Collect and report RASP events (+Stack traces)

[ValentinZakharov]

What Does This Do

Implemented reporting RASP events and Stack traces.

• Implemented Stack trace generation when WAF returns generate_stack action type
• Implemented Reporting Stack traces for exploits (for IAST vulnerabilities and APM exceptions will be implemented later)
• Extended rule_match structure to report detected exploits (added support for resources, params and db_types)
• Added ObjectFlattener for accurate serialisation of reported data

Motivation

This is part of Exploit prevention initiative (RASP)

Additional Notes

Jira ticket: APPSEC-46818

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	vzakharov/rasp_stack_trace
git_commit_date	1718365351	1718365389
git_commit_sha	24d82a5	86be898
release_version	1.36.0-SNAPSHOT~24d82a55c1	1.36.0-SNAPSHOT~86be898629

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1718368261	1718368261
ci_job_id	543568365	543568365
ci_pipeline_id	36766668	36766668
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 17 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.069 s) : 0, 1069215
Total [baseline] (10.341 s) : 0, 10341000
Agent [candidate] (1.062 s) : 0, 1062417
Total [candidate] (10.378 s) : 0, 10378376
section appsec
Agent [baseline] (1.184 s) : 0, 1184282
Total [baseline] (10.424 s) : 0, 10423970
Agent [candidate] (1.182 s) : 0, 1181620
Total [candidate] (10.448 s) : 0, 10447626
section iast
Agent [baseline] (1.177 s) : 0, 1177035
Total [baseline] (10.693 s) : 0, 10693186
Agent [candidate] (1.177 s) : 0, 1177323
Total [candidate] (10.723 s) : 0, 10723340
section profiling
Agent [baseline] (1.272 s) : 0, 1272015
Total [baseline] (10.658 s) : 0, 10658233
Agent [candidate] (1.263 s) : 0, 1262617
Total [candidate] (10.702 s) : 0, 10702101

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.069 s	-
Agent	appsec	1.184 s	115.067 ms (10.8%)
Agent	iast	1.177 s	107.82 ms (10.1%)
Agent	profiling	1.272 s	202.8 ms (19.0%)
Total	tracing	10.341 s	-
Total	appsec	10.424 s	82.97 ms (0.8%)
Total	iast	10.693 s	352.186 ms (3.4%)
Total	profiling	10.658 s	317.233 ms (3.1%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.062 s	-
Agent	appsec	1.182 s	119.203 ms (11.2%)
Agent	iast	1.177 s	114.906 ms (10.8%)
Agent	profiling	1.263 s	200.2 ms (18.8%)
Total	tracing	10.378 s	-
Total	appsec	10.448 s	69.25 ms (0.7%)
Total	iast	10.723 s	344.965 ms (3.3%)
Total	profiling	10.702 s	323.726 ms (3.1%)

gantt
    title petclinic - break down per module: candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (670.581 ms) : 0, 670581
BytebuddyAgent [candidate] (665.265 ms) : 0, 665265
GlobalTracer [baseline] (305.03 ms) : 0, 305030
GlobalTracer [candidate] (303.9 ms) : 0, 303900
AppSec [baseline] (50.331 ms) : 0, 50331
AppSec [candidate] (50.349 ms) : 0, 50349
Logs Intake [baseline] (341.041 µs) : 0, 341
Logs Intake [candidate] (336.911 µs) : 0, 337
Remote Config [baseline] (687.798 µs) : 0, 688
Remote Config [candidate] (674.623 µs) : 0, 675
Telemetry [baseline] (7.627 ms) : 0, 7627
Telemetry [candidate] (7.57 ms) : 0, 7570
section appsec
BytebuddyAgent [baseline] (677.954 ms) : 0, 677954
BytebuddyAgent [candidate] (676.112 ms) : 0, 676112
GlobalTracer [baseline] (297.547 ms) : 0, 297547
GlobalTracer [candidate] (297.215 ms) : 0, 297215
AppSec [baseline] (153.815 ms) : 0, 153815
AppSec [candidate] (153.648 ms) : 0, 153648
Logs Intake [baseline] (332.861 µs) : 0, 333
Logs Intake [candidate] (318.659 µs) : 0, 319
Remote Config [baseline] (644.212 µs) : 0, 644
Remote Config [candidate] (643.736 µs) : 0, 644
Telemetry [baseline] (8.763 ms) : 0, 8763
Telemetry [candidate] (8.45 ms) : 0, 8450
IAST [baseline] (21.607 ms) : 0, 21607
IAST [candidate] (21.745 ms) : 0, 21745
section iast
BytebuddyAgent [baseline] (785.214 ms) : 0, 785214
BytebuddyAgent [candidate] (785.85 ms) : 0, 785850
GlobalTracer [baseline] (294.952 ms) : 0, 294952
GlobalTracer [candidate] (295.531 ms) : 0, 295531
AppSec [baseline] (47.189 ms) : 0, 47189
AppSec [candidate] (47.43 ms) : 0, 47430
Logs Intake [baseline] (306.806 µs) : 0, 307
Logs Intake [candidate] (309.212 µs) : 0, 309
Remote Config [baseline] (593.835 µs) : 0, 594
Remote Config [candidate] (2.1 ms) : 0, 2100
Telemetry [baseline] (9.263 ms) : 0, 9263
Telemetry [candidate] (7.042 ms) : 0, 7042
IAST [baseline] (26.139 ms) : 0, 26139
IAST [candidate] (25.702 ms) : 0, 25702
section profiling
ProfilingAgent [baseline] (97.839 ms) : 0, 97839
ProfilingAgent [candidate] (95.863 ms) : 0, 95863
BytebuddyAgent [baseline] (667.87 ms) : 0, 667870
BytebuddyAgent [candidate] (663.516 ms) : 0, 663516
GlobalTracer [baseline] (388.445 ms) : 0, 388445
GlobalTracer [candidate] (386.323 ms) : 0, 386323
AppSec [baseline] (51.9 ms) : 0, 51900
AppSec [candidate] (51.408 ms) : 0, 51408
Logs Intake [baseline] (344.255 µs) : 0, 344
Logs Intake [candidate] (337.107 µs) : 0, 337
Remote Config [baseline] (693.927 µs) : 0, 694
Remote Config [candidate] (693.849 µs) : 0, 694
Telemetry [baseline] (7.43 ms) : 0, 7430
Telemetry [candidate] (7.407 ms) : 0, 7407
Profiling [baseline] (97.864 ms) : 0, 97864
Profiling [candidate] (95.888 ms) : 0, 95888

Loading

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.069 s) : 0, 1068999
Total [baseline] (8.565 s) : 0, 8565448
Agent [candidate] (1.06 s) : 0, 1059594
Total [candidate] (8.549 s) : 0, 8549499
section iast
Agent [baseline] (1.173 s) : 0, 1173219
Total [baseline] (8.999 s) : 0, 8998777
Agent [candidate] (1.175 s) : 0, 1175366
Total [candidate] (8.979 s) : 0, 8978959
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.178 s) : 0, 1178032
Total [baseline] (9.037 s) : 0, 9037274
Agent [candidate] (1.178 s) : 0, 1178082
Total [candidate] (8.972 s) : 0, 8972290
section iast_TELEMETRY_OFF
Agent [baseline] (1.166 s) : 0, 1165699
Total [baseline] (8.966 s) : 0, 8966100
Agent [candidate] (1.161 s) : 0, 1161149
Total [candidate] (8.998 s) : 0, 8998452

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.069 s	-
Agent	iast	1.173 s	104.22 ms (9.7%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.178 s	109.034 ms (10.2%)
Agent	iast_TELEMETRY_OFF	1.166 s	96.7 ms (9.0%)
Total	tracing	8.565 s	-
Total	iast	8.999 s	433.329 ms (5.1%)
Total	iast_HARDCODED_SECRET_DISABLED	9.037 s	471.826 ms (5.5%)
Total	iast_TELEMETRY_OFF	8.966 s	400.652 ms (4.7%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.06 s	-
Agent	iast	1.175 s	115.772 ms (10.9%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.178 s	118.488 ms (11.2%)
Agent	iast_TELEMETRY_OFF	1.161 s	101.555 ms (9.6%)
Total	tracing	8.549 s	-
Total	iast	8.979 s	429.46 ms (5.0%)
Total	iast_HARDCODED_SECRET_DISABLED	8.972 s	422.792 ms (4.9%)
Total	iast_TELEMETRY_OFF	8.998 s	448.953 ms (5.3%)

gantt
    title insecure-bank - break down per module: candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (670.174 ms) : 0, 670174
BytebuddyAgent [candidate] (663.942 ms) : 0, 663942
GlobalTracer [baseline] (305.349 ms) : 0, 305349
GlobalTracer [candidate] (302.56 ms) : 0, 302560
AppSec [baseline] (50.242 ms) : 0, 50242
AppSec [candidate] (50.143 ms) : 0, 50143
Logs Intake [baseline] (336.644 µs) : 0, 337
Logs Intake [candidate] (333.443 µs) : 0, 333
Remote Config [baseline] (673.273 µs) : 0, 673
Remote Config [candidate] (673.249 µs) : 0, 673
Telemetry [baseline] (7.569 ms) : 0, 7569
Telemetry [candidate] (7.545 ms) : 0, 7545
section iast
BytebuddyAgent [baseline] (783.836 ms) : 0, 783836
BytebuddyAgent [candidate] (784.156 ms) : 0, 784156
GlobalTracer [baseline] (293.218 ms) : 0, 293218
GlobalTracer [candidate] (294.885 ms) : 0, 294885
AppSec [baseline] (46.841 ms) : 0, 46841
AppSec [candidate] (47.624 ms) : 0, 47624
IAST [baseline] (26.508 ms) : 0, 26508
IAST [candidate] (26.708 ms) : 0, 26708
Logs Intake [baseline] (300.627 µs) : 0, 301
Logs Intake [candidate] (1.045 ms) : 0, 1045
Remote Config [baseline] (1.364 ms) : 0, 1364
Remote Config [candidate] (657.69 µs) : 0, 658
Telemetry [baseline] (7.754 ms) : 0, 7754
Telemetry [candidate] (6.891 ms) : 0, 6891
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (785.492 ms) : 0, 785492
BytebuddyAgent [candidate] (784.94 ms) : 0, 784940
GlobalTracer [baseline] (295.508 ms) : 0, 295508
GlobalTracer [candidate] (295.704 ms) : 0, 295704
AppSec [baseline] (47.229 ms) : 0, 47229
AppSec [candidate] (47.881 ms) : 0, 47881
IAST [baseline] (27.581 ms) : 0, 27581
IAST [candidate] (26.678 ms) : 0, 26678
Logs Intake [baseline] (311.593 µs) : 0, 312
Logs Intake [candidate] (305.576 µs) : 0, 306
Remote Config [baseline] (585.049 µs) : 0, 585
Remote Config [candidate] (605.778 µs) : 0, 606
Telemetry [baseline] (7.856 ms) : 0, 7856
Telemetry [candidate] (8.489 ms) : 0, 8489
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (777.177 ms) : 0, 777177
BytebuddyAgent [candidate] (773.791 ms) : 0, 773791
GlobalTracer [baseline] (293.634 ms) : 0, 293634
GlobalTracer [candidate] (292.708 ms) : 0, 292708
AppSec [baseline] (49.033 ms) : 0, 49033
AppSec [candidate] (49.227 ms) : 0, 49227
IAST [baseline] (23.957 ms) : 0, 23957
IAST [candidate] (23.55 ms) : 0, 23550
Logs Intake [baseline] (300.873 µs) : 0, 301
Logs Intake [candidate] (297.337 µs) : 0, 297
Remote Config [baseline] (582.533 µs) : 0, 583
Remote Config [candidate] (583.812 µs) : 0, 584
Telemetry [baseline] (7.688 ms) : 0, 7688
Telemetry [candidate] (7.638 ms) : 0, 7638

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2024-06-14T12:01:50	2024-06-14T12:08:39
git_branch	master	vzakharov/rasp_stack_trace
git_commit_date	1718365351	1718365389
git_commit_sha	24d82a5	86be898
release_version	1.36.0-SNAPSHOT~24d82a55c1	1.36.0-SNAPSHOT~86be898629
start_time	2024-06-14T12:01:37	2024-06-14T12:08:26

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1718367263	1718367263
ci_job_id	543568366	543568366
ci_pipeline_id	36766668	36766668
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1
    dateFormat X
    axisFormat %s
section baseline
no_agent (368.531 µs) : 348, 389
.   : milestone, 369,
iast (484.343 µs) : 463, 506
.   : milestone, 484,
iast_FULL (561.283 µs) : 540, 582
.   : milestone, 561,
iast_GLOBAL (515.424 µs) : 493, 538
.   : milestone, 515,
iast_HARDCODED_SECRET_DISABLED (482.794 µs) : 461, 504
.   : milestone, 483,
iast_INACTIVE (456.548 µs) : 435, 478
.   : milestone, 457,
iast_TELEMETRY_OFF (477.931 µs) : 456, 500
.   : milestone, 478,
tracing (448.484 µs) : 427, 470
.   : milestone, 448,
section candidate
no_agent (373.965 µs) : 354, 394
.   : milestone, 374,
iast (485.055 µs) : 463, 507
.   : milestone, 485,
iast_FULL (557.057 µs) : 536, 578
.   : milestone, 557,
iast_GLOBAL (507.064 µs) : 486, 528
.   : milestone, 507,
iast_HARDCODED_SECRET_DISABLED (484.332 µs) : 464, 505
.   : milestone, 484,
iast_INACTIVE (453.661 µs) : 432, 475
.   : milestone, 454,
iast_TELEMETRY_OFF (470.506 µs) : 450, 491
.   : milestone, 471,
tracing (443.485 µs) : 422, 465
.   : milestone, 443,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	368.531 µs [348.099 µs, 388.964 µs]	-
iast	484.343 µs [462.906 µs, 505.779 µs]	115.811 µs (31.4%)
iast_FULL	561.283 µs [540.22 µs, 582.347 µs]	192.752 µs (52.3%)
iast_GLOBAL	515.424 µs [492.952 µs, 537.896 µs]	146.893 µs (39.9%)
iast_HARDCODED_SECRET_DISABLED	482.794 µs [461.47 µs, 504.118 µs]	114.263 µs (31.0%)
iast_INACTIVE	456.548 µs [435.275 µs, 477.82 µs]	88.016 µs (23.9%)
iast_TELEMETRY_OFF	477.931 µs [456.288 µs, 499.574 µs]	109.399 µs (29.7%)
tracing	448.484 µs [427.015 µs, 469.952 µs]	79.952 µs (21.7%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	373.965 µs [353.897 µs, 394.033 µs]	-
iast	485.055 µs [463.314 µs, 506.797 µs]	111.09 µs (29.7%)
iast_FULL	557.057 µs [536.073 µs, 578.041 µs]	183.092 µs (49.0%)
iast_GLOBAL	507.064 µs [485.674 µs, 528.454 µs]	133.099 µs (35.6%)
iast_HARDCODED_SECRET_DISABLED	484.332 µs [463.552 µs, 505.112 µs]	110.367 µs (29.5%)
iast_INACTIVE	453.661 µs [432.294 µs, 475.027 µs]	79.696 µs (21.3%)
iast_TELEMETRY_OFF	470.506 µs [449.523 µs, 491.489 µs]	96.541 µs (25.8%)
tracing	443.485 µs [422.388 µs, 464.582 µs]	69.52 µs (18.6%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.338 ms) : 1319, 1357
.   : milestone, 1338,
appsec (1.722 ms) : 1697, 1747
.   : milestone, 1722,
appsec_no_iast (1.726 ms) : 1702, 1750
.   : milestone, 1726,
iast (1.479 ms) : 1457, 1502
.   : milestone, 1479,
profiling (1.477 ms) : 1452, 1502
.   : milestone, 1477,
tracing (1.449 ms) : 1425, 1474
.   : milestone, 1449,
section candidate
no_agent (1.326 ms) : 1306, 1346
.   : milestone, 1326,
appsec (1.707 ms) : 1682, 1732
.   : milestone, 1707,
appsec_no_iast (1.715 ms) : 1690, 1740
.   : milestone, 1715,
iast (1.475 ms) : 1452, 1497
.   : milestone, 1475,
profiling (1.487 ms) : 1462, 1511
.   : milestone, 1487,
tracing (1.464 ms) : 1440, 1488
.   : milestone, 1464,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.338 ms [1.319 ms, 1.357 ms]	-
appsec	1.722 ms [1.697 ms, 1.747 ms]	383.614 µs (28.7%)
appsec_no_iast	1.726 ms [1.702 ms, 1.75 ms]	387.919 µs (29.0%)
iast	1.479 ms [1.457 ms, 1.502 ms]	141.215 µs (10.6%)
profiling	1.477 ms [1.452 ms, 1.502 ms]	139.117 µs (10.4%)
tracing	1.449 ms [1.425 ms, 1.474 ms]	111.172 µs (8.3%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.326 ms [1.306 ms, 1.346 ms]	-
appsec	1.707 ms [1.682 ms, 1.732 ms]	380.788 µs (28.7%)
appsec_no_iast	1.715 ms [1.69 ms, 1.74 ms]	388.51 µs (29.3%)
iast	1.475 ms [1.452 ms, 1.497 ms]	148.088 µs (11.2%)
profiling	1.487 ms [1.462 ms, 1.511 ms]	160.107 µs (12.1%)
tracing	1.464 ms [1.44 ms, 1.488 ms]	137.256 µs (10.3%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	vzakharov/rasp_stack_trace
git_commit_date	1718365351	1718365389
git_commit_sha	24d82a5	86be898
release_version	1.36.0-SNAPSHOT~24d82a55c1	1.36.0-SNAPSHOT~86be898629

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1718367783	1718367783
ci_job_id	543568367	543568367
ci_pipeline_id	36766668	36766668
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.034 s) : 15034000, 15034000
.   : milestone, 15034000,
appsec (14.71 s) : 14710000, 14710000
.   : milestone, 14710000,
iast (18.985 s) : 18985000, 18985000
.   : milestone, 18985000,
iast_GLOBAL (18.048 s) : 18048000, 18048000
.   : milestone, 18048000,
profiling (15.158 s) : 15158000, 15158000
.   : milestone, 15158000,
tracing (15.034 s) : 15034000, 15034000
.   : milestone, 15034000,
section candidate
no_agent (14.983 s) : 14983000, 14983000
.   : milestone, 14983000,
appsec (14.996 s) : 14996000, 14996000
.   : milestone, 14996000,
iast (18.853 s) : 18853000, 18853000
.   : milestone, 18853000,
iast_GLOBAL (17.827 s) : 17827000, 17827000
.   : milestone, 17827000,
profiling (15.116 s) : 15116000, 15116000
.   : milestone, 15116000,
tracing (15.19 s) : 15190000, 15190000
.   : milestone, 15190000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.034 s [15.034 s, 15.034 s]	-
appsec	14.71 s [14.71 s, 14.71 s]	-324.0 ms (-2.2%)
iast	18.985 s [18.985 s, 18.985 s]	3.951 s (26.3%)
iast_GLOBAL	18.048 s [18.048 s, 18.048 s]	3.014 s (20.0%)
profiling	15.158 s [15.158 s, 15.158 s]	124.0 ms (0.8%)
tracing	15.034 s [15.034 s, 15.034 s]	0.0 µs (0.0%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.983 s [14.983 s, 14.983 s]	-
appsec	14.996 s [14.996 s, 14.996 s]	13.0 ms (0.1%)
iast	18.853 s [18.853 s, 18.853 s]	3.87 s (25.8%)
iast_GLOBAL	17.827 s [17.827 s, 17.827 s]	2.844 s (19.0%)
profiling	15.116 s [15.116 s, 15.116 s]	133.0 ms (0.9%)
tracing	15.19 s [15.19 s, 15.19 s]	207.0 ms (1.4%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~86be898629, baseline=1.36.0-SNAPSHOT~24d82a55c1
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.463 ms) : 1451, 1474
.   : milestone, 1463,
appsec (2.23 ms) : 2195, 2264
.   : milestone, 2230,
iast (1.982 ms) : 1940, 2024
.   : milestone, 1982,
iast_GLOBAL (2.007 ms) : 1966, 2048
.   : milestone, 2007,
profiling (1.857 ms) : 1823, 1890
.   : milestone, 1857,
tracing (1.846 ms) : 1813, 1878
.   : milestone, 1846,
section candidate
no_agent (1.466 ms) : 1454, 1477
.   : milestone, 1466,
appsec (2.217 ms) : 2183, 2251
.   : milestone, 2217,
iast (1.976 ms) : 1934, 2018
.   : milestone, 1976,
iast_GLOBAL (2.03 ms) : 1988, 2072
.   : milestone, 2030,
profiling (1.86 ms) : 1827, 1894
.   : milestone, 1860,
tracing (1.836 ms) : 1803, 1869
.   : milestone, 1836,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.463 ms [1.451 ms, 1.474 ms]	-
appsec	2.23 ms [2.195 ms, 2.264 ms]	767.012 µs (52.4%)
iast	1.982 ms [1.94 ms, 2.024 ms]	518.783 µs (35.5%)
iast_GLOBAL	2.007 ms [1.966 ms, 2.048 ms]	544.237 µs (37.2%)
profiling	1.857 ms [1.823 ms, 1.89 ms]	393.721 µs (26.9%)
tracing	1.846 ms [1.813 ms, 1.878 ms]	383.087 µs (26.2%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.466 ms [1.454 ms, 1.477 ms]	-
appsec	2.217 ms [2.183 ms, 2.251 ms]	751.462 µs (51.3%)
iast	1.976 ms [1.934 ms, 2.018 ms]	510.385 µs (34.8%)
iast_GLOBAL	2.03 ms [1.988 ms, 2.072 ms]	564.044 µs (38.5%)
profiling	1.86 ms [1.827 ms, 1.894 ms]	394.309 µs (26.9%)
tracing	1.836 ms [1.803 ms, 1.869 ms]	370.218 µs (25.3%)

[manuel-alvarez-alvarez]

An object with a cycle in its graph can be a good test cases for the specification, e.g.

class VisitableClass {
  String name
  VisitableClass cycle
}

[ValentinZakharov]

I'm sorry, didn't get that. Processing circular (closed) loop, will lead to reaching stack limit. I'm talking about cases, when cycle is pointing to the VisitableClass object itselt.

[manuel-alvarez-alvarez]

Yes, that's what I meant. The flattener should not break if given an object with a circular closed loop (perhaps it's not a problem any way)

[ValentinZakharov]

Added extra check to avoid errors in case of circular references

[manuel-alvarez-alvarez]

Should we include datadog.trace too?

[ValentinZakharov]

I've checked and seems datadog.trace used only in tests and smoke tests. I'm not sure if it make sense to include this packages in exclusion filter. 🤔

[manuel-alvarez-alvarez]

All the internal-api module uses datadog.trace, maybe I'm missing something here 😓