Add propagation to String constructors with StringBuffer and StringBuilder

[Mariovido]

What Does This Do

This adds the instrumentation to propagate the taint values through the following constructors of String:

• String(StringBuffer)
• String(StringBuilder)

Motivation

Increase propagation of String methods/constructors.

Additional Notes

This PR also made some small refactors to make some methods more generic.

Contributor Checklist

• Format the title according the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any usefull labels
• Squash your commits prior merging or merge using GitHub's Squash and merge
• Don't use close, fix or any linking keywords when referencing an issue.
  Use solves instead, and assign the PR milestone to the issue
• Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-55355

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	mario.vidal/taint_tracking_string_constructors
git_commit_date	1732272014	1732272787
git_commit_sha	adf9784	86089a8
release_version	1.43.0-SNAPSHOT~adf9784bfd	1.43.0-SNAPSHOT~86089a8870

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1732275611	1732275611
ci_job_id	716857311	716857311
ci_pipeline_id	49712331	49712331
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 9 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.092 s) : 0, 1091578
Total [baseline] (8.684 s) : 0, 8683852
Agent [candidate] (1.088 s) : 0, 1088465
Total [candidate] (8.684 s) : 0, 8683645
section iast
Agent [baseline] (1.215 s) : 0, 1215240
Total [baseline] (9.186 s) : 0, 9185905
Agent [candidate] (1.233 s) : 0, 1232651
Total [candidate] (9.267 s) : 0, 9266822
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.223 s) : 0, 1223218
Total [baseline] (9.163 s) : 0, 9162692
Agent [candidate] (1.223 s) : 0, 1222926
Total [candidate] (9.188 s) : 0, 9188113
section iast_TELEMETRY_OFF
Agent [baseline] (1.216 s) : 0, 1216061
Total [baseline] (9.186 s) : 0, 9185525
Agent [candidate] (1.215 s) : 0, 1214514
Total [candidate] (9.194 s) : 0, 9193531

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.092 s	-
Agent	iast	1.215 s	123.662 ms (11.3%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.223 s	131.64 ms (12.1%)
Agent	iast_TELEMETRY_OFF	1.216 s	124.483 ms (11.4%)
Total	tracing	8.684 s	-
Total	iast	9.186 s	502.053 ms (5.8%)
Total	iast_HARDCODED_SECRET_DISABLED	9.163 s	478.84 ms (5.5%)
Total	iast_TELEMETRY_OFF	9.186 s	501.673 ms (5.8%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.088 s	-
Agent	iast	1.233 s	144.186 ms (13.2%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.223 s	134.461 ms (12.4%)
Agent	iast_TELEMETRY_OFF	1.215 s	126.048 ms (11.6%)
Total	tracing	8.684 s	-
Total	iast	9.267 s	583.177 ms (6.7%)
Total	iast_HARDCODED_SECRET_DISABLED	9.188 s	504.468 ms (5.8%)
Total	iast_TELEMETRY_OFF	9.194 s	509.886 ms (5.9%)

gantt
    title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (694.301 ms) : 0, 694301
BytebuddyAgent [candidate] (693.067 ms) : 0, 693067
GlobalTracer [baseline] (318.081 ms) : 0, 318081
GlobalTracer [candidate] (318.484 ms) : 0, 318484
AppSec [baseline] (54.765 ms) : 0, 54765
AppSec [candidate] (54.67 ms) : 0, 54670
Remote Config [baseline] (681.016 µs) : 0, 681
Remote Config [candidate] (679.314 µs) : 0, 679
Telemetry [baseline] (10.018 ms) : 0, 10018
Telemetry [candidate] (7.829 ms) : 0, 7829
section iast
BytebuddyAgent [baseline] (808.183 ms) : 0, 808183
BytebuddyAgent [candidate] (820.089 ms) : 0, 820089
GlobalTracer [baseline] (306.568 ms) : 0, 306568
GlobalTracer [candidate] (310.528 ms) : 0, 310528
AppSec [baseline] (56.645 ms) : 0, 56645
AppSec [candidate] (58.656 ms) : 0, 58656
IAST [baseline] (22.12 ms) : 0, 22120
IAST [candidate] (21.123 ms) : 0, 21123
Remote Config [baseline] (609.601 µs) : 0, 610
Remote Config [candidate] (643.705 µs) : 0, 644
Telemetry [baseline] (7.417 ms) : 0, 7417
Telemetry [candidate] (7.643 ms) : 0, 7643
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (812.696 ms) : 0, 812696
BytebuddyAgent [candidate] (814.888 ms) : 0, 814888
GlobalTracer [baseline] (309.944 ms) : 0, 309944
GlobalTracer [candidate] (307.509 ms) : 0, 307509
AppSec [baseline] (58.069 ms) : 0, 58069
AppSec [candidate] (57.746 ms) : 0, 57746
IAST [baseline] (20.618 ms) : 0, 20618
IAST [candidate] (20.766 ms) : 0, 20766
Remote Config [baseline] (625.258 µs) : 0, 625
Remote Config [candidate] (619.988 µs) : 0, 620
Telemetry [baseline] (7.484 ms) : 0, 7484
Telemetry [candidate] (7.562 ms) : 0, 7562
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (808.059 ms) : 0, 808059
BytebuddyAgent [candidate] (806.525 ms) : 0, 806525
GlobalTracer [baseline] (307.403 ms) : 0, 307403
GlobalTracer [candidate] (307.206 ms) : 0, 307206
AppSec [baseline] (58.262 ms) : 0, 58262
AppSec [candidate] (57.877 ms) : 0, 57877
IAST [baseline] (20.583 ms) : 0, 20583
IAST [candidate] (21.169 ms) : 0, 21169
Remote Config [baseline] (625.077 µs) : 0, 625
Remote Config [candidate] (614.862 µs) : 0, 615
Telemetry [baseline] (7.389 ms) : 0, 7389
Telemetry [candidate] (7.377 ms) : 0, 7377

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.098 s) : 0, 1097654
Total [baseline] (10.479 s) : 0, 10479455
Agent [candidate] (1.096 s) : 0, 1096298
Total [candidate] (10.459 s) : 0, 10458847
section appsec
Agent [baseline] (1.226 s) : 0, 1225593
Total [baseline] (10.739 s) : 0, 10739213
Agent [candidate] (1.23 s) : 0, 1229767
Total [candidate] (10.755 s) : 0, 10754848
section iast
Agent [baseline] (1.222 s) : 0, 1222197
Total [baseline] (10.965 s) : 0, 10965085
Agent [candidate] (1.219 s) : 0, 1218610
Total [candidate] (10.969 s) : 0, 10969419
section profiling
Agent [baseline] (1.289 s) : 0, 1288702
Total [baseline] (10.885 s) : 0, 10885083
Agent [candidate] (1.298 s) : 0, 1297788
Total [candidate] (10.906 s) : 0, 10906010

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.098 s	-
Agent	appsec	1.226 s	127.938 ms (11.7%)
Agent	iast	1.222 s	124.543 ms (11.3%)
Agent	profiling	1.289 s	191.048 ms (17.4%)
Total	tracing	10.479 s	-
Total	appsec	10.739 s	259.757 ms (2.5%)
Total	iast	10.965 s	485.63 ms (4.6%)
Total	profiling	10.885 s	405.628 ms (3.9%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.096 s	-
Agent	appsec	1.23 s	133.469 ms (12.2%)
Agent	iast	1.219 s	122.312 ms (11.2%)
Agent	profiling	1.298 s	201.49 ms (18.4%)
Total	tracing	10.459 s	-
Total	appsec	10.755 s	296.001 ms (2.8%)
Total	iast	10.969 s	510.572 ms (4.9%)
Total	profiling	10.906 s	447.163 ms (4.3%)

gantt
    title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (698.331 ms) : 0, 698331
BytebuddyAgent [candidate] (697.064 ms) : 0, 697064
GlobalTracer [baseline] (320.072 ms) : 0, 320072
GlobalTracer [candidate] (320.023 ms) : 0, 320023
AppSec [baseline] (55.317 ms) : 0, 55317
AppSec [candidate] (55.381 ms) : 0, 55381
Remote Config [baseline] (693.251 µs) : 0, 693
Remote Config [candidate] (695.674 µs) : 0, 696
Telemetry [baseline] (9.386 ms) : 0, 9386
Telemetry [candidate] (9.306 ms) : 0, 9306
section appsec
BytebuddyAgent [baseline] (710.252 ms) : 0, 710252
BytebuddyAgent [candidate] (713.535 ms) : 0, 713535
GlobalTracer [baseline] (315.079 ms) : 0, 315079
GlobalTracer [candidate] (316.044 ms) : 0, 316044
AppSec [baseline] (167.337 ms) : 0, 167337
AppSec [candidate] (167.504 ms) : 0, 167504
IAST [baseline] (19.853 ms) : 0, 19853
IAST [candidate] (19.182 ms) : 0, 19182
Remote Config [baseline] (652.876 µs) : 0, 653
Remote Config [candidate] (644.844 µs) : 0, 645
Telemetry [baseline] (8.616 ms) : 0, 8616
Telemetry [candidate] (8.637 ms) : 0, 8637
section iast
BytebuddyAgent [baseline] (812.339 ms) : 0, 812339
BytebuddyAgent [candidate] (810.913 ms) : 0, 810913
GlobalTracer [baseline] (308.406 ms) : 0, 308406
GlobalTracer [candidate] (307.072 ms) : 0, 307072
AppSec [baseline] (57.522 ms) : 0, 57522
AppSec [candidate] (57.732 ms) : 0, 57732
IAST [baseline] (21.965 ms) : 0, 21965
IAST [candidate] (20.894 ms) : 0, 20894
Remote Config [baseline] (640.454 µs) : 0, 640
Remote Config [candidate] (619.467 µs) : 0, 619
Telemetry [baseline] (7.547 ms) : 0, 7547
Telemetry [candidate] (7.581 ms) : 0, 7581
section profiling
BytebuddyAgent [baseline] (687.097 ms) : 0, 687097
BytebuddyAgent [candidate] (691.725 ms) : 0, 691725
GlobalTracer [baseline] (401.903 ms) : 0, 401903
GlobalTracer [candidate] (403.707 ms) : 0, 403707
AppSec [baseline] (55.434 ms) : 0, 55434
AppSec [candidate] (55.493 ms) : 0, 55493
Remote Config [baseline] (676.89 µs) : 0, 677
Remote Config [candidate] (686.677 µs) : 0, 687
Telemetry [baseline] (9.993 ms) : 0, 9993
Telemetry [candidate] (10.825 ms) : 0, 10825
ProfilingAgent [baseline] (94.505 ms) : 0, 94505
ProfilingAgent [candidate] (95.88 ms) : 0, 95880
Profiling [baseline] (94.529 ms) : 0, 94529
Profiling [candidate] (95.903 ms) : 0, 95903

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2024-11-22T11:11:25	2024-11-22T11:18:23
git_branch	master	mario.vidal/taint_tracking_string_constructors
git_commit_date	1732272014	1732272787
git_commit_sha	adf9784	86089a8
release_version	1.43.0-SNAPSHOT~adf9784bfd	1.43.0-SNAPSHOT~86089a8870
start_time	2024-11-22T11:11:12	2024-11-22T11:18:09

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1732274655	1732274655
ci_job_id	716857312	716857312
ci_pipeline_id	49712331	49712331
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics.

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.345 ms) : 1324, 1366
.   : milestone, 1345,
appsec (1.75 ms) : 1726, 1774
.   : milestone, 1750,
appsec_no_iast (1.769 ms) : 1745, 1793
.   : milestone, 1769,
iast (1.51 ms) : 1488, 1533
.   : milestone, 1510,
profiling (1.477 ms) : 1453, 1500
.   : milestone, 1477,
tracing (1.49 ms) : 1465, 1515
.   : milestone, 1490,
section candidate
no_agent (1.348 ms) : 1329, 1367
.   : milestone, 1348,
appsec (1.773 ms) : 1748, 1797
.   : milestone, 1773,
appsec_no_iast (1.766 ms) : 1742, 1790
.   : milestone, 1766,
iast (1.494 ms) : 1471, 1517
.   : milestone, 1494,
profiling (1.504 ms) : 1480, 1529
.   : milestone, 1504,
tracing (1.496 ms) : 1471, 1521
.   : milestone, 1496,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.345 ms [1.324 ms, 1.366 ms]	-
appsec	1.75 ms [1.726 ms, 1.774 ms]	405.376 µs (30.1%)
appsec_no_iast	1.769 ms [1.745 ms, 1.793 ms]	424.214 µs (31.5%)
iast	1.51 ms [1.488 ms, 1.533 ms]	165.143 µs (12.3%)
profiling	1.477 ms [1.453 ms, 1.5 ms]	131.906 µs (9.8%)
tracing	1.49 ms [1.465 ms, 1.515 ms]	145.097 µs (10.8%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.348 ms [1.329 ms, 1.367 ms]	-
appsec	1.773 ms [1.748 ms, 1.797 ms]	424.768 µs (31.5%)
appsec_no_iast	1.766 ms [1.742 ms, 1.79 ms]	418.249 µs (31.0%)
iast	1.494 ms [1.471 ms, 1.517 ms]	146.449 µs (10.9%)
profiling	1.504 ms [1.48 ms, 1.529 ms]	156.693 µs (11.6%)
tracing	1.496 ms [1.471 ms, 1.521 ms]	148.398 µs (11.0%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (371.739 µs) : 352, 391
.   : milestone, 372,
iast (483.956 µs) : 463, 505
.   : milestone, 484,
iast_FULL (644.903 µs) : 624, 666
.   : milestone, 645,
iast_GLOBAL (524.037 µs) : 501, 547
.   : milestone, 524,
iast_HARDCODED_SECRET_DISABLED (486.114 µs) : 465, 507
.   : milestone, 486,
iast_INACTIVE (456.328 µs) : 435, 477
.   : milestone, 456,
iast_TELEMETRY_OFF (483.92 µs) : 462, 506
.   : milestone, 484,
tracing (443.984 µs) : 424, 464
.   : milestone, 444,
section candidate
no_agent (375.792 µs) : 356, 396
.   : milestone, 376,
iast (492.77 µs) : 471, 514
.   : milestone, 493,
iast_FULL (650.137 µs) : 629, 672
.   : milestone, 650,
iast_GLOBAL (528.374 µs) : 505, 552
.   : milestone, 528,
iast_HARDCODED_SECRET_DISABLED (492.642 µs) : 471, 515
.   : milestone, 493,
iast_INACTIVE (446.302 µs) : 426, 467
.   : milestone, 446,
iast_TELEMETRY_OFF (473.715 µs) : 453, 495
.   : milestone, 474,
tracing (444.227 µs) : 424, 465
.   : milestone, 444,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	371.739 µs [352.212 µs, 391.265 µs]	-
iast	483.956 µs [462.599 µs, 505.312 µs]	112.217 µs (30.2%)
iast_FULL	644.903 µs [623.537 µs, 666.27 µs]	273.165 µs (73.5%)
iast_GLOBAL	524.037 µs [501.288 µs, 546.786 µs]	152.298 µs (41.0%)
iast_HARDCODED_SECRET_DISABLED	486.114 µs [464.924 µs, 507.305 µs]	114.376 µs (30.8%)
iast_INACTIVE	456.328 µs [435.203 µs, 477.452 µs]	84.589 µs (22.8%)
iast_TELEMETRY_OFF	483.92 µs [461.706 µs, 506.134 µs]	112.181 µs (30.2%)
tracing	443.984 µs [423.599 µs, 464.369 µs]	72.245 µs (19.4%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	375.792 µs [355.543 µs, 396.041 µs]	-
iast	492.77 µs [471.296 µs, 514.245 µs]	116.978 µs (31.1%)
iast_FULL	650.137 µs [628.598 µs, 671.675 µs]	274.345 µs (73.0%)
iast_GLOBAL	528.374 µs [504.878 µs, 551.869 µs]	152.582 µs (40.6%)
iast_HARDCODED_SECRET_DISABLED	492.642 µs [470.717 µs, 514.568 µs]	116.851 µs (31.1%)
iast_INACTIVE	446.302 µs [425.52 µs, 467.084 µs]	70.51 µs (18.8%)
iast_TELEMETRY_OFF	473.715 µs [452.682 µs, 494.747 µs]	97.923 µs (26.1%)
tracing	444.227 µs [423.714 µs, 464.74 µs]	68.435 µs (18.2%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	mario.vidal/taint_tracking_string_constructors
git_commit_date	1732272014	1732272787
git_commit_sha	adf9784	86089a8
release_version	1.43.0-SNAPSHOT~adf9784bfd	1.43.0-SNAPSHOT~86089a8870

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1732275125	1732275125
ci_job_id	716857313	716857313
ci_pipeline_id	49712331	49712331
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.856 s) : 14856000, 14856000
.   : milestone, 14856000,
appsec (15.238 s) : 15238000, 15238000
.   : milestone, 15238000,
iast (19.065 s) : 19065000, 19065000
.   : milestone, 19065000,
iast_GLOBAL (18.115 s) : 18115000, 18115000
.   : milestone, 18115000,
profiling (14.831 s) : 14831000, 14831000
.   : milestone, 14831000,
tracing (15.205 s) : 15205000, 15205000
.   : milestone, 15205000,
section candidate
no_agent (15.267 s) : 15267000, 15267000
.   : milestone, 15267000,
appsec (14.97 s) : 14970000, 14970000
.   : milestone, 14970000,
iast (18.309 s) : 18309000, 18309000
.   : milestone, 18309000,
iast_GLOBAL (18.158 s) : 18158000, 18158000
.   : milestone, 18158000,
profiling (14.903 s) : 14903000, 14903000
.   : milestone, 14903000,
tracing (14.836 s) : 14836000, 14836000
.   : milestone, 14836000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.856 s [14.856 s, 14.856 s]	-
appsec	15.238 s [15.238 s, 15.238 s]	382.0 ms (2.6%)
iast	19.065 s [19.065 s, 19.065 s]	4.209 s (28.3%)
iast_GLOBAL	18.115 s [18.115 s, 18.115 s]	3.259 s (21.9%)
profiling	14.831 s [14.831 s, 14.831 s]	-25.0 ms (-0.2%)
tracing	15.205 s [15.205 s, 15.205 s]	349.0 ms (2.3%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.267 s [15.267 s, 15.267 s]	-
appsec	14.97 s [14.97 s, 14.97 s]	-297.0 ms (-1.9%)
iast	18.309 s [18.309 s, 18.309 s]	3.042 s (19.9%)
iast_GLOBAL	18.158 s [18.158 s, 18.158 s]	2.891 s (18.9%)
profiling	14.903 s [14.903 s, 14.903 s]	-364.0 ms (-2.4%)
tracing	14.836 s [14.836 s, 14.836 s]	-431.0 ms (-2.8%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~86089a8870, baseline=1.43.0-SNAPSHOT~adf9784bfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.472 ms) : 1461, 1484
.   : milestone, 1472,
appsec (2.352 ms) : 2311, 2394
.   : milestone, 2352,
iast (2.093 ms) : 2040, 2145
.   : milestone, 2093,
iast_GLOBAL (2.138 ms) : 2086, 2191
.   : milestone, 2138,
profiling (2.424 ms) : 2176, 2671
.   : milestone, 2424,
tracing (1.931 ms) : 1891, 1971
.   : milestone, 1931,
section candidate
no_agent (1.472 ms) : 1460, 1483
.   : milestone, 1472,
appsec (2.347 ms) : 2306, 2389
.   : milestone, 2347,
iast (2.089 ms) : 2036, 2141
.   : milestone, 2089,
iast_GLOBAL (2.126 ms) : 2074, 2179
.   : milestone, 2126,
profiling (1.964 ms) : 1921, 2007
.   : milestone, 1964,
tracing (1.93 ms) : 1890, 1970
.   : milestone, 1930,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.472 ms [1.461 ms, 1.484 ms]	-
appsec	2.352 ms [2.311 ms, 2.394 ms]	879.885 µs (59.8%)
iast	2.093 ms [2.04 ms, 2.145 ms]	620.336 µs (42.1%)
iast_GLOBAL	2.138 ms [2.086 ms, 2.191 ms]	665.949 µs (45.2%)
profiling	2.424 ms [2.176 ms, 2.671 ms]	951.44 µs (64.6%)
tracing	1.931 ms [1.891 ms, 1.971 ms]	458.298 µs (31.1%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.472 ms [1.46 ms, 1.483 ms]	-
appsec	2.347 ms [2.306 ms, 2.389 ms]	875.665 µs (59.5%)
iast	2.089 ms [2.036 ms, 2.141 ms]	617.03 µs (41.9%)
iast_GLOBAL	2.126 ms [2.074 ms, 2.179 ms]	654.578 µs (44.5%)
profiling	1.964 ms [1.921 ms, 2.007 ms]	492.77 µs (33.5%)
tracing	1.93 ms [1.89 ms, 1.97 ms]	458.468 µs (31.2%)

[manuel-alvarez-alvarez]

LGTM