-
Notifications
You must be signed in to change notification settings - Fork 279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exclude oracle.j2ee from vulnerability locations #6888
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
manuel-alvarez-alvarez
approved these changes
Apr 4, 2024
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics. Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.088 s) : 0, 1087519
Total [baseline] (10.441 s) : 0, 10441109
Agent [candidate] (1.077 s) : 0, 1076614
Total [candidate] (10.352 s) : 0, 10351679
section appsec
Agent [baseline] (1.199 s) : 0, 1198685
Total [baseline] (10.516 s) : 0, 10515855
Agent [candidate] (1.195 s) : 0, 1195441
Total [candidate] (10.448 s) : 0, 10447848
section iast
Agent [baseline] (1.201 s) : 0, 1200646
Total [baseline] (10.752 s) : 0, 10751772
Agent [candidate] (1.2 s) : 0, 1200226
Total [candidate] (10.842 s) : 0, 10842127
section profiling
Agent [baseline] (1.27 s) : 0, 1270031
Total [baseline] (10.606 s) : 0, 10605776
Agent [candidate] (1.276 s) : 0, 1276295
Total [candidate] (10.643 s) : 0, 10643386
gantt
title petclinic - break down per module: candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (681.758 ms) : 0, 681758
BytebuddyAgent [candidate] (674.043 ms) : 0, 674043
GlobalTracer [baseline] (312.465 ms) : 0, 312465
GlobalTracer [candidate] (310.44 ms) : 0, 310440
AppSec [baseline] (50.035 ms) : 0, 50035
AppSec [candidate] (49.48 ms) : 0, 49480
Remote Config [baseline] (668.093 µs) : 0, 668
Remote Config [candidate] (660.866 µs) : 0, 661
Telemetry [baseline] (7.711 ms) : 0, 7711
Telemetry [candidate] (7.651 ms) : 0, 7651
section appsec
BytebuddyAgent [baseline] (695.946 ms) : 0, 695946
BytebuddyAgent [candidate] (694.258 ms) : 0, 694258
GlobalTracer [baseline] (291.574 ms) : 0, 291574
GlobalTracer [candidate] (291.369 ms) : 0, 291369
AppSec [baseline] (149.81 ms) : 0, 149810
AppSec [candidate] (149.331 ms) : 0, 149331
IAST [baseline] (18.877 ms) : 0, 18877
IAST [candidate] (18.759 ms) : 0, 18759
Remote Config [baseline] (610.304 µs) : 0, 610
Remote Config [candidate] (609.107 µs) : 0, 609
Telemetry [baseline] (7.429 ms) : 0, 7429
Telemetry [candidate] (6.794 ms) : 0, 6794
section iast
BytebuddyAgent [baseline] (796.647 ms) : 0, 796647
BytebuddyAgent [candidate] (794.669 ms) : 0, 794669
GlobalTracer [baseline] (287.386 ms) : 0, 287386
GlobalTracer [candidate] (289.094 ms) : 0, 289094
AppSec [baseline] (48.723 ms) : 0, 48723
AppSec [candidate] (49.639 ms) : 0, 49639
IAST [baseline] (24.561 ms) : 0, 24561
IAST [candidate] (24.53 ms) : 0, 24530
Remote Config [baseline] (584.67 µs) : 0, 585
Remote Config [candidate] (588.724 µs) : 0, 589
Telemetry [baseline] (8.097 ms) : 0, 8097
Telemetry [candidate] (7.378 ms) : 0, 7378
section profiling
BytebuddyAgent [baseline] (679.746 ms) : 0, 679746
BytebuddyAgent [candidate] (681.551 ms) : 0, 681551
GlobalTracer [baseline] (380.169 ms) : 0, 380169
GlobalTracer [candidate] (382.656 ms) : 0, 382656
AppSec [baseline] (50.162 ms) : 0, 50162
AppSec [candidate] (50.388 ms) : 0, 50388
Remote Config [baseline] (722.168 µs) : 0, 722
Remote Config [candidate] (716.079 µs) : 0, 716
Telemetry [baseline] (7.436 ms) : 0, 7436
Telemetry [candidate] (7.571 ms) : 0, 7571
ProfilingAgent [baseline] (95.181 ms) : 0, 95181
ProfilingAgent [candidate] (96.943 ms) : 0, 96943
Profiling [baseline] (95.204 ms) : 0, 95204
Profiling [candidate] (96.967 ms) : 0, 96967
Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.074 s) : 0, 1073712
Total [baseline] (8.553 s) : 0, 8553101
Agent [candidate] (1.075 s) : 0, 1075114
Total [candidate] (8.556 s) : 0, 8556481
section iast
Agent [baseline] (1.2 s) : 0, 1200083
Total [baseline] (9.056 s) : 0, 9056334
Agent [candidate] (1.199 s) : 0, 1198849
Total [candidate] (8.993 s) : 0, 8993389
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.208 s) : 0, 1207810
Total [baseline] (9.021 s) : 0, 9021170
Agent [candidate] (1.197 s) : 0, 1197350
Total [candidate] (9.002 s) : 0, 9001747
section iast_TELEMETRY_OFF
Agent [baseline] (1.196 s) : 0, 1195794
Total [baseline] (9.032 s) : 0, 9031734
Agent [candidate] (1.205 s) : 0, 1204548
Total [candidate] (9.033 s) : 0, 9033324
gantt
title insecure-bank - break down per module: candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (672.713 ms) : 0, 672713
BytebuddyAgent [candidate] (673.103 ms) : 0, 673103
GlobalTracer [baseline] (308.802 ms) : 0, 308802
GlobalTracer [candidate] (309.77 ms) : 0, 309770
AppSec [baseline] (49.493 ms) : 0, 49493
AppSec [candidate] (49.631 ms) : 0, 49631
Remote Config [baseline] (668.525 µs) : 0, 669
Remote Config [candidate] (665.491 µs) : 0, 665
Telemetry [baseline] (7.63 ms) : 0, 7630
Telemetry [candidate] (7.636 ms) : 0, 7636
section iast
BytebuddyAgent [baseline] (794.367 ms) : 0, 794367
BytebuddyAgent [candidate] (794.266 ms) : 0, 794266
GlobalTracer [baseline] (289.597 ms) : 0, 289597
GlobalTracer [candidate] (288.498 ms) : 0, 288498
AppSec [baseline] (49.679 ms) : 0, 49679
AppSec [candidate] (49.985 ms) : 0, 49985
IAST [baseline] (23.959 ms) : 0, 23959
IAST [candidate] (22.914 ms) : 0, 22914
Remote Config [baseline] (586.63 µs) : 0, 587
Remote Config [candidate] (580.46 µs) : 0, 580
Telemetry [baseline] (7.525 ms) : 0, 7525
Telemetry [candidate] (8.149 ms) : 0, 8149
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (800.68 ms) : 0, 800680
BytebuddyAgent [candidate] (793.12 ms) : 0, 793120
GlobalTracer [baseline] (290.252 ms) : 0, 290252
GlobalTracer [candidate] (288.41 ms) : 0, 288410
AppSec [baseline] (50.337 ms) : 0, 50337
AppSec [candidate] (49.906 ms) : 0, 49906
IAST [baseline] (23.176 ms) : 0, 23176
IAST [candidate] (22.87 ms) : 0, 22870
Remote Config [baseline] (601.029 µs) : 0, 601
Remote Config [candidate] (596.921 µs) : 0, 597
Telemetry [baseline] (8.163 ms) : 0, 8163
Telemetry [candidate] (8.058 ms) : 0, 8058
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (792.01 ms) : 0, 792010
BytebuddyAgent [candidate] (797.423 ms) : 0, 797423
GlobalTracer [baseline] (288.061 ms) : 0, 288061
GlobalTracer [candidate] (290.392 ms) : 0, 290392
AppSec [baseline] (48.013 ms) : 0, 48013
AppSec [candidate] (49.19 ms) : 0, 49190
IAST [baseline] (25.409 ms) : 0, 25409
IAST [candidate] (25.02 ms) : 0, 25020
Remote Config [baseline] (574.932 µs) : 0, 575
Remote Config [candidate] (582.662 µs) : 0, 583
Telemetry [baseline] (7.296 ms) : 0, 7296
Telemetry [candidate] (7.325 ms) : 0, 7325
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section baseline
no_agent (1.345 ms) : 1326, 1365
. : milestone, 1345,
appsec (1.718 ms) : 1693, 1743
. : milestone, 1718,
appsec_no_iast (1.711 ms) : 1687, 1735
. : milestone, 1711,
iast (1.477 ms) : 1454, 1501
. : milestone, 1477,
profiling (1.542 ms) : 1517, 1567
. : milestone, 1542,
tracing (1.487 ms) : 1463, 1511
. : milestone, 1487,
section candidate
no_agent (1.339 ms) : 1319, 1358
. : milestone, 1339,
appsec (1.728 ms) : 1704, 1752
. : milestone, 1728,
appsec_no_iast (1.734 ms) : 1710, 1758
. : milestone, 1734,
iast (1.494 ms) : 1471, 1517
. : milestone, 1494,
profiling (1.507 ms) : 1483, 1531
. : milestone, 1507,
tracing (1.456 ms) : 1432, 1480
. : milestone, 1456,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.33.0-SNAPSHOT~3769a6bc10, baseline=1.33.0-SNAPSHOT~734e3c5998
dateFormat X
axisFormat %s
section baseline
no_agent (366.69 µs) : 347, 386
. : milestone, 367,
iast (476.177 µs) : 454, 498
. : milestone, 476,
iast_FULL (537.509 µs) : 516, 559
. : milestone, 538,
iast_GLOBAL (496.152 µs) : 475, 518
. : milestone, 496,
iast_HARDCODED_SECRET_DISABLED (473.651 µs) : 452, 495
. : milestone, 474,
iast_INACTIVE (442.675 µs) : 422, 463
. : milestone, 443,
iast_TELEMETRY_OFF (471.578 µs) : 451, 492
. : milestone, 472,
tracing (444.271 µs) : 424, 465
. : milestone, 444,
section candidate
no_agent (365.979 µs) : 346, 386
. : milestone, 366,
iast (476.939 µs) : 456, 498
. : milestone, 477,
iast_FULL (535.683 µs) : 514, 557
. : milestone, 536,
iast_GLOBAL (503.574 µs) : 482, 525
. : milestone, 504,
iast_HARDCODED_SECRET_DISABLED (473.253 µs) : 452, 494
. : milestone, 473,
iast_INACTIVE (444.084 µs) : 424, 464
. : milestone, 444,
iast_TELEMETRY_OFF (466.592 µs) : 446, 487
. : milestone, 467,
tracing (447.072 µs) : 426, 468
. : milestone, 447,
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
Exclude
oracle.j2ee.*
packages from being selected as vulnerability locations.Motivation
Additional Notes
Jira ticket: APPSEC-52409