Skip to content

chore(ci): bump the gh-actions-packages group with 2 updates #9744

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 15, 2025
Merged

chore(ci): bump the gh-actions-packages group with 2 updates #9744

merged 2 commits into from
Oct 15, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 13, 2025

Bumps the gh-actions-packages group with 2 updates: DataDog/commit-headless and github/codeql-action.

Updates DataDog/commit-headless from 1.0.0 to 2.0.1

Commits
  • 5a0f387 Update action from 29c7301f20fadf7ce454d09070177e6287c0d873
  • c7eae69 Update action from 4b1ca1a256a88d7b2dbaebaed56dcf3f0aa9c9d6
  • See full diff in compare view

Updates github/codeql-action from 3.30.6 to 4.30.8

Release notes

Sourced from github/codeql-action's releases.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.7 - 06 Oct 2025

  • [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

See the full CHANGELOG.md for more information.

v3.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.7 - 06 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

  • [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

  • Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

  • We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
  • Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

  • Fixed a bug which could cause language autodetection to fail. #3084
  • Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

3.30.1 - 05 Sep 2025

  • Update default CodeQL bundle version to 2.23.0. #3077

3.30.0 - 01 Sep 2025

  • Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #3054

3.29.11 - 21 Aug 2025

... (truncated)

Commits
  • f443b60 Merge pull request #3198 from github/update-v4.30.8-527f0f324
  • 7a2cb62 Update changelog for v4.30.8
  • 527f0f3 Merge pull request #3195 from github/dependabot/npm_and_yarn/npm-minor-37415c...
  • f402506 Merge pull request #3196 from github/dependabot/github_actions/dot-github/wor...
  • f5e53f9 Merge pull request #3197 from github/dependabot/github_actions/dot-github/wor...
  • 4e90a42 Merge pull request #3193 from github/mbg/ff/tools-toolcache
  • 413a4a4 Rebuild
  • 4521864 Bump github/codeql-action from 3 to 4 in /.github/workflows
  • eadf14b Bump ruby/setup-ruby
  • e1257b6 Rebuild
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(ci): bump the gh-actions-packages group with 2 updates
9cf8c31 
Bumps the gh-actions-packages group with 2 updates: [DataDog/commit-headless](https://github.com/datadog/commit-headless) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `DataDog/commit-headless` from 1.0.0 to 2.0.1
- [Changelog](https://github.com/DataDog/commit-headless/blob/main/pushchanges.go)
- [Commits](DataDog/commit-headless@1186485...5a0f387)

Updates `github/codeql-action` from 3.30.6 to 4.30.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@64d10c1...f443b60)

---
updated-dependencies:
- dependency-name: DataDog/commit-headless
  dependency-version: 2.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gh-actions-packages
- dependency-name: github/codeql-action
  dependency-version: 4.30.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes labels Oct 13, 2025
@dependabot dependabot bot requested a review from a team as a code owner October 13, 2025 17:14
@dependabot dependabot bot added the comp: tooling Build & Tooling label Oct 13, 2025
@dependabot dependabot bot requested review from dougqh and removed request for a team October 13, 2025 17:14
@datadog-official
Copy link

datadog-official bot commented Oct 13, 2025
edited by datadog-datadog-prod-us1 bot
Loading

🎯 Code Coverage
Patch Coverage: 100.00%
Total Coverage: 59.88% (-0.03%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: b86b94f | Docs | Was this helpful? Give us feedback!

@pr-commenter
Copy link

pr-commenter bot commented Oct 13, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-b15392b4eb
git_commit_date 1760529169 1760530469
git_commit_sha 4f6f6b0 b86b94f
release_version 1.55.0-SNAPSHOT~4f6f6b0d56 1.55.0-SNAPSHOT~b86b94ff33
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1760532364 1760532364
ci_job_id 1180172013 1180172013
ci_pipeline_id 79362979 79362979
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-c5brt573 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-c5brt573 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 57 metrics, 8 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.025 s) : 0, 1024901
Total [baseline] (10.711 s) : 0, 10711139
Agent [candidate] (1.027 s) : 0, 1027396
Total [candidate] (10.732 s) : 0, 10732371
section appsec
Agent [baseline] (1.197 s) : 0, 1196542
Total [baseline] (11.064 s) : 0, 11063743
Agent [candidate] (1.193 s) : 0, 1193254
Total [candidate] (11.068 s) : 0, 11067617
section iast
Agent [baseline] (1.151 s) : 0, 1151454
Total [baseline] (11.017 s) : 0, 11017373
Agent [candidate] (1.16 s) : 0, 1159596
Total [candidate] (10.95 s) : 0, 10949608
section profiling
Agent [baseline] (1.162 s) : 0, 1161664
Total [baseline] (10.991 s) : 0, 10991377
Agent [candidate] (1.161 s) : 0, 1161102
Total [candidate] (11.033 s) : 0, 11032562
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.025 s -
Agent appsec 1.197 s 171.641 ms (16.7%)
Agent iast 1.151 s 126.553 ms (12.3%)
Agent profiling 1.162 s 136.763 ms (13.3%)
Total tracing 10.711 s -
Total appsec 11.064 s 352.604 ms (3.3%)
Total iast 11.017 s 306.234 ms (2.9%)
Total profiling 10.991 s 280.238 ms (2.6%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.027 s -
Agent appsec 1.193 s 165.859 ms (16.1%)
Agent iast 1.16 s 132.2 ms (12.9%)
Agent profiling 1.161 s 133.706 ms (13.0%)
Total tracing 10.732 s -
Total appsec 11.068 s 335.246 ms (3.1%)
Total iast 10.95 s 217.237 ms (2.0%)
Total profiling 11.033 s 300.191 ms (2.8%) 
gantt
    title petclinic - break down per module: candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.475 ms) : 0, 1475
crashtracking [candidate] (1.462 ms) : 0, 1462
BytebuddyAgent [baseline] (698.876 ms) : 0, 698876
BytebuddyAgent [candidate] (700.207 ms) : 0, 700207
GlobalTracer [baseline] (243.887 ms) : 0, 243887
GlobalTracer [candidate] (244.565 ms) : 0, 244565
AppSec [baseline] (32.764 ms) : 0, 32764
AppSec [candidate] (33.164 ms) : 0, 33164
Debugger [baseline] (6.469 ms) : 0, 6469
Debugger [candidate] (6.577 ms) : 0, 6577
Remote Config [baseline] (721.214 µs) : 0, 721
Remote Config [candidate] (700.825 µs) : 0, 701
Telemetry [baseline] (9.399 ms) : 0, 9399
Telemetry [candidate] (9.367 ms) : 0, 9367
Flare Poller [baseline] (9.99 ms) : 0, 9990
Flare Poller [candidate] (10.143 ms) : 0, 10143
section appsec
crashtracking [baseline] (1.473 ms) : 0, 1473
crashtracking [candidate] (1.444 ms) : 0, 1444
BytebuddyAgent [baseline] (719.33 ms) : 0, 719330
BytebuddyAgent [candidate] (717.287 ms) : 0, 717287
GlobalTracer [baseline] (234.98 ms) : 0, 234980
GlobalTracer [candidate] (234.199 ms) : 0, 234199
AppSec [baseline] (175.491 ms) : 0, 175491
AppSec [candidate] (175.176 ms) : 0, 175176
Debugger [baseline] (6.203 ms) : 0, 6203
Debugger [candidate] (6.137 ms) : 0, 6137
Remote Config [baseline] (638.81 µs) : 0, 639
Remote Config [candidate] (622.322 µs) : 0, 622
Telemetry [baseline] (8.507 ms) : 0, 8507
Telemetry [candidate] (8.467 ms) : 0, 8467
Flare Poller [baseline] (3.923 ms) : 0, 3923
Flare Poller [candidate] (3.927 ms) : 0, 3927
IAST [baseline] (24.899 ms) : 0, 24899
IAST [candidate] (24.921 ms) : 0, 24921
section iast
crashtracking [baseline] (1.466 ms) : 0, 1466
crashtracking [candidate] (1.455 ms) : 0, 1455
BytebuddyAgent [baseline] (815.808 ms) : 0, 815808
BytebuddyAgent [candidate] (821.525 ms) : 0, 821525
GlobalTracer [baseline] (231.565 ms) : 0, 231565
GlobalTracer [candidate] (232.752 ms) : 0, 232752
AppSec [baseline] (34.939 ms) : 0, 34939
AppSec [candidate] (34.686 ms) : 0, 34686
Debugger [baseline] (6.213 ms) : 0, 6213
Debugger [candidate] (6.204 ms) : 0, 6204
Remote Config [baseline] (625.401 µs) : 0, 625
Remote Config [candidate] (625.35 µs) : 0, 625
Telemetry [baseline] (8.703 ms) : 0, 8703
Telemetry [candidate] (8.916 ms) : 0, 8916
Flare Poller [baseline] (4.175 ms) : 0, 4175
Flare Poller [candidate] (4.246 ms) : 0, 4246
IAST [baseline] (26.412 ms) : 0, 26412
IAST [candidate] (27.626 ms) : 0, 27626
section profiling
ProfilingAgent [baseline] (107.845 ms) : 0, 107845
ProfilingAgent [candidate] (107.249 ms) : 0, 107249
crashtracking [baseline] (1.427 ms) : 0, 1427
crashtracking [candidate] (1.437 ms) : 0, 1437
BytebuddyAgent [baseline] (722.105 ms) : 0, 722105
BytebuddyAgent [candidate] (721.132 ms) : 0, 721132
GlobalTracer [baseline] (217.692 ms) : 0, 217692
GlobalTracer [candidate] (217.725 ms) : 0, 217725
AppSec [baseline] (32.27 ms) : 0, 32270
AppSec [candidate] (32.241 ms) : 0, 32241
Debugger [baseline] (6.443 ms) : 0, 6443
Debugger [candidate] (6.445 ms) : 0, 6445
Remote Config [baseline] (725.499 µs) : 0, 725
Remote Config [candidate] (722.054 µs) : 0, 722
Telemetry [baseline] (16.033 ms) : 0, 16033
Telemetry [candidate] (15.3 ms) : 0, 15300
Flare Poller [baseline] (4.136 ms) : 0, 4136
Flare Poller [candidate] (4.959 ms) : 0, 4959
Profiling [baseline] (108.864 ms) : 0, 108864
Profiling [candidate] (109.147 ms) : 0, 109147
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.021 s) : 0, 1020621
Total [baseline] (8.695 s) : 0, 8694845
Agent [candidate] (1.017 s) : 0, 1017489
Total [candidate] (8.726 s) : 0, 8726100
section iast
Agent [baseline] (1.152 s) : 0, 1152110
Total [baseline] (9.311 s) : 0, 9311081
Agent [candidate] (1.148 s) : 0, 1148345
Total [candidate] (9.308 s) : 0, 9307868
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.021 s -
Agent iast 1.152 s 131.489 ms (12.9%)
Total tracing 8.695 s -
Total iast 9.311 s 616.236 ms (7.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.017 s -
Agent iast 1.148 s 130.857 ms (12.9%)
Total tracing 8.726 s -
Total iast 9.308 s 581.768 ms (6.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.466 ms) : 0, 1466
crashtracking [candidate] (1.454 ms) : 0, 1454
BytebuddyAgent [baseline] (695.787 ms) : 0, 695787
BytebuddyAgent [candidate] (694.834 ms) : 0, 694834
GlobalTracer [baseline] (242.39 ms) : 0, 242390
GlobalTracer [candidate] (242.1 ms) : 0, 242100
AppSec [baseline] (32.696 ms) : 0, 32696
AppSec [candidate] (32.461 ms) : 0, 32461
Debugger [baseline] (6.466 ms) : 0, 6466
Debugger [candidate] (6.422 ms) : 0, 6422
Remote Config [baseline] (704.998 µs) : 0, 705
Remote Config [candidate] (691.244 µs) : 0, 691
Telemetry [baseline] (9.425 ms) : 0, 9425
Telemetry [candidate] (9.273 ms) : 0, 9273
Flare Poller [baseline] (10.458 ms) : 0, 10458
Flare Poller [candidate] (9.175 ms) : 0, 9175
section iast
crashtracking [baseline] (1.485 ms) : 0, 1485
crashtracking [candidate] (1.469 ms) : 0, 1469
BytebuddyAgent [baseline] (816.299 ms) : 0, 816299
BytebuddyAgent [candidate] (813.718 ms) : 0, 813718
GlobalTracer [baseline] (231.686 ms) : 0, 231686
GlobalTracer [candidate] (230.838 ms) : 0, 230838
IAST [baseline] (26.279 ms) : 0, 26279
IAST [candidate] (26.343 ms) : 0, 26343
AppSec [baseline] (35.193 ms) : 0, 35193
AppSec [candidate] (34.778 ms) : 0, 34778
Debugger [baseline] (6.12 ms) : 0, 6120
Debugger [candidate] (6.147 ms) : 0, 6147
Remote Config [baseline] (606.834 µs) : 0, 607
Remote Config [candidate] (606.437 µs) : 0, 606
Telemetry [baseline] (8.626 ms) : 0, 8626
Telemetry [candidate] (8.693 ms) : 0, 8693
Flare Poller [baseline] (4.287 ms) : 0, 4287
Flare Poller [candidate] (4.26 ms) : 0, 4260
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-b15392b4eb
git_commit_date 1760529169 1760530469
git_commit_sha 4f6f6b0 b86b94f
release_version 1.55.0-SNAPSHOT~4f6f6b0d56 1.55.0-SNAPSHOT~b86b94ff33
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1760531935 1760531935
ci_job_id 1180172016 1180172016
ci_pipeline_id 79362979 79362979
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-9jvugqqp 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-9jvugqqp 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 5 performance improvements and 3 performance regressions! Performance is the same for 4 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:no_agent:high_load better
[-208.297µs; -106.201µs] or [-4.820%; -2.457%]		 unstable
[-77.947op/s; +156.697op/s] or [-7.342%; +14.760%]		 4.164ms 1101.000op/s 4.322ms 1061.625op/s
scenario:load:insecure-bank:profiling:high_load better
[-1.176ms; -0.850ms] or [-12.189%; -8.817%]		 unstable
[-9.380op/s; +121.130op/s] or [-1.948%; +25.157%]		 8.632ms 537.375op/s 9.645ms 481.500op/s
scenario:load:insecure-bank:iast_GLOBAL:high_load worse
[+241.148µs; +639.562µs] or [+2.361%; +6.263%]		 unstable
[-70.188op/s; +32.875op/s] or [-15.427%; +7.226%]		 10.653ms 436.312op/s 10.212ms 454.969op/s
scenario:load:petclinic:appsec:high_load better
[-2.161ms; -1.222ms] or [-4.389%; -2.481%]		 unstable
[-3.574op/s; +10.249op/s] or [-3.761%; +10.784%]		 47.552ms 98.375op/s 49.243ms 95.037op/s
scenario:load:petclinic:code_origins:high_load worse
[+1.773ms; +2.598ms] or [+4.147%; +6.078%]		 unstable
[-12.466op/s; +1.866op/s] or [-11.396%; +1.706%]		 44.939ms 104.088op/s 42.753ms 109.388op/s
scenario:load:petclinic:profiling:high_load better
[-2.143ms; -1.237ms] or [-4.455%; -2.571%]		 unstable
[-3.304op/s; +10.329op/s] or [-3.396%; +10.617%]		 46.415ms 100.800op/s 48.105ms 97.287op/s
scenario:load:petclinic:iast:high_load better
[-1.834ms; -0.980ms] or [-4.005%; -2.140%]		 unstable
[-4.193op/s; +10.693op/s] or [-4.104%; +10.467%]		 44.381ms 105.412op/s 45.788ms 102.162op/s
scenario:load:petclinic:tracing:high_load worse
[+0.891ms; +1.732ms] or [+2.016%; +3.919%]		 unstable
[-10.235op/s; +4.335op/s] or [-9.670%; +4.096%]		 45.498ms 102.888op/s 44.187ms 105.838op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.322 ms) : 4273, 4370
.   : milestone, 4322,
iast (9.739 ms) : 9576, 9902
.   : milestone, 9739,
iast_FULL (14.976 ms) : 14681, 15270
.   : milestone, 14976,
iast_GLOBAL (10.212 ms) : 10034, 10391
.   : milestone, 10212,
profiling (9.645 ms) : 9483, 9806
.   : milestone, 9645,
tracing (7.572 ms) : 7462, 7682
.   : milestone, 7572,
section candidate
no_agent (4.164 ms) : 4118, 4211
.   : milestone, 4164,
iast (9.864 ms) : 9699, 10029
.   : milestone, 9864,
iast_FULL (14.819 ms) : 14521, 15117
.   : milestone, 14819,
iast_GLOBAL (10.653 ms) : 10461, 10844
.   : milestone, 10653,
profiling (8.632 ms) : 8492, 8771
.   : milestone, 8632,
tracing (7.594 ms) : 7477, 7710
.   : milestone, 7594,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.322 ms [4.273 ms, 4.37 ms] -
iast 9.739 ms [9.576 ms, 9.902 ms] 5.418 ms (125.4%)
iast_FULL 14.976 ms [14.681 ms, 15.27 ms] 10.654 ms (246.5%)
iast_GLOBAL 10.212 ms [10.034 ms, 10.391 ms] 5.891 ms (136.3%)
profiling 9.645 ms [9.483 ms, 9.806 ms] 5.323 ms (123.2%)
tracing 7.572 ms [7.462 ms, 7.682 ms] 3.25 ms (75.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.164 ms [4.118 ms, 4.211 ms] -
iast 9.864 ms [9.699 ms, 10.029 ms] 5.7 ms (136.9%)
iast_FULL 14.819 ms [14.521 ms, 15.117 ms] 10.655 ms (255.9%)
iast_GLOBAL 10.653 ms [10.461 ms, 10.844 ms] 6.488 ms (155.8%)
profiling 8.632 ms [8.492 ms, 8.771 ms] 4.467 ms (107.3%)
tracing 7.594 ms [7.477 ms, 7.71 ms] 3.429 ms (82.4%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56
    dateFormat X
    axisFormat %s
section baseline
no_agent (36.894 ms) : 36593, 37195
.   : milestone, 36894,
appsec (49.243 ms) : 48799, 49687
.   : milestone, 49243,
code_origins (42.753 ms) : 42379, 43127
.   : milestone, 42753,
iast (45.788 ms) : 45389, 46186
.   : milestone, 45788,
profiling (48.105 ms) : 47663, 48547
.   : milestone, 48105,
tracing (44.187 ms) : 43809, 44565
.   : milestone, 44187,
section candidate
no_agent (36.554 ms) : 36267, 36841
.   : milestone, 36554,
appsec (47.552 ms) : 47122, 47981
.   : milestone, 47552,
code_origins (44.939 ms) : 44546, 45332
.   : milestone, 44939,
iast (44.381 ms) : 43986, 44776
.   : milestone, 44381,
profiling (46.415 ms) : 46016, 46814
.   : milestone, 46415,
tracing (45.498 ms) : 45095, 45901
.   : milestone, 45498,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.894 ms [36.593 ms, 37.195 ms] -
appsec 49.243 ms [48.799 ms, 49.687 ms] 12.349 ms (33.5%)
code_origins 42.753 ms [42.379 ms, 43.127 ms] 5.859 ms (15.9%)
iast 45.788 ms [45.389 ms, 46.186 ms] 8.894 ms (24.1%)
profiling 48.105 ms [47.663 ms, 48.547 ms] 11.211 ms (30.4%)
tracing 44.187 ms [43.809 ms, 44.565 ms] 7.293 ms (19.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.554 ms [36.267 ms, 36.841 ms] -
appsec 47.552 ms [47.122 ms, 47.981 ms] 10.998 ms (30.1%)
code_origins 44.939 ms [44.546 ms, 45.332 ms] 8.385 ms (22.9%)
iast 44.381 ms [43.986 ms, 44.776 ms] 7.827 ms (21.4%)
profiling 46.415 ms [46.016 ms, 46.814 ms] 9.861 ms (27.0%)
tracing 45.498 ms [45.095 ms, 45.901 ms] 8.944 ms (24.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-b15392b4eb
git_commit_date 1760529169 1760530469
git_commit_sha 4f6f6b0 b86b94f
release_version 1.55.0-SNAPSHOT~4f6f6b0d56 1.55.0-SNAPSHOT~b86b94ff33
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1760532531 1760532531
ci_job_id 1180172018 1180172018
ci_pipeline_id 79362979 79362979
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-b4azugwy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-b4azugwy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.471 ms) : 1459, 1482
.   : milestone, 1471,
appsec (3.709 ms) : 3491, 3927
.   : milestone, 3709,
iast (2.217 ms) : 2153, 2281
.   : milestone, 2217,
iast_GLOBAL (2.25 ms) : 2185, 2315
.   : milestone, 2250,
profiling (2.055 ms) : 2004, 2107
.   : milestone, 2055,
tracing (2.034 ms) : 1984, 2084
.   : milestone, 2034,
section candidate
no_agent (1.472 ms) : 1460, 1483
.   : milestone, 1472,
appsec (3.688 ms) : 3473, 3902
.   : milestone, 3688,
iast (2.211 ms) : 2147, 2276
.   : milestone, 2211,
iast_GLOBAL (2.249 ms) : 2185, 2314
.   : milestone, 2249,
profiling (2.056 ms) : 2004, 2107
.   : milestone, 2056,
tracing (2.026 ms) : 1976, 2076
.   : milestone, 2026,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.471 ms [1.459 ms, 1.482 ms] -
appsec 3.709 ms [3.491 ms, 3.927 ms] 2.238 ms (152.2%)
iast 2.217 ms [2.153 ms, 2.281 ms] 746.001 µs (50.7%)
iast_GLOBAL 2.25 ms [2.185 ms, 2.315 ms] 778.871 µs (53.0%)
profiling 2.055 ms [2.004 ms, 2.107 ms] 584.541 µs (39.7%)
tracing 2.034 ms [1.984 ms, 2.084 ms] 562.854 µs (38.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.472 ms [1.46 ms, 1.483 ms] -
appsec 3.688 ms [3.473 ms, 3.902 ms] 2.216 ms (150.6%)
iast 2.211 ms [2.147 ms, 2.276 ms] 739.758 µs (50.3%)
iast_GLOBAL 2.249 ms [2.185 ms, 2.314 ms] 777.725 µs (52.8%)
profiling 2.056 ms [2.004 ms, 2.107 ms] 583.795 µs (39.7%)
tracing 2.026 ms [1.976 ms, 2.076 ms] 554.208 µs (37.7%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.55.0-SNAPSHOT~b86b94ff33, baseline=1.55.0-SNAPSHOT~4f6f6b0d56
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.033 s) : 15033000, 15033000
.   : milestone, 15033000,
appsec (15.027 s) : 15027000, 15027000
.   : milestone, 15027000,
iast (18.725 s) : 18725000, 18725000
.   : milestone, 18725000,
iast_GLOBAL (18.283 s) : 18283000, 18283000
.   : milestone, 18283000,
profiling (15.254 s) : 15254000, 15254000
.   : milestone, 15254000,
tracing (15.212 s) : 15212000, 15212000
.   : milestone, 15212000,
section candidate
no_agent (15.234 s) : 15234000, 15234000
.   : milestone, 15234000,
appsec (14.962 s) : 14962000, 14962000
.   : milestone, 14962000,
iast (18.301 s) : 18301000, 18301000
.   : milestone, 18301000,
iast_GLOBAL (18.062 s) : 18062000, 18062000
.   : milestone, 18062000,
profiling (15.159 s) : 15159000, 15159000
.   : milestone, 15159000,
tracing (15.053 s) : 15053000, 15053000
.   : milestone, 15053000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.033 s [15.033 s, 15.033 s] -
appsec 15.027 s [15.027 s, 15.027 s] -6.0 ms (-0.0%)
iast 18.725 s [18.725 s, 18.725 s] 3.692 s (24.6%)
iast_GLOBAL 18.283 s [18.283 s, 18.283 s] 3.25 s (21.6%)
profiling 15.254 s [15.254 s, 15.254 s] 221.0 ms (1.5%)
tracing 15.212 s [15.212 s, 15.212 s] 179.0 ms (1.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.234 s [15.234 s, 15.234 s] -
appsec 14.962 s [14.962 s, 14.962 s] -272.0 ms (-1.8%)
iast 18.301 s [18.301 s, 18.301 s] 3.067 s (20.1%)
iast_GLOBAL 18.062 s [18.062 s, 18.062 s] 2.828 s (18.6%)
profiling 15.159 s [15.159 s, 15.159 s] -75.0 ms (-0.5%)
tracing 15.053 s [15.053 s, 15.053 s] -181.0 ms (-1.2%)

PerfectSlayer
PerfectSlayer approved these changes Oct 15, 2025
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📝 notes: I had to update codeql-action tag comment manually

@PerfectSlayer PerfectSlayer enabled auto-merge (squash) October 15, 2025 12:15
@PerfectSlayer PerfectSlayer merged commit d506c27 into master Oct 15, 2025
530 checks passed
@PerfectSlayer PerfectSlayer deleted the dependabot/github_actions/gh-actions-packages-b15392b4eb branch October 15, 2025 13:05
@github-actions github-actions bot added this to the 1.55.0 milestone Oct 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

@dougqh dougqh Awaiting requested review from dougqh dougqh is a code owner automatically assigned from DataDog/apm-lang-platform-java

Assignees

No one assigned

Labels

comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes

Projects

None yet

Milestone

1.55.0

Development

Successfully merging this pull request may close these issues.

2 participants

@PerfectSlayer