Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(iast): fix propagation for platformdirs #9593

Merged
merged 19 commits into from
Jun 25, 2024

Conversation

gnufede
Copy link
Member

@gnufede gnufede commented Jun 20, 2024

IAST: Removes the detection and later patching skipping of loaded third-party modules. This change increases the coverage of propagation, so only Python standard libraries (Python batteries) and the ones included in the deny list are not patched.

Checklist

  • Change(s) are motivated and described in the PR description
  • Testing strategy is described if automated tests are not included in the PR
  • Risks are described (performance impact, potential for breakage, maintainability)
  • Change is maintainable (easy to change, telemetry, documentation)
  • Library release note guidelines are followed or label changelog/no-changelog is set
  • Documentation is included (in-code, generated user docs, public corp docs)
  • Backport labels are set (if applicable)
  • If this PR changes the public interface, I've notified @DataDog/apm-tees.

Reviewer Checklist

  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Description motivates each change
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Change is maintainable (easy to change, telemetry, documentation)
  • Release note makes sense to a user of the library
  • Author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@datadog-dd-trace-py-rkomorn
Copy link

datadog-dd-trace-py-rkomorn bot commented Jun 20, 2024

Datadog Report

Branch report: gnufede/APPSEC-53675-fix-propagation-platformdirs-rsa
Commit report: bbaadc4
Test service: dd-trace-py

✅ 0 Failed, 112678 Passed, 1003 Skipped, 50m 17.43s Total duration (9m 1.65s time saved)

@gnufede gnufede changed the title chore(iast): fix propagation for platformdirs and rsa chore(iast): fix propagation for platformdirs Jun 20, 2024
@gnufede gnufede added changelog/no-changelog A changelog entry is not required for this PR. ASM Application Security Monitoring labels Jun 20, 2024
@pr-commenter
Copy link

pr-commenter bot commented Jun 20, 2024

Benchmarks

Benchmark execution time: 2024-06-25 12:42:29

Comparing candidate commit 7f35788 in PR branch gnufede/APPSEC-53675-fix-propagation-platformdirs-rsa with baseline commit 0babcb1 in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 221 metrics, 9 unstable metrics.

@gnufede gnufede marked this pull request as ready for review June 21, 2024 16:41
@gnufede gnufede requested review from a team as code owners June 21, 2024 16:41
.github/workflows/test_frameworks.yml Outdated Show resolved Hide resolved
## Checklist

- [ ] Change(s) are motivated and described in the PR description
- [ ] Testing strategy is described if automated tests are not included
in the PR
- [ ] Risks are described (performance impact, potential for breakage,
maintainability)
- [ ] Change is maintainable (easy to change, telemetry, documentation)
- [ ] [Library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
are followed or label `changelog/no-changelog` is set
- [ ] Documentation is included (in-code, generated user docs, [public
corp docs](https://github.com/DataDog/documentation/))
- [ ] Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))
- [ ] If this PR changes the public interface, I've notified
`@DataDog/apm-tees`.

## Reviewer Checklist

- [ ] Title is accurate
- [ ] All changes are related to the pull request's stated goal
- [ ] Description motivates each change
- [ ] Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- [ ] Testing strategy adequately addresses listed risks
- [ ] Change is maintainable (easy to change, telemetry, documentation)
- [ ] Release note makes sense to a user of the library
- [ ] Author has acknowledged and discussed the performance implications
of this PR as reported in the benchmarks PR comment
- [ ] Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)
@gnufede gnufede enabled auto-merge (squash) June 25, 2024 16:00
@gnufede gnufede merged commit 7527e61 into main Jun 25, 2024
88 of 89 checks passed
@gnufede gnufede deleted the gnufede/APPSEC-53675-fix-propagation-platformdirs-rsa branch June 25, 2024 16:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ASM Application Security Monitoring changelog/no-changelog A changelog entry is not required for this PR.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants