Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v3.56.0 #4252

Merged
merged 25 commits into from
Apr 23, 2024
Merged

v3.56.0 #4252

merged 25 commits into from
Apr 23, 2024
+4,036 −404

Conversation

juan-fernandez
Copy link
Collaborator

@juan-fernandez juan-fernandez commented Apr 22, 2024
edited
Loading

dmellonielet and others added 22 commits April 22, 2024 11:33
@dmellonielet @juan-fernandez
ASEC-131:Remove reference to SDG as the team no longer exists (#4209)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
704d79f
@duncanista @juan-fernandez
update env vars (#4223)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
17b1694
@juan-fernandez
[ci-visibility] Disable EFD for tests with snapshots in jest (#4217)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
e80622d
@bin-umar @juan-fernandez
Added histogram method to dogstatsd (#4178)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
53211d9
@szegedi @juan-fernandez
PROF-9250: Enable timeline and CPU profiling by default (#4149)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
9f46baf 
* Add non-experimental DD_PROFILING_CPU_ENABLED

* Turn timelines and CPU profile on by default on non-Windows platforms
@ida613 @juan-fernandez
modified lib injection copy-lib.sh script to avoid creating node_modu…

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
74cf61f 
…les/node_modules due to race condition (#4224)
@iunanua @juan-fernandez
Sum appsec waf.duration* metrics (#4162)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
1a2047f 
* Sum waf.duration* metrics

* Test multiple calls

* Round 2. Do not rely on span tag and use metrics stored by telemetry

* waf.duration and waf.durationExt do not depend on whether telemetry is enabled or not

* Include a test with telemetry enabled and metrics disabled
@szegedi @juan-fernandez
Fix Counter.dec in telemetry (#4227)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
e8eee12
@nathan-knight @juan-fernandez
Fixed attempting to wrap undefined mongoose.Promise (#4165)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
91fd069
@CarlesDD @simon-id @juan-fernandez
Avoid run sequelize plugin test with non compatible mysql2 (#4229)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
d53fd97 
* Avoid run sequelize plugin test with non compatible mysql2

* Avoid run sequelize plugin test with non compatible mysql2

* Fix typo

* Fix typo

* Add comment with the test combination constraint explanation

* Update packages/dd-trace/test/appsec/iast/analyzers/sql-injection-analyzer.sequelize.plugin.spec.js

Co-authored-by: simon-id <simon.id@datadoghq.com>

---------

Co-authored-by: simon-id <simon.id@datadoghq.com>
@JohnDaly @juan-fernandez
Fix Writer flush error in core benchmark (#3535)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
017e793
@szegedi @juan-fernandez
PROF-9248: SSI profiler telemetry (#4163)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
64aa0d8 
* Emit an event when profiles are submitted
* Emit span start event
* Emit an app-closing event so telemetry users can publish final metrics
* SSI Telemetry class
* Telemetry mock profiler
@szegedi @juan-fernandez
PROF-9248: Use underscore instead of comma for tag value (#4235)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
ba4fc70 
Because commas are normalized to underscores in backend anyway.
@juan-fernandez
[ci-visibility] Fix window access when using cy.origin (multi origin)…

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
e7b753a 
… in Cypress (#4228)
@juan-fernandez
Add dogstatsd to noop proxy (#4225)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
d8a2290
@juan-fernandez
[ci-visibility] Add faulty threshold detection to EFD (only jest) (#4233

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
d0a7a1b 
)
@rochdev @juan-fernandez
update fetch instrumentation to use tracing channel (#4245)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
1e3a934
@duncanista @juan-fernandez
add CI_COMMIT_TAG to be sent downstream (#4247)

Partially verified

This commit is signed with the committer’s verified signature.
juan-fernandez’s contribution has been verified via GPG key.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
41cc2ab
@iunanua @CarlesDD @juan-fernandez
Hardcoded passwords detection and update hardcoded secret rules (#4066)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
8f49a3a 
* Update secret rules

* Update generic rule

* Update test suite

* simplify analyzer

* Split hardcoded secrets and passwords

* Include a rule mode to differenciate between ValueOnly rules and NameAndValue rules

* Use HardcodedBaseAnalyzer constructor to pass the rule lists

* Change hardcoded password rule id

* Rename rule 'mode' as 'type'

* Modify test, extract password rule to its own file and clean up

* Use hardcoded-rule-type constants

* Remove eslint comment

* declare and after export class

* Use constants

* test typo

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>

---------

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>
@juan-fernandez
[ci-visibility] Fix ITR with multi project setup in jest (#4249)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
707e14e
@juan-fernandez
[ci-visibility] Add selenium support (#4241)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
d2e3ccf
@khanayan123 @juan-fernandez
implement OTEL env var support for dd-trace-js (#4248)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
Loading
Loading status checks…
73371a3 
* implement OTEL env var support for node.js
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 22, 2024
edited
Loading

Overall package size

Self size: 6.4 MB
Deduped: 60.89 MB
No deduping: 61.17 MB

Dependency sizes

name version self size total size
@datadog/native-iast-taint-tracking 1.7.0 16.71 MB 16.72 MB
@datadog/native-appsec 7.1.1 14.39 MB 14.4 MB
@datadog/pprof 5.2.0 8.84 MB 9.21 MB
protobufjs 7.2.5 2.77 MB 6.56 MB
@datadog/native-iast-rewriter 2.3.0 2.15 MB 2.24 MB
@opentelemetry/core 1.14.0 872.87 kB 1.47 MB
@datadog/native-metrics 2.0.0 898.77 kB 1.3 MB
@opentelemetry/api 1.4.1 780.32 kB 780.32 kB
import-in-the-middle 1.7.3 67.62 kB 731.01 kB
msgpack-lite 0.1.26 201.16 kB 281.59 kB
opentracing 0.14.7 194.81 kB 194.81 kB
semver 7.5.4 93.4 kB 123.8 kB
pprof-format 2.1.0 111.69 kB 111.69 kB
@datadog/sketches-js 2.1.0 109.9 kB 109.9 kB
lodash.sortby 4.7.0 75.76 kB 75.76 kB
lru-cache 7.14.0 74.95 kB 74.95 kB
ipaddr.js 2.1.0 60.23 kB 60.23 kB
ignore 5.2.4 51.22 kB 51.22 kB
int64-buffer 0.1.10 49.18 kB 49.18 kB
shell-quote 1.8.1 44.96 kB 44.96 kB
istanbul-lib-coverage 3.2.0 29.34 kB 29.34 kB
tlhunter-sorted-set 0.1.0 24.94 kB 24.94 kB
limiter 1.1.5 23.17 kB 23.17 kB
dc-polyfill 0.1.4 23.1 kB 23.1 kB
retry 0.13.1 18.85 kB 18.85 kB
node-abort-controller 3.1.1 16.89 kB 16.89 kB
jest-docblock 29.7.0 8.99 kB 12.76 kB
crypto-randomuuid 1.0.0 11.18 kB 11.18 kB
path-to-regexp 0.1.7 6.78 kB 6.78 kB
koalas 1.0.2 6.47 kB 6.47 kB
methods 1.1.2 5.29 kB 5.29 kB
module-details-from-path 1.0.3 4.47 kB 4.47 kB

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@pr-commenter
Copy link

pr-commenter bot commented Apr 22, 2024
edited
Loading

Benchmarks

Benchmark execution time: 2024-04-22 12:59:41

Comparing candidate commit d75bdcc in PR branch v3.56.0-proposal with baseline commit 0969983 in branch v3.x.

Found 2 performance improvements and 21 performance regressions! Performance is the same for 753 metrics, 22 unstable metrics.

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-14

  • 🟥 instructions [+435.3M instructions; +452.6M instructions] or [+20.535%; +21.352%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-16

  • 🟥 instructions [+441.0M instructions; +455.7M instructions] or [+21.476%; +22.192%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-18

  • 🟥 cpu_user_time [+79.870ms; +109.759ms] or [+7.369%; +10.127%]
  • 🟥 instructions [+445.4M instructions; +458.7M instructions] or [+23.182%; +23.871%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-14

  • 🟥 instructions [+425.1M instructions; +447.0M instructions] or [+21.720%; +22.844%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-16

  • 🟥 instructions [+446.3M instructions; +469.5M instructions] or [+23.767%; +25.003%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-18

  • 🟥 cpu_user_time [+81.186ms; +112.312ms] or [+7.713%; +10.670%]
  • 🟥 execution_time [+73.776ms; +130.961ms] or [+5.952%; +10.566%]
  • 🟥 instructions [+448.1M instructions; +468.2M instructions] or [+25.523%; +26.669%]

scenario:appsec-iast-startup-time-iast-enabled-14

  • 🟥 instructions [+457.2M instructions; +478.5M instructions] or [+18.046%; +18.889%]

scenario:appsec-iast-startup-time-iast-enabled-16

  • 🟥 instructions [+364.2M instructions; +377.9M instructions] or [+14.311%; +14.849%]

scenario:appsec-iast-startup-time-iast-enabled-18

  • 🟥 cpu_user_time [+75.999ms; +107.296ms] or [+5.310%; +7.497%]
  • 🟥 execution_time [+92.783ms; +120.257ms] or [+5.919%; +7.671%]
  • 🟥 instructions [+460.3M instructions; +469.3M instructions] or [+19.988%; +20.378%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-14

  • 🟥 instructions [+424.8M instructions; +446.1M instructions] or [+12.021%; +12.624%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-16

  • 🟥 instructions [+433.0M instructions; +469.8M instructions] or [+12.746%; +13.830%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-18

  • 🟥 instructions [+437.7M instructions; +465.6M instructions] or [+13.434%; +14.293%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-14

  • 🟥 instructions [+416.8M instructions; +467.1M instructions] or [+13.455%; +15.076%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-16

  • 🟥 instructions [+414.8M instructions; +455.9M instructions] or [+13.640%; +14.990%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-18

  • 🟥 cpu_user_time [+85.601ms; +130.899ms] or [+5.767%; +8.819%]
  • 🟥 instructions [+469.5M instructions; +518.7M instructions] or [+16.470%; +18.196%]

scenario:plugin-graphql-with-depth-and-collapse-on-18

  • 🟩 max_rss_usage [-125.327MB; -104.017MB] or [-13.189%; -10.947%]

scenario:plugin-graphql-with-depth-on-max-18

  • 🟩 max_rss_usage [-123.496MB; -106.840MB] or [-13.038%; -11.280%]

@juan-fernandez
[ci-visibility] Fix chrome installation for node 16 (#4255)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
Loading
Loading status checks…
3f57fac
@juan-fernandez
[ci-visibility] Fix selenium tests in node@16 (#4256)

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
Loading
Loading status checks…
2a220a9
@juan-fernandez
v3.56.0

Verified

This commit was signed with the committer’s verified signature.
juan-fernandez Juan Antonio Fernández de Alba
GPG key ID: 8AA611F17F42D1A8
Verified
Learn about vigilant mode
Loading
Loading status checks…
d75bdcc
@juan-fernandez juan-fernandez marked this pull request as ready for review April 22, 2024 13:00
@juan-fernandez juan-fernandez requested a review from a team as a code owner April 22, 2024 13:00
@juan-fernandez juan-fernandez merged commit 75b4bce into v3.x Apr 23, 2024
115 of 116 checks passed
@juan-fernandez juan-fernandez deleted the v3.56.0-proposal branch April 23, 2024 09:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tlhunter tlhunter

@uurien uurien

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet