Add support for endpoint discovery in spring mvc #8352

manuel-alvarez-alvarez · 2025-02-07T08:42:11Z

What Does This Do

This update involves parsing all the endpoints defined by Spring MVC using org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping. The parsed endpoint data is then transmitted to the backend via telemetry to build an API catalog for the service, eliminating the need for any previous traffic.

The PR introduces a new configuration variable DD_API_SECURITY_ENDPOINT_COLLECTION_ENABLED (false by default) to enable/disable this new feature.

Motivation

Additional Notes

Contributor Checklist

Format the title according the contribution guidelines
Assign the type: and (comp: or inst:) labels in addition to any usefull labels
Don't use close, fix or any linking keywords when referencing an issue.
Use solves instead, and assign the PR milestone to the issue
Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-56437

pr-commenter · 2025-02-07T09:28:22Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	malvarez/waf-endpoint-discovery-spring
git_commit_date	1743167893	1743169255
git_commit_sha	`4f278de`	`5302575`
release_version	1.48.0-SNAPSHOT~4f278de73a	1.48.0-SNAPSHOT~5302575dc8

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1743172423	1743172423
ci_job_id	869986617	869986617
ci_pipeline_id	60329875	60329875
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-5gca-jya-project-304-concurrent-0-r8phikjk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-5gca-jya-project-304-concurrent-0-r8phikjk 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 65 metrics, 5 unstable metrics.

scenario	Δ mean execution_time	candidate mean execution_time	baseline mean execution_time
scenario:startup:insecure-bank:iast_TELEMETRY_OFF:Remote Config	worse [+16.436µs; +57.101µs] or [+2.801%; +9.730%]	623.610µs	586.841µs

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.055 s) : 0, 1054613
Total [baseline] (10.451 s) : 0, 10451407
Agent [candidate] (1.059 s) : 0, 1058905
Total [candidate] (10.52 s) : 0, 10520466
section appsec
Agent [baseline] (1.189 s) : 0, 1189312
Total [baseline] (10.752 s) : 0, 10752360
Agent [candidate] (1.191 s) : 0, 1191384
Total [candidate] (10.746 s) : 0, 10745784
section iast
Agent [baseline] (1.176 s) : 0, 1176138
Total [baseline] (11.001 s) : 0, 11001344
Agent [candidate] (1.177 s) : 0, 1176825
Total [candidate] (11.029 s) : 0, 11028828
section profiling
Agent [baseline] (1.273 s) : 0, 1272564
Total [baseline] (10.824 s) : 0, 10824101
Agent [candidate] (1.275 s) : 0, 1275282
Total [candidate] (10.857 s) : 0, 10856585

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.055 s	-
Agent	appsec	1.189 s	134.699 ms (12.8%)
Agent	iast	1.176 s	121.526 ms (11.5%)
Agent	profiling	1.273 s	217.951 ms (20.7%)
Total	tracing	10.451 s	-
Total	appsec	10.752 s	300.952 ms (2.9%)
Total	iast	11.001 s	549.937 ms (5.3%)
Total	profiling	10.824 s	372.694 ms (3.6%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.059 s	-
Agent	appsec	1.191 s	132.479 ms (12.5%)
Agent	iast	1.177 s	117.919 ms (11.1%)
Agent	profiling	1.275 s	216.377 ms (20.4%)
Total	tracing	10.52 s	-
Total	appsec	10.746 s	225.318 ms (2.1%)
Total	iast	11.029 s	508.362 ms (4.8%)
Total	profiling	10.857 s	336.119 ms (3.2%)

gantt
    title petclinic - break down per module: candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (722.215 ms) : 0, 722215
BytebuddyAgent [candidate] (722.327 ms) : 0, 722327
GlobalTracer [baseline] (240.004 ms) : 0, 240004
GlobalTracer [candidate] (239.986 ms) : 0, 239986
AppSec [baseline] (55.141 ms) : 0, 55141
AppSec [candidate] (54.993 ms) : 0, 54993
Debugger [baseline] (4.514 ms) : 0, 4514
Debugger [candidate] (4.452 ms) : 0, 4452
Remote Config [baseline] (699.625 µs) : 0, 700
Remote Config [candidate] (701.648 µs) : 0, 702
Telemetry [baseline] (12.206 ms) : 0, 12206
Telemetry [candidate] (16.56 ms) : 0, 16560
section appsec
BytebuddyAgent [baseline] (734.942 ms) : 0, 734942
BytebuddyAgent [candidate] (736.754 ms) : 0, 736754
GlobalTracer [baseline] (234.789 ms) : 0, 234789
GlobalTracer [candidate] (234.801 ms) : 0, 234801
IAST [baseline] (21.557 ms) : 0, 21557
IAST [candidate] (21.459 ms) : 0, 21459
AppSec [baseline] (175.795 ms) : 0, 175795
AppSec [candidate] (176.196 ms) : 0, 176196
Debugger [baseline] (4.275 ms) : 0, 4275
Debugger [candidate] (4.3 ms) : 0, 4300
Remote Config [baseline] (639.207 µs) : 0, 639
Remote Config [candidate] (642.942 µs) : 0, 643
Telemetry [baseline] (8.452 ms) : 0, 8452
Telemetry [candidate] (8.228 ms) : 0, 8228
section iast
BytebuddyAgent [baseline] (835.325 ms) : 0, 835325
BytebuddyAgent [candidate] (836.088 ms) : 0, 836088
GlobalTracer [baseline] (229.025 ms) : 0, 229025
GlobalTracer [candidate] (228.544 ms) : 0, 228544
IAST [baseline] (22.656 ms) : 0, 22656
IAST [candidate] (22.892 ms) : 0, 22892
AppSec [baseline] (56.025 ms) : 0, 56025
AppSec [candidate] (55.992 ms) : 0, 55992
Debugger [baseline] (4.155 ms) : 0, 4155
Debugger [candidate] (4.184 ms) : 0, 4184
Remote Config [baseline] (602.042 µs) : 0, 602
Remote Config [candidate] (619.015 µs) : 0, 619
Telemetry [baseline] (8.749 ms) : 0, 8749
Telemetry [candidate] (8.833 ms) : 0, 8833
section profiling
BytebuddyAgent [baseline] (709.4 ms) : 0, 709400
BytebuddyAgent [candidate] (711.515 ms) : 0, 711515
GlobalTracer [baseline] (348.499 ms) : 0, 348499
GlobalTracer [candidate] (347.888 ms) : 0, 347888
AppSec [baseline] (53.98 ms) : 0, 53980
AppSec [candidate] (53.727 ms) : 0, 53727
Debugger [baseline] (4.28 ms) : 0, 4280
Debugger [candidate] (4.29 ms) : 0, 4290
Remote Config [baseline] (685.498 µs) : 0, 685
Remote Config [candidate] (690.482 µs) : 0, 690
Telemetry [baseline] (8.987 ms) : 0, 8987
Telemetry [candidate] (9.008 ms) : 0, 9008
ProfilingAgent [baseline] (101.804 ms) : 0, 101804
ProfilingAgent [candidate] (103.287 ms) : 0, 103287
Profiling [baseline] (101.967 ms) : 0, 101967
Profiling [candidate] (103.312 ms) : 0, 103312

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.05 s) : 0, 1049588
Total [baseline] (8.704 s) : 0, 8703990
Agent [candidate] (1.05 s) : 0, 1050046
Total [candidate] (8.651 s) : 0, 8651415
section iast
Agent [baseline] (1.185 s) : 0, 1185414
Total [baseline] (9.311 s) : 0, 9310748
Agent [candidate] (1.176 s) : 0, 1176272
Total [candidate] (9.27 s) : 0, 9269760
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.175 s) : 0, 1174658
Total [baseline] (9.189 s) : 0, 9188838
Agent [candidate] (1.176 s) : 0, 1175928
Total [candidate] (9.218 s) : 0, 9217626
section iast_TELEMETRY_OFF
Agent [baseline] (1.172 s) : 0, 1171643
Total [baseline] (9.226 s) : 0, 9226181
Agent [candidate] (1.183 s) : 0, 1183407
Total [candidate] (9.267 s) : 0, 9266740

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.05 s	-
Agent	iast	1.185 s	135.826 ms (12.9%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.175 s	125.071 ms (11.9%)
Agent	iast_TELEMETRY_OFF	1.172 s	122.055 ms (11.6%)
Total	tracing	8.704 s	-
Total	iast	9.311 s	606.758 ms (7.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.189 s	484.848 ms (5.6%)
Total	iast_TELEMETRY_OFF	9.226 s	522.192 ms (6.0%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.05 s	-
Agent	iast	1.176 s	126.226 ms (12.0%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.176 s	125.882 ms (12.0%)
Agent	iast_TELEMETRY_OFF	1.183 s	133.361 ms (12.7%)
Total	tracing	8.651 s	-
Total	iast	9.27 s	618.345 ms (7.1%)
Total	iast_HARDCODED_SECRET_DISABLED	9.218 s	566.211 ms (6.5%)
Total	iast_TELEMETRY_OFF	9.267 s	615.324 ms (7.1%)

gantt
    title insecure-bank - break down per module: candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (717.202 ms) : 0, 717202
BytebuddyAgent [candidate] (718.207 ms) : 0, 718207
GlobalTracer [baseline] (238.691 ms) : 0, 238691
GlobalTracer [candidate] (238.574 ms) : 0, 238574
AppSec [baseline] (54.526 ms) : 0, 54526
AppSec [candidate] (54.809 ms) : 0, 54809
Debugger [baseline] (5.836 ms) : 0, 5836
Debugger [candidate] (4.443 ms) : 0, 4443
Remote Config [baseline] (696.442 µs) : 0, 696
Remote Config [candidate] (705.1 µs) : 0, 705
Telemetry [baseline] (12.944 ms) : 0, 12944
Telemetry [candidate] (13.623 ms) : 0, 13623
section iast
BytebuddyAgent [baseline] (841.641 ms) : 0, 841641
BytebuddyAgent [candidate] (836.385 ms) : 0, 836385
GlobalTracer [baseline] (230.584 ms) : 0, 230584
GlobalTracer [candidate] (228.402 ms) : 0, 228402
IAST [baseline] (23.235 ms) : 0, 23235
IAST [candidate] (22.591 ms) : 0, 22591
AppSec [baseline] (56.534 ms) : 0, 56534
AppSec [candidate] (55.794 ms) : 0, 55794
Debugger [baseline] (4.233 ms) : 0, 4233
Debugger [candidate] (4.12 ms) : 0, 4120
Remote Config [baseline] (642.348 µs) : 0, 642
Remote Config [candidate] (586.53 µs) : 0, 587
Telemetry [baseline] (8.851 ms) : 0, 8851
Telemetry [candidate] (8.758 ms) : 0, 8758
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (834.45 ms) : 0, 834450
BytebuddyAgent [candidate] (835.554 ms) : 0, 835554
GlobalTracer [baseline] (228.478 ms) : 0, 228478
GlobalTracer [candidate] (228.783 ms) : 0, 228783
IAST [baseline] (22.649 ms) : 0, 22649
IAST [candidate] (22.723 ms) : 0, 22723
AppSec [baseline] (55.984 ms) : 0, 55984
AppSec [candidate] (55.621 ms) : 0, 55621
Debugger [baseline] (4.165 ms) : 0, 4165
Debugger [candidate] (4.173 ms) : 0, 4173
Remote Config [baseline] (606.389 µs) : 0, 606
Remote Config [candidate] (613.222 µs) : 0, 613
Telemetry [baseline] (8.756 ms) : 0, 8756
Telemetry [candidate] (8.828 ms) : 0, 8828
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (832.519 ms) : 0, 832519
BytebuddyAgent [candidate] (840.559 ms) : 0, 840559
GlobalTracer [baseline] (228.088 ms) : 0, 228088
GlobalTracer [candidate] (230.262 ms) : 0, 230262
IAST [baseline] (22.29 ms) : 0, 22290
IAST [candidate] (22.667 ms) : 0, 22667
AppSec [baseline] (55.922 ms) : 0, 55922
AppSec [candidate] (56.592 ms) : 0, 56592
Debugger [baseline] (4.103 ms) : 0, 4103
Debugger [candidate] (4.183 ms) : 0, 4183
Remote Config [baseline] (586.841 µs) : 0, 587
Remote Config [candidate] (623.61 µs) : 0, 624
Telemetry [baseline] (8.595 ms) : 0, 8595
Telemetry [candidate] (8.745 ms) : 0, 8745

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2025-03-28T14:03:11	2025-03-28T14:10:54
git_branch	master	malvarez/waf-endpoint-discovery-spring
git_commit_date	1743167893	1743169255
git_commit_sha	`4f278de`	`5302575`
release_version	1.48.0-SNAPSHOT~4f278de73a	1.48.0-SNAPSHOT~5302575dc8
start_time	2025-03-28T14:02:57	2025-03-28T14:10:40

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1743171449	1743171449
ci_job_id	869986618	869986618
ci_pipeline_id	60329875	60329875
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-si1bmdmz-project-304-concurrent-0-fhw8l3hi 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-si1bmdmz-project-304-concurrent-0-fhw8l3hi 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 16 unstable metrics.

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.359 ms) : 1340, 1378
.   : milestone, 1359,
appsec (1.722 ms) : 1698, 1746
.   : milestone, 1722,
appsec_no_iast (1.724 ms) : 1700, 1749
.   : milestone, 1724,
code_origins (1.681 ms) : 1654, 1708
.   : milestone, 1681,
iast (1.499 ms) : 1475, 1524
.   : milestone, 1499,
profiling (1.549 ms) : 1524, 1574
.   : milestone, 1549,
tracing (1.489 ms) : 1466, 1513
.   : milestone, 1489,
section candidate
no_agent (1.35 ms) : 1331, 1369
.   : milestone, 1350,
appsec (1.718 ms) : 1694, 1741
.   : milestone, 1718,
appsec_no_iast (1.734 ms) : 1710, 1757
.   : milestone, 1734,
code_origins (1.657 ms) : 1630, 1685
.   : milestone, 1657,
iast (1.511 ms) : 1486, 1535
.   : milestone, 1511,
profiling (1.522 ms) : 1499, 1545
.   : milestone, 1522,
tracing (1.483 ms) : 1457, 1508
.   : milestone, 1483,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.359 ms [1.34 ms, 1.378 ms]	-
appsec	1.722 ms [1.698 ms, 1.746 ms]	363.198 µs (26.7%)
appsec_no_iast	1.724 ms [1.7 ms, 1.749 ms]	365.629 µs (26.9%)
code_origins	1.681 ms [1.654 ms, 1.708 ms]	322.367 µs (23.7%)
iast	1.499 ms [1.475 ms, 1.524 ms]	140.631 µs (10.3%)
profiling	1.549 ms [1.524 ms, 1.574 ms]	190.415 µs (14.0%)
tracing	1.489 ms [1.466 ms, 1.513 ms]	130.229 µs (9.6%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.35 ms [1.331 ms, 1.369 ms]	-
appsec	1.718 ms [1.694 ms, 1.741 ms]	367.633 µs (27.2%)
appsec_no_iast	1.734 ms [1.71 ms, 1.757 ms]	383.993 µs (28.4%)
code_origins	1.657 ms [1.63 ms, 1.685 ms]	307.438 µs (22.8%)
iast	1.511 ms [1.486 ms, 1.535 ms]	160.766 µs (11.9%)
profiling	1.522 ms [1.499 ms, 1.545 ms]	172.043 µs (12.7%)
tracing	1.483 ms [1.457 ms, 1.508 ms]	132.692 µs (9.8%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a
    dateFormat X
    axisFormat %s
section baseline
no_agent (378.009 µs) : 358, 398
.   : milestone, 378,
iast (513.492 µs) : 492, 535
.   : milestone, 513,
iast_FULL (731.792 µs) : 710, 754
.   : milestone, 732,
iast_GLOBAL (561.734 µs) : 539, 585
.   : milestone, 562,
iast_HARDCODED_SECRET_DISABLED (505.92 µs) : 484, 528
.   : milestone, 506,
iast_INACTIVE (462.397 µs) : 441, 484
.   : milestone, 462,
iast_TELEMETRY_OFF (490.312 µs) : 469, 512
.   : milestone, 490,
tracing (455.123 µs) : 434, 476
.   : milestone, 455,
section candidate
no_agent (377.669 µs) : 358, 397
.   : milestone, 378,
iast (511.657 µs) : 489, 534
.   : milestone, 512,
iast_FULL (722.897 µs) : 701, 745
.   : milestone, 723,
iast_GLOBAL (554.436 µs) : 532, 576
.   : milestone, 554,
iast_HARDCODED_SECRET_DISABLED (509.868 µs) : 488, 532
.   : milestone, 510,
iast_INACTIVE (458.149 µs) : 437, 479
.   : milestone, 458,
iast_TELEMETRY_OFF (501.345 µs) : 479, 524
.   : milestone, 501,
tracing (454.419 µs) : 434, 475
.   : milestone, 454,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	378.009 µs [358.347 µs, 397.671 µs]	-
iast	513.492 µs [491.666 µs, 535.319 µs]	135.483 µs (35.8%)
iast_FULL	731.792 µs [709.595 µs, 753.99 µs]	353.783 µs (93.6%)
iast_GLOBAL	561.734 µs [538.96 µs, 584.508 µs]	183.724 µs (48.6%)
iast_HARDCODED_SECRET_DISABLED	505.92 µs [484.125 µs, 527.715 µs]	127.91 µs (33.8%)
iast_INACTIVE	462.397 µs [440.852 µs, 483.941 µs]	84.387 µs (22.3%)
iast_TELEMETRY_OFF	490.312 µs [468.706 µs, 511.919 µs]	112.303 µs (29.7%)
tracing	455.123 µs [433.772 µs, 476.474 µs]	77.114 µs (20.4%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	377.669 µs [357.88 µs, 397.459 µs]	-
iast	511.657 µs [489.488 µs, 533.825 µs]	133.987 µs (35.5%)
iast_FULL	722.897 µs [701.111 µs, 744.682 µs]	345.227 µs (91.4%)
iast_GLOBAL	554.436 µs [532.408 µs, 576.464 µs]	176.766 µs (46.8%)
iast_HARDCODED_SECRET_DISABLED	509.868 µs [488.144 µs, 531.593 µs]	132.199 µs (35.0%)
iast_INACTIVE	458.149 µs [436.913 µs, 479.384 µs]	80.479 µs (21.3%)
iast_TELEMETRY_OFF	501.345 µs [479.18 µs, 523.511 µs]	123.676 µs (32.7%)
tracing	454.419 µs [433.64 µs, 475.199 µs]	76.75 µs (20.3%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	malvarez/waf-endpoint-discovery-spring
git_commit_date	1743167893	1743169255
git_commit_sha	`4f278de`	`5302575`
release_version	1.48.0-SNAPSHOT~4f278de73a	1.48.0-SNAPSHOT~5302575dc8

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1743171928	1743171928
ci_job_id	869986619	869986619
ci_pipeline_id	60329875	60329875
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-5gca-jya-project-304-concurrent-1-6ufo1e0c 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-5gca-jya-project-304-concurrent-1-6ufo1e0c 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.481 s) : 15481000, 15481000
.   : milestone, 15481000,
appsec (14.993 s) : 14993000, 14993000
.   : milestone, 14993000,
iast (18.598 s) : 18598000, 18598000
.   : milestone, 18598000,
iast_GLOBAL (17.758 s) : 17758000, 17758000
.   : milestone, 17758000,
profiling (15.26 s) : 15260000, 15260000
.   : milestone, 15260000,
tracing (15.219 s) : 15219000, 15219000
.   : milestone, 15219000,
section candidate
no_agent (15.447 s) : 15447000, 15447000
.   : milestone, 15447000,
appsec (15.2 s) : 15200000, 15200000
.   : milestone, 15200000,
iast (18.303 s) : 18303000, 18303000
.   : milestone, 18303000,
iast_GLOBAL (17.957 s) : 17957000, 17957000
.   : milestone, 17957000,
profiling (15.775 s) : 15775000, 15775000
.   : milestone, 15775000,
tracing (14.999 s) : 14999000, 14999000
.   : milestone, 14999000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.481 s [15.481 s, 15.481 s]	-
appsec	14.993 s [14.993 s, 14.993 s]	-488.0 ms (-3.2%)
iast	18.598 s [18.598 s, 18.598 s]	3.117 s (20.1%)
iast_GLOBAL	17.758 s [17.758 s, 17.758 s]	2.277 s (14.7%)
profiling	15.26 s [15.26 s, 15.26 s]	-221.0 ms (-1.4%)
tracing	15.219 s [15.219 s, 15.219 s]	-262.0 ms (-1.7%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.447 s [15.447 s, 15.447 s]	-
appsec	15.2 s [15.2 s, 15.2 s]	-247.0 ms (-1.6%)
iast	18.303 s [18.303 s, 18.303 s]	2.856 s (18.5%)
iast_GLOBAL	17.957 s [17.957 s, 17.957 s]	2.51 s (16.2%)
profiling	15.775 s [15.775 s, 15.775 s]	328.0 ms (2.1%)
tracing	14.999 s [14.999 s, 14.999 s]	-448.0 ms (-2.9%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~5302575dc8, baseline=1.48.0-SNAPSHOT~4f278de73a
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.463 ms) : 1452, 1475
.   : milestone, 1463,
appsec (2.327 ms) : 2283, 2370
.   : milestone, 2327,
iast (2.105 ms) : 2050, 2161
.   : milestone, 2105,
iast_GLOBAL (2.158 ms) : 2102, 2214
.   : milestone, 2158,
profiling (1.949 ms) : 1906, 1993
.   : milestone, 1949,
tracing (1.945 ms) : 1903, 1987
.   : milestone, 1945,
section candidate
no_agent (1.465 ms) : 1453, 1476
.   : milestone, 1465,
appsec (2.328 ms) : 2284, 2371
.   : milestone, 2328,
iast (2.108 ms) : 2053, 2163
.   : milestone, 2108,
iast_GLOBAL (2.15 ms) : 2094, 2206
.   : milestone, 2150,
profiling (1.948 ms) : 1905, 1992
.   : milestone, 1948,
tracing (1.939 ms) : 1897, 1981
.   : milestone, 1939,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.463 ms [1.452 ms, 1.475 ms]	-
appsec	2.327 ms [2.283 ms, 2.37 ms]	863.238 µs (59.0%)
iast	2.105 ms [2.05 ms, 2.161 ms]	641.788 µs (43.9%)
iast_GLOBAL	2.158 ms [2.102 ms, 2.214 ms]	694.77 µs (47.5%)
profiling	1.949 ms [1.906 ms, 1.993 ms]	485.765 µs (33.2%)
tracing	1.945 ms [1.903 ms, 1.987 ms]	481.351 µs (32.9%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.465 ms [1.453 ms, 1.476 ms]	-
appsec	2.328 ms [2.284 ms, 2.371 ms]	863.026 µs (58.9%)
iast	2.108 ms [2.053 ms, 2.163 ms]	642.915 µs (43.9%)
iast_GLOBAL	2.15 ms [2.094 ms, 2.206 ms]	685.199 µs (46.8%)
profiling	1.948 ms [1.905 ms, 1.992 ms]	483.683 µs (33.0%)
tracing	1.939 ms [1.897 ms, 1.981 ms]	474.046 µs (32.4%)

internal-api/src/main/java/datadog/trace/api/telemetry/Endpoint.java

telemetry/src/main/java/datadog/telemetry/BufferedEvents.java

jandro996 · 2025-03-28T08:21:00Z

Need to solve conflicts 😄

manuel-alvarez-alvarez · 2025-03-28T09:07:34Z

Need to solve conflicts 😄

Done, thanks!

jandro996 · 2025-03-28T10:17:49Z

dd-trace-api/src/main/java/datadog/trace/api/ConfigDefaults.java

@@ -115,6 +115,9 @@ public final class ConfigDefaults {
  static final int DEFAULT_APPSEC_WAF_TIMEOUT = 100000; // 0.1 s
  static final boolean DEFAULT_API_SECURITY_ENABLED = false;
  static final float DEFAULT_API_SECURITY_SAMPLE_DELAY = 30.0f;
+  // TODO: change to true once the RFC is approved


Not sure if should be false or true by default, or maybe we need to remove this comment

The PR introduces a new configuration variable DD_API_SECURITY_ENDPOINT_COLLECTION_ENABLED (false by default) to enable/disable this new feature.

then

This pull request should not be merged until the following conditions are met:

Approval of the RFC regarding endpoint discovery

RFC already approved, but the feature will be set as disabled by default for now.

jandro996

All system tests are failing due to

FAILED tests/test_telemetry.py::Test_TelemetryV2::test_config_telemetry_completeness

jandro996

LGTM, I'm going to unblock it as the changes that you made in dd-go and system-test should fix the errors in the CI

manuel-alvarez-alvarez · 2025-03-28T14:53:36Z

All system tests are failing due to

FAILED tests/test_telemetry.py::Test_TelemetryV2::test_config_telemetry_completeness

Fixed, thanks for the heads up

| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | org.flywaydb.flyway | plugin | misk/gradle/libs.versions.toml | gradle | minor | `11.6.0` -> `11.7.0` | | [com.squareup.okio:okio-fakefilesystem](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.squareup.okio:okio](https://github.com/square/okio) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.10.2` -> `3.11.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `2.15.0` -> `2.16.0` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.47.3` -> `1.48.1` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.18` -> `2.31.20` | --- ### Release Notes <details> <summary>square/okio (com.squareup.okio:okio-fakefilesystem)</summary> ### [`v3.11.0`](https://github.com/square/okio/blob/HEAD/CHANGELOG.md#Version-3110) *2025-04-09* - Fix: Clear the deflater's byte array reference - New: Faster implementation of `String.decodeHex()` on Kotlin/JS. - New: Declare `EXACTLY_ONCE` execution for blocks like `Closeable.use {}` and `FileSystem.read {}`. - Upgrade: \[Kotlin 2.1.20]\[kotlin\_2\_1\_20]. </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.16.0`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-2160) - \[Feat]: support `com.android.test` projects. - \[Feat]: support typesafe project accessors with opt-in. ```kotlin dependencyAnalysis { useTypesafeProjectAccessors(true) // false by default } ``` </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.48.1`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.1): 1.48.1 ### Components #### Tracer internal logging - 🐛 Remove print line causing unnecessary logs ([#8687](DataDog/dd-trace-java#8687) - [@sarahchen6](https://github.com/sarahchen6)) ### [`v1.48.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.48.0): 1.48.0 ### Known Bugs > \[!NOTE] > If you are experiencing issues with spamming timeout logs, please update to the [latest version](https://github.com/DataDog/dd-trace-java/releases/latest) or set [JDK_SOCKET_ENABLED](https://github.com/DataDog/dd-trace-java/blob/33fc3c9a9b7cda3beda88b8b3e5224ae2b10764a/dd-trace-api/src/main/java/datadog/trace/api/config/GeneralConfig.java#L98) to false. ### Components #### Application Security Management (IAST) - ✨ Fix vulnerability location org.jose4j.lang.HashUtil ([#8610](DataDog/dd-trace-java#8610) - [@jandro996](https://github.com/jandro996)) - ✨ Fix weak randomness in oracle.ucp.util.OpaqueString ([#8609](DataDog/dd-trace-java#8609) - [@jandro996](https://github.com/jandro996)) - ✨ Fix weak hash false positive in oracle.security.o5logon.O5Logon ([#8608](DataDog/dd-trace-java#8608) - [@jandro996](https://github.com/jandro996)) - 🐛 Prevent before callsites targeting constructors in super calls ([#8549](DataDog/dd-trace-java#8549) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### Application Security Management (WAF) - ✨ Update login events public SDK to V2 ([#8620](DataDog/dd-trace-java#8620) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#8573](DataDog/dd-trace-java#8573) - [@jandro996](https://github.com/jandro996)) - ✨ Improve detection of missing request end events ([#8510](DataDog/dd-trace-java#8510) - [@smola](https://github.com/smola)) - 🧹 Remove remote configuration for API Security sampling rate ([#8486](DataDog/dd-trace-java#8486) - [@smola](https://github.com/smola)) - ✨ Add setUser to user monitoring SDK ([#8482](DataDog/dd-trace-java#8482) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add missing address for signup event ([#8469](DataDog/dd-trace-java#8469) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Allow login events SDK to be used with appsec disabled ([#8464](DataDog/dd-trace-java#8464) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ Add support for endpoint discovery in spring mvc ([#8352](DataDog/dd-trace-java#8352) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) - ✨ New API Security sampling algorithm ([#8178](DataDog/dd-trace-java#8178) - [@ValentinZakharov](https://github.com/ValentinZakharov)) #### Build & Tooling - ✨ Add buffer size customizability to JDK UDS support ([#8629](DataDog/dd-trace-java#8629) - [@sarahchen6](https://github.com/sarahchen6)) - ✨ Add JDK built-in support for UDS on Java 16+ ([#8314](DataDog/dd-trace-java#8314) - [@sarahchen6](https://github.com/sarahchen6)) #### Configuration at Runtime - 🐛 Send RASP LFI capability only when AppSec is statically enabled ([#8573](DataDog/dd-trace-java#8573) - [@jandro996](https://github.com/jandro996)) #### Continuous Integration Visibility - 🐛 Prevent double reporting of Scalatest events when using SBT with test forking ([#8682](DataDog/dd-trace-java#8682) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Shutdown CI Visibility test event handlers before tracer ([#8677](DataDog/dd-trace-java#8677) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Do not apply JUnit 4 instrumentation to MUnit runners ([#8675](DataDog/dd-trace-java#8675), [#8683](DataDog/dd-trace-java#8683) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Remove error log when source path resolution fails on isModified check ([#8663](DataDog/dd-trace-java#8663) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Implement tests reordering for JUnit 4 ([#8650](DataDog/dd-trace-java#8650) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - 🐛 Set default Attempt to Fix retries if none provided from the backend ([#8615](DataDog/dd-trace-java#8615) - [@daniel-mohedano](https://github.com/daniel-mohedano)) - ✨ Allow to manually set PR info ([#8566](DataDog/dd-trace-java#8566) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - 🐛 Fix Test Optimization init when repo root cannot be determined ([#8533](DataDog/dd-trace-java#8533) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Add capabilities tagging ([#8499](DataDog/dd-trace-java#8499), [#8540](DataDog/dd-trace-java#8540) - [@daniel-mohedano](https://github.com/daniel-mohedano)) #### Crash tracking - 🐛 Remove dependency on bash from crash/oome uploder scripts ([#8652](DataDog/dd-trace-java#8652) - [@jbachorik](https://github.com/jbachorik)) #### Data Streams Monitoring - ✨ e2e pipeline configuration when data jobs is enabled ([#8553](DataDog/dd-trace-java#8553) - [@kr-igor](https://github.com/kr-igor)) #### Dynamic Instrumentation - 🐛 Fix In-Product when config is empty ([#8679](DataDog/dd-trace-java#8679) - [@jpbempel](https://github.com/jpbempel)) - ✨ Add support for filtering shaded third-party libs ([#8612](DataDog/dd-trace-java#8612) - [@jpbempel](https://github.com/jpbempel)) - ✨ Add In-Product Enablement ([#8587](DataDog/dd-trace-java#8587) - [@jpbempel](https://github.com/jpbempel)) - ✨⚡ Reduce footprint of SourceFile tracking ([#8524](DataDog/dd-trace-java#8524) - [@jpbempel](https://github.com/jpbempel)) - ✨⚡ Optimize the SourceFile tracking ([#8520](DataDog/dd-trace-java#8520) - [@jpbempel](https://github.com/jpbempel)) #### OpenTracing - 🧹 Remove activeScope() use in OpenTracing shim ([#8478](DataDog/dd-trace-java#8478) - [@mcculls](https://github.com/mcculls)) #### Profiling - ✨ Add profiler env check command to AgentCLI ([#8671](DataDog/dd-trace-java#8671) - [@jbachorik](https://github.com/jbachorik)) - ✨ Bump ddprof to 1.23.0 ([#8668](DataDog/dd-trace-java#8668) - [@jbachorik](https://github.com/jbachorik)) - Fix a crash related to ElfParser::loadSymbolTable ([#191](DataDog/dd-trace-java#191)) by [@yanglong1010](https://github.com/yanglong1010) in DataDog/java-profiler#192 - Unwind String.indexOf intrinsic on AArch64 by [@MattAlp](https://github.com/MattAlp) in DataDog/java-profiler#193 - Fix Java 24 support by [@jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#194 - A set of fixes related to clang, aarch64 and musl pecularities of vmstructs stack unwinder by [@jbachorik](https://github.com/jbachorik) in DataDog/java-profiler#199 - 🐛 Remove process information from JFR recording ([#8661](DataDog/dd-trace-java#8661) - [@r1viollet](https://github.com/r1viollet)) - 🐛 Make TempLocationManager USER aware ([#8605](DataDog/dd-trace-java#8605) - [@jbachorik](https://github.com/jbachorik)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#8561](DataDog/dd-trace-java#8561) - [@wmouchere](https://github.com/wmouchere)) #### Telemetry - 🐛 Fix appsec.rasp.error and appsec.waf.error telemetry metrics ([#8624](DataDog/dd-trace-java#8624) - [@jandro996](https://github.com/jandro996)) - ✨ Create metric: appsec.rasp.rule.skipped ([#8618](DataDog/dd-trace-java#8618) - [@jandro996](https://github.com/jandro996)) - ✨ Extract git tags from embedded git.properties and datadog_git.properties ([#8561](DataDog/dd-trace-java#8561) - [@wmouchere](https://github.com/wmouchere)) #### Testing - 🧹 Simplify ssi tests one-pipeline ([#8558](DataDog/dd-trace-java#8558) - [@robertomonteromiguel](https://github.com/robertomonteromiguel)) - ✨ Add smoke tests for java's concurrent API ([#8438](DataDog/dd-trace-java#8438) - [@sarahchen6](https://github.com/sarahchen6)) #### Trace context propagation - ✨ Adding Support for `TRACE_PROPAGATION_BEHAVIOR_EXTRACT` ([#8535](DataDog/dd-trace-java#8535) - [@mhlidd](https://github.com/mhlidd)) #### Tracer core - 🐛 Ensure shaded helpers have unique names ([#8559](DataDog/dd-trace-java#8559) - [@amarziali](https://github.com/amarziali)) - ✨ Support common config sources for user-provided git info ([#8547](DataDog/dd-trace-java#8547) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Make the default config sources more robust when a security manager is installed ([#8544](DataDog/dd-trace-java#8544) - [@mcculls](https://github.com/mcculls)) - ✨ Support targeting services with configurations in stable configuration file ([#8526](DataDog/dd-trace-java#8526) - [@mtoffl01](https://github.com/mtoffl01)) - ✨ Add new parser for `DD_TAGS` and prioritizing `DD_SERVICE` ([#8296](DataDog/dd-trace-java#8296) - [@mhlidd](https://github.com/mhlidd)) #### Tracer internal logging - 🐛 Add missing debug log for the cloudPayloadTaggingServices config ([#8600](DataDog/dd-trace-java#8600) - [@ygree](https://github.com/ygree)) - ✨ Add the possibility to output the logs of the Java tracer in JSON ([#8083](DataDog/dd-trace-java#8083) - [@cecile75](https://github.com/cecile75)) #### Tracer public API - ✨ Introducing `DD_TRACE_EXPERIMENTAL_FEATURES_ENABLED` Config ([#8536](DataDog/dd-trace-java#8536) - [@mhlidd](https://github.com/mhlidd)) - ✨ Config Consistency Round 2 ([#8489](DataDog/dd-trace-java#8489) - [@mhlidd](https://github.com/mhlidd)) ### Instrumentations #### - 🐛 Fix NPE in getMdcCopy of LoggingEventInstrumentation ([#8599](DataDog/dd-trace-java#8599) - [@ygree](https://github.com/ygree)) #### Apache Spark instrumentation - ✨ Instrument Runtime.exit() to finish spark application spans ([#8572](DataDog/dd-trace-java#8572) - [@paul-laffon-dd](https://github.com/paul-laffon-dd)) - ✨ Configure OpenLineage if present in Spark instrumentation ([#8541](DataDog/dd-trace-java#8541) - [@mobuchowski](https://github.com/mobuchowski)) #### Armeria Instrumentation - ✨ Support armeria grpc 1.32.3 ([#8606](DataDog/dd-trace-java#8606) - [@github-actions](https://github.com/github-actions)\[bot]) #### AWS DynamoDB Instrumentation - ✨ Create DynamoDB instrumentation + add span pointers for `updateItem` and `deleteItem` ([#8490](DataDog/dd-trace-java#8490) - [@nhulston](https://github.com/nhulston)) #### AWS SDK instrumentation - ✨ Add DynamoDB in DEFAULT_TRACE_CLOUD_PAYLOAD_TAGGING_SERVICES ([#8595](DataDog/dd-trace-java#8595) - [@joeyzhao2018](https://github.com/joeyzhao2018)) #### Azure Functions instrumentation - ✨ Enable tracer computed trace metrics by default for Azure Functions ([#8518](DataDog/dd-trace-java#8518) - [@duncanpharvey](https://github.com/duncanpharvey)) - 💡 Add azure-functions instrumentation ([#8432](DataDog/dd-trace-java#8432) - [@duncanpharvey](https://github.com/duncanpharvey)) #### Core Java language instrumentation - 🐛 Fix ForkJoinPool.execute() instrumentation on Java 21+ ([#8560](DataDog/dd-trace-java#8560) - [@PerfectSlayer](https://github.com/PerfectSlayer)) #### Eclipse Vert.x instrumentation - ✨ Add vertx postgresql client instrumentation ([#8471](DataDog/dd-trace-java#8471) - [@vandonr](https://github.com/vandonr) - thanks for the contribution!) #### Kafka instrumentation - ✨ Support and test kafka-clients 4 ([#8581](DataDog/dd-trace-java#8581) - [@amarziali](https://github.com/amarziali)) #### Kotlin instrumentation - ✨ Avoid disconnected traces when using Kotlin flowOn ([#8651](DataDog/dd-trace-java#8651) - [@mcculls](https://github.com/mcculls)) #### OpenTelemetry instrumentation - 🧹 Migrate OtelContext wrapper to new internal Context API ([#8645](DataDog/dd-trace-java#8645) - [@mcculls](https://github.com/mcculls)) #### Spring instrumentation - 🐛 Support CompletableFuture on spring webmvc controllers ([#8659](DataDog/dd-trace-java#8659) - [@amarziali](https://github.com/amarziali)) - ✨ Add support for endpoint discovery in spring mvc ([#8352](DataDog/dd-trace-java#8352) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) #### WebSocket Instrumentation - ✨ Instrument Jetty websocket pojo ([#8562](DataDog/dd-trace-java#8562) - [@amarziali](https://github.com/amarziali)) - 💡 Instrument Java Websocket API (JSR356) ([#8440](DataDog/dd-trace-java#8440) - [@amarziali](https://github.com/amarziali)) #### All other instrumentations - ✨ Introduce cache for peer.hostname lookup ([#8601](DataDog/dd-trace-java#8601) - [@mcculls](https://github.com/mcculls)) - ✨ Support pekko http 1.1 ([#8532](DataDog/dd-trace-java#8532) - [@amarziali](https://github.com/amarziali)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: 331314f71acaced3adc75ea5d7e855c248d593fc

manuel-alvarez-alvarez added comp: asm waf Application Security Management (WAF) inst: spring Spring instrumentation type: enhancement labels Feb 7, 2025

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch from f1ad95d to e92e233 Compare February 7, 2025 10:06

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch from e92e233 to a4771b5 Compare February 26, 2025 08:58

datadog-datadog-prod-us1 bot reviewed Feb 26, 2025

View reviewed changes

internal-api/src/main/java/datadog/trace/api/telemetry/Endpoint.java Show resolved Hide resolved

telemetry/src/main/java/datadog/telemetry/BufferedEvents.java Show resolved Hide resolved

manuel-alvarez-alvarez added the tag: do not merge Do not merge changes label Feb 26, 2025

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch from a4771b5 to 06c3e02 Compare February 26, 2025 09:22

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch 4 times, most recently from 899c81e to dac1cf6 Compare March 25, 2025 14:02

manuel-alvarez-alvarez marked this pull request as ready for review March 25, 2025 14:03

manuel-alvarez-alvarez requested review from a team as code owners March 25, 2025 14:03

manuel-alvarez-alvarez requested a review from mcculls March 25, 2025 14:03

manuel-alvarez-alvarez removed the tag: do not merge Do not merge changes label Mar 26, 2025

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch 3 times, most recently from 5e37c35 to f650159 Compare March 26, 2025 19:01

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch from 88a7978 to a8c0130 Compare March 28, 2025 09:07

sezen-datadog approved these changes Mar 28, 2025

View reviewed changes

jandro996 reviewed Mar 28, 2025

View reviewed changes

jandro996 requested changes Mar 28, 2025

View reviewed changes

jandro996 approved these changes Mar 28, 2025

View reviewed changes

manuel-alvarez-alvarez added 2 commits March 28, 2025 14:40

Add endpoint discover for spring mvc

3b5aa7a

Update endpoints payload

cb60df2

manuel-alvarez-alvarez added 7 commits March 28, 2025 14:40

Disable endpoint collection by default

d6bc2d8

Make better use of config options

0e5386d

Fix failing tests

642dd58

Fix muzzle directive

83a89c4

Fix coverage

50c8ee3

Remove property

bd769d9

Update system tests commit

5302575

manuel-alvarez-alvarez force-pushed the malvarez/waf-endpoint-discovery-spring branch from 88b7281 to 5302575 Compare March 28, 2025 13:41

manuel-alvarez-alvarez merged commit 86e5bec into master Mar 28, 2025
252 of 268 checks passed

manuel-alvarez-alvarez deleted the malvarez/waf-endpoint-discovery-spring branch March 28, 2025 14:54

github-actions bot added this to the 1.48.0 milestone Mar 28, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for endpoint discovery in spring mvc #8352

Add support for endpoint discovery in spring mvc #8352

manuel-alvarez-alvarez commented Feb 7, 2025 •

edited

Loading

pr-commenter bot commented Feb 7, 2025 •

edited

Loading

jandro996 commented Mar 28, 2025

manuel-alvarez-alvarez commented Mar 28, 2025

jandro996 Mar 28, 2025 •

edited

Loading

manuel-alvarez-alvarez Mar 28, 2025

jandro996 left a comment

jandro996 left a comment

manuel-alvarez-alvarez commented Mar 28, 2025

Add support for endpoint discovery in spring mvc #8352

Add support for endpoint discovery in spring mvc #8352

Conversation

manuel-alvarez-alvarez commented Feb 7, 2025 • edited Loading

What Does This Do

Motivation

Additional Notes

Contributor Checklist

pr-commenter bot commented Feb 7, 2025 • edited Loading

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

jandro996 commented Mar 28, 2025

manuel-alvarez-alvarez commented Mar 28, 2025

jandro996 Mar 28, 2025 • edited Loading

Choose a reason for hiding this comment

manuel-alvarez-alvarez Mar 28, 2025

Choose a reason for hiding this comment

jandro996 left a comment

Choose a reason for hiding this comment

jandro996 left a comment

Choose a reason for hiding this comment

manuel-alvarez-alvarez commented Mar 28, 2025

manuel-alvarez-alvarez commented Feb 7, 2025 •

edited

Loading

pr-commenter bot commented Feb 7, 2025 •

edited

Loading

jandro996 Mar 28, 2025 •

edited

Loading