Skip to content

chore(ci): bump github/codeql-action from 3.28.16 to 3.28.17 in the gh-actions-packages group across 1 directory #8811

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 15, 2025
Merged

chore(ci): bump github/codeql-action from 3.28.16 to 3.28.17 in the gh-actions-packages group across 1 directory #8811

merged 1 commit into from
May 15, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 13, 2025

Bumps the gh-actions-packages group with 1 update in the / directory: github/codeql-action.

Updates github/codeql-action from 3.28.16 to 3.28.17

Release notes

Sourced from github/codeql-action's releases.

v3.28.17

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated)

Commits
  • 60168ef Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a
  • 0d5a311 Update changelog for v3.28.17
  • 97a2bfd Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2
  • 9aba20e Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • 81a9508 Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a...
  • 1569f4c Disable diff-informed queries in code scanning config tests
  • 62fbeb6 Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze
  • f122d1d Address test failures from computing temporary directory too early
  • 083772a Do not fail diff informed analyses when analyze is run twice in the same job
  • 5db14d0 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(ci): bump github/codeql-action
65b6149 
Bumps the gh-actions-packages group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.28.16 to 3.28.17
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@28deaed...60168ef)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes labels May 13, 2025
@dependabot dependabot bot requested a review from a team as a code owner May 13, 2025 10:19
@dependabot dependabot bot added tag: dependencies Dependencies related changes comp: tooling Build & Tooling labels May 13, 2025
@dependabot dependabot bot requested a review from mcculls May 13, 2025 10:19
@datadog-datadog-prod-us1
Copy link
Contributor

Datadog Summary

✅ Dependencies

Was this helpful? Give us feedback!

@pr-commenter
Copy link

pr-commenter bot commented May 13, 2025

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-970434cb35
git_commit_date 1747131471 1747131569
git_commit_sha 2fca456 65b6149
release_version 1.50.0-SNAPSHOT~2fca456b28 1.50.0-SNAPSHOT~65b6149274
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1747133997 1747133997
ci_job_id 935341868 935341868
ci_pipeline_id 64913734 64913734
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-j-ha6efi-project-304-concurrent-0-vc5e2kjt 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-j-ha6efi-project-304-concurrent-0-vc5e2kjt 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 56 metrics, 15 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.021 s) : 0, 1021220
Total [baseline] (8.68 s) : 0, 8679545
Agent [candidate] (1.023 s) : 0, 1022830
Total [candidate] (8.635 s) : 0, 8634764
section iast
Agent [baseline] (1.149 s) : 0, 1148928
Total [baseline] (9.211 s) : 0, 9210862
Agent [candidate] (1.171 s) : 0, 1170963
Total [candidate] (9.282 s) : 0, 9281758
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.149 s) : 0, 1148635
Total [baseline] (9.215 s) : 0, 9215092
Agent [candidate] (1.146 s) : 0, 1146399
Total [candidate] (9.204 s) : 0, 9204145
section iast_TELEMETRY_OFF
Agent [baseline] (1.15 s) : 0, 1150202
Total [baseline] (9.212 s) : 0, 9211577
Agent [candidate] (1.141 s) : 0, 1141189
Total [candidate] (9.187 s) : 0, 9186736
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.021 s -
Agent iast 1.149 s 127.708 ms (12.5%)
Agent iast_HARDCODED_SECRET_DISABLED 1.149 s 127.415 ms (12.5%)
Agent iast_TELEMETRY_OFF 1.15 s 128.982 ms (12.6%)
Total tracing 8.68 s -
Total iast 9.211 s 531.317 ms (6.1%)
Total iast_HARDCODED_SECRET_DISABLED 9.215 s 535.548 ms (6.2%)
Total iast_TELEMETRY_OFF 9.212 s 532.033 ms (6.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.023 s -
Agent iast 1.171 s 148.133 ms (14.5%)
Agent iast_HARDCODED_SECRET_DISABLED 1.146 s 123.569 ms (12.1%)
Agent iast_TELEMETRY_OFF 1.141 s 118.359 ms (11.6%)
Total tracing 8.635 s -
Total iast 9.282 s 646.994 ms (7.5%)
Total iast_HARDCODED_SECRET_DISABLED 9.204 s 569.381 ms (6.6%)
Total iast_TELEMETRY_OFF 9.187 s 551.972 ms (6.4%) 
gantt
    title insecure-bank - break down per module: candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (683.604 ms) : 0, 683604
BytebuddyAgent [candidate] (685.69 ms) : 0, 685690
GlobalTracer [baseline] (239.77 ms) : 0, 239770
GlobalTracer [candidate] (240.57 ms) : 0, 240570
AppSec [baseline] (55.358 ms) : 0, 55358
AppSec [candidate] (55.405 ms) : 0, 55405
Debugger [baseline] (7.576 ms) : 0, 7576
Debugger [candidate] (7.612 ms) : 0, 7612
Remote Config [baseline] (683.345 µs) : 0, 683
Remote Config [candidate] (709.157 µs) : 0, 709
Telemetry [baseline] (10.602 ms) : 0, 10602
Telemetry [candidate] (9.126 ms) : 0, 9126
section iast
BytebuddyAgent [baseline] (801.656 ms) : 0, 801656
BytebuddyAgent [candidate] (818.669 ms) : 0, 818669
GlobalTracer [baseline] (230.56 ms) : 0, 230560
GlobalTracer [candidate] (233.768 ms) : 0, 233768
IAST [baseline] (26.699 ms) : 0, 26699
IAST [candidate] (26.408 ms) : 0, 26408
AppSec [baseline] (51.251 ms) : 0, 51251
AppSec [candidate] (52.042 ms) : 0, 52042
Debugger [baseline] (5.94 ms) : 0, 5940
Debugger [candidate] (6.02 ms) : 0, 6020
Remote Config [baseline] (593.685 µs) : 0, 594
Remote Config [candidate] (618.222 µs) : 0, 618
Telemetry [baseline] (7.918 ms) : 0, 7918
Telemetry [candidate] (8.078 ms) : 0, 8078
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (801.235 ms) : 0, 801235
BytebuddyAgent [candidate] (799.942 ms) : 0, 799942
GlobalTracer [baseline] (230.858 ms) : 0, 230858
GlobalTracer [candidate] (230.261 ms) : 0, 230261
IAST [baseline] (28.288 ms) : 0, 28288
IAST [candidate] (27.655 ms) : 0, 27655
AppSec [baseline] (50.35 ms) : 0, 50350
AppSec [candidate] (50.758 ms) : 0, 50758
Debugger [baseline] (5.886 ms) : 0, 5886
Debugger [candidate] (5.872 ms) : 0, 5872
Remote Config [baseline] (584.482 µs) : 0, 584
Remote Config [candidate] (577.921 µs) : 0, 578
Telemetry [baseline] (7.922 ms) : 0, 7922
Telemetry [candidate] (7.879 ms) : 0, 7879
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (802.872 ms) : 0, 802872
BytebuddyAgent [candidate] (796.039 ms) : 0, 796039
GlobalTracer [baseline] (230.904 ms) : 0, 230904
GlobalTracer [candidate] (229.979 ms) : 0, 229979
IAST [baseline] (23.202 ms) : 0, 23202
IAST [candidate] (23.515 ms) : 0, 23515
AppSec [baseline] (55.284 ms) : 0, 55284
AppSec [candidate] (53.963 ms) : 0, 53963
Debugger [baseline] (5.959 ms) : 0, 5959
Debugger [candidate] (5.908 ms) : 0, 5908
Remote Config [baseline] (604.221 µs) : 0, 604
Remote Config [candidate] (589.59 µs) : 0, 590
Telemetry [baseline] (7.768 ms) : 0, 7768
Telemetry [candidate] (7.75 ms) : 0, 7750
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.027 s) : 0, 1027177
Total [baseline] (10.502 s) : 0, 10502237
Agent [candidate] (1.018 s) : 0, 1018275
Total [candidate] (10.492 s) : 0, 10492096
section appsec
Agent [baseline] (1.163 s) : 0, 1162551
Total [baseline] (10.674 s) : 0, 10673834
Agent [candidate] (1.159 s) : 0, 1159106
Total [candidate] (10.66 s) : 0, 10660139
section iast
Agent [baseline] (1.151 s) : 0, 1151058
Total [baseline] (10.891 s) : 0, 10890586
Agent [candidate] (1.147 s) : 0, 1146680
Total [candidate] (10.858 s) : 0, 10857752
section profiling
Agent [baseline] (1.28 s) : 0, 1280338
Total [baseline] (10.844 s) : 0, 10843867
Agent [candidate] (1.275 s) : 0, 1274730
Total [candidate] (10.731 s) : 0, 10731077
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.027 s -
Agent appsec 1.163 s 135.375 ms (13.2%)
Agent iast 1.151 s 123.882 ms (12.1%)
Agent profiling 1.28 s 253.161 ms (24.6%)
Total tracing 10.502 s -
Total appsec 10.674 s 171.597 ms (1.6%)
Total iast 10.891 s 388.349 ms (3.7%)
Total profiling 10.844 s 341.63 ms (3.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.018 s -
Agent appsec 1.159 s 140.831 ms (13.8%)
Agent iast 1.147 s 128.405 ms (12.6%)
Agent profiling 1.275 s 256.455 ms (25.2%)
Total tracing 10.492 s -
Total appsec 10.66 s 168.043 ms (1.6%)
Total iast 10.858 s 365.656 ms (3.5%)
Total profiling 10.731 s 238.98 ms (2.3%) 
gantt
    title petclinic - break down per module: candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (686.632 ms) : 0, 686632
BytebuddyAgent [candidate] (681.589 ms) : 0, 681589
GlobalTracer [baseline] (241.032 ms) : 0, 241032
GlobalTracer [candidate] (239.47 ms) : 0, 239470
AppSec [baseline] (54.608 ms) : 0, 54608
AppSec [candidate] (54.267 ms) : 0, 54267
Debugger [baseline] (9.096 ms) : 0, 9096
Debugger [candidate] (8.245 ms) : 0, 8245
Remote Config [baseline] (704.683 µs) : 0, 705
Remote Config [candidate] (715.142 µs) : 0, 715
Telemetry [baseline] (11.415 ms) : 0, 11415
Telemetry [candidate] (10.448 ms) : 0, 10448
section appsec
BytebuddyAgent [baseline] (702.363 ms) : 0, 702363
BytebuddyAgent [candidate] (698.637 ms) : 0, 698637
GlobalTracer [baseline] (236.463 ms) : 0, 236463
GlobalTracer [candidate] (236.245 ms) : 0, 236245
IAST [baseline] (21.606 ms) : 0, 21606
IAST [candidate] (21.669 ms) : 0, 21669
AppSec [baseline] (174.955 ms) : 0, 174955
AppSec [candidate] (175.917 ms) : 0, 175917
Debugger [baseline] (5.947 ms) : 0, 5947
Debugger [candidate] (5.91 ms) : 0, 5910
Remote Config [baseline] (625.326 µs) : 0, 625
Remote Config [candidate] (624.18 µs) : 0, 624
Telemetry [baseline] (7.784 ms) : 0, 7784
Telemetry [candidate] (7.347 ms) : 0, 7347
section iast
BytebuddyAgent [baseline] (803.204 ms) : 0, 803204
BytebuddyAgent [candidate] (800.529 ms) : 0, 800529
GlobalTracer [baseline] (230.727 ms) : 0, 230727
GlobalTracer [candidate] (230.246 ms) : 0, 230246
IAST [baseline] (26.814 ms) : 0, 26814
IAST [candidate] (29.752 ms) : 0, 29752
AppSec [baseline] (51.549 ms) : 0, 51549
AppSec [candidate] (48.325 ms) : 0, 48325
Debugger [baseline] (5.909 ms) : 0, 5909
Debugger [candidate] (5.907 ms) : 0, 5907
Remote Config [baseline] (591.276 µs) : 0, 591
Remote Config [candidate] (602.244 µs) : 0, 602
Telemetry [baseline] (7.908 ms) : 0, 7908
Telemetry [candidate] (7.857 ms) : 0, 7857
section profiling
BytebuddyAgent [baseline] (674.171 ms) : 0, 674171
BytebuddyAgent [candidate] (671.289 ms) : 0, 671289
GlobalTracer [baseline] (375.836 ms) : 0, 375836
GlobalTracer [candidate] (373.443 ms) : 0, 373443
AppSec [baseline] (61.761 ms) : 0, 61761
AppSec [candidate] (61.643 ms) : 0, 61643
Debugger [baseline] (6.23 ms) : 0, 6230
Debugger [candidate] (6.278 ms) : 0, 6278
Remote Config [baseline] (655.88 µs) : 0, 656
Remote Config [candidate] (648.634 µs) : 0, 649
Telemetry [baseline] (8.143 ms) : 0, 8143
Telemetry [candidate] (8.177 ms) : 0, 8177
ProfilingAgent [baseline] (102.766 ms) : 0, 102766
ProfilingAgent [candidate] (102.575 ms) : 0, 102575
Profiling [baseline] (102.79 ms) : 0, 102790
Profiling [candidate] (102.598 ms) : 0, 102598
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-05-13T10:30:22 2025-05-13T10:38:11
git_branch master dependabot/github_actions/gh-actions-packages-970434cb35
git_commit_date 1747131471 1747131569
git_commit_sha 2fca456 65b6149
release_version 1.50.0-SNAPSHOT~2fca456b28 1.50.0-SNAPSHOT~65b6149274
start_time 2025-05-13T10:30:08 2025-05-13T10:37:56
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1747133091 1747133091
ci_job_id 935341870 935341870
ci_pipeline_id 64913734 64913734
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-j-ha6efi-project-304-concurrent-1-7ibu2lsh 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-j-ha6efi-project-304-concurrent-1-7ibu2lsh 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 18 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.375 ms) : 1355, 1394
.   : milestone, 1375,
appsec (1.742 ms) : 1719, 1766
.   : milestone, 1742,
appsec_no_iast (1.739 ms) : 1716, 1762
.   : milestone, 1739,
code_origins (1.686 ms) : 1659, 1712
.   : milestone, 1686,
iast (1.534 ms) : 1510, 1559
.   : milestone, 1534,
profiling (1.54 ms) : 1515, 1566
.   : milestone, 1540,
tracing (1.515 ms) : 1490, 1541
.   : milestone, 1515,
section candidate
no_agent (1.37 ms) : 1351, 1389
.   : milestone, 1370,
appsec (1.751 ms) : 1726, 1775
.   : milestone, 1751,
appsec_no_iast (1.743 ms) : 1720, 1766
.   : milestone, 1743,
code_origins (1.68 ms) : 1653, 1707
.   : milestone, 1680,
iast (1.531 ms) : 1506, 1555
.   : milestone, 1531,
profiling (1.533 ms) : 1510, 1556
.   : milestone, 1533,
tracing (1.522 ms) : 1497, 1547
.   : milestone, 1522,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.375 ms [1.355 ms, 1.394 ms] -
appsec 1.742 ms [1.719 ms, 1.766 ms] 367.713 µs (26.8%)
appsec_no_iast 1.739 ms [1.716 ms, 1.762 ms] 364.364 µs (26.5%)
code_origins 1.686 ms [1.659 ms, 1.712 ms] 311.191 µs (22.6%)
iast 1.534 ms [1.51 ms, 1.559 ms] 159.869 µs (11.6%)
profiling 1.54 ms [1.515 ms, 1.566 ms] 165.827 µs (12.1%)
tracing 1.515 ms [1.49 ms, 1.541 ms] 140.684 µs (10.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.37 ms [1.351 ms, 1.389 ms] -
appsec 1.751 ms [1.726 ms, 1.775 ms] 380.432 µs (27.8%)
appsec_no_iast 1.743 ms [1.72 ms, 1.766 ms] 372.768 µs (27.2%)
code_origins 1.68 ms [1.653 ms, 1.707 ms] 310.167 µs (22.6%)
iast 1.531 ms [1.506 ms, 1.555 ms] 160.641 µs (11.7%)
profiling 1.533 ms [1.51 ms, 1.556 ms] 162.799 µs (11.9%)
tracing 1.522 ms [1.497 ms, 1.547 ms] 151.932 µs (11.1%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28
    dateFormat X
    axisFormat %s
section baseline
no_agent (390.142 µs) : 370, 410
.   : milestone, 390,
iast (524.812 µs) : 503, 547
.   : milestone, 525,
iast_FULL (739.961 µs) : 718, 762
.   : milestone, 740,
iast_GLOBAL (567.246 µs) : 545, 589
.   : milestone, 567,
iast_HARDCODED_SECRET_DISABLED (534.681 µs) : 512, 557
.   : milestone, 535,
iast_INACTIVE (470.808 µs) : 448, 493
.   : milestone, 471,
iast_TELEMETRY_OFF (505.755 µs) : 483, 529
.   : milestone, 506,
tracing (464.413 µs) : 442, 487
.   : milestone, 464,
section candidate
no_agent (389.269 µs) : 369, 409
.   : milestone, 389,
iast (523.746 µs) : 501, 546
.   : milestone, 524,
iast_FULL (745.269 µs) : 723, 767
.   : milestone, 745,
iast_GLOBAL (567.22 µs) : 545, 589
.   : milestone, 567,
iast_HARDCODED_SECRET_DISABLED (530.031 µs) : 507, 553
.   : milestone, 530,
iast_INACTIVE (467.379 µs) : 445, 490
.   : milestone, 467,
iast_TELEMETRY_OFF (513.7 µs) : 491, 536
.   : milestone, 514,
tracing (468.025 µs) : 446, 490
.   : milestone, 468,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 390.142 µs [370.396 µs, 409.888 µs] -
iast 524.812 µs [502.65 µs, 546.974 µs] 134.67 µs (34.5%)
iast_FULL 739.961 µs [718.22 µs, 761.702 µs] 349.819 µs (89.7%)
iast_GLOBAL 567.246 µs [545.488 µs, 589.003 µs] 177.103 µs (45.4%)
iast_HARDCODED_SECRET_DISABLED 534.681 µs [511.869 µs, 557.493 µs] 144.539 µs (37.0%)
iast_INACTIVE 470.808 µs [448.379 µs, 493.236 µs] 80.665 µs (20.7%)
iast_TELEMETRY_OFF 505.755 µs [482.77 µs, 528.74 µs] 115.613 µs (29.6%)
tracing 464.413 µs [441.991 µs, 486.834 µs] 74.27 µs (19.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 389.269 µs [369.441 µs, 409.097 µs] -
iast 523.746 µs [501.49 µs, 546.001 µs] 134.477 µs (34.5%)
iast_FULL 745.269 µs [723.153 µs, 767.386 µs] 356.0 µs (91.5%)
iast_GLOBAL 567.22 µs [545.093 µs, 589.347 µs] 177.951 µs (45.7%)
iast_HARDCODED_SECRET_DISABLED 530.031 µs [507.306 µs, 552.757 µs] 140.763 µs (36.2%)
iast_INACTIVE 467.379 µs [444.989 µs, 489.769 µs] 78.11 µs (20.1%)
iast_TELEMETRY_OFF 513.7 µs [491.089 µs, 536.311 µs] 124.432 µs (32.0%)
tracing 468.025 µs [445.589 µs, 490.461 µs] 78.756 µs (20.2%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-970434cb35
git_commit_date 1747131471 1747131569
git_commit_sha 2fca456 65b6149
release_version 1.50.0-SNAPSHOT~2fca456b28 1.50.0-SNAPSHOT~65b6149274
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1747133574 1747133574
ci_job_id 935341872 935341872
ci_pipeline_id 64913734 64913734
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-qk7k1zfd-project-304-concurrent-0-f3oj6225 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-qk7k1zfd-project-304-concurrent-0-f3oj6225 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.477 ms) : 1465, 1488
.   : milestone, 1477,
appsec (2.411 ms) : 2361, 2460
.   : milestone, 2411,
iast (2.195 ms) : 2133, 2258
.   : milestone, 2195,
iast_GLOBAL (2.239 ms) : 2176, 2301
.   : milestone, 2239,
profiling (2.034 ms) : 1985, 2084
.   : milestone, 2034,
tracing (2.034 ms) : 1986, 2083
.   : milestone, 2034,
section candidate
no_agent (1.476 ms) : 1464, 1487
.   : milestone, 1476,
appsec (2.403 ms) : 2354, 2453
.   : milestone, 2403,
iast (2.188 ms) : 2126, 2250
.   : milestone, 2188,
iast_GLOBAL (2.235 ms) : 2173, 2298
.   : milestone, 2235,
profiling (2.057 ms) : 2006, 2109
.   : milestone, 2057,
tracing (2.017 ms) : 1968, 2065
.   : milestone, 2017,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.477 ms [1.465 ms, 1.488 ms] -
appsec 2.411 ms [2.361 ms, 2.46 ms] 933.806 µs (63.2%)
iast 2.195 ms [2.133 ms, 2.258 ms] 718.211 µs (48.6%)
iast_GLOBAL 2.239 ms [2.176 ms, 2.301 ms] 761.832 µs (51.6%)
profiling 2.034 ms [1.985 ms, 2.084 ms] 557.216 µs (37.7%)
tracing 2.034 ms [1.986 ms, 2.083 ms] 557.511 µs (37.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.476 ms [1.464 ms, 1.487 ms] -
appsec 2.403 ms [2.354 ms, 2.453 ms] 927.965 µs (62.9%)
iast 2.188 ms [2.126 ms, 2.25 ms] 712.782 µs (48.3%)
iast_GLOBAL 2.235 ms [2.173 ms, 2.298 ms] 759.876 µs (51.5%)
profiling 2.057 ms [2.006 ms, 2.109 ms] 581.949 µs (39.4%)
tracing 2.017 ms [1.968 ms, 2.065 ms] 541.375 µs (36.7%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~65b6149274, baseline=1.50.0-SNAPSHOT~2fca456b28
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.045 s) : 15045000, 15045000
.   : milestone, 15045000,
appsec (15.045 s) : 15045000, 15045000
.   : milestone, 15045000,
iast (18.289 s) : 18289000, 18289000
.   : milestone, 18289000,
iast_GLOBAL (18.182 s) : 18182000, 18182000
.   : milestone, 18182000,
profiling (15.046 s) : 15046000, 15046000
.   : milestone, 15046000,
tracing (14.846 s) : 14846000, 14846000
.   : milestone, 14846000,
section candidate
no_agent (15.438 s) : 15438000, 15438000
.   : milestone, 15438000,
appsec (15.156 s) : 15156000, 15156000
.   : milestone, 15156000,
iast (18.598 s) : 18598000, 18598000
.   : milestone, 18598000,
iast_GLOBAL (18.21 s) : 18210000, 18210000
.   : milestone, 18210000,
profiling (15.234 s) : 15234000, 15234000
.   : milestone, 15234000,
tracing (15.065 s) : 15065000, 15065000
.   : milestone, 15065000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.045 s [15.045 s, 15.045 s] -
appsec 15.045 s [15.045 s, 15.045 s] 0.0 µs (0.0%)
iast 18.289 s [18.289 s, 18.289 s] 3.244 s (21.6%)
iast_GLOBAL 18.182 s [18.182 s, 18.182 s] 3.137 s (20.9%)
profiling 15.046 s [15.046 s, 15.046 s] 1.0 ms (0.0%)
tracing 14.846 s [14.846 s, 14.846 s] -199.0 ms (-1.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.438 s [15.438 s, 15.438 s] -
appsec 15.156 s [15.156 s, 15.156 s] -282.0 ms (-1.8%)
iast 18.598 s [18.598 s, 18.598 s] 3.16 s (20.5%)
iast_GLOBAL 18.21 s [18.21 s, 18.21 s] 2.772 s (18.0%)
profiling 15.234 s [15.234 s, 15.234 s] -204.0 ms (-1.3%)
tracing 15.065 s [15.065 s, 15.065 s] -373.0 ms (-2.4%)

@PerfectSlayer PerfectSlayer merged commit 50e8b5a into master May 15, 2025
591 of 593 checks passed
@PerfectSlayer PerfectSlayer deleted the dependabot/github_actions/gh-actions-packages-970434cb35 branch May 15, 2025 06:08
@github-actions github-actions bot added this to the 1.50.0 milestone May 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mcculls mcculls mcculls approved these changes

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

Assignees
No one assigned
Labels
comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes
Projects
None yet
Milestone
1.50.0
Development

Successfully merging this pull request may close these issues.
2 participants
@mcculls @PerfectSlayer