Skip to content

Opt-out API Security endpoint discovery #9623

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 3, 2025
Merged

Opt-out API Security endpoint discovery #9623

merged 2 commits into from
Oct 3, 2025

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Sep 26, 2025
edited
Loading

We were keeping this feature disabled for now because the backend does not support it yet. However, we’re actively working on adding support, and in the meantime, we need to measure the volume of data we’d need to handle once the feature is enabled.

As a result, this PR sets the default config flag to true:
ConfigDefaults.java#L120

Enabling the feature by default surfaced an issue during test execution:
an exception was thrown due to multiple beans of type RequestMappingHandlerMapping being present in the Spring context, which caused a NoUniqueBeanDefinitionException.

Error:

No qualifying bean of type 'RequestMappingHandlerMapping' available: 
expected single matching bean but found 2: requestMappingHandlerMapping,controllerEndpointHandlerMapping

To resolve this, the instrumentations were updated to:

  • Use getBeansOfType(...) instead of getBean(...)
  • Iterate over all available RequestMappingHandlerMapping beans
  • Collect and merge their handler methods safely.

This avoids the error and ensures compatibility with Spring setups that register multiple handler mappings.

Additional Notes

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@jandro996 jandro996 requested a review from a team as a code owner September 26, 2025 13:41
@jandro996 jandro996 requested a review from smola September 26, 2025 13:41
@github-actions GitHub Actions
Copy link
Contributor

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@jandro996 jandro996 added type: enhancement Enhancements and improvements comp: asm waf Application Security Management (WAF) labels Sep 26, 2025
@datadog-official Datadog Official
Copy link

datadog-official bot commented Sep 26, 2025
edited by datadog-datadog-prod-us1 bot
Loading

🎯 Code Coverage
Patch Coverage: 100.00%
Total Coverage: 57.83% (-0.12%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 2a14d7a | Docs | Was this helpful? Give us feedback!

@pr-commenter
Copy link

pr-commenter bot commented Sep 26, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/op-out-api-discovery
git_commit_date 1758889621 1758899667
git_commit_sha 4cf7670 2a14d7a
release_version 1.54.0-SNAPSHOT~4cf767062c 1.54.0-SNAPSHOT~2a14d7afa1
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758901585 1758901585
ci_job_id 1150150723 1150150723
ci_pipeline_id 77666050 77666050
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-p88751yr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-p88751yr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 2 performance regressions! Performance is the same for 60 metrics, 3 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:startup:petclinic:iast:Telemetry worse
[+323.032µs; +598.433µs] or [+3.988%; +7.388%]		 8.561ms 8.100ms
scenario:startup:petclinic:tracing:Telemetry worse
[+255.791µs; +695.508µs] or [+2.886%; +7.847%]		 9.339ms 8.863ms
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.012 s) : 0, 1012483
Total [baseline] (10.772 s) : 0, 10772234
Agent [candidate] (1.014 s) : 0, 1014354
Total [candidate] (10.679 s) : 0, 10679035
section appsec
Agent [baseline] (1.197 s) : 0, 1197008
Total [baseline] (11.096 s) : 0, 11096190
Agent [candidate] (1.192 s) : 0, 1191611
Total [candidate] (10.971 s) : 0, 10971192
section iast
Agent [baseline] (1.157 s) : 0, 1156572
Total [baseline] (10.954 s) : 0, 10954016
Agent [candidate] (1.15 s) : 0, 1149711
Total [candidate] (10.912 s) : 0, 10912130
section profiling
Agent [baseline] (1.161 s) : 0, 1160530
Total [baseline] (11.163 s) : 0, 11162750
Agent [candidate] (1.153 s) : 0, 1152725
Total [candidate] (11.07 s) : 0, 11070054
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.012 s -
Agent appsec 1.197 s 184.525 ms (18.2%)
Agent iast 1.157 s 144.089 ms (14.2%)
Agent profiling 1.161 s 148.046 ms (14.6%)
Total tracing 10.772 s -
Total appsec 11.096 s 323.956 ms (3.0%)
Total iast 10.954 s 181.782 ms (1.7%)
Total profiling 11.163 s 390.516 ms (3.6%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.014 s -
Agent appsec 1.192 s 177.257 ms (17.5%)
Agent iast 1.15 s 135.357 ms (13.3%)
Agent profiling 1.153 s 138.371 ms (13.6%)
Total tracing 10.679 s -
Total appsec 10.971 s 292.157 ms (2.7%)
Total iast 10.912 s 233.095 ms (2.2%)
Total profiling 11.07 s 391.02 ms (3.7%) 
gantt
    title petclinic - break down per module: candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.49 ms) : 0, 1490
crashtracking [candidate] (1.46 ms) : 0, 1460
BytebuddyAgent [baseline] (688.562 ms) : 0, 688562
BytebuddyAgent [candidate] (689.068 ms) : 0, 689068
GlobalTracer [baseline] (243.091 ms) : 0, 243091
GlobalTracer [candidate] (243.561 ms) : 0, 243561
AppSec [baseline] (31.287 ms) : 0, 31287
AppSec [candidate] (31.199 ms) : 0, 31199
Debugger [baseline] (6.326 ms) : 0, 6326
Debugger [candidate] (6.287 ms) : 0, 6287
Remote Config [baseline] (685.448 µs) : 0, 685
Remote Config [candidate] (679.718 µs) : 0, 680
Telemetry [baseline] (8.863 ms) : 0, 8863
Telemetry [candidate] (9.339 ms) : 0, 9339
Flare Poller [baseline] (10.956 ms) : 0, 10956
Flare Poller [candidate] (11.495 ms) : 0, 11495
section appsec
crashtracking [baseline] (1.473 ms) : 0, 1473
crashtracking [candidate] (1.474 ms) : 0, 1474
BytebuddyAgent [baseline] (718.97 ms) : 0, 718970
BytebuddyAgent [candidate] (714.762 ms) : 0, 714762
GlobalTracer [baseline] (236.924 ms) : 0, 236924
GlobalTracer [candidate] (236.571 ms) : 0, 236571
AppSec [baseline] (172.554 ms) : 0, 172554
AppSec [candidate] (172.574 ms) : 0, 172574
Debugger [baseline] (6.099 ms) : 0, 6099
Debugger [candidate] (6.048 ms) : 0, 6048
Remote Config [baseline] (643.813 µs) : 0, 644
Remote Config [candidate] (625.837 µs) : 0, 626
Telemetry [baseline] (8.429 ms) : 0, 8429
Telemetry [candidate] (8.64 ms) : 0, 8640
Flare Poller [baseline] (5.598 ms) : 0, 5598
Flare Poller [candidate] (4.796 ms) : 0, 4796
IAST [baseline] (25.059 ms) : 0, 25059
IAST [candidate] (24.907 ms) : 0, 24907
section iast
crashtracking [baseline] (1.476 ms) : 0, 1476
crashtracking [candidate] (1.469 ms) : 0, 1469
BytebuddyAgent [baseline] (818.476 ms) : 0, 818476
BytebuddyAgent [candidate] (813.375 ms) : 0, 813375
GlobalTracer [baseline] (235.413 ms) : 0, 235413
GlobalTracer [candidate] (234.029 ms) : 0, 234029
AppSec [baseline] (34.093 ms) : 0, 34093
AppSec [candidate] (33.789 ms) : 0, 33789
Debugger [baseline] (6.021 ms) : 0, 6021
Debugger [candidate] (6.078 ms) : 0, 6078
Remote Config [baseline] (592.539 µs) : 0, 593
Remote Config [candidate] (585.192 µs) : 0, 585
Telemetry [baseline] (8.1 ms) : 0, 8100
Telemetry [candidate] (8.561 ms) : 0, 8561
Flare Poller [baseline] (4.217 ms) : 0, 4217
Flare Poller [candidate] (4.219 ms) : 0, 4219
IAST [baseline] (26.621 ms) : 0, 26621
IAST [candidate] (26.233 ms) : 0, 26233
section profiling
crashtracking [baseline] (1.475 ms) : 0, 1475
crashtracking [candidate] (1.449 ms) : 0, 1449
BytebuddyAgent [baseline] (723.97 ms) : 0, 723970
BytebuddyAgent [candidate] (719.689 ms) : 0, 719689
GlobalTracer [baseline] (220.021 ms) : 0, 220021
GlobalTracer [candidate] (219.069 ms) : 0, 219069
AppSec [baseline] (31.559 ms) : 0, 31559
AppSec [candidate] (31.342 ms) : 0, 31342
Debugger [baseline] (6.603 ms) : 0, 6603
Debugger [candidate] (6.514 ms) : 0, 6514
Remote Config [baseline] (742.121 µs) : 0, 742
Remote Config [candidate] (725.185 µs) : 0, 725
Telemetry [baseline] (16.609 ms) : 0, 16609
Telemetry [candidate] (16.483 ms) : 0, 16483
Flare Poller [baseline] (4.239 ms) : 0, 4239
Flare Poller [candidate] (4.131 ms) : 0, 4131
ProfilingAgent [baseline] (102.534 ms) : 0, 102534
ProfilingAgent [candidate] (100.828 ms) : 0, 100828
Profiling [baseline] (103.116 ms) : 0, 103116
Profiling [candidate] (101.407 ms) : 0, 101407
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.015 s) : 0, 1014744
Total [baseline] (8.726 s) : 0, 8726138
Agent [candidate] (1.016 s) : 0, 1015608
Total [candidate] (8.691 s) : 0, 8691157
section iast
Agent [baseline] (1.161 s) : 0, 1161183
Total [baseline] (9.319 s) : 0, 9318538
Agent [candidate] (1.143 s) : 0, 1143125
Total [candidate] (9.288 s) : 0, 9288198
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.015 s -
Agent iast 1.161 s 146.439 ms (14.4%)
Total tracing 8.726 s -
Total iast 9.319 s 592.4 ms (6.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.016 s -
Agent iast 1.143 s 127.517 ms (12.6%)
Total tracing 8.691 s -
Total iast 9.288 s 597.042 ms (6.9%) 
gantt
    title insecure-bank - break down per module: candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.475 ms) : 0, 1475
crashtracking [candidate] (1.477 ms) : 0, 1477
BytebuddyAgent [baseline] (691.327 ms) : 0, 691327
BytebuddyAgent [candidate] (689.918 ms) : 0, 689918
GlobalTracer [baseline] (243.228 ms) : 0, 243228
GlobalTracer [candidate] (243.827 ms) : 0, 243827
AppSec [baseline] (31.157 ms) : 0, 31157
AppSec [candidate] (31.31 ms) : 0, 31310
Debugger [baseline] (6.336 ms) : 0, 6336
Debugger [candidate] (6.347 ms) : 0, 6347
Remote Config [baseline] (677.404 µs) : 0, 677
Remote Config [candidate] (673.115 µs) : 0, 673
Telemetry [baseline] (8.994 ms) : 0, 8994
Telemetry [candidate] (9.358 ms) : 0, 9358
Flare Poller [baseline] (10.311 ms) : 0, 10311
Flare Poller [candidate] (11.48 ms) : 0, 11480
section iast
crashtracking [baseline] (1.483 ms) : 0, 1483
crashtracking [candidate] (1.467 ms) : 0, 1467
BytebuddyAgent [baseline] (821.902 ms) : 0, 821902
BytebuddyAgent [candidate] (809.091 ms) : 0, 809091
GlobalTracer [baseline] (235.677 ms) : 0, 235677
GlobalTracer [candidate] (232.167 ms) : 0, 232167
AppSec [baseline] (34.241 ms) : 0, 34241
AppSec [candidate] (34.179 ms) : 0, 34179
Debugger [baseline] (6.1 ms) : 0, 6100
Debugger [candidate] (6.033 ms) : 0, 6033
Remote Config [baseline] (604.636 µs) : 0, 605
Remote Config [candidate] (577.418 µs) : 0, 577
Telemetry [baseline] (8.394 ms) : 0, 8394
Telemetry [candidate] (8.39 ms) : 0, 8390
Flare Poller [baseline] (4.295 ms) : 0, 4295
Flare Poller [candidate] (4.13 ms) : 0, 4130
IAST [baseline] (26.882 ms) : 0, 26882
IAST [candidate] (25.912 ms) : 0, 25912
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/op-out-api-discovery
git_commit_date 1758889621 1758899667
git_commit_sha 4cf7670 2a14d7a
release_version 1.54.0-SNAPSHOT~4cf767062c 1.54.0-SNAPSHOT~2a14d7afa1
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758901257 1758901257
ci_job_id 1150150726 1150150726
ci_pipeline_id 77666050 77666050
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-0mju47jk 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-0mju47jk 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 5 performance improvements and 2 performance regressions! Performance is the same for 5 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:profiling:high_load better
[-529.509µs; -225.992µs] or [-5.966%; -2.546%]		 unstable
[-42.386op/s; +88.136op/s] or [-8.105%; +16.854%]		 8.497ms 545.812op/s 8.875ms 522.938op/s
scenario:load:insecure-bank:iast_GLOBAL:high_load better
[-984.751µs; -551.814µs] or [-8.586%; -4.811%]		 unstable
[-16.726op/s; +74.476op/s] or [-4.125%; +18.368%]		 10.700ms 434.344op/s 11.469ms 405.469op/s
scenario:load:insecure-bank:iast:high_load worse
[+626.881µs; +1004.062µs] or [+6.548%; +10.488%]		 unstable
[-89.115op/s; +13.740op/s] or [-18.372%; +2.833%]		 10.389ms 447.375op/s 9.573ms 485.062op/s
scenario:load:petclinic:profiling:high_load better
[-2.039ms; -1.033ms] or [-4.105%; -2.079%]		 unstable
[-3.377op/s; +9.377op/s] or [-3.583%; +9.948%]		 48.142ms 97.263op/s 49.678ms 94.263op/s
scenario:load:petclinic:no_agent:high_load better
[-1.801ms; -1.165ms] or [-4.819%; -3.117%]		 unstable
[-2.844op/s; +13.244op/s] or [-2.272%; +10.583%]		 35.880ms 130.338op/s 37.363ms 125.138op/s
scenario:load:petclinic:code_origins:high_load worse
[+1.457ms; +2.250ms] or [+3.403%; +5.255%]		 unstable
[-11.506op/s; +2.456op/s] or [-10.525%; +2.246%]		 44.659ms 104.787op/s 42.806ms 109.312op/s
scenario:load:petclinic:iast:high_load better
[-2.038ms; -1.215ms] or [-4.517%; -2.693%]		 unstable
[-2.981op/s; +10.856op/s] or [-2.876%; +10.473%]		 43.497ms 107.600op/s 45.123ms 103.662op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.297 ms) : 4248, 4345
.   : milestone, 4297,
iast (9.573 ms) : 9404, 9743
.   : milestone, 9573,
iast_FULL (13.791 ms) : 13511, 14071
.   : milestone, 13791,
iast_GLOBAL (11.469 ms) : 11256, 11682
.   : milestone, 11469,
profiling (8.875 ms) : 8734, 9016
.   : milestone, 8875,
tracing (7.699 ms) : 7590, 7807
.   : milestone, 7699,
section candidate
no_agent (4.383 ms) : 4334, 4433
.   : milestone, 4383,
iast (10.389 ms) : 10208, 10569
.   : milestone, 10389,
iast_FULL (14.248 ms) : 13963, 14532
.   : milestone, 14248,
iast_GLOBAL (10.7 ms) : 10512, 10889
.   : milestone, 10700,
profiling (8.497 ms) : 8356, 8639
.   : milestone, 8497,
tracing (7.744 ms) : 7632, 7856
.   : milestone, 7744,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.297 ms [4.248 ms, 4.345 ms] -
iast 9.573 ms [9.404 ms, 9.743 ms] 5.277 ms (122.8%)
iast_FULL 13.791 ms [13.511 ms, 14.071 ms] 9.494 ms (221.0%)
iast_GLOBAL 11.469 ms [11.256 ms, 11.682 ms] 7.172 ms (166.9%)
profiling 8.875 ms [8.734 ms, 9.016 ms] 4.578 ms (106.6%)
tracing 7.699 ms [7.59 ms, 7.807 ms] 3.402 ms (79.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.383 ms [4.334 ms, 4.433 ms] -
iast 10.389 ms [10.208 ms, 10.569 ms] 6.005 ms (137.0%)
iast_FULL 14.248 ms [13.963 ms, 14.532 ms] 9.865 ms (225.0%)
iast_GLOBAL 10.7 ms [10.512 ms, 10.889 ms] 6.317 ms (144.1%)
profiling 8.497 ms [8.356 ms, 8.639 ms] 4.114 ms (93.9%)
tracing 7.744 ms [7.632 ms, 7.856 ms] 3.361 ms (76.7%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.363 ms) : 37056, 37669
.   : milestone, 37363,
appsec (48.694 ms) : 48257, 49132
.   : milestone, 48694,
code_origins (42.806 ms) : 42453, 43159
.   : milestone, 42806,
iast (45.123 ms) : 44717, 45529
.   : milestone, 45123,
profiling (49.678 ms) : 49170, 50185
.   : milestone, 49678,
tracing (43.842 ms) : 43463, 44221
.   : milestone, 43842,
section candidate
no_agent (35.88 ms) : 35596, 36164
.   : milestone, 35880,
appsec (49.12 ms) : 48674, 49566
.   : milestone, 49120,
code_origins (44.659 ms) : 44276, 45042
.   : milestone, 44659,
iast (43.497 ms) : 43140, 43854
.   : milestone, 43497,
profiling (48.142 ms) : 47718, 48565
.   : milestone, 48142,
tracing (43.091 ms) : 42741, 43442
.   : milestone, 43091,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.363 ms [37.056 ms, 37.669 ms] -
appsec 48.694 ms [48.257 ms, 49.132 ms] 11.332 ms (30.3%)
code_origins 42.806 ms [42.453 ms, 43.159 ms] 5.443 ms (14.6%)
iast 45.123 ms [44.717 ms, 45.529 ms] 7.76 ms (20.8%)
profiling 49.678 ms [49.17 ms, 50.185 ms] 12.315 ms (33.0%)
tracing 43.842 ms [43.463 ms, 44.221 ms] 6.479 ms (17.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 35.88 ms [35.596 ms, 36.164 ms] -
appsec 49.12 ms [48.674 ms, 49.566 ms] 13.24 ms (36.9%)
code_origins 44.659 ms [44.276 ms, 45.042 ms] 8.779 ms (24.5%)
iast 43.497 ms [43.14 ms, 43.854 ms] 7.617 ms (21.2%)
profiling 48.142 ms [47.718 ms, 48.565 ms] 12.261 ms (34.2%)
tracing 43.091 ms [42.741 ms, 43.442 ms] 7.211 ms (20.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/op-out-api-discovery
git_commit_date 1758889621 1758899667
git_commit_sha 4cf7670 2a14d7a
release_version 1.54.0-SNAPSHOT~4cf767062c 1.54.0-SNAPSHOT~2a14d7afa1
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1758901785 1758901785
ci_job_id 1150150728 1150150728
ci_pipeline_id 77666050 77666050
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-2-jsbwozh1 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-2-jsbwozh1 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:dacapo:tomcat:appsec better
[-1.448ms; -1.109ms] or [-38.844%; -29.752%]		 2.448ms 3.727ms
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.471 ms) : 1460, 1482
.   : milestone, 1471,
appsec (3.727 ms) : 3510, 3943
.   : milestone, 3727,
iast (2.194 ms) : 2132, 2257
.   : milestone, 2194,
iast_GLOBAL (2.231 ms) : 2168, 2294
.   : milestone, 2231,
profiling (2.038 ms) : 1988, 2089
.   : milestone, 2038,
tracing (2.005 ms) : 1957, 2054
.   : milestone, 2005,
section candidate
no_agent (1.467 ms) : 1456, 1479
.   : milestone, 1467,
appsec (2.448 ms) : 2398, 2499
.   : milestone, 2448,
iast (2.2 ms) : 2136, 2263
.   : milestone, 2200,
iast_GLOBAL (2.237 ms) : 2174, 2300
.   : milestone, 2237,
profiling (2.057 ms) : 2005, 2109
.   : milestone, 2057,
tracing (2.006 ms) : 1958, 2055
.   : milestone, 2006,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.471 ms [1.46 ms, 1.482 ms] -
appsec 3.727 ms [3.51 ms, 3.943 ms] 2.256 ms (153.3%)
iast 2.194 ms [2.132 ms, 2.257 ms] 723.329 µs (49.2%)
iast_GLOBAL 2.231 ms [2.168 ms, 2.294 ms] 760.343 µs (51.7%)
profiling 2.038 ms [1.988 ms, 2.089 ms] 567.438 µs (38.6%)
tracing 2.005 ms [1.957 ms, 2.054 ms] 534.25 µs (36.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.467 ms [1.456 ms, 1.479 ms] -
appsec 2.448 ms [2.398 ms, 2.499 ms] 981.048 µs (66.9%)
iast 2.2 ms [2.136 ms, 2.263 ms] 732.196 µs (49.9%)
iast_GLOBAL 2.237 ms [2.174 ms, 2.3 ms] 769.589 µs (52.4%)
profiling 2.057 ms [2.005 ms, 2.109 ms] 589.375 µs (40.2%)
tracing 2.006 ms [1.958 ms, 2.055 ms] 539.107 µs (36.7%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~2a14d7afa1, baseline=1.54.0-SNAPSHOT~4cf767062c
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.893 s) : 14893000, 14893000
.   : milestone, 14893000,
appsec (14.956 s) : 14956000, 14956000
.   : milestone, 14956000,
iast (18.568 s) : 18568000, 18568000
.   : milestone, 18568000,
iast_GLOBAL (17.702 s) : 17702000, 17702000
.   : milestone, 17702000,
profiling (16.032 s) : 16032000, 16032000
.   : milestone, 16032000,
tracing (15.208 s) : 15208000, 15208000
.   : milestone, 15208000,
section candidate
no_agent (14.955 s) : 14955000, 14955000
.   : milestone, 14955000,
appsec (15.082 s) : 15082000, 15082000
.   : milestone, 15082000,
iast (18.424 s) : 18424000, 18424000
.   : milestone, 18424000,
iast_GLOBAL (17.679 s) : 17679000, 17679000
.   : milestone, 17679000,
profiling (15.928 s) : 15928000, 15928000
.   : milestone, 15928000,
tracing (15.117 s) : 15117000, 15117000
.   : milestone, 15117000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.893 s [14.893 s, 14.893 s] -
appsec 14.956 s [14.956 s, 14.956 s] 63.0 ms (0.4%)
iast 18.568 s [18.568 s, 18.568 s] 3.675 s (24.7%)
iast_GLOBAL 17.702 s [17.702 s, 17.702 s] 2.809 s (18.9%)
profiling 16.032 s [16.032 s, 16.032 s] 1.139 s (7.6%)
tracing 15.208 s [15.208 s, 15.208 s] 315.0 ms (2.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.955 s [14.955 s, 14.955 s] -
appsec 15.082 s [15.082 s, 15.082 s] 127.0 ms (0.8%)
iast 18.424 s [18.424 s, 18.424 s] 3.469 s (23.2%)
iast_GLOBAL 17.679 s [17.679 s, 17.679 s] 2.724 s (18.2%)
profiling 15.928 s [15.928 s, 15.928 s] 973.0 ms (6.5%)
tracing 15.117 s [15.117 s, 15.117 s] 162.0 ms (1.1%)

@jandro996 jandro996 requested a review from a team as a code owner September 26, 2025 15:14
manuel-alvarez-alvarez
manuel-alvarez-alvarez approved these changes Oct 2, 2025
View reviewed changes
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jandro996 jandro996 merged commit c442de6 into master Oct 3, 2025
545 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/op-out-api-discovery branch October 3, 2025 07:17
@github-actions github-actions bot added this to the 1.54.0 milestone Oct 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@smola smola Awaiting requested review from smola smola is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: enhancement Enhancements and improvements
Projects
None yet
Milestone
1.54.0
Development

Successfully merging this pull request may close these issues.
2 participants
@jandro996 @manuel-alvarez-alvarez