-
Notifications
You must be signed in to change notification settings - Fork 306
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V3.38.0 proposal #3709
V3.38.0 proposal #3709
Conversation
This allows wall profiles to be visualized in timelines.
… request payloads [APPSEC-9476] (#3635) * Register and send extra services found in spans
- only sends `memcached.command` when `DD_TRACE_MEMCACHED_COMMAND_ENABLED=true` is set - existing behavior is incorrect - `memcached.query` is supposed to be the full query (command + args) - `memcached.command` is only supposed to be the command - allowing the existing incorrect behavior to continue working if the flag is set - disable by default in case someone stores sensitive data in their memcached key
…erimental ones (#3659) * Deprecate EXPERIMENTAL_ env vars for code hostpots; introduce non-experimental variants * make sure code hotspots being enabled is consistent with endpoint profiling being enabled
* Instrumentate nextjs and call to waf * Feature implementation, pending to fix the tests * Add appsec nextjs pipeline * execute less tests * Execute tests again * try other approach to instrumentate next app request * Fix lints * Extract body and query in diagnostics channel publish not in subscribe * Fix tests * Fix query monitoring nextjs * small fixes * Remove unnecessary files * Restore next test * fixes * Fix from PR comments * Small changes from PR comments * Replace some exec by fs functions
* Fix SQLi location when using knex * Remove onProgress wrapping from knex then * Rename asyncResource * Add spacing in code to improve readability * Avoid using shimmer to wrap then from knex raw result * Detect dialect for SQLi with knex * Instrument knex catch and asCallback
* Prevent sending query address twice to the waf * Small changes + test * Fix invalid query type test and behaviour * Comment in the PR
* Enable appsec telemetry before waf init * test reportWafInit is called when enabling appsec
Overall package sizeSelf size: 5.38 MB Dependency sizes
🤖 This report was automatically generated by heaviest-objects-in-the-universe |
Codecov Report
@@ Coverage Diff @@
## v3.x #3709 +/- ##
=======================================
Coverage ? 85.07%
=======================================
Files ? 225
Lines ? 9238
Branches ? 33
=======================================
Hits ? 7859
Misses ? 1379
Partials ? 0 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
if you include 6546c53 the CI Vis tests should start passing |
bc6a39b
to
0aea94a
Compare
BenchmarksBenchmark execution time: 2023-10-16 11:10:06 Comparing candidate commit b7bc2eb in PR branch Found 0 performance improvements and 1 performance regressions! Performance is the same for 575 metrics, 12 unstable metrics. scenario:appsec-iast-no-vulnerability-control-14
|
0aea94a
to
b7bc2eb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good from ci visibility's perspective
Bug Fixes
Improvements
HTTP_REQUEST_PATH
toHTTP_REQUEST_URI
(Change source origin from HTTP_REQUEST_PATH to HTTP_REQUEST_URI [APPSEC-11398] #3644)Features
Will be omitted from release notes:
serverless-performance
#3672