refactor(remote_config): move appsec-specific logic to appsec folder

[watson]

What Does This Do?

Resolves the TODO in remote_config/index.js by moving all appsec-specific remote configuration logic into the appsec folder, improving separation of concerns and module independence.

Motivation

The remote_config module contained appsec-specific code including:

• WAF update capabilities and subscriptions
• ASM_FEATURES product handlers
• User tracking configuration
• Appsec enable/disable logic via remote config

This created tight coupling between core remote config and appsec, making both modules harder to understand and maintain. The remote_config module should focus on core APM tracing capabilities and be agnostic to appsec.

Benefits

• Clear ownership: All appsec functionality lives in the appsec folder
• Reduced coupling: remote_config has zero knowledge of appsec
• Better testability: Each module tested independently with proper mocks
• Improved maintainability: Easier to understand each module's scope
• Preserved optimizations: Lazy loading still works for serverless cold starts

[watson]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• feat(debugger): add Remote Enablement support #7137
• refactor(remote_config): move capability registration to feature modules #7127
• refactor(remote_config): move appsec-specific logic to appsec folder #7122 👈 (View in Graphite)
• refactor(remote-config): replace kPreUpdate with batch handler API (DEBUG-4402) #7121
• master

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

Overall package size

Self size: 4.36 MB
Deduped: 5.19 MB
No deduping: 5.19 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | import-in-the-middle | 2.0.0 | 68.46 kB | 797.03 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.82%. Comparing base (c18a9fe) to head (69d7527).

Additional details and impacted files

@@                  Coverage Diff                   @@
##           watson/refactor-rc    #7122      +/-   ##
======================================================
+ Coverage               84.81%   84.82%   +0.01%     
======================================================
  Files                     522      523       +1     
  Lines                   22207    22213       +6     
======================================================
+ Hits                    18834    18842       +8     
+ Misses                   3373     3371       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-12-19 19:11:44

Comparing candidate commit 69d7527 in PR branch watson/DEBUG-4402/split-rc-and-appsec with baseline commit c18a9fe in branch watson/refactor-rc.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 291 metrics, 29 unstable metrics.