Skip to content

Submit Gradle Dependencies #8351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Submit Gradle Dependencies #8351

wants to merge 1 commit into from

Conversation

harmonherring-pro
Copy link

@harmonherring-pro harmonherring-pro commented Feb 6, 2025
edited by jira bot
Loading

What Does This Do

SINT-2813 Gradle dependencies aren't submitted to Github's dependency graph by default, so this PR configures a Github Action to do so. It excludes test and build targets, but let me know if the list of those targets needs to be expanded

@harmonherring-pro harmonherring-pro requested a review from a team as a code owner February 6, 2025 21:42
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 6, 2025
edited
Loading

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@harmonherring-pro harmonherring-pro changed the title [SINT-2813] Submit Gradle Dependencies Submit Gradle Dependencies Feb 6, 2025
@pr-commenter
Copy link

pr-commenter bot commented Feb 6, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master harmon.herring/sint-2813
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1738880438 1738880438
ci_job_id 798199753 798199753
ci_pipeline_id 55188972 55188972
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
git_commit_date 1738853998 1738853998
git_commit_sha 8a74e85 8a74e85
kernel_version Linux runner-kdgvqfgl-project-304-concurrent-1-xi381gza 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-kdgvqfgl-project-304-concurrent-1-xi381gza 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
release_version 1.47.0-SNAPSHOT~8a74e85918 1.47.0-SNAPSHOT~8a74e85918
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 58 metrics, 5 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.042 s) : 0, 1042431
Total [baseline] (8.658 s) : 0, 8658439
Agent [candidate] (1.043 s) : 0, 1042912
Total [candidate] (8.638 s) : 0, 8638259
section iast
Agent [baseline] (1.173 s) : 0, 1172517
Total [baseline] (9.221 s) : 0, 9220957
Agent [candidate] (1.174 s) : 0, 1173746
Total [candidate] (9.242 s) : 0, 9241502
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.173 s) : 0, 1172919
Total [baseline] (9.264 s) : 0, 9264169
Agent [candidate] (1.172 s) : 0, 1172243
Total [candidate] (9.242 s) : 0, 9241600
section iast_TELEMETRY_OFF
Agent [baseline] (1.17 s) : 0, 1169972
Total [baseline] (9.223 s) : 0, 9223499
Agent [candidate] (1.176 s) : 0, 1175988
Total [candidate] (9.269 s) : 0, 9269170
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.042 s -
Agent iast 1.173 s 130.086 ms (12.5%)
Agent iast_HARDCODED_SECRET_DISABLED 1.173 s 130.488 ms (12.5%)
Agent iast_TELEMETRY_OFF 1.17 s 127.542 ms (12.2%)
Total tracing 8.658 s -
Total iast 9.221 s 562.519 ms (6.5%)
Total iast_HARDCODED_SECRET_DISABLED 9.264 s 605.731 ms (7.0%)
Total iast_TELEMETRY_OFF 9.223 s 565.06 ms (6.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.043 s -
Agent iast 1.174 s 130.834 ms (12.5%)
Agent iast_HARDCODED_SECRET_DISABLED 1.172 s 129.332 ms (12.4%)
Agent iast_TELEMETRY_OFF 1.176 s 133.076 ms (12.8%)
Total tracing 8.638 s -
Total iast 9.242 s 603.243 ms (7.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.242 s 603.342 ms (7.0%)
Total iast_TELEMETRY_OFF 9.269 s 630.912 ms (7.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (717.9 ms) : 0, 717900
BytebuddyAgent [candidate] (715.9 ms) : 0, 715900
GlobalTracer [baseline] (243.038 ms) : 0, 243038
GlobalTracer [candidate] (243.258 ms) : 0, 243258
AppSec [baseline] (54.922 ms) : 0, 54922
AppSec [candidate] (55.087 ms) : 0, 55087
Remote Config [baseline] (711.727 µs) : 0, 712
Remote Config [candidate] (714.665 µs) : 0, 715
Telemetry [baseline] (10.716 ms) : 0, 10716
Telemetry [candidate] (12.825 ms) : 0, 12825
section iast
BytebuddyAgent [baseline] (835.268 ms) : 0, 835268
BytebuddyAgent [candidate] (835.862 ms) : 0, 835862
GlobalTracer [baseline] (233.105 ms) : 0, 233105
GlobalTracer [candidate] (233.284 ms) : 0, 233284
AppSec [baseline] (56.871 ms) : 0, 56871
AppSec [candidate] (57.203 ms) : 0, 57203
Remote Config [baseline] (615.699 µs) : 0, 616
Remote Config [candidate] (625.771 µs) : 0, 626
Telemetry [baseline] (8.69 ms) : 0, 8690
Telemetry [candidate] (8.728 ms) : 0, 8728
IAST [baseline] (22.686 ms) : 0, 22686
IAST [candidate] (22.809 ms) : 0, 22809
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (834.662 ms) : 0, 834662
BytebuddyAgent [candidate] (833.966 ms) : 0, 833966
GlobalTracer [baseline] (233.694 ms) : 0, 233694
GlobalTracer [candidate] (233.617 ms) : 0, 233617
AppSec [baseline] (57.157 ms) : 0, 57157
AppSec [candidate] (56.968 ms) : 0, 56968
Remote Config [baseline] (623.415 µs) : 0, 623
Remote Config [candidate] (618.409 µs) : 0, 618
Telemetry [baseline] (8.733 ms) : 0, 8733
Telemetry [candidate] (8.715 ms) : 0, 8715
IAST [baseline] (22.831 ms) : 0, 22831
IAST [candidate] (23.106 ms) : 0, 23106
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (831.812 ms) : 0, 831812
BytebuddyAgent [candidate] (834.585 ms) : 0, 834585
GlobalTracer [baseline] (233.305 ms) : 0, 233305
GlobalTracer [candidate] (235.984 ms) : 0, 235984
AppSec [baseline] (56.242 ms) : 0, 56242
AppSec [candidate] (54.677 ms) : 0, 54677
Remote Config [baseline] (630.324 µs) : 0, 630
Remote Config [candidate] (641.572 µs) : 0, 642
Telemetry [baseline] (8.763 ms) : 0, 8763
Telemetry [candidate] (8.938 ms) : 0, 8938
IAST [baseline] (24.02 ms) : 0, 24020
IAST [candidate] (25.903 ms) : 0, 25903
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.048 s) : 0, 1047872
Total [baseline] (10.547 s) : 0, 10546753
Agent [candidate] (1.051 s) : 0, 1051143
Total [candidate] (10.593 s) : 0, 10593314
section appsec
Agent [baseline] (1.187 s) : 0, 1187248
Total [baseline] (10.81 s) : 0, 10810063
Agent [candidate] (1.185 s) : 0, 1185316
Total [candidate] (10.724 s) : 0, 10724375
section iast
Agent [baseline] (1.176 s) : 0, 1176228
Total [baseline] (10.963 s) : 0, 10962720
Agent [candidate] (1.173 s) : 0, 1173278
Total [candidate] (11.034 s) : 0, 11033779
section profiling
Agent [baseline] (1.269 s) : 0, 1269062
Total [baseline] (10.863 s) : 0, 10862828
Agent [candidate] (1.278 s) : 0, 1277561
Total [candidate] (10.949 s) : 0, 10948816
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.048 s -
Agent appsec 1.187 s 139.376 ms (13.3%)
Agent iast 1.176 s 128.356 ms (12.2%)
Agent profiling 1.269 s 221.19 ms (21.1%)
Total tracing 10.547 s -
Total appsec 10.81 s 263.31 ms (2.5%)
Total iast 10.963 s 415.967 ms (3.9%)
Total profiling 10.863 s 316.075 ms (3.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.051 s -
Agent appsec 1.185 s 134.173 ms (12.8%)
Agent iast 1.173 s 122.136 ms (11.6%)
Agent profiling 1.278 s 226.419 ms (21.5%)
Total tracing 10.593 s -
Total appsec 10.724 s 131.061 ms (1.2%)
Total iast 11.034 s 440.465 ms (4.2%)
Total profiling 10.949 s 355.502 ms (3.4%) 
gantt
    title petclinic - break down per module: candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (718.347 ms) : 0, 718347
BytebuddyAgent [candidate] (722.873 ms) : 0, 722873
GlobalTracer [baseline] (243.634 ms) : 0, 243634
GlobalTracer [candidate] (245.248 ms) : 0, 245248
AppSec [baseline] (55.231 ms) : 0, 55231
AppSec [candidate] (55.463 ms) : 0, 55463
Remote Config [baseline] (721.65 µs) : 0, 722
Remote Config [candidate] (715.684 µs) : 0, 716
Telemetry [baseline] (14.644 ms) : 0, 14644
Telemetry [candidate] (11.567 ms) : 0, 11567
section appsec
BytebuddyAgent [baseline] (734.449 ms) : 0, 734449
BytebuddyAgent [candidate] (733.52 ms) : 0, 733520
GlobalTracer [baseline] (241.023 ms) : 0, 241023
GlobalTracer [candidate] (240.201 ms) : 0, 240201
AppSec [baseline] (176.797 ms) : 0, 176797
AppSec [candidate] (176.565 ms) : 0, 176565
Remote Config [baseline] (664.013 µs) : 0, 664
Remote Config [candidate] (659.338 µs) : 0, 659
Telemetry [baseline] (8.285 ms) : 0, 8285
Telemetry [candidate] (8.251 ms) : 0, 8251
IAST [baseline] (21.653 ms) : 0, 21653
IAST [candidate] (21.744 ms) : 0, 21744
section iast
BytebuddyAgent [baseline] (836.953 ms) : 0, 836953
BytebuddyAgent [candidate] (835.436 ms) : 0, 835436
GlobalTracer [baseline] (234.574 ms) : 0, 234574
GlobalTracer [candidate] (233.481 ms) : 0, 233481
AppSec [baseline] (57.077 ms) : 0, 57077
AppSec [candidate] (57.01 ms) : 0, 57010
Remote Config [baseline] (636.459 µs) : 0, 636
Remote Config [candidate] (628.937 µs) : 0, 629
Telemetry [baseline] (8.71 ms) : 0, 8710
Telemetry [candidate] (8.705 ms) : 0, 8705
IAST [baseline] (22.983 ms) : 0, 22983
IAST [candidate] (22.751 ms) : 0, 22751
section profiling
BytebuddyAgent [baseline] (709.79 ms) : 0, 709790
BytebuddyAgent [candidate] (716.125 ms) : 0, 716125
GlobalTracer [baseline] (354.33 ms) : 0, 354330
GlobalTracer [candidate] (356.777 ms) : 0, 356777
AppSec [baseline] (55.773 ms) : 0, 55773
AppSec [candidate] (54.956 ms) : 0, 54956
Remote Config [baseline] (715.702 µs) : 0, 716
Remote Config [candidate] (708.31 µs) : 0, 708
Telemetry [baseline] (8.891 ms) : 0, 8891
Telemetry [candidate] (9.036 ms) : 0, 9036
ProfilingAgent [baseline] (96.896 ms) : 0, 96896
ProfilingAgent [candidate] (97.136 ms) : 0, 97136
Profiling [baseline] (96.919 ms) : 0, 96919
Profiling [candidate] (97.16 ms) : 0, 97160
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-02-06T21:52:31 2025-02-06T21:59:35
git_branch master harmon.herring/sint-2813
start_time 2025-02-06T21:52:17 2025-02-06T21:59:21
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1738879532 1738879532
ci_job_id 798199754 798199754
ci_pipeline_id 55188972 55188972
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
git_commit_date 1738853998 1738853998
git_commit_sha 8a74e85 8a74e85
kernel_version Linux runner-kwwjemm-project-304-concurrent-0-b8t4dogj 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-kwwjemm-project-304-concurrent-0-b8t4dogj 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
release_version 1.47.0-SNAPSHOT~8a74e85918 1.47.0-SNAPSHOT~8a74e85918
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918
    dateFormat X
    axisFormat %s
section baseline
no_agent (378.829 µs) : 359, 399
.   : milestone, 379,
iast (524.142 µs) : 502, 546
.   : milestone, 524,
iast_FULL (742.076 µs) : 720, 764
.   : milestone, 742,
iast_GLOBAL (551.352 µs) : 529, 573
.   : milestone, 551,
iast_HARDCODED_SECRET_DISABLED (504.581 µs) : 483, 526
.   : milestone, 505,
iast_INACTIVE (460.594 µs) : 439, 482
.   : milestone, 461,
iast_TELEMETRY_OFF (498.13 µs) : 475, 522
.   : milestone, 498,
tracing (452.755 µs) : 431, 474
.   : milestone, 453,
section candidate
no_agent (379.792 µs) : 359, 400
.   : milestone, 380,
iast (513.346 µs) : 491, 536
.   : milestone, 513,
iast_FULL (739.55 µs) : 718, 761
.   : milestone, 740,
iast_GLOBAL (548.076 µs) : 527, 569
.   : milestone, 548,
iast_HARDCODED_SECRET_DISABLED (507.205 µs) : 486, 529
.   : milestone, 507,
iast_INACTIVE (458.895 µs) : 437, 480
.   : milestone, 459,
iast_TELEMETRY_OFF (498.906 µs) : 476, 522
.   : milestone, 499,
tracing (450.724 µs) : 430, 472
.   : milestone, 451,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 378.829 µs [358.957 µs, 398.701 µs] -
iast 524.142 µs [502.379 µs, 545.905 µs] 145.313 µs (38.4%)
iast_FULL 742.076 µs [720.035 µs, 764.118 µs] 363.248 µs (95.9%)
iast_GLOBAL 551.352 µs [529.291 µs, 573.412 µs] 172.523 µs (45.5%)
iast_HARDCODED_SECRET_DISABLED 504.581 µs [483.019 µs, 526.143 µs] 125.752 µs (33.2%)
iast_INACTIVE 460.594 µs [439.073 µs, 482.114 µs] 81.765 µs (21.6%)
iast_TELEMETRY_OFF 498.13 µs [474.656 µs, 521.605 µs] 119.302 µs (31.5%)
tracing 452.755 µs [431.145 µs, 474.366 µs] 73.927 µs (19.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 379.792 µs [359.483 µs, 400.101 µs] -
iast 513.346 µs [490.963 µs, 535.728 µs] 133.554 µs (35.2%)
iast_FULL 739.55 µs [717.775 µs, 761.325 µs] 359.758 µs (94.7%)
iast_GLOBAL 548.076 µs [526.677 µs, 569.474 µs] 168.284 µs (44.3%)
iast_HARDCODED_SECRET_DISABLED 507.205 µs [485.701 µs, 528.709 µs] 127.413 µs (33.5%)
iast_INACTIVE 458.895 µs [437.464 µs, 480.326 µs] 79.103 µs (20.8%)
iast_TELEMETRY_OFF 498.906 µs [476.151 µs, 521.661 µs] 119.114 µs (31.4%)
tracing 450.724 µs [429.591 µs, 471.857 µs] 70.932 µs (18.7%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.352 ms) : 1333, 1371
.   : milestone, 1352,
appsec (1.767 ms) : 1744, 1790
.   : milestone, 1767,
appsec_no_iast (1.774 ms) : 1751, 1796
.   : milestone, 1774,
iast (1.508 ms) : 1484, 1532
.   : milestone, 1508,
profiling (1.513 ms) : 1489, 1537
.   : milestone, 1513,
tracing (1.477 ms) : 1453, 1502
.   : milestone, 1477,
section candidate
no_agent (1.356 ms) : 1337, 1376
.   : milestone, 1356,
appsec (1.73 ms) : 1705, 1754
.   : milestone, 1730,
appsec_no_iast (1.739 ms) : 1715, 1764
.   : milestone, 1739,
iast (1.509 ms) : 1485, 1533
.   : milestone, 1509,
profiling (1.514 ms) : 1491, 1536
.   : milestone, 1514,
tracing (1.491 ms) : 1466, 1517
.   : milestone, 1491,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.352 ms [1.333 ms, 1.371 ms] -
appsec 1.767 ms [1.744 ms, 1.79 ms] 415.017 µs (30.7%)
appsec_no_iast 1.774 ms [1.751 ms, 1.796 ms] 421.769 µs (31.2%)
iast 1.508 ms [1.484 ms, 1.532 ms] 155.931 µs (11.5%)
profiling 1.513 ms [1.489 ms, 1.537 ms] 161.395 µs (11.9%)
tracing 1.477 ms [1.453 ms, 1.502 ms] 125.653 µs (9.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.356 ms [1.337 ms, 1.376 ms] -
appsec 1.73 ms [1.705 ms, 1.754 ms] 373.13 µs (27.5%)
appsec_no_iast 1.739 ms [1.715 ms, 1.764 ms] 382.832 µs (28.2%)
iast 1.509 ms [1.485 ms, 1.533 ms] 152.794 µs (11.3%)
profiling 1.514 ms [1.491 ms, 1.536 ms] 157.19 µs (11.6%)
tracing 1.491 ms [1.466 ms, 1.517 ms] 135.045 µs (10.0%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master harmon.herring/sint-2813
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1738880104 1738880104
ci_job_id 798199755 798199755
ci_pipeline_id 55188972 55188972
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
git_commit_date 1738853998 1738853998
git_commit_sha 8a74e85 8a74e85
kernel_version Linux runner-kdgvqfgl-project-304-concurrent-2-lbt5csgu 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-kdgvqfgl-project-304-concurrent-2-lbt5csgu 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
release_version 1.47.0-SNAPSHOT~8a74e85918 1.47.0-SNAPSHOT~8a74e85918
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.169 s) : 15169000, 15169000
.   : milestone, 15169000,
appsec (15.035 s) : 15035000, 15035000
.   : milestone, 15035000,
iast (19.081 s) : 19081000, 19081000
.   : milestone, 19081000,
iast_GLOBAL (17.968 s) : 17968000, 17968000
.   : milestone, 17968000,
profiling (14.9 s) : 14900000, 14900000
.   : milestone, 14900000,
tracing (14.919 s) : 14919000, 14919000
.   : milestone, 14919000,
section candidate
no_agent (14.992 s) : 14992000, 14992000
.   : milestone, 14992000,
appsec (14.968 s) : 14968000, 14968000
.   : milestone, 14968000,
iast (18.944 s) : 18944000, 18944000
.   : milestone, 18944000,
iast_GLOBAL (18.17 s) : 18170000, 18170000
.   : milestone, 18170000,
profiling (14.995 s) : 14995000, 14995000
.   : milestone, 14995000,
tracing (14.722 s) : 14722000, 14722000
.   : milestone, 14722000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.169 s [15.169 s, 15.169 s] -
appsec 15.035 s [15.035 s, 15.035 s] -134.0 ms (-0.9%)
iast 19.081 s [19.081 s, 19.081 s] 3.912 s (25.8%)
iast_GLOBAL 17.968 s [17.968 s, 17.968 s] 2.799 s (18.5%)
profiling 14.9 s [14.9 s, 14.9 s] -269.0 ms (-1.8%)
tracing 14.919 s [14.919 s, 14.919 s] -250.0 ms (-1.6%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.992 s [14.992 s, 14.992 s] -
appsec 14.968 s [14.968 s, 14.968 s] -24.0 ms (-0.2%)
iast 18.944 s [18.944 s, 18.944 s] 3.952 s (26.4%)
iast_GLOBAL 18.17 s [18.17 s, 18.17 s] 3.178 s (21.2%)
profiling 14.995 s [14.995 s, 14.995 s] 3.0 ms (0.0%)
tracing 14.722 s [14.722 s, 14.722 s] -270.0 ms (-1.8%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~8a74e85918, baseline=1.47.0-SNAPSHOT~8a74e85918
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.475 ms) : 1464, 1487
.   : milestone, 1475,
appsec (2.369 ms) : 2325, 2412
.   : milestone, 2369,
iast (2.112 ms) : 2057, 2167
.   : milestone, 2112,
iast_GLOBAL (2.156 ms) : 2101, 2212
.   : milestone, 2156,
profiling (1.974 ms) : 1930, 2017
.   : milestone, 1974,
tracing (1.945 ms) : 1903, 1988
.   : milestone, 1945,
section candidate
no_agent (1.47 ms) : 1459, 1482
.   : milestone, 1470,
appsec (2.367 ms) : 2324, 2411
.   : milestone, 2367,
iast (2.121 ms) : 2066, 2177
.   : milestone, 2121,
iast_GLOBAL (2.16 ms) : 2104, 2215
.   : milestone, 2160,
profiling (2.428 ms) : 2252, 2603
.   : milestone, 2428,
tracing (1.953 ms) : 1910, 1996
.   : milestone, 1953,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.475 ms [1.464 ms, 1.487 ms] -
appsec 2.369 ms [2.325 ms, 2.412 ms] 893.679 µs (60.6%)
iast 2.112 ms [2.057 ms, 2.167 ms] 636.793 µs (43.2%)
iast_GLOBAL 2.156 ms [2.101 ms, 2.212 ms] 681.418 µs (46.2%)
profiling 1.974 ms [1.93 ms, 2.017 ms] 498.799 µs (33.8%)
tracing 1.945 ms [1.903 ms, 1.988 ms] 470.056 µs (31.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.47 ms [1.459 ms, 1.482 ms] -
appsec 2.367 ms [2.324 ms, 2.411 ms] 897.103 µs (61.0%)
iast 2.121 ms [2.066 ms, 2.177 ms] 651.092 µs (44.3%)
iast_GLOBAL 2.16 ms [2.104 ms, 2.215 ms] 689.385 µs (46.9%)
profiling 2.428 ms [2.252 ms, 2.603 ms] 957.251 µs (65.1%)
tracing 1.953 ms [1.91 ms, 1.996 ms] 482.568 µs (32.8%)

PerfectSlayer
PerfectSlayer reviewed Feb 7, 2025
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @harmonherring-pro 👋

What's the end goal here? (I quickly had a a look at the link JIRA card)
In a sense of there is a huge amount of dependencies that are not related to what is shipped to customers and you would need to build some logic related to filtering the instrumentation dependencies for example.
Otherwise, we will end up with a lot of false positives.

@harmonherring-pro
Copy link
Author

Hey @harmonherring-pro 👋

What's the end goal here? (I quickly had a a look at the link JIRA card) In a sense of there is a huge amount of dependencies that are not related to what is shipped to customers and you would need to build some logic related to filtering the instrumentation dependencies for example. Otherwise, we will end up with a lot of false positives.

@PerfectSlayer the end goal is to include the dd-trace-java dependencies in our malicious/vulnerable dependency monitoring program

I see the concern about including dependencies that aren't related to what's shipped to customers. The gradle dependency submission action provides a way to scope the projects and configurations that are included in the dependency graph. Any chance you know which projects/configurations should be included or excluded? I'm happy to add to the current regex to filter out instrumentation dependencies

@PerfectSlayer
Copy link
Contributor

PerfectSlayer commented Feb 7, 2025
edited by bm1549
Loading

Any chance you know which projects/configurations should be included or excluded?

I guess we could build something but that is not trivial and would need manual maintenance.
That's discussions we already had in the past, that's why we don't have it implemented yet.

Have run it on your side first to check what's reported is accurate?
If it needs time / help from the platform team, it would go to our backlog I guess.

ygree
ygree requested changes Feb 28, 2025
View reviewed changes
Copy link
Contributor

@ygree ygree left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The proposed approach does not fit the tracer structure and will result in reporting dependencies that the tracer does not distribute.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 1, 2025

This pull request has been marked as stale because it has not had activity over the past quarter. It will be closed in 7 days if no further activity occurs. Feel free to reopen the PR if you are still working on it.

@github-actions github-actions bot added the tag: stale Stale pull requests label Jun 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer left review comments

@ygree ygree ygree requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
comp: tooling Build & Tooling tag: stale Stale pull requests type: enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@harmonherring-pro @PerfectSlayer @ygree