-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set unexpected IAST exceptions to debug log level #8044
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
smola
added
type: enhancement
comp: asm iast
Application Security Management (IAST)
labels
Dec 2, 2024
manuel-alvarez-alvarez
approved these changes
Dec 2, 2024
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 51 metrics, 12 unstable metrics. Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.098 s) : 0, 1098190
Total [baseline] (8.682 s) : 0, 8681753
Agent [candidate] (1.1 s) : 0, 1100244
Total [candidate] (8.695 s) : 0, 8695199
section iast
Agent [baseline] (1.225 s) : 0, 1225049
Total [baseline] (9.218 s) : 0, 9217859
Agent [candidate] (1.223 s) : 0, 1223308
Total [candidate] (9.187 s) : 0, 9187318
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.22 s) : 0, 1219502
Total [baseline] (9.182 s) : 0, 9182071
Agent [candidate] (1.221 s) : 0, 1221170
Total [candidate] (9.215 s) : 0, 9214898
section iast_TELEMETRY_OFF
Agent [baseline] (1.216 s) : 0, 1215667
Total [baseline] (9.184 s) : 0, 9183810
Agent [candidate] (1.22 s) : 0, 1219764
Total [candidate] (9.198 s) : 0, 9198271
gantt
title insecure-bank - break down per module: candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (700.263 ms) : 0, 700263
BytebuddyAgent [candidate] (699.233 ms) : 0, 699233
GlobalTracer [baseline] (318.581 ms) : 0, 318581
GlobalTracer [candidate] (320.144 ms) : 0, 320144
AppSec [baseline] (54.939 ms) : 0, 54939
AppSec [candidate] (55.379 ms) : 0, 55379
Remote Config [baseline] (680.884 µs) : 0, 681
Remote Config [candidate] (941.845 µs) : 0, 942
Telemetry [baseline] (9.888 ms) : 0, 9888
Telemetry [candidate] (10.682 ms) : 0, 10682
section iast
BytebuddyAgent [baseline] (816.321 ms) : 0, 816321
BytebuddyAgent [candidate] (815.12 ms) : 0, 815120
GlobalTracer [baseline] (307.138 ms) : 0, 307138
GlobalTracer [candidate] (307.298 ms) : 0, 307298
AppSec [baseline] (57.184 ms) : 0, 57184
AppSec [candidate] (57.079 ms) : 0, 57079
Remote Config [baseline] (637.76 µs) : 0, 638
Remote Config [candidate] (654.116 µs) : 0, 654
Telemetry [baseline] (7.638 ms) : 0, 7638
Telemetry [candidate] (7.519 ms) : 0, 7519
IAST [baseline] (22.17 ms) : 0, 22170
IAST [candidate] (21.806 ms) : 0, 21806
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (812.08 ms) : 0, 812080
BytebuddyAgent [candidate] (813.466 ms) : 0, 813466
GlobalTracer [baseline] (306.604 ms) : 0, 306604
GlobalTracer [candidate] (306.772 ms) : 0, 306772
AppSec [baseline] (57.972 ms) : 0, 57972
AppSec [candidate] (57.206 ms) : 0, 57206
Remote Config [baseline] (623.675 µs) : 0, 624
Remote Config [candidate] (630.975 µs) : 0, 631
Telemetry [baseline] (7.456 ms) : 0, 7456
Telemetry [candidate] (7.495 ms) : 0, 7495
IAST [baseline] (20.905 ms) : 0, 20905
IAST [candidate] (21.787 ms) : 0, 21787
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (808.14 ms) : 0, 808140
BytebuddyAgent [candidate] (810.346 ms) : 0, 810346
GlobalTracer [baseline] (306.798 ms) : 0, 306798
GlobalTracer [candidate] (307.413 ms) : 0, 307413
AppSec [baseline] (55.926 ms) : 0, 55926
AppSec [candidate] (56.541 ms) : 0, 56541
Remote Config [baseline] (671.74 µs) : 0, 672
Remote Config [candidate] (684.798 µs) : 0, 685
Telemetry [baseline] (7.471 ms) : 0, 7471
Telemetry [candidate] (7.557 ms) : 0, 7557
IAST [baseline] (22.89 ms) : 0, 22890
IAST [candidate] (23.405 ms) : 0, 23405
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.091 s) : 0, 1091376
Total [baseline] (10.418 s) : 0, 10417587
Agent [candidate] (1.092 s) : 0, 1091673
Total [candidate] (10.439 s) : 0, 10438903
section appsec
Agent [baseline] (1.224 s) : 0, 1223848
Total [baseline] (10.754 s) : 0, 10753602
Agent [candidate] (1.236 s) : 0, 1236031
Total [candidate] (10.732 s) : 0, 10732448
section iast
Agent [baseline] (1.238 s) : 0, 1238064
Total [baseline] (11.041 s) : 0, 11040966
Agent [candidate] (1.222 s) : 0, 1222389
Total [candidate] (10.998 s) : 0, 10998158
section profiling
Agent [baseline] (1.323 s) : 0, 1322734
Total [baseline] (10.775 s) : 0, 10774897
Agent [candidate] (1.319 s) : 0, 1319280
Total [candidate] (10.825 s) : 0, 10825409
gantt
title petclinic - break down per module: candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (693.571 ms) : 0, 693571
BytebuddyAgent [candidate] (695.576 ms) : 0, 695576
GlobalTracer [baseline] (318.244 ms) : 0, 318244
GlobalTracer [candidate] (318.321 ms) : 0, 318321
AppSec [baseline] (54.635 ms) : 0, 54635
AppSec [candidate] (54.774 ms) : 0, 54774
Remote Config [baseline] (683.707 µs) : 0, 684
Remote Config [candidate] (681.988 µs) : 0, 682
Telemetry [baseline] (10.489 ms) : 0, 10489
Telemetry [candidate] (8.471 ms) : 0, 8471
section appsec
BytebuddyAgent [baseline] (710.225 ms) : 0, 710225
BytebuddyAgent [candidate] (717.127 ms) : 0, 717127
GlobalTracer [baseline] (314.238 ms) : 0, 314238
GlobalTracer [candidate] (318.15 ms) : 0, 318150
AppSec [baseline] (167.528 ms) : 0, 167528
AppSec [candidate] (168.512 ms) : 0, 168512
Remote Config [baseline] (632.582 µs) : 0, 633
Remote Config [candidate] (654.925 µs) : 0, 655
Telemetry [baseline] (7.756 ms) : 0, 7756
Telemetry [candidate] (7.909 ms) : 0, 7909
IAST [baseline] (19.567 ms) : 0, 19567
IAST [candidate] (19.605 ms) : 0, 19605
section iast
BytebuddyAgent [baseline] (824.479 ms) : 0, 824479
BytebuddyAgent [candidate] (814.535 ms) : 0, 814535
GlobalTracer [baseline] (310.972 ms) : 0, 310972
GlobalTracer [candidate] (306.819 ms) : 0, 306819
AppSec [baseline] (58.725 ms) : 0, 58725
AppSec [candidate] (57.126 ms) : 0, 57126
Remote Config [baseline] (643.846 µs) : 0, 644
Remote Config [candidate] (645.277 µs) : 0, 645
Telemetry [baseline] (7.681 ms) : 0, 7681
Telemetry [candidate] (7.539 ms) : 0, 7539
IAST [baseline] (21.43 ms) : 0, 21430
IAST [candidate] (21.932 ms) : 0, 21932
section profiling
BytebuddyAgent [baseline] (692.817 ms) : 0, 692817
BytebuddyAgent [candidate] (689.194 ms) : 0, 689194
GlobalTracer [baseline] (435.003 ms) : 0, 435003
GlobalTracer [candidate] (434.795 ms) : 0, 434795
AppSec [baseline] (53.777 ms) : 0, 53777
AppSec [candidate] (54.104 ms) : 0, 54104
Remote Config [baseline] (671.893 µs) : 0, 672
Remote Config [candidate] (665.296 µs) : 0, 665
Telemetry [baseline] (7.7 ms) : 0, 7700
Telemetry [candidate] (7.76 ms) : 0, 7760
ProfilingAgent [baseline] (93.401 ms) : 0, 93401
ProfilingAgent [candidate] (93.542 ms) : 0, 93542
Profiling [baseline] (93.425 ms) : 0, 93425
Profiling [candidate] (93.566 ms) : 0, 93566
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section baseline
no_agent (1.36 ms) : 1340, 1381
. : milestone, 1360,
appsec (1.76 ms) : 1735, 1786
. : milestone, 1760,
appsec_no_iast (1.738 ms) : 1713, 1763
. : milestone, 1738,
iast (1.505 ms) : 1483, 1528
. : milestone, 1505,
profiling (1.549 ms) : 1525, 1573
. : milestone, 1549,
tracing (1.483 ms) : 1458, 1509
. : milestone, 1483,
section candidate
no_agent (1.351 ms) : 1332, 1371
. : milestone, 1351,
appsec (1.779 ms) : 1755, 1803
. : milestone, 1779,
appsec_no_iast (1.753 ms) : 1728, 1779
. : milestone, 1753,
iast (1.485 ms) : 1462, 1508
. : milestone, 1485,
profiling (1.508 ms) : 1485, 1532
. : milestone, 1508,
tracing (1.515 ms) : 1487, 1543
. : milestone, 1515,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section baseline
no_agent (378.177 µs) : 359, 398
. : milestone, 378,
iast (497.378 µs) : 475, 519
. : milestone, 497,
iast_FULL (657.955 µs) : 636, 680
. : milestone, 658,
iast_GLOBAL (522.521 µs) : 501, 544
. : milestone, 523,
iast_HARDCODED_SECRET_DISABLED (495.71 µs) : 473, 518
. : milestone, 496,
iast_INACTIVE (452.895 µs) : 432, 474
. : milestone, 453,
iast_TELEMETRY_OFF (479.586 µs) : 458, 501
. : milestone, 480,
tracing (448.395 µs) : 428, 469
. : milestone, 448,
section candidate
no_agent (373.838 µs) : 354, 394
. : milestone, 374,
iast (493.182 µs) : 472, 515
. : milestone, 493,
iast_FULL (659.32 µs) : 638, 681
. : milestone, 659,
iast_GLOBAL (521.423 µs) : 499, 544
. : milestone, 521,
iast_HARDCODED_SECRET_DISABLED (495.708 µs) : 474, 517
. : milestone, 496,
iast_INACTIVE (455.708 µs) : 434, 477
. : milestone, 456,
iast_TELEMETRY_OFF (481.0 µs) : 460, 502
. : milestone, 481,
tracing (457.486 µs) : 436, 479
. : milestone, 457,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics. Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section baseline
no_agent (1.475 ms) : 1463, 1487
. : milestone, 1475,
appsec (2.35 ms) : 2309, 2392
. : milestone, 2350,
iast (2.088 ms) : 2036, 2141
. : milestone, 2088,
iast_GLOBAL (2.143 ms) : 2090, 2197
. : milestone, 2143,
profiling (2.456 ms) : 2266, 2646
. : milestone, 2456,
tracing (1.946 ms) : 1905, 1988
. : milestone, 1946,
section candidate
no_agent (1.475 ms) : 1463, 1486
. : milestone, 1475,
appsec (2.357 ms) : 2315, 2400
. : milestone, 2357,
iast (2.093 ms) : 2040, 2146
. : milestone, 2093,
iast_GLOBAL (2.146 ms) : 2092, 2200
. : milestone, 2146,
profiling (1.97 ms) : 1927, 2012
. : milestone, 1970,
tracing (1.937 ms) : 1897, 1978
. : milestone, 1937,
Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.44.0-SNAPSHOT~da0f626df2, baseline=1.44.0-SNAPSHOT~626485fbaf
dateFormat X
axisFormat %s
section baseline
no_agent (14.875 s) : 14875000, 14875000
. : milestone, 14875000,
appsec (15.082 s) : 15082000, 15082000
. : milestone, 15082000,
iast (19.015 s) : 19015000, 19015000
. : milestone, 19015000,
iast_GLOBAL (17.901 s) : 17901000, 17901000
. : milestone, 17901000,
profiling (15.223 s) : 15223000, 15223000
. : milestone, 15223000,
tracing (14.832 s) : 14832000, 14832000
. : milestone, 14832000,
section candidate
no_agent (15.215 s) : 15215000, 15215000
. : milestone, 15215000,
appsec (15.16 s) : 15160000, 15160000
. : milestone, 15160000,
iast (18.939 s) : 18939000, 18939000
. : milestone, 18939000,
iast_GLOBAL (18.081 s) : 18081000, 18081000
. : milestone, 18081000,
profiling (15.1 s) : 15100000, 15100000
. : milestone, 15100000,
tracing (15.109 s) : 15109000, 15109000
. : milestone, 15109000,
|
svc-squareup-copybara
pushed a commit
to cashapp/misk
that referenced
this pull request
Dec 16, 2024
| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.49.0` -> `2.50.0` | | [com.google.cloud:google-cloud-core-http](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.48.0` -> `2.49.0` | | [com.google.cloud:google-cloud-spanner](https://github.com/googleapis/java-spanner) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `6.82.0` -> `6.83.0` | | [com.google.cloud:google-cloud-logging](https://github.com/googleapis/java-logging) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.20.7` -> `3.21.0` | | [com.google.cloud:google-cloud-datastore](https://github.com/googleapis/java-datastore) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.24.3` -> `2.25.1` | | [com.google.cloud:google-cloud-core](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.48.0` -> `2.49.0` | | [com.google.api:gax](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.58.0` -> `2.59.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | patch | `2.6.0` -> `2.6.1` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.43.0` -> `1.44.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.43.0` -> `1.44.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.29.32` -> `2.29.34` | | [com.amazonaws:aws-java-sdk-sqs](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-s3](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-dynamodb](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | | [com.amazonaws:aws-java-sdk-core](https://aws.amazon.com/sdkforjava) ([source](https://github.com/aws/aws-sdk-java)) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.12.779` -> `1.12.780` | --- ### Release Notes <details> <summary>googleapis/sdk-platform-java (com.google.api.grpc:proto-google-common-protos)</summary> ### [`v2.50.0`](https://github.com/googleapis/sdk-platform-java/blob/HEAD/CHANGELOG.md#2500-2024-11-14) ##### Features - Add experimental S2A integration in client libraries grpc transport ([#​3326](googleapis/sdk-platform-java#3326)) ([1138ca6](googleapis/sdk-platform-java@1138ca6)) - enable selective generation based on service config include list ([#​3323](googleapis/sdk-platform-java#3323)) ([0cddadb](googleapis/sdk-platform-java@0cddadb)) - introduce `java.time` to java-core ([#​3330](googleapis/sdk-platform-java#3330)) ([f202c3b](googleapis/sdk-platform-java@f202c3b)) - Update Gapic-Generator to generate libraries using `java.time` methods ([#​3321](googleapis/sdk-platform-java#3321)) ([b21c9a4](googleapis/sdk-platform-java@b21c9a4)) ##### Bug Fixes - Fix flaky test ScheduledRetryingExecutorTest.testCancelOuterFutureAfterStart ([#​3335](googleapis/sdk-platform-java#3335)) ([e73740d](googleapis/sdk-platform-java@e73740d)) - httpjson callables to trace attempts (started, failed) ([#​3300](googleapis/sdk-platform-java#3300)) ([15a64ee](googleapis/sdk-platform-java@15a64ee)) - instantiate GaxProperties at build time to ensure we get the protobuf version ([#​3365](googleapis/sdk-platform-java#3365)) ([bb2a3be](googleapis/sdk-platform-java@bb2a3be)) - protobuf version not always getting set in headers ([#​3322](googleapis/sdk-platform-java#3322)) ([7f6e470](googleapis/sdk-platform-java@7f6e470)) - use BuildKit instead of legacy builder to build the Hermetic Build images ([#​3338](googleapis/sdk-platform-java#3338)) ([222fb45](googleapis/sdk-platform-java@222fb45)) ##### Dependencies - update google auth library dependencies to v1.30.0 ([#​3367](googleapis/sdk-platform-java#3367)) ([a31c682](googleapis/sdk-platform-java@a31c682)) - update grpc dependencies to v1.68.1 ([#​3240](googleapis/sdk-platform-java#3240)) ([c8e3941](googleapis/sdk-platform-java@c8e3941)) ##### Documentation - fix list num ([#​3356](googleapis/sdk-platform-java#3356)) ([b7d6296](googleapis/sdk-platform-java@b7d6296)) - **hermetic-build:** indicate usage of Docker Buildkit in development guide ([#​3337](googleapis/sdk-platform-java#3337)) ([01e742d](googleapis/sdk-platform-java@01e742d)) - modify hermetic build docs ([#​3331](googleapis/sdk-platform-java#3331)) ([25023af](googleapis/sdk-platform-java@25023af)) </details> <details> <summary>googleapis/java-spanner (com.google.cloud:google-cloud-spanner)</summary> ### [`v6.83.0`](https://github.com/googleapis/java-spanner/blob/HEAD/CHANGELOG.md#6830-2024-12-13) ##### Features - Add Metrics host for built in metrics ([#​3519](googleapis/java-spanner#3519)) ([4ed455a](googleapis/java-spanner@4ed455a)) - Add opt-in for using multiplexed sessions for blind writes ([#​3540](googleapis/java-spanner#3540)) ([216f53e](googleapis/java-spanner@216f53e)) - Add UUID in Spanner TypeCode enum ([41f83dc](googleapis/java-spanner@41f83dc)) - Introduce java.time variables and methods ([#​3495](googleapis/java-spanner#3495)) ([8a7d533](googleapis/java-spanner@8a7d533)) - **spanner:** Support multiplexed session for Partitioned operations ([#​3231](googleapis/java-spanner#3231)) ([4501a3e](googleapis/java-spanner@4501a3e)) - Support 'set local' for retry_aborts_internally ([#​3532](googleapis/java-spanner#3532)) ([331942f](googleapis/java-spanner@331942f)) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([41f83dc](googleapis/java-spanner@41f83dc)) ##### Dependencies - Update sdk platform java dependencies ([#​3549](googleapis/java-spanner#3549)) ([6235f0f](googleapis/java-spanner@6235f0f)) </details> <details> <summary>googleapis/java-logging (com.google.cloud:google-cloud-logging)</summary> ### [`v3.21.0`](https://github.com/googleapis/java-logging/blob/HEAD/CHANGELOG.md#3210-2024-12-13) ##### Features - Introduce `java.time` methods ([#​1729](googleapis/java-logging#1729)) ([323eb33](googleapis/java-logging@323eb33)) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([04d8868](googleapis/java-logging@04d8868)) ##### Dependencies - Update dependency io.opentelemetry:opentelemetry-bom to v1.45.0 ([#​1638](googleapis/java-logging#1638)) ([7e007d4](googleapis/java-logging@7e007d4)) - Update sdk platform java dependencies ([#​1736](googleapis/java-logging#1736)) ([88b4cdf](googleapis/java-logging@88b4cdf)) </details> <details> <summary>googleapis/java-datastore (com.google.cloud:google-cloud-datastore)</summary> ### [`v2.25.1`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2251-2024-12-13) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.51.0 ([106ee4d](googleapis/java-datastore@106ee4d)) ##### Dependencies - Update sdk platform java dependencies ([#​1685](googleapis/java-datastore#1685)) ([4372350](googleapis/java-datastore@4372350)) ### [`v2.25.0`](https://github.com/googleapis/java-datastore/blob/HEAD/CHANGELOG.md#2250-2024-12-11) ##### Features - Introduce `java.time` methods and variables ([#​1671](googleapis/java-datastore#1671)) ([5a78a80](googleapis/java-datastore@5a78a80)) ##### Dependencies - Update dependency com.google.cloud:gapic-libraries-bom to v1.48.0 ([#​1605](googleapis/java-datastore#1605)) ([5c6a678](googleapis/java-datastore@5c6a678)) ##### Documentation - Update gapic upgrade installation instructions ([#​1677](googleapis/java-datastore#1677)) ([b3fbfcc](googleapis/java-datastore@b3fbfcc)) </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.6.1`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-261) - \[Fix]: `superClassName` can be null (Object has no superclass). </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.44.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.1): 1.44.1 ##### Components ##### Continuous Integration Visibility - 🐛 Fix tracing JUnit5 tests in Maven projects with multiple forks ([#​8089](DataDog/dd-trace-java#8089) - [@​nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) ### [`v1.44.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.44.0): 1.44.0 ##### Known Issues > \[!WARNING]\ > This release contains a known issue that causes failures when using Test Optimization to trace JUnit 5 tests in a Maven project where Maven Surefire is configured with `forkCount` > 1. > The issue is fixed in v1.44.1 ##### Breaking Changes > \[!WARNING]\ > Support for `X-Forwarded` header is dropped from default client IP resolution. > It can still be re-activated using the `dd.trace.client-ip-header=x-forwarded` system property, or the `DD_TRACE_CLIENT_IP_HEADER=x-forwarded` environment variable. See [#​7946](DataDog/dd-trace-java#7946). ##### Components ##### Application Security Management (IAST) - ✨ Set unexpected IAST exceptions to debug log level ([#​8044](DataDog/dd-trace-java#8044) - [@​smola](https://github.com/smola)) - ✨ Increase IAST propagation to StringBuffer subSequence ([#​8038](DataDog/dd-trace-java#8038) - [@​Mariovido](https://github.com/Mariovido)) - ✨ Increase IAST propagation to StringBuilder subSequence ([#​8026](DataDog/dd-trace-java#8026) - [@​Mariovido](https://github.com/Mariovido)) - ✨ Add IAST propagation to String valueOf ([#​8013](DataDog/dd-trace-java#8013) - [@​Mariovido](https://github.com/Mariovido)) - ✨ Increase IAST propagation to StringBuilder append ([#​8010](DataDog/dd-trace-java#8010) - [@​Mariovido](https://github.com/Mariovido)) - ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 ([#​7920](DataDog/dd-trace-java#7920) - [@​Mariovido](https://github.com/Mariovido)) ##### Build & Tooling - ✨ Generate Muzzle classes for Groovy instrumentations ([#​8004](DataDog/dd-trace-java#8004) - [@​nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) ##### Continuous Integration Visibility - ✨ Support distributed traces in tests ([#​8078](DataDog/dd-trace-java#8078) - [@​nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Implement fail-fast tests ordering for JUnit 5 ([#​8055](DataDog/dd-trace-java#8055) - [@​nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Mark JUnit 5 setup and teardown action spans as failed if there is an error ([#​8033](DataDog/dd-trace-java#8033) - [@​nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add tracing of setup and teardown actions in JUnit 4 ([#​8030](DataDog/dd-trace-java#8030) - [@​daniel-mohedano](https://github.com/daniel-mohedano)) ##### Crash tracking - ✨ Improve crash tracking install logging ([#​8045](DataDog/dd-trace-java#8045) - [@​PerfectSlayer](https://github.com/PerfectSlayer)) ##### Data Streams Monitoring - 🐛 Add Data Streams support in AWS SQS without raw message delivery ([#​8071](DataDog/dd-trace-java#8071) - [@​piochelepiotr](https://github.com/piochelepiotr)) - ✨ Add new tag for enabled products / features to DSM checkpoints ([#​8051](DataDog/dd-trace-java#8051) - [@​kr-igor](https://github.com/kr-igor)) - 💡 Instrument self hosted Kafka connectors ([#​7959](DataDog/dd-trace-java#7959) - [@​piochelepiotr](https://github.com/piochelepiotr)) ##### Dynamic Instrumentation - ✨ Add Micronaut 4 support for code origin for spans ([#​8039](DataDog/dd-trace-java#8039) - [@​jpbempel](https://github.com/jpbempel)) - ✨ Refactor probe matching for methods ([#​8021](DataDog/dd-trace-java#8021) - [@​jpbempel](https://github.com/jpbempel)) - ✨ Update the CodeOriginProbe fingerprint to not rely on a stack walk ([#​8016](DataDog/dd-trace-java#8016) - [@​evanchooly](https://github.com/evanchooly)) - ✨ Implement code origin support for grpc server entry spans ([#​7942](DataDog/dd-trace-java#7942) - [@​evanchooly](https://github.com/evanchooly)) ##### GraalVM native-image - 🐛 Update Graal build-time instrumentation config for TracePropagationStyle ([#​8065](DataDog/dd-trace-java#8065) - [@​MattAlp](https://github.com/MattAlp)) - 🐛 Fix NoClassDefFoundError: Could not initialize class DDSpanLink$EncoderHolder in Graal native-image ([#​8036](DataDog/dd-trace-java#8036) - [@​mcculls](https://github.com/mcculls)) - 🐛🧹 Fix native-image generation of reactive applications ([#​8012](DataDog/dd-trace-java#8012) - [@​mcculls](https://github.com/mcculls)) ##### OpenTracing - 🧹 Custom ScopeManagers are deprecated and will be removed in a future release of dd-trace-ot ([#​8058](DataDog/dd-trace-java#8058) - [@​mcculls](https://github.com/mcculls)) ##### Tracer core - ✨🧪 Service naming: split by jee deployment ([#​8064](DataDog/dd-trace-java#8064) - [@​amarziali](https://github.com/amarziali)) - ✨ Exclude jboss mdb proxies from instrumenting ([#​8061](DataDog/dd-trace-java#8061) - [@​amarziali](https://github.com/amarziali)) - ✨ Add a built-in trace interceptor for keeping traces depending of their latency ([#​8040](DataDog/dd-trace-java#8040) - [@​cecile75](https://github.com/cecile75)) - 💡 Introduce marker mechanism for eagerly initializing helpers ([#​8028](DataDog/dd-trace-java#8028) - [@​mcculls](https://github.com/mcculls)) - 💡 Add JSON component ([#​7973](DataDog/dd-trace-java#7973) - [@​PerfectSlayer](https://github.com/PerfectSlayer)) - ✨⚠️ Remove support for X-Forwarded in client IP resolution ([#​7946](DataDog/dd-trace-java#7946) - [@​smola](https://github.com/smola)) ##### Instrumentations ##### Apache HttpComponents - ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 ([#​7920](DataDog/dd-trace-java#7920) - [@​Mariovido](https://github.com/Mariovido)) ##### gRPC instrumentation - 🐛 Use lower priorities for grpc server errors ([#​8043](DataDog/dd-trace-java#8043) - [@​amarziali](https://github.com/amarziali)) ##### JDBC instrumentation - ✨ Add trace injection for prepared statements in Postgres ([#​7940](DataDog/dd-trace-java#7940) - [@​nenadnoveljic](https://github.com/nenadnoveljic)) ##### JMS instrumentation - 🐛 Protect mdb from instrumenting multiple time the same event ([#​8062](DataDog/dd-trace-java#8062) - [@​amarziali](https://github.com/amarziali)) ##### Kafka instrumentation - 💡 Instrument self hosted Kafka connectors ([#​7959](DataDog/dd-trace-java#7959) - [@​piochelepiotr](https://github.com/piochelepiotr)) ##### OpenTelemetry instrumentation - 🐛 Support using OpenTelemetry Event API inside `@WithSpan` annotated method ([#​8019](DataDog/dd-trace-java#8019) - [@​mcculls](https://github.com/mcculls)) ##### Reactor instrumentation - 🐛🧹 Fix native-image generation of reactive applications ([#​8012](DataDog/dd-trace-java#8012) - [@​mcculls](https://github.com/mcculls)) ##### Spring instrumentation - 🐛 Avoid double instrumenting lambdas on latest spring scheduling ([#​8005](DataDog/dd-trace-java#8005) - [@​amarziali](https://github.com/amarziali)) ##### All other instrumentations - 🐛 Twilio: allow service name flattening ([#​8025](DataDog/dd-trace-java#8025) - [@​amarziali](https://github.com/amarziali)) - ✨ Instrument Mulesoft 4.5.0+ ([#​7981](DataDog/dd-trace-java#7981) - [@​amarziali](https://github.com/amarziali)) </details> <details> <summary>aws/aws-sdk-java (com.amazonaws:aws-java-sdk-sqs)</summary> ### [`v1.12.780`](https://github.com/aws/aws-sdk-java/blob/HEAD/CHANGELOG.md#112780-2024-12-11) [Compare Source](aws/aws-sdk-java@1.12.779...1.12.780) #### **Amazon Simple Storage Service** - ### Bugfixes - AWS SDK for Java 1.x now includes additional validation for Amazon S3 client APIs to handle scenarios where an empty string ('') is passed as the key argument to the following operations: PutObject, DeleteObject, ListObjects, GetObjectMetaData, ListObjectsV2, SetObjectTagging, GetObjectTagging, SetObjectAcl, GetObjectAcl, SetObjectLegalHold, GetObjectLegalHold, CopyObject, CopyPart, SelectObjectContent, SetObjectRetention, GetObjectRetention, AbortMultipartUpload, CompleteMultipartUpload, InitiateMultipartUpload, ListParts, UploadPart, RestoreObjectV2, and RestoreObject. The SDK will validate the key argument and throw an exception if it is an empty string, ensuring correct and expected behavior. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 69831bc62ea4d80cdcd42cef2aa9bd8eda28ae8c
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
Set logs from
IastModule#onUnexpectedException
to debug level.Motivation
Unexpected exceptions in IAST, when caught by
IastModule#onUnexpectedException
should be safe for the application. Logging to warning level has sometimes become the source of problems for some customers (e.g. most recently, broken log format).These exceptions should not happen, but when they do, they may happen frequently.
We will still received redacted exceptions through telemetry, so we'll continue to proactively fix them without bothering end users.
Additional Notes
Contributor Checklist
type:
and (comp:
orinst:
) labels in addition to any usefull labelsclose
,fix
or any linking keywords when referencing an issue.Use
solves
instead, and assign the PR milestone to the issue[ ] Update the public documentation in case of new configuration flag or behaviorJira ticket: [PROJ-IDENT]