search

DataDog / dd-trace-java

Datadog APM client for Java
https://docs.datadoghq.com/tracing/languages/java
Apache License 2.0
588 stars 290 forks source link

Update libsqreen library to 11.0.1 fixing fingerprint generation #7655

Closed manuel-alvarez-alvarez closed 1 month ago

manuel-alvarez-alvarez commented 1 month ago

What Does This Do

Updates libsqreen library to 11.0.1 that includes a fix handling derivatives from the WAF.

Motivation

Schema derivatives are gziped and encoded in base64, meanwhile fingerprints should be sent as clear text.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-54547

pr-commenter[bot] commented 1 month ago

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-fix-derivatives
git_commit_date 1726823241 1726827682
git_commit_sha 58679718b3 c2cd81254b
release_version 1.40.0-SNAPSHOT~58679718b3 1.40.0-SNAPSHOT~c2cd81254b
See matching parameters | |Baseline |Candidate | |---------------------|----------------------------------------------|----------------------------------------------| |application |insecure-bank |insecure-bank | |ci_job_date |1726830021 |1726830021 | |ci_job_id |646220918 |646220918 | |ci_pipeline_id|44778032 |44778032 | |cpu_model |Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz|Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz| |module |Agent |Agent | |parent |None |None | |variant |iast |iast |

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics.

Startup time reports for insecure-bank ```mermaid gantt title insecure-bank - global startup overhead: candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section tracing Agent [baseline] (1.073 s) : 0, 1072895 Total [baseline] (8.553 s) : 0, 8552526 Agent [candidate] (1.066 s) : 0, 1066134 Total [candidate] (8.533 s) : 0, 8532953 section iast Agent [baseline] (1.189 s) : 0, 1189300 Total [baseline] (8.97 s) : 0, 8969743 Agent [candidate] (1.197 s) : 0, 1197457 Total [candidate] (9.007 s) : 0, 9006563 section iast_HARDCODED_SECRET_DISABLED Agent [baseline] (1.189 s) : 0, 1189425 Total [baseline] (8.955 s) : 0, 8955218 Agent [candidate] (1.196 s) : 0, 1195976 Total [candidate] (8.994 s) : 0, 8993696 section iast_TELEMETRY_OFF Agent [baseline] (1.19 s) : 0, 1189862 Total [baseline] (8.983 s) : 0, 8982871 Agent [candidate] (1.187 s) : 0, 1186913 Total [candidate] (8.997 s) : 0, 8997234 ``` * **baseline** results |Module|Variant|Duration|Δ tracing| |---|---|---|---| |Agent|tracing|1.073 s |-| |Agent|iast|1.189 s |116.405 ms (10.8%)| |Agent|iast_HARDCODED_SECRET_DISABLED|1.189 s |116.53 ms (10.9%)| |Agent|iast_TELEMETRY_OFF|1.19 s |116.967 ms (10.9%)| |Total|tracing|8.553 s |-| |Total|iast|8.97 s |417.217 ms (4.9%)| |Total|iast_HARDCODED_SECRET_DISABLED|8.955 s |402.692 ms (4.7%)| |Total|iast_TELEMETRY_OFF|8.983 s |430.344 ms (5.0%)| * **candidate** results |Module|Variant|Duration|Δ tracing| |---|---|---|---| |Agent|tracing|1.066 s |-| |Agent|iast|1.197 s |131.324 ms (12.3%)| |Agent|iast_HARDCODED_SECRET_DISABLED|1.196 s |129.843 ms (12.2%)| |Agent|iast_TELEMETRY_OFF|1.187 s |120.78 ms (11.3%)| |Total|tracing|8.533 s |-| |Total|iast|9.007 s |473.61 ms (5.6%)| |Total|iast_HARDCODED_SECRET_DISABLED|8.994 s |460.743 ms (5.4%)| |Total|iast_TELEMETRY_OFF|8.997 s |464.281 ms (5.4%)| ```mermaid gantt title insecure-bank - break down per module: candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (684.98 ms) : 0, 684980 BytebuddyAgent [candidate] (681.428 ms) : 0, 681428 GlobalTracer [baseline] (311.88 ms) : 0, 311880 GlobalTracer [candidate] (309.047 ms) : 0, 309047 AppSec [baseline] (54.028 ms) : 0, 54028 AppSec [candidate] (53.737 ms) : 0, 53737 Remote Config [baseline] (666.05 µs) : 0, 666 Remote Config [candidate] (687.885 µs) : 0, 688 Telemetry [baseline] (7.592 ms) : 0, 7592 Telemetry [candidate] (7.573 ms) : 0, 7573 section iast BytebuddyAgent [baseline] (791.741 ms) : 0, 791741 BytebuddyAgent [candidate] (796.93 ms) : 0, 796930 GlobalTracer [baseline] (297.988 ms) : 0, 297988 GlobalTracer [candidate] (299.828 ms) : 0, 299828 AppSec [baseline] (53.759 ms) : 0, 53759 AppSec [candidate] (54.855 ms) : 0, 54855 IAST [baseline] (24.358 ms) : 0, 24358 IAST [candidate] (24.145 ms) : 0, 24145 Remote Config [baseline] (586.09 µs) : 0, 586 Remote Config [candidate] (620.355 µs) : 0, 620 Telemetry [baseline] (7.235 ms) : 0, 7235 Telemetry [candidate] (7.34 ms) : 0, 7340 section iast_HARDCODED_SECRET_DISABLED BytebuddyAgent [baseline] (791.062 ms) : 0, 791062 BytebuddyAgent [candidate] (795.841 ms) : 0, 795841 GlobalTracer [baseline] (298.306 ms) : 0, 298306 GlobalTracer [candidate] (299.704 ms) : 0, 299704 AppSec [baseline] (53.232 ms) : 0, 53232 AppSec [candidate] (53.335 ms) : 0, 53335 IAST [baseline] (25.253 ms) : 0, 25253 IAST [candidate] (25.401 ms) : 0, 25401 Remote Config [baseline] (627.313 µs) : 0, 627 Remote Config [candidate] (606.97 µs) : 0, 607 Telemetry [baseline] (7.313 ms) : 0, 7313 Telemetry [candidate] (7.356 ms) : 0, 7356 section iast_TELEMETRY_OFF BytebuddyAgent [baseline] (790.736 ms) : 0, 790736 BytebuddyAgent [candidate] (788.874 ms) : 0, 788874 GlobalTracer [baseline] (299.614 ms) : 0, 299614 GlobalTracer [candidate] (298.474 ms) : 0, 298474 AppSec [baseline] (54.967 ms) : 0, 54967 AppSec [candidate] (53.365 ms) : 0, 53365 IAST [baseline] (23.049 ms) : 0, 23049 IAST [candidate] (23.133 ms) : 0, 23133 Remote Config [baseline] (600.727 µs) : 0, 601 Remote Config [candidate] (2.182 ms) : 0, 2182 Telemetry [baseline] (7.194 ms) : 0, 7194 Telemetry [candidate] (7.213 ms) : 0, 7213 ```
Startup time reports for petclinic ```mermaid gantt title petclinic - global startup overhead: candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section tracing Agent [baseline] (1.075 s) : 0, 1074994 Total [baseline] (10.425 s) : 0, 10424943 Agent [candidate] (1.063 s) : 0, 1063219 Total [candidate] (10.334 s) : 0, 10333845 section appsec Agent [baseline] (1.198 s) : 0, 1197502 Total [baseline] (10.618 s) : 0, 10618035 Agent [candidate] (1.205 s) : 0, 1205483 Total [candidate] (10.615 s) : 0, 10614766 section iast Agent [baseline] (1.196 s) : 0, 1196386 Total [baseline] (10.802 s) : 0, 10801579 Agent [candidate] (1.198 s) : 0, 1198062 Total [candidate] (10.828 s) : 0, 10827638 section profiling Agent [baseline] (1.274 s) : 0, 1274485 Total [baseline] (10.648 s) : 0, 10647853 Agent [candidate] (1.273 s) : 0, 1273429 Total [candidate] (10.683 s) : 0, 10682607 ``` * **baseline** results |Module|Variant|Duration|Δ tracing| |---|---|---|---| |Agent|tracing|1.075 s |-| |Agent|appsec|1.198 s |122.508 ms (11.4%)| |Agent|iast|1.196 s |121.391 ms (11.3%)| |Agent|profiling|1.274 s |199.491 ms (18.6%)| |Total|tracing|10.425 s |-| |Total|appsec|10.618 s |193.093 ms (1.9%)| |Total|iast|10.802 s |376.636 ms (3.6%)| |Total|profiling|10.648 s |222.91 ms (2.1%)| * **candidate** results |Module|Variant|Duration|Δ tracing| |---|---|---|---| |Agent|tracing|1.063 s |-| |Agent|appsec|1.205 s |142.264 ms (13.4%)| |Agent|iast|1.198 s |134.843 ms (12.7%)| |Agent|profiling|1.273 s |210.21 ms (19.8%)| |Total|tracing|10.334 s |-| |Total|appsec|10.615 s |280.921 ms (2.7%)| |Total|iast|10.828 s |493.793 ms (4.8%)| |Total|profiling|10.683 s |348.762 ms (3.4%)| ```mermaid gantt title petclinic - break down per module: candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section tracing BytebuddyAgent [baseline] (687.29 ms) : 0, 687290 BytebuddyAgent [candidate] (677.839 ms) : 0, 677839 GlobalTracer [baseline] (311.643 ms) : 0, 311643 GlobalTracer [candidate] (309.745 ms) : 0, 309745 AppSec [baseline] (54.049 ms) : 0, 54049 AppSec [candidate] (53.831 ms) : 0, 53831 Remote Config [baseline] (658.085 µs) : 0, 658 Remote Config [candidate] (670.407 µs) : 0, 670 Telemetry [baseline] (7.572 ms) : 0, 7572 Telemetry [candidate] (7.522 ms) : 0, 7522 section appsec BytebuddyAgent [baseline] (700.353 ms) : 0, 700353 BytebuddyAgent [candidate] (705.229 ms) : 0, 705229 GlobalTracer [baseline] (302.539 ms) : 0, 302539 GlobalTracer [candidate] (304.394 ms) : 0, 304394 AppSec [baseline] (162.013 ms) : 0, 162013 AppSec [candidate] (162.172 ms) : 0, 162172 Remote Config [baseline] (635.075 µs) : 0, 635 Remote Config [candidate] (657.458 µs) : 0, 657 Telemetry [baseline] (8.464 ms) : 0, 8464 Telemetry [candidate] (8.808 ms) : 0, 8808 IAST [baseline] (19.838 ms) : 0, 19838 IAST [candidate] (21.051 ms) : 0, 21051 section iast BytebuddyAgent [baseline] (796.251 ms) : 0, 796251 BytebuddyAgent [candidate] (797.599 ms) : 0, 797599 GlobalTracer [baseline] (300.079 ms) : 0, 300079 GlobalTracer [candidate] (300.159 ms) : 0, 300159 AppSec [baseline] (54.951 ms) : 0, 54951 AppSec [candidate] (57.446 ms) : 0, 57446 Remote Config [baseline] (604.236 µs) : 0, 604 Remote Config [candidate] (644.348 µs) : 0, 644 Telemetry [baseline] (7.33 ms) : 0, 7330 Telemetry [candidate] (7.386 ms) : 0, 7386 IAST [baseline] (23.48 ms) : 0, 23480 IAST [candidate] (21.112 ms) : 0, 21112 section profiling ProfilingAgent [baseline] (97.375 ms) : 0, 97375 ProfilingAgent [candidate] (97.371 ms) : 0, 97371 BytebuddyAgent [baseline] (679.327 ms) : 0, 679327 BytebuddyAgent [candidate] (678.324 ms) : 0, 678324 GlobalTracer [baseline] (396.578 ms) : 0, 396578 GlobalTracer [candidate] (396.667 ms) : 0, 396667 AppSec [baseline] (54.659 ms) : 0, 54659 AppSec [candidate] (54.646 ms) : 0, 54646 Remote Config [baseline] (649.542 µs) : 0, 650 Remote Config [candidate] (654.202 µs) : 0, 654 Telemetry [baseline] (7.532 ms) : 0, 7532 Telemetry [candidate] (7.456 ms) : 0, 7456 Profiling [baseline] (97.4 ms) : 0, 97400 Profiling [candidate] (97.395 ms) : 0, 97395 ```

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-09-20T10:33:04 2024-09-20T10:39:54
git_branch master malvarez/waf-fix-derivatives
git_commit_date 1726823241 1726827682
git_commit_sha 58679718b3 c2cd81254b
release_version 1.40.0-SNAPSHOT~58679718b3 1.40.0-SNAPSHOT~c2cd81254b
start_time 2024-09-20T10:32:50 2024-09-20T10:39:40
See matching parameters | |Baseline |Candidate | |---------------------|----------------------------------------------|----------------------------------------------| |application |insecure-bank |insecure-bank | |ci_job_date |1726829140 |1726829140 | |ci_job_id |646220919 |646220919 | |ci_pipeline_id|44778032 |44778032 | |cpu_model |Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz|Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz| |variant |iast |iast |

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 9 metrics, 18 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling worse
[+30.620µs; +85.335µs] or [+2.067%; +5.760%]		 unstable
[-664.431op/s; +418.278op/s] or [-20.763%; +13.071%]		 1.539ms 3076.923op/s 1.481ms 3200.000op/s
Request duration reports for insecure-bank ```mermaid gantt title insecure-bank - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section baseline no_agent (368.538 µs) : 349, 388 . : milestone, 369, iast (485.11 µs) : 464, 507 . : milestone, 485, iast_FULL (547.418 µs) : 526, 569 . : milestone, 547, iast_GLOBAL (512.212 µs) : 489, 535 . : milestone, 512, iast_HARDCODED_SECRET_DISABLED (484.069 µs) : 463, 505 . : milestone, 484, iast_INACTIVE (441.44 µs) : 421, 462 . : milestone, 441, iast_TELEMETRY_OFF (477.319 µs) : 455, 500 . : milestone, 477, tracing (439.907 µs) : 420, 460 . : milestone, 440, section candidate no_agent (372.148 µs) : 350, 394 . : milestone, 372, iast (478.014 µs) : 457, 499 . : milestone, 478, iast_FULL (553.298 µs) : 532, 575 . : milestone, 553, iast_GLOBAL (498.156 µs) : 477, 519 . : milestone, 498, iast_HARDCODED_SECRET_DISABLED (482.687 µs) : 461, 504 . : milestone, 483, iast_INACTIVE (445.514 µs) : 424, 467 . : milestone, 446, iast_TELEMETRY_OFF (476.52 µs) : 454, 499 . : milestone, 477, tracing (438.642 µs) : 418, 459 . : milestone, 439, ``` * **baseline** results |Variant|Request duration [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|368.538 µs [349.145 µs, 387.931 µs]|-| |iast|485.11 µs [463.592 µs, 506.628 µs]|116.572 µs (31.6%)| |iast_FULL|547.418 µs [526.18 µs, 568.656 µs]|178.88 µs (48.5%)| |iast_GLOBAL|512.212 µs [489.007 µs, 535.416 µs]|143.674 µs (39.0%)| |iast_HARDCODED_SECRET_DISABLED|484.069 µs [462.688 µs, 505.45 µs]|115.531 µs (31.3%)| |iast_INACTIVE|441.44 µs [421.017 µs, 461.864 µs]|72.903 µs (19.8%)| |iast_TELEMETRY_OFF|477.319 µs [454.811 µs, 499.828 µs]|108.782 µs (29.5%)| |tracing|439.907 µs [419.671 µs, 460.142 µs]|71.369 µs (19.4%)| * **candidate** results |Variant|Request duration [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|372.148 µs [350.249 µs, 394.048 µs]|-| |iast|478.014 µs [456.987 µs, 499.042 µs]|105.866 µs (28.4%)| |iast_FULL|553.298 µs [531.976 µs, 574.62 µs]|181.149 µs (48.7%)| |iast_GLOBAL|498.156 µs [476.934 µs, 519.377 µs]|126.007 µs (33.9%)| |iast_HARDCODED_SECRET_DISABLED|482.687 µs [461.432 µs, 503.942 µs]|110.538 µs (29.7%)| |iast_INACTIVE|445.514 µs [424.41 µs, 466.618 µs]|73.366 µs (19.7%)| |iast_TELEMETRY_OFF|476.52 µs [453.927 µs, 499.114 µs]|104.372 µs (28.0%)| |tracing|438.642 µs [417.829 µs, 459.454 µs]|66.493 µs (17.9%)|
Request duration reports for petclinic ```mermaid gantt title petclinic - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section baseline no_agent (1.362 ms) : 1342, 1382 . : milestone, 1362, appsec (1.713 ms) : 1689, 1737 . : milestone, 1713, appsec_no_iast (1.711 ms) : 1687, 1735 . : milestone, 1711, iast (1.474 ms) : 1451, 1497 . : milestone, 1474, profiling (1.481 ms) : 1457, 1506 . : milestone, 1481, tracing (1.45 ms) : 1425, 1474 . : milestone, 1450, section candidate no_agent (1.347 ms) : 1328, 1366 . : milestone, 1347, appsec (1.701 ms) : 1677, 1725 . : milestone, 1701, appsec_no_iast (1.715 ms) : 1691, 1739 . : milestone, 1715, iast (1.466 ms) : 1444, 1488 . : milestone, 1466, profiling (1.539 ms) : 1513, 1566 . : milestone, 1539, tracing (1.471 ms) : 1447, 1495 . : milestone, 1471, ``` * **baseline** results |Variant|Request duration [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|1.362 ms [1.342 ms, 1.382 ms]|-| |appsec|1.713 ms [1.689 ms, 1.737 ms]|351.374 µs (25.8%)| |appsec_no_iast|1.711 ms [1.687 ms, 1.735 ms]|348.9 µs (25.6%)| |iast|1.474 ms [1.451 ms, 1.497 ms]|111.983 µs (8.2%)| |profiling|1.481 ms [1.457 ms, 1.506 ms]|119.433 µs (8.8%)| |tracing|1.45 ms [1.425 ms, 1.474 ms]|87.509 µs (6.4%)| * **candidate** results |Variant|Request duration [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|1.347 ms [1.328 ms, 1.366 ms]|-| |appsec|1.701 ms [1.677 ms, 1.725 ms]|354.052 µs (26.3%)| |appsec_no_iast|1.715 ms [1.691 ms, 1.739 ms]|367.935 µs (27.3%)| |iast|1.466 ms [1.444 ms, 1.488 ms]|118.908 µs (8.8%)| |profiling|1.539 ms [1.513 ms, 1.566 ms]|192.438 µs (14.3%)| |tracing|1.471 ms [1.447 ms, 1.495 ms]|124.185 µs (9.2%)|

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-fix-derivatives
git_commit_date 1726823241 1726827682
git_commit_sha 58679718b3 c2cd81254b
release_version 1.40.0-SNAPSHOT~58679718b3 1.40.0-SNAPSHOT~c2cd81254b
See matching parameters | |Baseline |Candidate | |---------------------|----------------------------------------------|----------------------------------------------| |application |biojava |biojava | |ci_job_date |1726829662 |1726829662 | |ci_job_id |646220920 |646220920 | |ci_pipeline_id|44778032 |44778032 | |cpu_model |Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz|Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz| |variant |appsec |appsec |

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat ```mermaid gantt title tomcat - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section baseline no_agent (1.473 ms) : 1462, 1485 . : milestone, 1473, appsec (2.327 ms) : 2286, 2369 . : milestone, 2327, iast (2.069 ms) : 2019, 2120 . : milestone, 2069, iast_GLOBAL (2.1 ms) : 2049, 2150 . : milestone, 2100, profiling (1.941 ms) : 1901, 1981 . : milestone, 1941, tracing (1.914 ms) : 1875, 1952 . : milestone, 1914, section candidate no_agent (1.471 ms) : 1459, 1482 . : milestone, 1471, appsec (2.326 ms) : 2285, 2367 . : milestone, 2326, iast (2.059 ms) : 2008, 2110 . : milestone, 2059, iast_GLOBAL (2.109 ms) : 2057, 2160 . : milestone, 2109, profiling (1.928 ms) : 1888, 1968 . : milestone, 1928, tracing (1.902 ms) : 1864, 1940 . : milestone, 1902, ``` * **baseline** results |Variant|Execution Time [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|1.473 ms [1.462 ms, 1.485 ms]|-| |appsec|2.327 ms [2.286 ms, 2.369 ms]|853.873 µs (58.0%)| |iast|2.069 ms [2.019 ms, 2.12 ms]|595.859 µs (40.4%)| |iast_GLOBAL|2.1 ms [2.049 ms, 2.15 ms]|626.572 µs (42.5%)| |profiling|1.941 ms [1.901 ms, 1.981 ms]|467.948 µs (31.8%)| |tracing|1.914 ms [1.875 ms, 1.952 ms]|440.103 µs (29.9%)| * **candidate** results |Variant|Execution Time [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|1.471 ms [1.459 ms, 1.482 ms]|-| |appsec|2.326 ms [2.285 ms, 2.367 ms]|855.598 µs (58.2%)| |iast|2.059 ms [2.008 ms, 2.11 ms]|588.232 µs (40.0%)| |iast_GLOBAL|2.109 ms [2.057 ms, 2.16 ms]|637.86 µs (43.4%)| |profiling|1.928 ms [1.888 ms, 1.968 ms]|457.325 µs (31.1%)| |tracing|1.902 ms [1.864 ms, 1.94 ms]|431.486 µs (29.3%)|
Execution time for biojava ```mermaid gantt title biojava - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~c2cd81254b, baseline=1.40.0-SNAPSHOT~58679718b3 dateFormat X axisFormat %s section baseline no_agent (15.169 s) : 15169000, 15169000 . : milestone, 15169000, appsec (15.69 s) : 15690000, 15690000 . : milestone, 15690000, iast (18.897 s) : 18897000, 18897000 . : milestone, 18897000, iast_GLOBAL (18.079 s) : 18079000, 18079000 . : milestone, 18079000, profiling (15.404 s) : 15404000, 15404000 . : milestone, 15404000, tracing (15.309 s) : 15309000, 15309000 . : milestone, 15309000, section candidate no_agent (15.183 s) : 15183000, 15183000 . : milestone, 15183000, appsec (15.202 s) : 15202000, 15202000 . : milestone, 15202000, iast (18.679 s) : 18679000, 18679000 . : milestone, 18679000, iast_GLOBAL (17.848 s) : 17848000, 17848000 . : milestone, 17848000, profiling (15.448 s) : 15448000, 15448000 . : milestone, 15448000, tracing (15.348 s) : 15348000, 15348000 . : milestone, 15348000, ``` * **baseline** results |Variant|Execution Time [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|15.169 s [15.169 s, 15.169 s]|-| |appsec|15.69 s [15.69 s, 15.69 s]|521.0 ms (3.4%)| |iast|18.897 s [18.897 s, 18.897 s]|3.728 s (24.6%)| |iast_GLOBAL|18.079 s [18.079 s, 18.079 s]|2.91 s (19.2%)| |profiling|15.404 s [15.404 s, 15.404 s]|235.0 ms (1.5%)| |tracing|15.309 s [15.309 s, 15.309 s]|140.0 ms (0.9%)| * **candidate** results |Variant|Execution Time [CI 0.99]|Δ no_agent| |---|---|---| |no_agent|15.183 s [15.183 s, 15.183 s]|-| |appsec|15.202 s [15.202 s, 15.202 s]|19.0 ms (0.1%)| |iast|18.679 s [18.679 s, 18.679 s]|3.496 s (23.0%)| |iast_GLOBAL|17.848 s [17.848 s, 17.848 s]|2.665 s (17.6%)| |profiling|15.448 s [15.448 s, 15.448 s]|265.0 ms (1.7%)| |tracing|15.348 s [15.348 s, 15.348 s]|165.0 ms (1.1%)|