast_HARDCODED_SECRET_DISABLED	493.493 µs [471.371 µs, 515.615 µs]	114.688 µs (30.3%)
iast_INACTIVE	448.427 µs [427.345 µs, 469.508 µs]	69.622 µs (18.4%)
iast_TELEMETRY_OFF	472.648 µs [451.571 µs, 493.725 µs]	93.843 µs (24.8%)
tracing	442.181 µs [421.806 µs, 462.557 µs]	63.376 µs (16.7%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.368 ms) : 1348, 1387
.   : milestone, 1368,
appsec (1.742 ms) : 1717, 1767
.   : milestone, 1742,
appsec_no_iast (1.739 ms) : 1714, 1764
.   : milestone, 1739,
iast (1.483 ms) : 1460, 1505
.   : milestone, 1483,
profiling (1.579 ms) : 1555, 1603
.   : milestone, 1579,
tracing (1.483 ms) : 1459, 1508
.   : milestone, 1483,
section candidate
no_agent (1.34 ms) : 1320, 1360
.   : milestone, 1340,
appsec (1.749 ms) : 1724, 1775
.   : milestone, 1749,
appsec_no_iast (1.757 ms) : 1733, 1782
.   : milestone, 1757,
iast (1.481 ms) : 1458, 1504
.   : milestone, 1481,
profiling (1.514 ms) : 1491, 1537
.   : milestone, 1514,
tracing (1.464 ms) : 1439, 1489
.   : milestone, 1464,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.368 ms [1.348 ms, 1.387 ms]	-
appsec	1.742 ms [1.717 ms, 1.767 ms]	374.735 µs (27.4%)
appsec_no_iast	1.739 ms [1.714 ms, 1.764 ms]	371.073 µs (27.1%)
iast	1.483 ms [1.46 ms, 1.505 ms]	115.073 µs (8.4%)
profiling	1.579 ms [1.555 ms, 1.603 ms]	211.228 µs (15.4%)
tracing	1.483 ms [1.459 ms, 1.508 ms]	115.838 µs (8.5%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.34 ms [1.32 ms, 1.36 ms]	-
appsec	1.749 ms [1.724 ms, 1.775 ms]	409.657 µs (30.6%)
appsec_no_iast	1.757 ms [1.733 ms, 1.782 ms]	417.522 µs (31.2%)
iast	1.481 ms [1.458 ms, 1.504 ms]	141.36 µs (10.6%)
profiling	1.514 ms [1.491 ms, 1.537 ms]	174.096 µs (13.0%)
tracing	1.464 ms [1.439 ms, 1.489 ms]	124.361 µs (9.3%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	mario.vidal/taint_tracking_string_valueof
git_commit_date	1732656091	1732702574
git_commit_sha	`9eaf5a0`	`28eeeba`
release_version	1.44.0-SNAPSHOT~9eaf5a01bb	1.44.0-SNAPSHOT~28eeeba907

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1732704513	1732704513
ci_job_id	721790722	721790722
ci_pipeline_id	50049347	50049347
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.474 ms) : 1463, 1486
.   : milestone, 1474,
appsec (2.351 ms) : 2309, 2392
.   : milestone, 2351,
iast (2.099 ms) : 2046, 2152
.   : milestone, 2099,
iast_GLOBAL (2.144 ms) : 2091, 2197
.   : milestone, 2144,
profiling (1.955 ms) : 1913, 1997
.   : milestone, 1955,
tracing (1.942 ms) : 1901, 1982
.   : milestone, 1942,
section candidate
no_agent (1.474 ms) : 1463, 1486
.   : milestone, 1474,
appsec (2.365 ms) : 2322, 2407
.   : milestone, 2365,
iast (2.1 ms) : 2047, 2153
.   : milestone, 2100,
iast_GLOBAL (2.141 ms) : 2088, 2194
.   : milestone, 2141,
profiling (1.96 ms) : 1918, 2002
.   : milestone, 1960,
tracing (1.943 ms) : 1902, 1983
.   : milestone, 1943,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.474 ms [1.463 ms, 1.486 ms]	-
appsec	2.351 ms [2.309 ms, 2.392 ms]	876.373 µs (59.4%)
iast	2.099 ms [2.046 ms, 2.152 ms]	624.523 µs (42.4%)
iast_GLOBAL	2.144 ms [2.091 ms, 2.197 ms]	669.951 µs (45.4%)
profiling	1.955 ms [1.913 ms, 1.997 ms]	480.624 µs (32.6%)
tracing	1.942 ms [1.901 ms, 1.982 ms]	467.63 µs (31.7%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.474 ms [1.463 ms, 1.486 ms]	-
appsec	2.365 ms [2.322 ms, 2.407 ms]	890.258 µs (60.4%)
iast	2.1 ms [2.047 ms, 2.153 ms]	625.348 µs (42.4%)
iast_GLOBAL	2.141 ms [2.088 ms, 2.194 ms]	666.957 µs (45.2%)
profiling	1.96 ms [1.918 ms, 2.002 ms]	485.958 µs (33.0%)
tracing	1.943 ms [1.902 ms, 1.983 ms]	468.354 µs (31.8%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~28eeeba907, baseline=1.44.0-SNAPSHOT~9eaf5a01bb
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.41 s) : 15410000, 15410000
.   : milestone, 15410000,
appsec (14.833 s) : 14833000, 14833000
.   : milestone, 14833000,
iast (18.843 s) : 18843000, 18843000
.   : milestone, 18843000,
iast_GLOBAL (18.195 s) : 18195000, 18195000
.   : milestone, 18195000,
profiling (14.879 s) : 14879000, 14879000
.   : milestone, 14879000,
tracing (14.731 s) : 14731000, 14731000
.   : milestone, 14731000,
section candidate
no_agent (15.381 s) : 15381000, 15381000
.   : milestone, 15381000,
appsec (14.959 s) : 14959000, 14959000
.   : milestone, 14959000,
iast (18.608 s) : 18608000, 18608000
.   : milestone, 18608000,
iast_GLOBAL (18.123 s) : 18123000, 18123000
.   : milestone, 18123000,
profiling (15.378 s) : 15378000, 15378000
.   : milestone, 15378000,
tracing (15.008 s) : 15008000, 15008000
.   : milestone, 15008000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.41 s [15.41 s, 15.41 s]	-
appsec	14.833 s [14.833 s, 14.833 s]	-577.0 ms (-3.7%)
iast	18.843 s [18.843 s, 18.843 s]	3.433 s (22.3%)
iast_GLOBAL	18.195 s [18.195 s, 18.195 s]	2.785 s (18.1%)
profiling	14.879 s [14.879 s, 14.879 s]	-531.0 ms (-3.4%)
tracing	14.731 s [14.731 s, 14.731 s]	-679.0 ms (-4.4%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.381 s [15.381 s, 15.381 s]	-
appsec	14.959 s [14.959 s, 14.959 s]	-422.0 ms (-2.7%)
iast	18.608 s [18.608 s, 18.608 s]	3.227 s (21.0%)
iast_GLOBAL	18.123 s [18.123 s, 18.123 s]	2.742 s (17.8%)
profiling	15.378 s [15.378 s, 15.378 s]	-3.0 ms (-0.0%)
tracing	15.008 s [15.008 s, 15.008 s]	-373.0 ms (-2.4%)

dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/StringModuleTest.groovy

| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.49.0` -> `2.50.0` | | [com.google.cloud:google-cloud-core-http](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.48.0` -> `2.49.0` | | [com.google.cloud:google-cloud-spanner](https://github.com/googleapis/java-spanner) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `6.82.0` -> `6.83.0` | | [com.google.cloud:google-cloud-logging](https://github.com/googleapis/java-logging) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.20.7` -> `3.21.0` | | [com.google.cloud:google-cloud-datastore](https://github.com/googleapis/java-datastore) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.24.3` -> `2.25.1` | | [com.google.cloud:google-cloud-core](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.48.0` -> `2.49.0` | | [com.google.api:gax](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.58.0` -> `2.59.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | patch | `2.6.0` -> `2.6.1` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.43.0` -> `1.44.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.43.0` -> `1.44.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [com.amazonaws:aws-java-sdk-sqs](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-s3](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-dynamodb](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-core](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | --- ### Release Notes <details> <summary>googleapis/sdk-platform-java (com.google.api.grpc:proto-google-common-protos)</summary> ### [`v2.50.0`](https://github.com/googleapis/sdk-platform-java/blob/HEAD/CHANGELOG.md#2500-2024-11-14) ##### Features - Add experimental S2A integration in client libraries grpc transport ([#3326](googleapis/sdk-platform-java#3326)) ([1138ca6](googleapis/sdk-platform-java@1138ca6)) - enable selective generation based on service config include list ([#3323](googleapis/sdk-platform-java#3323)) ([0cddadb](googleapis/sdk-platform-java@0cddadb)) - introduce `java.time` to java-core ([#3330](googleapis/sdk-platform-java#3330)) ([f202c3b](googleapis/sdk-platform-java@f202c3b)) - Update Gapic-Generator to generate libraries using `java.time` methods ([#3321](googleapis/sdk-platform-java#3321)) ([b21c9a4](googleapis/sdk-platform-java@b21c9a4)) ##### Bug Fixes - Fix flaky test ScheduledRetryingExecutorTest.testCancelOuterFutureAfterStart ([#3335](googleapis/sdk-platform-java#3335)) ([e73740d](googleapis/sdk-platform-java@e73740d)) - httpjson callables to trace attempts (started, failed) ([#3300](googleapis/sdk-platform-java#3300)) ([15a64ee](googleapis/sdk-platform-java@15a64ee)) - instantiate GaxProperties at build time to ensure we get the protobuf version ([#3365](googleapis/sdk-platform-java#3365)) ([bb2a3be](googleapis/sdk-platform-java@bb2a3be)) - protobuf version not always getting set in headers ([#3322](googleapis/sdk-platform-java#3322)) ([7f6e470](googleapis/sdk-platform-java@7f6e470)) - use BuildKit instead of legacy builder to build the Hermetic Build images ([#3338](googleapis/sdk-platform-java#3338)) ([222fb45](googleapis/sdk-platform-java@222fb45)) ##### Dependencies - update google auth library dependencies to v1.30.0 ([#3367](googleapis/sdk-platform-java#3367)) ([a31c682](googleapis/sdk-platform-java@a31c682)) - update grpc dependencies to v1.68.1 ([#3240](googleapis/sdk-platform-java#3240)) ([c8e3941](googleapis/sdk-platform-java@c8e3941)) ##### Documentation - fix list num ([#3356](googleapis/sdk-platform-java#3356)) ([b7d6296](googleapis/sdk-platform-java@b7d6296)) - **hermetic-build:** indicate usage of Docker Buildkit in development guide ([#3337](googleapis/sdk-platform-java#3337)) ([01e742d](googleapis/sdk-platform-java@01e742d)) - modify hermetic build docs ([#3331](googleapis/sdk-platform-java#3331)) ([25023af](googleapis/sdk-platform-java@25023af)) </details> <details> <summary>googleapis/java-spanner (com.google.cloud:google-cloud-spanner)</summary> ### [`v6.83.0`](https://github.com/googleapis/java-spanner/blob/HEAD/CHANGELOG.md#6830-2024-12-13) ##### Features - Add Metrics host for built in metrics ([#3519](googleapis/java-spanner#3519)) ([4ed455a](googleapis/java-spanner@4ed455a)) - Add opt-in for using multiplexed sessions for blind writes ([#3540](googleapis/java-spanner#3540)) ([216f53e](googleapis/java-spanner@216f53e)) - Add UUID in Spanner TypeCode enum ([41f83dc](googleapis/java-spanner@41f83dc)) - Introduce java.time variables and methods ([#3495](googleapis/java-spanner#3495)) ([8a7d533](googleapis/java-spanner@8a7d533)) - **spanner:** Support multiplexed session for Partitioned operations ([#3231](googleapis/java-spanner#3231)) ([4501a3e](googleapis/java-spanner@4501a3e)) - Support 'set local' for retry_aborts_internally ([#3532](googleapis/java-spanner#3532)) ([331942f](googleapis/java-spanner@331942f)) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([41f83dc](googleapis/java-spanner@41f83dc)) ##### Dependencies - Update sdk platform java dependencies ([#3549](googleapis/java-spanner#3549)) ([6235f0f](googleapis/java-spanner@6235f0f)) </details> <details> <summary>googleapis/java-logging (com.google.cloud:google-cloud-logging)</summary> ### [`v3.21.0`](https://github.com/googleapis/java-logging/blob/HEAD/CHANGELOG.md#3210-2024-12-13) ##### Features - Introduce `java.time` methods ([#1729](googleapis/java-logging#1729)) ([323eb33](googleapis/java-logging@323eb33)) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([04d8868](googleapis/java-logging@04d8868)) ##### Dependencies - Update dependency io.opentelemetry:opentelemetry-bom to v1.45.0 ([#1638](googleapis/java-logging#1638)) ([7e007d4](googleapis/java-logging@7e007d4)) - Update sdk platform java dependencies ([#1736](googleapis/java-logging#1736)) ([88b4cdf](googleapis/java-logging@88b4cdf)) </details> <details> <summary>googleapis/java-datastore (com.google.cloud:google-cloud-datastore)</summary> ### [`v2.25.1`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2251-2024-12-13) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([106ee4d](googleapis/java-datastore@106ee4d)) ##### Dependencies - Update sdk platform java dependencies ([#1685](googleapis/java-datastore#1685)) ([4372350](googleapis/java-datastore@4372350)) ### [`v2.25.0`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2250-2024-12-11) ##### Features - Introduce `java.time` methods and variables ([#1671](googleapis/java-datastore#1671)) ([5a78a80](googleapis/java-datastore@5a78a80)) ##### Dependencies - Update dependency com.google.cloud:gapic-libraries-bom to v1.48.0 ([#1605](googleapis/java-datastore#1605)) ([5c6a678](googleapis/java-datastore@5c6a678)) ##### Documentation - Update gapic upgrade installation instructions ([#1677](googleapis/java-datastore#1677)) ([b3fbfcc](googleapis/java-datastore@b3fbfcc)) </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.6.1`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-261) - \[Fix]: `superClassName` can be null (Object has no superclass). </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.44.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.1): 1.44.1 ##### Components ##### Continuous Integration Visibility - 🐛 Fix tracing JUnit5 tests in Maven projects with multiple forks ([#8089](DataDog/dd-trace-java#8089) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) ### [`v1.44.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.0): 1.44.0 ##### Known Issues > \[!WARNING]\ > This release contains a known issue that causes failures when using Test Optimization to trace JUnit 5 tests in a Maven project where Maven Surefire is configured with `forkCount` > 1. > The issue is fixed in v1.44.1 ##### Breaking Changes > \[!WARNING]\ > Support for `X-Forwarded` header is dropped from default client IP resolution. > It can still be re-activated using the `dd.trace.client-ip-header=x-forwarded` system property, or the `DD_TRACE_CLIENT_IP_HEADER=x-forwarded` environment variable. See [#7946](DataDog/dd-trace-java#7946). ##### Components ##### Application Security Management (IAST) - ✨ Set unexpected IAST exceptions to debug log level ([#8044](DataDog/dd-trace-java#8044) - [@smola](https://github.com/smola)) - ✨ Increase IAST propagation to StringBuffer subSequence ([#8038](DataDog/dd-trace-java#8038) - [@Mariovido](https://github.com/Mariovido)) - ✨ Increase IAST propagation to StringBuilder subSequence ([#8026](DataDog/dd-trace-java#8026) - [@Mariovido](https://github.com/Mariovido)) - ✨ Add IAST propagation to String valueOf ([#8013](DataDog/dd-trace-java#8013) - [@Mariovido](https://github.com/Mariovido)) - ✨ Increase IAST propagation to StringBuilder append ([#8010](DataDog/dd-trace-java#8010) - [@Mariovido](https://github.com/Mariovido)) - ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 ([#7920](DataDog/dd-trace-java#7920) - [@Mariovido](https://github.com/Mariovido)) ##### Build & Tooling - ✨ Generate Muzzle classes for Groovy instrumentations ([#8004](DataDog/dd-trace-java#8004) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) ##### Continuous Integration Visibility - ✨ Support distributed traces in tests ([#8078](DataDog/dd-trace-java#8078) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Implement fail-fast tests ordering for JUnit 5 ([#8055](DataDog/dd-trace-java#8055) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Mark JUnit 5 setup and teardown action spans as failed if there is an error ([#8033](DataDog/dd-trace-java#8033) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add tracing of setup and teardown actions in JUnit 4 ([#8030](DataDog/dd-trace-java#8030) - [@daniel-mohedano](https://github.com/daniel-mohedano)) ##### Crash tracking - ✨ Improve crash tracking install logging ([#8045](DataDog/dd-trace-java#8045) - [@PerfectSlayer](https://github.com/PerfectSlayer)) ##### Data Streams Monitoring - 🐛 Add Data Streams support in AWS SQS without raw message delivery ([#8071](DataDog/dd-trace-java#8071) - [@piochelepiotr](https://github.com/piochelepiotr)) - ✨ Add new tag for enabled products / features to DSM checkpoints ([#8051](DataDog/dd-trace-java#8051) - [@kr-igor](https://github.com/kr-igor)) - 💡 Instrument self hosted Kafka connectors ([#7959](DataDog/dd-trace-java#7959) - [@piochelepiotr](https://github.com/piochelepiotr)) ##### Dynamic Instrumentation - ✨ Add Micronaut 4 support for code origin for spans ([#8039](DataDog/dd-trace-java#8039) - [@jpbempel](https://github.com/jpbempel)) - ✨ Refactor probe matching for methods ([#8021](DataDog/dd-trace-java#8021) - [@jpbempel](https://github.com/jpbempel)) - ✨ Update the CodeOriginProbe fingerprint to not rely on a stack walk ([#8016](DataDog/dd-trace-java#8016) - [@evanchooly](https://github.com/evanchooly)) - ✨ Implement code origin support for grpc server entry spans ([#7942](DataDog/dd-trace-java#7942) - [@evanchooly](https://github.com/evanchooly)) ##### GraalVM native-image - 🐛 Update Graal build-time instrumentation config for TracePropagationStyle ([#8065](DataDog/dd-trace-java#8065) - [@MattAlp](https://github.com/MattAlp)) - 🐛 Fix NoClassDefFoundError: Could not initialize class DDSpanLink$EncoderHolder in Graal native-image ([#8036](DataDog/dd-trace-java#8036) - [@mcculls](https://github.com/mcculls)) - 🐛🧹 Fix native-image generation of reactive applications ([#8012](DataDog/dd-trace-java#8012) - [@mcculls](https://github.com/mcculls)) ##### OpenTracing - 🧹 Custom ScopeManagers are deprecated and will be removed in a future release of dd-trace-ot ([#8058](DataDog/dd-trace-java#8058) - [@mcculls](https://github.com/mcculls)) ##### Tracer core - ✨🧪 Service naming: split by jee deployment ([#8064](DataDog/dd-trace-java#8064) - [@amarziali](https://github.com/amarziali)) - ✨ Exclude jboss mdb proxies from instrumenting ([#8061](DataDog/dd-trace-java#8061) - [@amarziali](https://github.com/amarziali)) - ✨ Add a built-in trace interceptor for keeping traces depending of their latency ([#8040](DataDog/dd-trace-java#8040) - [@cecile75](https://github.com/cecile75)) - 💡 Introduce marker mechanism for eagerly initializing helpers ([#8028](DataDog/dd-trace-java#8028) - [@mcculls](https://github.com/mcculls)) - 💡 Add JSON component ([#7973](DataDog/dd-trace-java#7973) - [@PerfectSlayer](https://github.com/PerfectSlayer)) - ✨⚠️ Remove support for X-Forwarded in client IP resolution ([#7946](DataDog/dd-trace-java#7946) - [@smola](https://github.com/smola)) ##### Instrumentations ##### Apache HttpComponents - ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 ([#7920](DataDog/dd-trace-java#7920) - [@Mariovido](https://github.com/Mariovido)) ##### gRPC instrumentation - 🐛 Use lower priorities for grpc server errors ([#8043](DataDog/dd-trace-java#8043) - [@amarziali](https://github.com/amarziali)) ##### JDBC instrumentation - ✨ Add trace injection for prepared statements in Postgres ([#7940](DataDog/dd-trace-java#7940) - [@nenadnoveljic](https://github.com/nenadnoveljic)) ##### JMS instrumentation - 🐛 Protect mdb from instrumenting multiple time the same event ([#8062](DataDog/dd-trace-java#8062) - [@amarziali](https://github.com/amarziali)) ##### Kafka instrumentation - 💡 Instrument self hosted Kafka connectors ([#7959](DataDog/dd-trace-java#7959) - [@piochelepiotr](https://github.com/piochelepiotr)) ##### OpenTelemetry instrumentation - 🐛 Support using OpenTelemetry Event API inside `@WithSpan` annotated method ([#8019](DataDog/dd-trace-java#8019) - [@mcculls](https://github.com/mcculls)) ##### Reactor instrumentation - 🐛🧹 Fix native-image generation of reactive applications ([#8012](DataDog/dd-trace-java#8012) - [@mcculls](https://github.com/mcculls)) ##### Spring instrumentation - 🐛 Avoid double instrumenting lambdas on latest spring scheduling ([#8005](DataDog/dd-trace-java#8005) - [@amarziali](https://github.com/amarziali)) ##### All other instrumentations - 🐛 Twilio: allow service name flattening ([#8025](DataDog/dd-trace-java#8025) - [@amarziali](https://github.com/amarziali)) - ✨ Instrument Mulesoft 4.5.0+ ([#7981](DataDog/dd-trace-java#7981) - [@amarziali](https://github.com/amarziali)) </details> <details> <summary>aws/aws-sdk-java (com.amazonaws:aws-java-sdk-sqs)</summary> ### [`v1.12.780`](https://github.com/aws/aws-sdk-java/blob/HEAD/CHANGELOG.md#112780-2024-12-11) [Compare Source](aws/aws-sdk-java@1.12.779...1.12.780) #### **Amazon Simple Storage Service** - ### Bugfixes - AWS SDK for Java 1.x now includes additional validation for Amazon S3 client APIs to handle scenarios where an empty string ('') is passed as the key argument to the following operations: PutObject, DeleteObject, ListObjects, GetObjectMetaData, ListObjectsV2, SetObjectTagging, GetObjectTagging, SetObjectAcl, GetObjectAcl, SetObjectLegalHold, GetObjectLegalHold, CopyObject, CopyPart, SelectObjectContent, SetObjectRetention, GetObjectRetention, AbortMultipartUpload, CompleteMultipartUpload, InitiateMultipartUpload, ListParts, UploadPart, RestoreObjectV2, and RestoreObject. The SDK will validate the key argument and throw an exception if it is an empty string, ensuring correct and expected behavior. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 69831bc62ea4d80cdcd42cef2aa9bd8eda28ae8c

Add Iast propagation support for string value of

02ce186

Mariovido added type: enhancement comp: asm iast Application Security Management (IAST) labels Nov 25, 2024

Remove comment

2f3a62f

smola reviewed Nov 25, 2024

View reviewed changes

dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/StringModuleTest.groovy Show resolved Hide resolved

Mariovido added 4 commits November 26, 2024 13:16

Add support for taintable objects

18f19e0

Minor fix

082ceb4

Add support for special objects

4669bea

Change ObjectInputStream for ByteArrayInputStream

25fce09

Mariovido marked this pull request as ready for review November 26, 2024 16:36

Mariovido requested review from a team as code owners November 26, 2024 16:36

Mariovido requested review from manuel-alvarez-alvarez, jandro996 and smola November 26, 2024 16:36

jandro996 reviewed Nov 27, 2024

View reviewed changes

dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/StringModuleTest.groovy Show resolved Hide resolved

Mariovido added 2 commits November 27, 2024 11:08

Refactor tests in StringModuleTest

09a4c95

Change assertion for taintable objects

28eeeba

smola approved these changes Nov 27, 2024

View reviewed changes

jandro996 approved these changes Nov 27, 2024

View reviewed changes

Mariovido merged commit 7bd70a5 into master Nov 27, 2024
103 checks passed

Mariovido deleted the mario.vidal/taint_tracking_string_valueof branch November 27, 2024 11:17

github-actions bot added this to the 1.44.0 milestone Nov 27, 2024

PerfectSlayer pushed a commit that referenced this pull request Nov 28, 2024

Add IAST propagation to String valueOf (#8013)

5d6e519

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add IAST propagation to String valueOf #8013

Add IAST propagation to String valueOf #8013

Mariovido commented Nov 25, 2024 •

edited

Loading

pr-commenter bot commented Nov 25, 2024 •

edited

Loading

Add IAST propagation to String valueOf #8013

Add IAST propagation to String valueOf #8013

Conversation

Mariovido commented Nov 25, 2024 • edited Loading

What Does This Do

Motivation

Additional Notes

Contributor Checklist

pr-commenter bot commented Nov 25, 2024 • edited Loading

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

Mariovido commented Nov 25, 2024 •

edited

Loading

pr-commenter bot commented Nov 25, 2024 •

edited

Loading