chore(ci): bump the gh-actions-packages group with 2 updates

[dependabot]

Bumps the gh-actions-packages group with 2 updates: actions/cache and github/codeql-action.

Updates actions/cache from 4.2.4 to 4.3.0

Release notes

Sourced from actions/cache's releases.

v4.3.0

What's Changed

• Add note on runner versions by @​GhadimiR in actions/cache#1642
• Prepare v4.3.0 release by @​Link- in actions/cache#1655

New Contributors

• @​GhadimiR made their first contribution in actions/cache#1642

Full Changelog: actions/cache@v4...v4.3.0

Changelog

Sourced from actions/cache's changelog.

Releases

4.3.0

• Bump @actions/cache to v4.1.0

4.2.4

• Bump @actions/cache to v4.0.5

4.2.3

• Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

• Bump @actions/cache to v4.0.2

4.2.1

• Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

• Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
• Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

• Restore original behavior of cache-hit output - #1467

4.1.0

• Ensure cache-hit output is set when a cache is missed - #1404
• Deprecate save-always input - #1452

... (truncated)

Commits

• 0057852 Merge pull request #1655 from actions/Link-/prepare-4.3.0
• 4f5ea67 Update licensed cache
• 9fcad95 Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release
• 638ed79 Merge pull request #1642 from actions/GhadimiR-patch-1
• 3862dcc Add note on runner versions
• See full diff in compare view

Updates github/codeql-action from 3.30.3 to 3.30.5

Release notes

Sourced from github/codeql-action's releases.

v3.30.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

See the full CHANGELOG.md for more information.

v3.30.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
• Update default CodeQL bundle version to 2.23.1. #3118

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
• Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

• Fixed a bug which could cause language autodetection to fail. #3084
• Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

3.30.1 - 05 Sep 2025

• Update default CodeQL bundle version to 2.23.0. #3077

3.30.0 - 01 Sep 2025

• Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #3054

3.29.11 - 21 Aug 2025

• Update default CodeQL bundle version to 2.22.4. #3044

3.29.10 - 18 Aug 2025

No user facing changes.

3.29.9 - 12 Aug 2025

No user facing changes.

3.29.8 - 08 Aug 2025

... (truncated)

Commits

• 3599b3b Merge pull request #3161 from github/update-v3.30.5-0a67bd46a
• 2ca0085 Update changelog for v3.30.5
• 0a67bd4 Merge pull request #3160 from github/mbg/fix/upload-sarif
• 8e34f2f Add changelog
• 0b7fc56 Fix upload-sarif not uploading non-.sarif files
• 94a9b7a Merge pull request #3155 from github/mbg/node/no-install-in-actions
• a0ae9ba Log what the script is doing
• b27a8ef Exit if running in an Actions workflow
• 6592567 Merge pull request #3139 from github/henrymercer/fix-log-message
• fa64a7d Merge pull request #3154 from github/mbg/node/check-up-to-date-deps
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	dependabot/github_actions/gh-actions-packages-70be2d3a31
git_commit_date	1759434795	1759470470
git_commit_sha	730565b	b9dea8f
release_version	1.54.0-SNAPSHOT~730565b556	1.54.0-SNAPSHOT~b9dea8fc39

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1759472282	1759472282
ci_job_id	1161457316	1161457316
ci_pipeline_id	78270514	78270514
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-asilhz6u 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-asilhz6u 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 57 metrics, 8 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.019 s) : 0, 1018958
Total [baseline] (8.663 s) : 0, 8663164
Agent [candidate] (1.025 s) : 0, 1025005
Total [candidate] (8.652 s) : 0, 8652228
section iast
Agent [baseline] (1.151 s) : 0, 1151042
Total [baseline] (9.231 s) : 0, 9230585
Agent [candidate] (1.157 s) : 0, 1157193
Total [candidate] (9.271 s) : 0, 9270828

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.019 s	-
Agent	iast	1.151 s	132.085 ms (13.0%)
Total	tracing	8.663 s	-
Total	iast	9.231 s	567.421 ms (6.5%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.025 s	-
Agent	iast	1.157 s	132.188 ms (12.9%)
Total	tracing	8.652 s	-
Total	iast	9.271 s	618.6 ms (7.1%)

gantt
    title insecure-bank - break down per module: candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.458 ms) : 0, 1458
crashtracking [candidate] (1.467 ms) : 0, 1467
BytebuddyAgent [baseline] (694.929 ms) : 0, 694929
BytebuddyAgent [candidate] (698.448 ms) : 0, 698448
GlobalTracer [baseline] (242.825 ms) : 0, 242825
GlobalTracer [candidate] (244.675 ms) : 0, 244675
AppSec [baseline] (32.633 ms) : 0, 32633
AppSec [candidate] (32.867 ms) : 0, 32867
Debugger [baseline] (6.354 ms) : 0, 6354
Debugger [candidate] (6.413 ms) : 0, 6413
Remote Config [baseline] (671.331 µs) : 0, 671
Remote Config [candidate] (683.155 µs) : 0, 683
Telemetry [baseline] (9.061 ms) : 0, 9061
Telemetry [candidate] (9.083 ms) : 0, 9083
Flare Poller [baseline] (10.006 ms) : 0, 10006
Flare Poller [candidate] (10.244 ms) : 0, 10244
section iast
crashtracking [baseline] (1.462 ms) : 0, 1462
crashtracking [candidate] (1.469 ms) : 0, 1469
BytebuddyAgent [baseline] (814.236 ms) : 0, 814236
BytebuddyAgent [candidate] (817.543 ms) : 0, 817543
GlobalTracer [baseline] (233.414 ms) : 0, 233414
GlobalTracer [candidate] (235.222 ms) : 0, 235222
AppSec [baseline] (35.294 ms) : 0, 35294
AppSec [candidate] (34.645 ms) : 0, 34645
Debugger [baseline] (6.118 ms) : 0, 6118
Debugger [candidate] (6.165 ms) : 0, 6165
Remote Config [baseline] (586.633 µs) : 0, 587
Remote Config [candidate] (593.537 µs) : 0, 594
Telemetry [baseline] (8.103 ms) : 0, 8103
Telemetry [candidate] (8.282 ms) : 0, 8282
Flare Poller [baseline] (4.287 ms) : 0, 4287
Flare Poller [candidate] (4.272 ms) : 0, 4272
IAST [baseline] (26.391 ms) : 0, 26391
IAST [candidate] (27.732 ms) : 0, 27732

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.028 s) : 0, 1027607
Total [baseline] (10.801 s) : 0, 10800746
Agent [candidate] (1.02 s) : 0, 1020374
Total [candidate] (10.708 s) : 0, 10708430
section appsec
Agent [baseline] (1.201 s) : 0, 1201384
Total [baseline] (10.998 s) : 0, 10997613
Agent [candidate] (1.201 s) : 0, 1200755
Total [candidate] (11.07 s) : 0, 11070035
section iast
Agent [baseline] (1.153 s) : 0, 1153313
Total [baseline] (10.915 s) : 0, 10915114
Agent [candidate] (1.153 s) : 0, 1153318
Total [candidate] (10.849 s) : 0, 10849125
section profiling
Agent [baseline] (1.163 s) : 0, 1163489
Total [baseline] (10.989 s) : 0, 10988538
Agent [candidate] (1.16 s) : 0, 1160469
Total [candidate] (10.989 s) : 0, 10989055

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.028 s	-
Agent	appsec	1.201 s	173.777 ms (16.9%)
Agent	iast	1.153 s	125.706 ms (12.2%)
Agent	profiling	1.163 s	135.882 ms (13.2%)
Total	tracing	10.801 s	-
Total	appsec	10.998 s	196.867 ms (1.8%)
Total	iast	10.915 s	114.368 ms (1.1%)
Total	profiling	10.989 s	187.791 ms (1.7%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.02 s	-
Agent	appsec	1.201 s	180.382 ms (17.7%)
Agent	iast	1.153 s	132.944 ms (13.0%)
Agent	profiling	1.16 s	140.096 ms (13.7%)
Total	tracing	10.708 s	-
Total	appsec	11.07 s	361.605 ms (3.4%)
Total	iast	10.849 s	140.695 ms (1.3%)
Total	profiling	10.989 s	280.625 ms (2.6%)

gantt
    title petclinic - break down per module: candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.467 ms) : 0, 1467
crashtracking [candidate] (1.459 ms) : 0, 1459
BytebuddyAgent [baseline] (699.358 ms) : 0, 699358
BytebuddyAgent [candidate] (694.288 ms) : 0, 694288
GlobalTracer [baseline] (244.685 ms) : 0, 244685
GlobalTracer [candidate] (244.77 ms) : 0, 244770
AppSec [baseline] (32.918 ms) : 0, 32918
AppSec [candidate] (32.617 ms) : 0, 32617
Debugger [baseline] (6.426 ms) : 0, 6426
Debugger [candidate] (6.348 ms) : 0, 6348
Remote Config [baseline] (682.45 µs) : 0, 682
Remote Config [candidate] (710.11 µs) : 0, 710
Telemetry [baseline] (8.999 ms) : 0, 8999
Telemetry [candidate] (9.022 ms) : 0, 9022
Flare Poller [baseline] (11.821 ms) : 0, 11821
Flare Poller [candidate] (10.007 ms) : 0, 10007
section appsec
crashtracking [baseline] (1.475 ms) : 0, 1475
crashtracking [candidate] (1.46 ms) : 0, 1460
BytebuddyAgent [baseline] (722.728 ms) : 0, 722728
BytebuddyAgent [candidate] (720.806 ms) : 0, 720806
GlobalTracer [baseline] (236.613 ms) : 0, 236613
GlobalTracer [candidate] (236.897 ms) : 0, 236897
AppSec [baseline] (175.026 ms) : 0, 175026
AppSec [candidate] (174.619 ms) : 0, 174619
Debugger [baseline] (6.135 ms) : 0, 6135
Debugger [candidate] (6.182 ms) : 0, 6182
Remote Config [baseline] (655.613 µs) : 0, 656
Remote Config [candidate] (653.929 µs) : 0, 654
Telemetry [baseline] (8.412 ms) : 0, 8412
Telemetry [candidate] (9.216 ms) : 0, 9216
Flare Poller [baseline] (3.995 ms) : 0, 3995
Flare Poller [candidate] (4.776 ms) : 0, 4776
IAST [baseline] (25.072 ms) : 0, 25072
IAST [candidate] (24.967 ms) : 0, 24967
section iast
crashtracking [baseline] (1.465 ms) : 0, 1465
crashtracking [candidate] (1.474 ms) : 0, 1474
BytebuddyAgent [baseline] (814.982 ms) : 0, 814982
BytebuddyAgent [candidate] (816.579 ms) : 0, 816579
GlobalTracer [baseline] (234.432 ms) : 0, 234432
GlobalTracer [candidate] (233.515 ms) : 0, 233515
AppSec [baseline] (35.278 ms) : 0, 35278
AppSec [candidate] (35.186 ms) : 0, 35186
Debugger [baseline] (6.234 ms) : 0, 6234
Debugger [candidate] (6.122 ms) : 0, 6122
Remote Config [baseline] (611.838 µs) : 0, 612
Remote Config [candidate] (604.391 µs) : 0, 604
Telemetry [baseline] (8.306 ms) : 0, 8306
Telemetry [candidate] (8.114 ms) : 0, 8114
Flare Poller [baseline] (4.294 ms) : 0, 4294
Flare Poller [candidate] (4.227 ms) : 0, 4227
IAST [baseline] (26.538 ms) : 0, 26538
IAST [candidate] (26.257 ms) : 0, 26257
section profiling
crashtracking [baseline] (1.423 ms) : 0, 1423
crashtracking [candidate] (1.412 ms) : 0, 1412
BytebuddyAgent [baseline] (722.934 ms) : 0, 722934
BytebuddyAgent [candidate] (720.846 ms) : 0, 720846
GlobalTracer [baseline] (218.796 ms) : 0, 218796
GlobalTracer [candidate] (218.262 ms) : 0, 218262
AppSec [baseline] (32.704 ms) : 0, 32704
AppSec [candidate] (32.636 ms) : 0, 32636
Debugger [baseline] (6.535 ms) : 0, 6535
Debugger [candidate] (6.491 ms) : 0, 6491
Remote Config [baseline] (773.032 µs) : 0, 773
Remote Config [candidate] (797.604 µs) : 0, 798
Telemetry [baseline] (16.23 ms) : 0, 16230
Telemetry [candidate] (16.402 ms) : 0, 16402
Flare Poller [baseline] (4.123 ms) : 0, 4123
Flare Poller [candidate] (4.061 ms) : 0, 4061
ProfilingAgent [baseline] (106.79 ms) : 0, 106790
ProfilingAgent [candidate] (106.868 ms) : 0, 106868
Profiling [baseline] (108.23 ms) : 0, 108230
Profiling [candidate] (107.96 ms) : 0, 107960

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	dependabot/github_actions/gh-actions-packages-70be2d3a31
git_commit_date	1759434795	1759470470
git_commit_sha	730565b	b9dea8f
release_version	1.54.0-SNAPSHOT~730565b556	1.54.0-SNAPSHOT~b9dea8fc39

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1759471950	1759471950
ci_job_id	1161457317	1161457317
ci_pipeline_id	78270514	78270514
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-lhrgetuu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-lhrgetuu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 4 performance improvements and 0 performance regressions! Performance is the same for 8 metrics, 12 unstable metrics.

scenario	Δ mean http_req_duration	Δ mean throughput	candidate mean http_req_duration	candidate mean throughput	baseline mean http_req_duration	baseline mean throughput
scenario:load:insecure-bank:profiling:high_load	better [-565.972µs; -255.753µs] or [-6.142%; -2.775%]	unstable [-40.798op/s; +87.673op/s] or [-8.102%; +17.412%]	8.804ms	526.969op/s	9.215ms	503.531op/s
scenario:load:insecure-bank:no_agent:high_load	better [-211.098µs; -101.471µs] or [-4.742%; -2.279%]	unstable [-79.958op/s; +154.208op/s] or [-7.755%; +14.956%]	4.296ms	1068.188op/s	4.452ms	1031.062op/s
scenario:load:petclinic:appsec:high_load	better [-2.204ms; -1.306ms] or [-4.492%; -2.662%]	unstable [-2.970op/s; +10.045op/s] or [-3.114%; +10.533%]	47.308ms	98.900op/s	49.063ms	95.362op/s
scenario:load:petclinic:code_origins:high_load	better [-2.413ms; -1.569ms] or [-5.315%; -3.455%]	unstable [-2.336op/s; +11.711op/s] or [-2.267%; +11.363%]	43.411ms	107.750op/s	45.402ms	103.062op/s

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.452 ms) : 4401, 4503
.   : milestone, 4452,
iast (9.809 ms) : 9643, 9974
.   : milestone, 9809,
iast_FULL (14.123 ms) : 13832, 14414
.   : milestone, 14123,
iast_GLOBAL (11.219 ms) : 11018, 11421
.   : milestone, 11219,
profiling (9.215 ms) : 9068, 9362
.   : milestone, 9215,
tracing (7.889 ms) : 7772, 8006
.   : milestone, 7889,
section candidate
no_agent (4.296 ms) : 4245, 4347
.   : milestone, 4296,
iast (10.168 ms) : 9998, 10337
.   : milestone, 10168,
iast_FULL (14.248 ms) : 13968, 14528
.   : milestone, 14248,
iast_GLOBAL (10.904 ms) : 10707, 11100
.   : milestone, 10904,
profiling (8.804 ms) : 8663, 8946
.   : milestone, 8804,
tracing (7.695 ms) : 7576, 7814
.   : milestone, 7695,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.452 ms [4.401 ms, 4.503 ms]	-
iast	9.809 ms [9.643 ms, 9.974 ms]	5.357 ms (120.3%)
iast_FULL	14.123 ms [13.832 ms, 14.414 ms]	9.671 ms (217.2%)
iast_GLOBAL	11.219 ms [11.018 ms, 11.421 ms]	6.767 ms (152.0%)
profiling	9.215 ms [9.068 ms, 9.362 ms]	4.763 ms (107.0%)
tracing	7.889 ms [7.772 ms, 8.006 ms]	3.437 ms (77.2%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.296 ms [4.245 ms, 4.347 ms]	-
iast	10.168 ms [9.998 ms, 10.337 ms]	5.872 ms (136.7%)
iast_FULL	14.248 ms [13.968 ms, 14.528 ms]	9.952 ms (231.7%)
iast_GLOBAL	10.904 ms [10.707 ms, 11.1 ms]	6.608 ms (153.8%)
profiling	8.804 ms [8.663 ms, 8.946 ms]	4.508 ms (104.9%)
tracing	7.695 ms [7.576 ms, 7.814 ms]	3.399 ms (79.1%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.165 ms) : 36860, 37471
.   : milestone, 37165,
appsec (49.063 ms) : 48641, 49485
.   : milestone, 49063,
code_origins (45.402 ms) : 44997, 45808
.   : milestone, 45402,
iast (45.134 ms) : 44744, 45524
.   : milestone, 45134,
profiling (49.991 ms) : 49503, 50479
.   : milestone, 49991,
tracing (44.324 ms) : 43943, 44705
.   : milestone, 44324,
section candidate
no_agent (36.204 ms) : 35916, 36493
.   : milestone, 36204,
appsec (47.308 ms) : 46896, 47720
.   : milestone, 47308,
code_origins (43.411 ms) : 43033, 43790
.   : milestone, 43411,
iast (45.475 ms) : 45087, 45864
.   : milestone, 45475,
profiling (50.177 ms) : 49708, 50646
.   : milestone, 50177,
tracing (44.421 ms) : 44029, 44813
.   : milestone, 44421,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	37.165 ms [36.86 ms, 37.471 ms]	-
appsec	49.063 ms [48.641 ms, 49.485 ms]	11.897 ms (32.0%)
code_origins	45.402 ms [44.997 ms, 45.808 ms]	8.237 ms (22.2%)
iast	45.134 ms [44.744 ms, 45.524 ms]	7.968 ms (21.4%)
profiling	49.991 ms [49.503 ms, 50.479 ms]	12.825 ms (34.5%)
tracing	44.324 ms [43.943 ms, 44.705 ms]	7.158 ms (19.3%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	36.204 ms [35.916 ms, 36.493 ms]	-
appsec	47.308 ms [46.896 ms, 47.72 ms]	11.103 ms (30.7%)
code_origins	43.411 ms [43.033 ms, 43.79 ms]	7.207 ms (19.9%)
iast	45.475 ms [45.087 ms, 45.864 ms]	9.271 ms (25.6%)
profiling	50.177 ms [49.708 ms, 50.646 ms]	13.973 ms (38.6%)
tracing	44.421 ms [44.029 ms, 44.813 ms]	8.217 ms (22.7%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	dependabot/github_actions/gh-actions-packages-70be2d3a31
git_commit_date	1759434795	1759470470
git_commit_sha	730565b	b9dea8f
release_version	1.54.0-SNAPSHOT~730565b556	1.54.0-SNAPSHOT~b9dea8fc39

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1759472465	1759472465
ci_job_id	1161457318	1161457318
ci_pipeline_id	78270514	78270514
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-z5jigs3k 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-z5jigs3k 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.

scenario	Δ mean execution_time	candidate mean execution_time	baseline mean execution_time
scenario:dacapo:tomcat:appsec	better [-1.389ms; -1.047ms] or [-37.220%; -28.048%]	2.515ms	3.733ms

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.482 ms) : 1470, 1494
.   : milestone, 1482,
appsec (3.733 ms) : 3514, 3952
.   : milestone, 3733,
iast (2.211 ms) : 2148, 2275
.   : milestone, 2211,
iast_GLOBAL (2.258 ms) : 2195, 2322
.   : milestone, 2258,
profiling (2.054 ms) : 2003, 2105
.   : milestone, 2054,
tracing (2.02 ms) : 1971, 2069
.   : milestone, 2020,
section candidate
no_agent (1.478 ms) : 1466, 1489
.   : milestone, 1478,
appsec (2.515 ms) : 2462, 2568
.   : milestone, 2515,
iast (2.205 ms) : 2142, 2268
.   : milestone, 2205,
iast_GLOBAL (2.25 ms) : 2186, 2313
.   : milestone, 2250,
profiling (2.067 ms) : 2014, 2119
.   : milestone, 2067,
tracing (2.017 ms) : 1968, 2066
.   : milestone, 2017,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.482 ms [1.47 ms, 1.494 ms]	-
appsec	3.733 ms [3.514 ms, 3.952 ms]	2.251 ms (151.9%)
iast	2.211 ms [2.148 ms, 2.275 ms]	729.491 µs (49.2%)
iast_GLOBAL	2.258 ms [2.195 ms, 2.322 ms]	776.349 µs (52.4%)
profiling	2.054 ms [2.003 ms, 2.105 ms]	572.293 µs (38.6%)
tracing	2.02 ms [1.971 ms, 2.069 ms]	537.842 µs (36.3%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.478 ms [1.466 ms, 1.489 ms]	-
appsec	2.515 ms [2.462 ms, 2.568 ms]	1.037 ms (70.2%)
iast	2.205 ms [2.142 ms, 2.268 ms]	726.913 µs (49.2%)
iast_GLOBAL	2.25 ms [2.186 ms, 2.313 ms]	771.922 µs (52.2%)
profiling	2.067 ms [2.014 ms, 2.119 ms]	588.871 µs (39.8%)
tracing	2.017 ms [1.968 ms, 2.066 ms]	539.355 µs (36.5%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~b9dea8fc39, baseline=1.54.0-SNAPSHOT~730565b556
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.985 s) : 14985000, 14985000
.   : milestone, 14985000,
appsec (14.932 s) : 14932000, 14932000
.   : milestone, 14932000,
iast (18.501 s) : 18501000, 18501000
.   : milestone, 18501000,
iast_GLOBAL (18.093 s) : 18093000, 18093000
.   : milestone, 18093000,
profiling (15.405 s) : 15405000, 15405000
.   : milestone, 15405000,
tracing (15.289 s) : 15289000, 15289000
.   : milestone, 15289000,
section candidate
no_agent (14.952 s) : 14952000, 14952000
.   : milestone, 14952000,
appsec (14.915 s) : 14915000, 14915000
.   : milestone, 14915000,
iast (18.424 s) : 18424000, 18424000
.   : milestone, 18424000,
iast_GLOBAL (18.02 s) : 18020000, 18020000
.   : milestone, 18020000,
profiling (15.289 s) : 15289000, 15289000
.   : milestone, 15289000,
tracing (14.962 s) : 14962000, 14962000
.   : milestone, 14962000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.985 s [14.985 s, 14.985 s]	-
appsec	14.932 s [14.932 s, 14.932 s]	-53.0 ms (-0.4%)
iast	18.501 s [18.501 s, 18.501 s]	3.516 s (23.5%)
iast_GLOBAL	18.093 s [18.093 s, 18.093 s]	3.108 s (20.7%)
profiling	15.405 s [15.405 s, 15.405 s]	420.0 ms (2.8%)
tracing	15.289 s [15.289 s, 15.289 s]	304.0 ms (2.0%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.952 s [14.952 s, 14.952 s]	-
appsec	14.915 s [14.915 s, 14.915 s]	-37.0 ms (-0.2%)
iast	18.424 s [18.424 s, 18.424 s]	3.472 s (23.2%)
iast_GLOBAL	18.02 s [18.02 s, 18.02 s]	3.068 s (20.5%)
profiling	15.289 s [15.289 s, 15.289 s]	337.0 ms (2.3%)
tracing	14.962 s [14.962 s, 14.962 s]	10.0 ms (0.1%)

[datadog-datadog-prod-us1]

🎯 Code Coverage
• Patch Coverage: 100.00%
• Total Coverage: 57.97% (-0.02%)

View detailed report

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: b9dea8f | Docs | Was this helpful? Give us feedback!}

[PerfectSlayer]

Rewrote the history to rebase on master and sign commit.
Hopefully we should be able to merge it now.