Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v3.56.0 #4252

Merged
merged 25 commits into from
Apr 23, 2024
Merged

v3.56.0 #4252

merged 25 commits into from
Apr 23, 2024

Conversation

dmellonielet and others added 22 commits April 22, 2024 11:33

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
* Add non-experimental DD_PROFILING_CPU_ENABLED

* Turn timelines and CPU profile on by default on non-Windows platforms

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
…les/node_modules due to race condition (#4224)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
* Sum waf.duration* metrics

* Test multiple calls

* Round 2. Do not rely on span tag and use metrics stored by telemetry

* waf.duration and waf.durationExt do not depend on whether telemetry is enabled or not

* Include a test with telemetry enabled and metrics disabled

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
* Avoid run sequelize plugin test with non compatible mysql2

* Avoid run sequelize plugin test with non compatible mysql2

* Fix typo

* Fix typo

* Add comment with the test combination constraint explanation

* Update packages/dd-trace/test/appsec/iast/analyzers/sql-injection-analyzer.sequelize.plugin.spec.js

Co-authored-by: simon-id <simon.id@datadoghq.com>

---------

Co-authored-by: simon-id <simon.id@datadoghq.com>

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
* Emit an event when profiles are submitted
* Emit span start event
* Emit an app-closing event so telemetry users can publish final metrics
* SSI Telemetry class
* Telemetry mock profiler

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
Because commas are normalized to underscores in backend anyway.

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
… in Cypress (#4228)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
* Update secret rules

* Update generic rule

* Update test suite

* simplify analyzer

* Split hardcoded secrets and passwords

* Include a rule mode to differenciate between ValueOnly rules and NameAndValue rules

* Use HardcodedBaseAnalyzer constructor to pass the rule lists

* Change hardcoded password rule id

* Rename rule 'mode' as 'type'

* Modify test, extract password rule to its own file and clean up

* Use hardcoded-rule-type constants

* Remove eslint comment

* declare and after export class

* Use constants

* test typo

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>

---------

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
* implement OTEL env var support for node.js
Copy link

github-actions bot commented Apr 22, 2024

Overall package size

Self size: 6.4 MB
Deduped: 60.89 MB
No deduping: 61.17 MB

Dependency sizes

name version self size total size
@datadog/native-iast-taint-tracking 1.7.0 16.71 MB 16.72 MB
@datadog/native-appsec 7.1.1 14.39 MB 14.4 MB
@datadog/pprof 5.2.0 8.84 MB 9.21 MB
protobufjs 7.2.5 2.77 MB 6.56 MB
@datadog/native-iast-rewriter 2.3.0 2.15 MB 2.24 MB
@opentelemetry/core 1.14.0 872.87 kB 1.47 MB
@datadog/native-metrics 2.0.0 898.77 kB 1.3 MB
@opentelemetry/api 1.4.1 780.32 kB 780.32 kB
import-in-the-middle 1.7.3 67.62 kB 731.01 kB
msgpack-lite 0.1.26 201.16 kB 281.59 kB
opentracing 0.14.7 194.81 kB 194.81 kB
semver 7.5.4 93.4 kB 123.8 kB
pprof-format 2.1.0 111.69 kB 111.69 kB
@datadog/sketches-js 2.1.0 109.9 kB 109.9 kB
lodash.sortby 4.7.0 75.76 kB 75.76 kB
lru-cache 7.14.0 74.95 kB 74.95 kB
ipaddr.js 2.1.0 60.23 kB 60.23 kB
ignore 5.2.4 51.22 kB 51.22 kB
int64-buffer 0.1.10 49.18 kB 49.18 kB
shell-quote 1.8.1 44.96 kB 44.96 kB
istanbul-lib-coverage 3.2.0 29.34 kB 29.34 kB
tlhunter-sorted-set 0.1.0 24.94 kB 24.94 kB
limiter 1.1.5 23.17 kB 23.17 kB
dc-polyfill 0.1.4 23.1 kB 23.1 kB
retry 0.13.1 18.85 kB 18.85 kB
node-abort-controller 3.1.1 16.89 kB 16.89 kB
jest-docblock 29.7.0 8.99 kB 12.76 kB
crypto-randomuuid 1.0.0 11.18 kB 11.18 kB
path-to-regexp 0.1.7 6.78 kB 6.78 kB
koalas 1.0.2 6.47 kB 6.47 kB
methods 1.1.2 5.29 kB 5.29 kB
module-details-from-path 1.0.3 4.47 kB 4.47 kB

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@pr-commenter
Copy link

pr-commenter bot commented Apr 22, 2024

Benchmarks

Benchmark execution time: 2024-04-22 12:59:41

Comparing candidate commit d75bdcc in PR branch v3.56.0-proposal with baseline commit 0969983 in branch v3.x.

Found 2 performance improvements and 21 performance regressions! Performance is the same for 753 metrics, 22 unstable metrics.

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-14

  • 🟥 instructions [+435.3M instructions; +452.6M instructions] or [+20.535%; +21.352%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-16

  • 🟥 instructions [+441.0M instructions; +455.7M instructions] or [+21.476%; +22.192%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-18

  • 🟥 cpu_user_time [+79.870ms; +109.759ms] or [+7.369%; +10.127%]
  • 🟥 instructions [+445.4M instructions; +458.7M instructions] or [+23.182%; +23.871%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-14

  • 🟥 instructions [+425.1M instructions; +447.0M instructions] or [+21.720%; +22.844%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-16

  • 🟥 instructions [+446.3M instructions; +469.5M instructions] or [+23.767%; +25.003%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-18

  • 🟥 cpu_user_time [+81.186ms; +112.312ms] or [+7.713%; +10.670%]
  • 🟥 execution_time [+73.776ms; +130.961ms] or [+5.952%; +10.566%]
  • 🟥 instructions [+448.1M instructions; +468.2M instructions] or [+25.523%; +26.669%]

scenario:appsec-iast-startup-time-iast-enabled-14

  • 🟥 instructions [+457.2M instructions; +478.5M instructions] or [+18.046%; +18.889%]

scenario:appsec-iast-startup-time-iast-enabled-16

  • 🟥 instructions [+364.2M instructions; +377.9M instructions] or [+14.311%; +14.849%]

scenario:appsec-iast-startup-time-iast-enabled-18

  • 🟥 cpu_user_time [+75.999ms; +107.296ms] or [+5.310%; +7.497%]
  • 🟥 execution_time [+92.783ms; +120.257ms] or [+5.919%; +7.671%]
  • 🟥 instructions [+460.3M instructions; +469.3M instructions] or [+19.988%; +20.378%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-14

  • 🟥 instructions [+424.8M instructions; +446.1M instructions] or [+12.021%; +12.624%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-16

  • 🟥 instructions [+433.0M instructions; +469.8M instructions] or [+12.746%; +13.830%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-18

  • 🟥 instructions [+437.7M instructions; +465.6M instructions] or [+13.434%; +14.293%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-14

  • 🟥 instructions [+416.8M instructions; +467.1M instructions] or [+13.455%; +15.076%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-16

  • 🟥 instructions [+414.8M instructions; +455.9M instructions] or [+13.640%; +14.990%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-18

  • 🟥 cpu_user_time [+85.601ms; +130.899ms] or [+5.767%; +8.819%]
  • 🟥 instructions [+469.5M instructions; +518.7M instructions] or [+16.470%; +18.196%]

scenario:plugin-graphql-with-depth-and-collapse-on-18

  • 🟩 max_rss_usage [-125.327MB; -104.017MB] or [-13.189%; -10.947%]

scenario:plugin-graphql-with-depth-on-max-18

  • 🟩 max_rss_usage [-123.496MB; -106.840MB] or [-13.038%; -11.280%]

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
@juan-fernandez juan-fernandez marked this pull request as ready for review April 22, 2024 13:00
@juan-fernandez juan-fernandez requested a review from a team as a code owner April 22, 2024 13:00
@juan-fernandez juan-fernandez merged commit 75b4bce into v3.x Apr 23, 2024
115 of 116 checks passed
@juan-fernandez juan-fernandez deleted the v3.56.0-proposal branch April 23, 2024 09:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet