dd-trace-java
dd-trace-java copied to clipboard
DataDog
Add Security Response ID
What Does This Do
This PR adds support for extracting and emitting a unique security_response_id (UUIDv4 format) in AppSec blocking responses, generated by libddwaf v17.3.0
Implementation flow:
-
Extraction (
WAFModule.java): When libddwaf triggers a blocking action, extract the security_response_id from actionInfo.parameters and pass it to RequestBlockingAction constructor -
Propagation (
Flow.java): Add securityResponseId field to RequestBlockingAction class with getter method and update all constructors (includingforRedirect()factory method) - Servlet Integration: Update all blocking helper implementations to pass securityResponseId through to template rendering
-
Template Rendering (
BlockingActionHelper.java): - Add blockId parameter togetTemplate()method - Replace{security_response_id}placeholder in HTML template - Addsecurity_response_idfield in JSON template - Append?security_response_id=<uuid>to redirect URLs
Result: Blocking responses now include the unique identifier in all response types (JSON, HTML, redirect), enabling customers to track and debug specific blocking events.
Motivation
Per RFC-1070, libddwaf v17.3.0 generates a UUIDv4 as security_response_id in action parameters to provide unique identifiers for each blocking event. This PR implements the required changes:
- Extract: Retrieve security_response_id from libddwaf action parameters in WAFModule.java
- Propagate: Add blockId field to Flow.Action.RequestBlockingAction and pass it through all servlet blocking helpers
- Emit:
- JSON responses: Include as "security_response_id": "
" field - HTML responses: Replace {security_response_id} placeholder with actual UUID
- Redirect responses: Append as URL query parameter ?security_response_id=
- JSON responses: Include as "security_response_id": "
This enables customers to uniquely identify and track specific blocking events for debugging and analysis.
Additional Notes
Contributor Checklist
- Format the title according the contribution guidelines
- Assign the
type:and (comp:orinst:) labels in addition to any useful labels - Don't use
close,fixor any linking keywords when referencing an issue.
Usesolvesinstead, and assign the PR milestone to the issue - Update the CODEOWNERS file on source file addition, move, or deletion
- Update the public documentation in case of new configuration flag or behavior
Jira ticket: [PROJ-IDENT]
Benchmarks
Startup
Parameters
| Baseline | Candidate | |
|---|---|---|
| baseline_or_candidate | baseline | candidate |
| git_branch | master | alejandro.gonzalez/security-response-id |
| git_commit_date | 1766134964 | 1766136430 |
| git_commit_sha | cce064ecfd | b9fe46cf4d |
| release_version | 1.58.0-SNAPSHOT~cce064ecfd | 1.58.0-SNAPSHOT~b9fe46cf4d |
See matching parameters
| Baseline | Candidate | |
|---|---|---|
| application | insecure-bank | insecure-bank |
| ci_job_date | 1766138244 | 1766138244 |
| ci_job_id | 1308816315 | 1308816315 |
| ci_pipeline_id | 87738495 | 87738495 |
| cpu_model | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz |
| kernel_version | Linux runner-zfyrx7zua-project-304-concurrent-0-gt33fzbn 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux | Linux runner-zfyrx7zua-project-304-concurrent-0-gt33fzbn 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux |
| module | Agent | Agent |
| parent | None | None |
Summary
Found 0 performance improvements and 0 performance regressions! Performance is the same for 56 metrics, 9 unstable metrics.
Startup time reports for insecure-bank
gantt
title insecure-bank - global startup overhead: candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.082 s) : 0, 1082438
Total [baseline] (8.741 s) : 0, 8741023
Agent [candidate] (1.1 s) : 0, 1099992
Total [candidate] (8.74 s) : 0, 8739597
section iast
Agent [baseline] (1.228 s) : 0, 1227642
Total [baseline] (9.35 s) : 0, 9350055
Agent [candidate] (1.222 s) : 0, 1221644
Total [candidate] (9.321 s) : 0, 9320561
- baseline results
| Module | Variant | Duration | Δ tracing |
|---|---|---|---|
| Agent | tracing | 1.082 s | - |
| Agent | iast | 1.228 s | 145.203 ms (13.4%) |
| Total | tracing | 8.741 s | - |
| Total | iast | 9.35 s | 609.031 ms (7.0%) |
- candidate results
| Module | Variant | Duration | Δ tracing |
|---|---|---|---|
| Agent | tracing | 1.1 s | - |
| Agent | iast | 1.222 s | 121.652 ms (11.1%) |
| Total | tracing | 8.74 s | - |
| Total | iast | 9.321 s | 580.964 ms (6.6%) |
gantt
title insecure-bank - break down per module: candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section tracing
crashtracking [baseline] (1.191 ms) : 0, 1191
crashtracking [candidate] (1.211 ms) : 0, 1211
BytebuddyAgent [baseline] (650.54 ms) : 0, 650540
BytebuddyAgent [candidate] (661.273 ms) : 0, 661273
GlobalTracer [baseline] (282.337 ms) : 0, 282337
GlobalTracer [candidate] (286.892 ms) : 0, 286892
AppSec [baseline] (32.289 ms) : 0, 32289
AppSec [candidate] (33.05 ms) : 0, 33050
Debugger [baseline] (67.055 ms) : 0, 67055
Debugger [candidate] (68.367 ms) : 0, 68367
Remote Config [baseline] (636.519 µs) : 0, 637
Remote Config [candidate] (603.746 µs) : 0, 604
Telemetry [baseline] (9.081 ms) : 0, 9081
Telemetry [candidate] (8.955 ms) : 0, 8955
Flare Poller [baseline] (3.766 ms) : 0, 3766
Flare Poller [candidate] (3.748 ms) : 0, 3748
section iast
crashtracking [baseline] (1.214 ms) : 0, 1214
crashtracking [candidate] (1.192 ms) : 0, 1192
BytebuddyAgent [baseline] (793.736 ms) : 0, 793736
BytebuddyAgent [candidate] (790.648 ms) : 0, 790648
GlobalTracer [baseline] (256.876 ms) : 0, 256876
GlobalTracer [candidate] (255.046 ms) : 0, 255046
IAST [baseline] (27.257 ms) : 0, 27257
IAST [candidate] (27.053 ms) : 0, 27053
AppSec [baseline] (33.707 ms) : 0, 33707
AppSec [candidate] (32.582 ms) : 0, 32582
Debugger [baseline] (66.666 ms) : 0, 66666
Debugger [candidate] (67.232 ms) : 0, 67232
Remote Config [baseline] (608.979 µs) : 0, 609
Remote Config [candidate] (584.858 µs) : 0, 585
Telemetry [baseline] (8.62 ms) : 0, 8620
Telemetry [candidate] (8.469 ms) : 0, 8469
Flare Poller [baseline] (3.574 ms) : 0, 3574
Flare Poller [candidate] (3.524 ms) : 0, 3524
Startup time reports for petclinic
gantt
title petclinic - global startup overhead: candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.096 s) : 0, 1095537
Total [baseline] (10.866 s) : 0, 10866046
Agent [candidate] (1.084 s) : 0, 1084429
Total [candidate] (10.847 s) : 0, 10846775
section appsec
Agent [baseline] (1.271 s) : 0, 1271376
Total [baseline] (10.963 s) : 0, 10963111
Agent [candidate] (1.268 s) : 0, 1267752
Total [candidate] (10.902 s) : 0, 10902311
section iast
Agent [baseline] (1.232 s) : 0, 1231920
Total [baseline] (11.23 s) : 0, 11230156
Agent [candidate] (1.243 s) : 0, 1242922
Total [candidate] (11.286 s) : 0, 11286047
section profiling
Agent [baseline] (1.206 s) : 0, 1206143
Total [baseline] (10.894 s) : 0, 10894395
Agent [candidate] (1.214 s) : 0, 1213673
Total [candidate] (11.001 s) : 0, 11000626
- baseline results
| Module | Variant | Duration | Δ tracing |
|---|---|---|---|
| Agent | tracing | 1.096 s | - |
| Agent | appsec | 1.271 s | 175.839 ms (16.1%) |
| Agent | iast | 1.232 s | 136.383 ms (12.4%) |
| Agent | profiling | 1.206 s | 110.606 ms (10.1%) |
| Total | tracing | 10.866 s | - |
| Total | appsec | 10.963 s | 97.064 ms (0.9%) |
| Total | iast | 11.23 s | 364.11 ms (3.4%) |
| Total | profiling | 10.894 s | 28.348 ms (0.3%) |
- candidate results
| Module | Variant | Duration | Δ tracing |
|---|---|---|---|
| Agent | tracing | 1.084 s | - |
| Agent | appsec | 1.268 s | 183.323 ms (16.9%) |
| Agent | iast | 1.243 s | 158.493 ms (14.6%) |
| Agent | profiling | 1.214 s | 129.244 ms (11.9%) |
| Total | tracing | 10.847 s | - |
| Total | appsec | 10.902 s | 55.536 ms (0.5%) |
| Total | iast | 11.286 s | 439.271 ms (4.0%) |
| Total | profiling | 11.001 s | 153.851 ms (1.4%) |
gantt
title petclinic - break down per module: candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section tracing
crashtracking [baseline] (1.211 ms) : 0, 1211
crashtracking [candidate] (1.175 ms) : 0, 1175
BytebuddyAgent [baseline] (658.224 ms) : 0, 658224
BytebuddyAgent [candidate] (650.781 ms) : 0, 650781
GlobalTracer [baseline] (285.659 ms) : 0, 285659
GlobalTracer [candidate] (283.391 ms) : 0, 283391
AppSec [baseline] (32.814 ms) : 0, 32814
AppSec [candidate] (32.293 ms) : 0, 32293
Debugger [baseline] (68.314 ms) : 0, 68314
Debugger [candidate] (68.065 ms) : 0, 68065
Remote Config [baseline] (616.882 µs) : 0, 617
Remote Config [candidate] (604.442 µs) : 0, 604
Telemetry [baseline] (9.186 ms) : 0, 9186
Telemetry [candidate] (9.042 ms) : 0, 9042
Flare Poller [baseline] (3.725 ms) : 0, 3725
Flare Poller [candidate] (3.692 ms) : 0, 3692
section appsec
crashtracking [baseline] (1.195 ms) : 0, 1195
crashtracking [candidate] (1.176 ms) : 0, 1176
BytebuddyAgent [baseline] (693.869 ms) : 0, 693869
BytebuddyAgent [candidate] (692.604 ms) : 0, 692604
GlobalTracer [baseline] (259.892 ms) : 0, 259892
GlobalTracer [candidate] (259.183 ms) : 0, 259183
IAST [baseline] (24.765 ms) : 0, 24765
IAST [candidate] (24.652 ms) : 0, 24652
AppSec [baseline] (173.93 ms) : 0, 173930
AppSec [candidate] (173.024 ms) : 0, 173024
Debugger [baseline] (68.545 ms) : 0, 68545
Debugger [candidate] (67.947 ms) : 0, 67947
Remote Config [baseline] (736.919 µs) : 0, 737
Remote Config [candidate] (724.617 µs) : 0, 725
Telemetry [baseline] (8.991 ms) : 0, 8991
Telemetry [candidate] (8.916 ms) : 0, 8916
Flare Poller [baseline] (3.756 ms) : 0, 3756
Flare Poller [candidate] (3.941 ms) : 0, 3941
section iast
crashtracking [baseline] (1.194 ms) : 0, 1194
crashtracking [candidate] (1.199 ms) : 0, 1199
BytebuddyAgent [baseline] (797.3 ms) : 0, 797300
BytebuddyAgent [candidate] (804.582 ms) : 0, 804582
GlobalTracer [baseline] (257.375 ms) : 0, 257375
GlobalTracer [candidate] (259.269 ms) : 0, 259269
IAST [baseline] (27.29 ms) : 0, 27290
IAST [candidate] (27.559 ms) : 0, 27559
AppSec [baseline] (35.511 ms) : 0, 35511
AppSec [candidate] (32.566 ms) : 0, 32566
Debugger [baseline] (65.022 ms) : 0, 65022
Debugger [candidate] (69.328 ms) : 0, 69328
Remote Config [baseline] (578.982 µs) : 0, 579
Remote Config [candidate] (601.981 µs) : 0, 602
Telemetry [baseline] (8.54 ms) : 0, 8540
Telemetry [candidate] (8.618 ms) : 0, 8618
Flare Poller [baseline] (3.602 ms) : 0, 3602
Flare Poller [candidate] (3.543 ms) : 0, 3543
section profiling
crashtracking [baseline] (1.216 ms) : 0, 1216
crashtracking [candidate] (1.245 ms) : 0, 1245
BytebuddyAgent [baseline] (703.397 ms) : 0, 703397
BytebuddyAgent [candidate] (707.876 ms) : 0, 707876
GlobalTracer [baseline] (220.994 ms) : 0, 220994
GlobalTracer [candidate] (222.338 ms) : 0, 222338
AppSec [baseline] (32.115 ms) : 0, 32115
AppSec [candidate] (32.367 ms) : 0, 32367
Debugger [baseline] (68.158 ms) : 0, 68158
Debugger [candidate] (68.974 ms) : 0, 68974
Remote Config [baseline] (671.091 µs) : 0, 671
Remote Config [candidate] (673.732 µs) : 0, 674
Telemetry [baseline] (8.879 ms) : 0, 8879
Telemetry [candidate] (8.735 ms) : 0, 8735
Flare Poller [baseline] (3.753 ms) : 0, 3753
Flare Poller [candidate] (3.748 ms) : 0, 3748
ProfilingAgent [baseline] (97.174 ms) : 0, 97174
ProfilingAgent [candidate] (97.567 ms) : 0, 97567
Profiling [baseline] (97.753 ms) : 0, 97753
Profiling [candidate] (98.141 ms) : 0, 98141
Load
Parameters
| Baseline | Candidate | |
|---|---|---|
| baseline_or_candidate | baseline | candidate |
| git_branch | master | alejandro.gonzalez/security-response-id |
| git_commit_date | 1766134964 | 1766136430 |
| git_commit_sha | cce064ecfd | b9fe46cf4d |
| release_version | 1.58.0-SNAPSHOT~cce064ecfd | 1.58.0-SNAPSHOT~b9fe46cf4d |
See matching parameters
| Baseline | Candidate | |
|---|---|---|
| application | insecure-bank | insecure-bank |
| ci_job_date | 1766138739 | 1766138739 |
| ci_job_id | 1308816317 | 1308816317 |
| ci_pipeline_id | 87738495 | 87738495 |
| cpu_model | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz |
| kernel_version | Linux runner-zfyrx7zua-project-304-concurrent-0-r9y3qkre 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux | Linux runner-zfyrx7zua-project-304-concurrent-0-r9y3qkre 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux |
Summary
Found 6 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 16 unstable metrics.
| scenario | Δ mean agg_http_req_duration_p50 | Δ mean agg_http_req_duration_p95 | Δ mean throughput | candidate mean agg_http_req_duration_p50 | candidate mean agg_http_req_duration_p95 | candidate mean throughput | baseline mean agg_http_req_duration_p50 | baseline mean agg_http_req_duration_p95 | baseline mean throughput |
|---|---|---|---|---|---|---|---|---|---|
| scenario:load:insecure-bank:iast_GLOBAL:high_load | better [-441.358µs; -162.966µs] or [-14.870%; -5.491%] |
unstable [-1268.312µs; -295.581µs] or [-15.321%; -3.571%] |
unstable [-118.132op/s; +185.319op/s] or [-9.565%; +15.005%] |
2.666ms | 7.496ms | 1268.656op/s | 2.968ms | 8.278ms | 1235.062op/s |
| scenario:load:insecure-bank:iast:high_load | better [-151.928µs; -79.458µs] or [-5.960%; -3.117%] |
same [-366.151µs; +29.208µs] or [-4.961%; +0.396%] |
unstable [-89.919op/s; +187.044op/s] or [-6.394%; +13.300%] |
2.434ms | 7.213ms | 1454.906op/s | 2.549ms | 7.381ms | 1406.344op/s |
| scenario:load:insecure-bank:iast_FULL:high_load | better [-740.454µs; -422.848µs] or [-13.497%; -7.708%] |
better [-1.705ms; -0.971ms] or [-13.071%; -7.447%] |
unstable [+4.539op/s; +154.086op/s] or [+0.601%; +20.417%] |
4.904ms | 11.705ms | 834.000op/s | 5.486ms | 13.044ms | 754.688op/s |
| scenario:load:petclinic:profiling:high_load | better [-1447.800µs; -403.868µs] or [-7.480%; -2.087%] |
unsure [-1757.801µs; -61.690µs] or [-5.666%; -0.199%] |
unstable [-16.534op/s; +35.221op/s] or [-6.933%; +14.770%] |
18.430ms | 30.112ms | 247.812op/s | 19.356ms | 31.022ms | 238.469op/s |
| scenario:load:petclinic:no_agent:high_load | better [-1.916ms; -0.699ms] or [-10.275%; -3.746%] |
unsure [-2.706ms; -0.285ms] or [-8.791%; -0.925%] |
unstable [-10.832op/s; +44.270op/s] or [-4.434%; +18.120%] |
17.338ms | 29.289ms | 261.031op/s | 18.646ms | 30.784ms | 244.312op/s |
Request duration reports for insecure-bank
gantt
title insecure-bank - request duration [CI 0.99] : candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section baseline
no_agent (1.179 ms) : 1167, 1191
. : milestone, 1179,
iast (3.253 ms) : 3215, 3291
. : milestone, 3253,
iast_FULL (6.128 ms) : 6065, 6191
. : milestone, 6128,
iast_GLOBAL (3.713 ms) : 3665, 3760
. : milestone, 3713,
profiling (2.001 ms) : 1983, 2019
. : milestone, 2001,
tracing (1.813 ms) : 1797, 1830
. : milestone, 1813,
section candidate
no_agent (1.2 ms) : 1187, 1212
. : milestone, 1200,
iast (3.145 ms) : 3103, 3187
. : milestone, 3145,
iast_FULL (5.541 ms) : 5488, 5594
. : milestone, 5541,
iast_GLOBAL (3.48 ms) : 3428, 3531
. : milestone, 3480,
profiling (2.054 ms) : 2034, 2074
. : milestone, 2054,
tracing (1.811 ms) : 1795, 1827
. : milestone, 1811,
- baseline results
| Variant | Request duration [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 1.179 ms [1.167 ms, 1.191 ms] | - |
| iast | 3.253 ms [3.215 ms, 3.291 ms] | 2.074 ms (175.9%) |
| iast_FULL | 6.128 ms [6.065 ms, 6.191 ms] | 4.949 ms (419.8%) |
| iast_GLOBAL | 3.713 ms [3.665 ms, 3.76 ms] | 2.534 ms (214.9%) |
| profiling | 2.001 ms [1.983 ms, 2.019 ms] | 821.994 µs (69.7%) |
| tracing | 1.813 ms [1.797 ms, 1.83 ms] | 634.345 µs (53.8%) |
- candidate results
| Variant | Request duration [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 1.2 ms [1.187 ms, 1.212 ms] | - |
| iast | 3.145 ms [3.103 ms, 3.187 ms] | 1.945 ms (162.1%) |
| iast_FULL | 5.541 ms [5.488 ms, 5.594 ms] | 4.341 ms (361.9%) |
| iast_GLOBAL | 3.48 ms [3.428 ms, 3.531 ms] | 2.28 ms (190.0%) |
| profiling | 2.054 ms [2.034 ms, 2.074 ms] | 854.02 µs (71.2%) |
| tracing | 1.811 ms [1.795 ms, 1.827 ms] | 611.642 µs (51.0%) |
Request duration reports for petclinic
gantt
title petclinic - request duration [CI 0.99] : candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section baseline
no_agent (19.101 ms) : 18908, 19295
. : milestone, 19101,
appsec (18.641 ms) : 18454, 18827
. : milestone, 18641,
code_origins (17.631 ms) : 17458, 17803
. : milestone, 17631,
iast (17.783 ms) : 17601, 17964
. : milestone, 17783,
profiling (19.578 ms) : 19380, 19777
. : milestone, 19578,
tracing (17.894 ms) : 17714, 18074
. : milestone, 17894,
section candidate
no_agent (17.873 ms) : 17693, 18053
. : milestone, 17873,
appsec (18.698 ms) : 18508, 18887
. : milestone, 18698,
code_origins (17.899 ms) : 17720, 18079
. : milestone, 17899,
iast (17.761 ms) : 17582, 17939
. : milestone, 17761,
profiling (18.833 ms) : 18644, 19023
. : milestone, 18833,
tracing (17.806 ms) : 17630, 17982
. : milestone, 17806,
- baseline results
| Variant | Request duration [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 19.101 ms [18.908 ms, 19.295 ms] | - |
| appsec | 18.641 ms [18.454 ms, 18.827 ms] | -460.671 µs (-2.4%) |
| code_origins | 17.631 ms [17.458 ms, 17.803 ms] | -1.471 ms (-7.7%) |
| iast | 17.783 ms [17.601 ms, 17.964 ms] | -1.319 ms (-6.9%) |
| profiling | 19.578 ms [19.38 ms, 19.777 ms] | 477.016 µs (2.5%) |
| tracing | 17.894 ms [17.714 ms, 18.074 ms] | -1.207 ms (-6.3%) |
- candidate results
| Variant | Request duration [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 17.873 ms [17.693 ms, 18.053 ms] | - |
| appsec | 18.698 ms [18.508 ms, 18.887 ms] | 824.524 µs (4.6%) |
| code_origins | 17.899 ms [17.72 ms, 18.079 ms] | 26.446 µs (0.1%) |
| iast | 17.761 ms [17.582 ms, 17.939 ms] | -112.392 µs (-0.6%) |
| profiling | 18.833 ms [18.644 ms, 19.023 ms] | 960.367 µs (5.4%) |
| tracing | 17.806 ms [17.63 ms, 17.982 ms] | -67.507 µs (-0.4%) |
Dacapo
Parameters
| Baseline | Candidate | |
|---|---|---|
| baseline_or_candidate | baseline | candidate |
| git_branch | master | alejandro.gonzalez/security-response-id |
| git_commit_date | 1766134964 | 1766136430 |
| git_commit_sha | cce064ecfd | b9fe46cf4d |
| release_version | 1.58.0-SNAPSHOT~cce064ecfd | 1.58.0-SNAPSHOT~b9fe46cf4d |
See matching parameters
| Baseline | Candidate | |
|---|---|---|
| application | biojava | biojava |
| ci_job_date | 1766138476 | 1766138476 |
| ci_job_id | 1308816318 | 1308816318 |
| ci_pipeline_id | 87738495 | 87738495 |
| cpu_model | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz | Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz |
| kernel_version | Linux runner-zfyrx7zua-project-304-concurrent-1-dfeuxejh 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux | Linux runner-zfyrx7zua-project-304-concurrent-1-dfeuxejh 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux |
Summary
Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.
| scenario | Δ mean execution_time | candidate mean execution_time | baseline mean execution_time |
|---|---|---|---|
| scenario:dacapo:tomcat:appsec | better [-1.399ms; -1.056ms] or [-37.897%; -28.585%] |
2.465ms | 3.693ms |
Execution time for biojava
gantt
title biojava - execution time [CI 0.99] : candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section baseline
no_agent (15.039 s) : 15039000, 15039000
. : milestone, 15039000,
appsec (14.652 s) : 14652000, 14652000
. : milestone, 14652000,
iast (18.194 s) : 18194000, 18194000
. : milestone, 18194000,
iast_GLOBAL (17.883 s) : 17883000, 17883000
. : milestone, 17883000,
profiling (14.502 s) : 14502000, 14502000
. : milestone, 14502000,
tracing (14.867 s) : 14867000, 14867000
. : milestone, 14867000,
section candidate
no_agent (15.059 s) : 15059000, 15059000
. : milestone, 15059000,
appsec (14.587 s) : 14587000, 14587000
. : milestone, 14587000,
iast (18.064 s) : 18064000, 18064000
. : milestone, 18064000,
iast_GLOBAL (18.014 s) : 18014000, 18014000
. : milestone, 18014000,
profiling (14.823 s) : 14823000, 14823000
. : milestone, 14823000,
tracing (14.504 s) : 14504000, 14504000
. : milestone, 14504000,
- baseline results
| Variant | Execution Time [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 15.039 s [15.039 s, 15.039 s] | - |
| appsec | 14.652 s [14.652 s, 14.652 s] | -387.0 ms (-2.6%) |
| iast | 18.194 s [18.194 s, 18.194 s] | 3.155 s (21.0%) |
| iast_GLOBAL | 17.883 s [17.883 s, 17.883 s] | 2.844 s (18.9%) |
| profiling | 14.502 s [14.502 s, 14.502 s] | -537.0 ms (-3.6%) |
| tracing | 14.867 s [14.867 s, 14.867 s] | -172.0 ms (-1.1%) |
- candidate results
| Variant | Execution Time [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 15.059 s [15.059 s, 15.059 s] | - |
| appsec | 14.587 s [14.587 s, 14.587 s] | -472.0 ms (-3.1%) |
| iast | 18.064 s [18.064 s, 18.064 s] | 3.005 s (20.0%) |
| iast_GLOBAL | 18.014 s [18.014 s, 18.014 s] | 2.955 s (19.6%) |
| profiling | 14.823 s [14.823 s, 14.823 s] | -236.0 ms (-1.6%) |
| tracing | 14.504 s [14.504 s, 14.504 s] | -555.0 ms (-3.7%) |
Execution time for tomcat
gantt
title tomcat - execution time [CI 0.99] : candidate=1.58.0-SNAPSHOT~b9fe46cf4d, baseline=1.58.0-SNAPSHOT~cce064ecfd
dateFormat X
axisFormat %s
section baseline
no_agent (1.475 ms) : 1463, 1486
. : milestone, 1475,
appsec (3.693 ms) : 3473, 3913
. : milestone, 3693,
iast (2.209 ms) : 2144, 2273
. : milestone, 2209,
iast_GLOBAL (2.261 ms) : 2196, 2326
. : milestone, 2261,
profiling (2.048 ms) : 1996, 2101
. : milestone, 2048,
tracing (2.048 ms) : 1997, 2100
. : milestone, 2048,
section candidate
no_agent (1.473 ms) : 1462, 1485
. : milestone, 1473,
appsec (2.465 ms) : 2413, 2518
. : milestone, 2465,
iast (2.209 ms) : 2144, 2273
. : milestone, 2209,
iast_GLOBAL (2.255 ms) : 2189, 2320
. : milestone, 2255,
profiling (2.067 ms) : 2015, 2120
. : milestone, 2067,
tracing (2.039 ms) : 1988, 2090
. : milestone, 2039,
- baseline results
| Variant | Execution Time [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 1.475 ms [1.463 ms, 1.486 ms] | - |
| appsec | 3.693 ms [3.473 ms, 3.913 ms] | 2.218 ms (150.4%) |
| iast | 2.209 ms [2.144 ms, 2.273 ms] | 734.215 µs (49.8%) |
| iast_GLOBAL | 2.261 ms [2.196 ms, 2.326 ms] | 786.154 µs (53.3%) |
| profiling | 2.048 ms [1.996 ms, 2.101 ms] | 573.7 µs (38.9%) |
| tracing | 2.048 ms [1.997 ms, 2.1 ms] | 573.731 µs (38.9%) |
- candidate results
| Variant | Execution Time [CI 0.99] | Δ no_agent |
|---|---|---|
| no_agent | 1.473 ms [1.462 ms, 1.485 ms] | - |
| appsec | 2.465 ms [2.413 ms, 2.518 ms] | 992.197 µs (67.4%) |
| iast | 2.209 ms [2.144 ms, 2.273 ms] | 735.612 µs (49.9%) |
| iast_GLOBAL | 2.255 ms [2.189 ms, 2.32 ms] | 781.515 µs (53.1%) |
| profiling | 2.067 ms [2.015 ms, 2.12 ms] | 594.18 µs (40.3%) |
| tracing | 2.039 ms [1.988 ms, 2.09 ms] | 566.2 µs (38.4%) |
![pr-commenter[bot] avatar](https://avatars.githubusercontent.com/u/365230?v=4 "Published by a pub.dev verified publisher"){kind=small}