DataDog
Testing optout iast into appsec
What does this PR do?
Motivation
Plugin Checklist
- [ ] Unit tests.
- [ ] TypeScript definitions.
- [ ] TypeScript tests.
- [ ] API documentation.
- [ ] CircleCI jobs/workflows.
- [ ] Plugin is exported.
Additional Notes
Security
Datadog employees:
- [ ] If this PR touches code that signs or publishes builds or packages, or handles credentials of any kind, I've requested a review from
@DataDog/security-design-and-guidance. - [ ] This PR doesn't touch any of that.
Unsure? Have a question? Request a review!
Overall package size
Self size: 6.24 MB Deduped: 61.19 MB No deduping: 61.95 MB
Dependency sizes
| name | version | self size | total size |
|---|---|---|---|
| @datadog/native-iast-taint-tracking | 1.7.0 | 16.71 MB | 16.72 MB |
| @datadog/native-appsec | 7.1.0 | 14.37 MB | 14.38 MB |
| @datadog/pprof | 5.1.0 | 8.83 MB | 9.68 MB |
| protobufjs | 7.2.5 | 2.77 MB | 6.56 MB |
| @datadog/native-iast-rewriter | 2.3.0 | 2.15 MB | 2.24 MB |
| @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB |
| @datadog/native-metrics | 2.0.0 | 898.77 kB | 1.3 MB |
| @opentelemetry/api | 1.4.1 | 780.32 kB | 780.32 kB |
| import-in-the-middle | 1.7.3 | 67.62 kB | 731.01 kB |
| pprof-format | 2.0.7 | 588.12 kB | 588.12 kB |
| msgpack-lite | 0.1.26 | 201.16 kB | 281.59 kB |
| opentracing | 0.14.7 | 194.81 kB | 194.81 kB |
| semver | 7.5.4 | 93.4 kB | 123.8 kB |
| @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB |
| lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB |
| lru-cache | 7.14.0 | 74.95 kB | 74.95 kB |
| ipaddr.js | 2.1.0 | 60.23 kB | 60.23 kB |
| ignore | 5.2.4 | 51.22 kB | 51.22 kB |
| int64-buffer | 0.1.10 | 49.18 kB | 49.18 kB |
| shell-quote | 1.8.1 | 44.96 kB | 44.96 kB |
| istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB |
| tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB |
| limiter | 1.1.5 | 23.17 kB | 23.17 kB |
| dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB |
| retry | 0.13.1 | 18.85 kB | 18.85 kB |
| node-abort-controller | 3.1.1 | 16.89 kB | 16.89 kB |
| jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB |
| crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB |
| path-to-regexp | 0.1.7 | 6.78 kB | 6.78 kB |
| koalas | 1.0.2 | 6.47 kB | 6.47 kB |
| methods | 1.1.2 | 5.29 kB | 5.29 kB |
| module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |
🤖 This report was automatically generated by heaviest-objects-in-the-universe
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 78.05%. Comparing base (
a60bd24) to head (c2534d9). Report is 1112 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #4166 +/- ##
==========================================
- Coverage 85.06% 78.05% -7.02%
==========================================
Files 247 249 +2
Lines 10950 11011 +61
Branches 33 33
==========================================
- Hits 9315 8595 -720
- Misses 1635 2416 +781
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
- :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Benchmarks
Benchmark execution time: 2024-03-20 12:34:41
Comparing candidate commit c2534d9c5feb14d5a04a9deb6993822d3c032ae4 in PR branch ugaitz/iast-opt-out-in-appsec with baseline commit a60bd2475b9e9abb7a7be2c4b3732eeaa3634104 in branch master.
Found 1 performance improvements and 4 performance regressions! Performance is the same for 255 metrics, 6 unstable metrics.
scenario:appsec-appsec-enabled-18
- 🟥
cpu_user_time[+30.219ms; +39.398ms] or [+6.744%; +8.793%] - 🟥
instructions[+80.7M instructions; +81.9M instructions] or [+6.794%; +6.897%]
scenario:appsec-appsec-enabled-with-attacks-18
- 🟥
cpu_user_time[+31.442ms; +40.611ms] or [+6.544%; +8.452%] - 🟥
instructions[+79.2M instructions; +80.3M instructions] or [+6.201%; +6.287%]
scenario:plugin-graphql-with-depth-off-18
- 🟩
max_rss_usage[-125.972MB; -122.904MB] or [-13.094%; -12.775%]
![pr-commenter[bot] avatar](https://avatars.githubusercontent.com/u/365230?v=4 "Published by a pub.dev verified publisher"){kind=small}
This seems rather outdated. @uurien is this something you would still like to work on? I would otherwise go ahead and close this.
