Skip to content

Implementation of http client request analysis for OkHttp3 #9654

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Implementation of http client request analysis for OkHttp3 #9654

wants to merge 1 commit into from
+343 −33

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Oct 2, 2025
edited by atlassian bot
Loading

What Does This Do

Adds support for downstream HTTP request and response analysis in the OkHttp3 client instrumentation.

Motivation

Enable AppSec to analyze outbound requests made through OkHttp3. This expands coverage for API security and SSRF protections, while supporting downstream traffic inspection with configurable sampling.

Additional Notes

RFC

Contributor Checklist

Jira ticket: APPSEC-58613

@manuel-alvarez-alvarez manuel-alvarez-alvarez added type: enhancement Enhancements and improvements inst: others All other instrumentations comp: asm waf Application Security Management (WAF) labels Oct 2, 2025
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review October 2, 2025 12:30
@manuel-alvarez-alvarez manuel-alvarez-alvarez requested review from a team as code owners October 2, 2025 12:30
@datadog-datadog-prod-us1
Copy link
Contributor

datadog-datadog-prod-us1 bot commented Oct 2, 2025
edited by datadog-official bot
Loading

🎯 Code Coverage
Patch Coverage: 100.00%
Total Coverage: 68.73% (+10.75%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 31dd984 | Docs | Was this helpful? Give us feedback!

@pr-commenter
Copy link

pr-commenter bot commented Oct 2, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-okhttp3
git_commit_date 1759475869 1759476001
git_commit_sha c442de6 31dd984
release_version 1.54.0-SNAPSHOT~c442de6541 1.54.0-SNAPSHOT~31dd984c23
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1759477780 1759477780
ci_job_id 1161497282 1161497282
ci_pipeline_id 78272949 78272949
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-2-2a593uze 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-2-2a593uze 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 58 metrics, 7 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.02 s) : 0, 1020306
Total [baseline] (8.667 s) : 0, 8666585
Agent [candidate] (1.039 s) : 0, 1038741
Total [candidate] (8.71 s) : 0, 8710353
section iast
Agent [baseline] (1.153 s) : 0, 1152725
Total [baseline] (9.313 s) : 0, 9312628
Agent [candidate] (1.153 s) : 0, 1153031
Total [candidate] (9.271 s) : 0, 9270506
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.02 s -
Agent iast 1.153 s 132.418 ms (13.0%)
Total tracing 8.667 s -
Total iast 9.313 s 646.043 ms (7.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.039 s -
Agent iast 1.153 s 114.289 ms (11.0%)
Total tracing 8.71 s -
Total iast 9.271 s 560.153 ms (6.4%) 
gantt
    title insecure-bank - break down per module: candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.472 ms) : 0, 1472
crashtracking [candidate] (1.499 ms) : 0, 1499
BytebuddyAgent [baseline] (694.764 ms) : 0, 694764
BytebuddyAgent [candidate] (705.957 ms) : 0, 705957
GlobalTracer [baseline] (243.277 ms) : 0, 243277
GlobalTracer [candidate] (247.699 ms) : 0, 247699
AppSec [baseline] (32.408 ms) : 0, 32408
AppSec [candidate] (33.53 ms) : 0, 33530
Debugger [baseline] (6.33 ms) : 0, 6330
Debugger [candidate] (6.542 ms) : 0, 6542
Remote Config [baseline] (663.44 µs) : 0, 663
Remote Config [candidate] (692.771 µs) : 0, 693
Telemetry [baseline] (9.315 ms) : 0, 9315
Telemetry [candidate] (9.518 ms) : 0, 9518
Flare Poller [baseline] (10.889 ms) : 0, 10889
Flare Poller [candidate] (11.849 ms) : 0, 11849
section iast
crashtracking [baseline] (1.461 ms) : 0, 1461
crashtracking [candidate] (1.46 ms) : 0, 1460
BytebuddyAgent [baseline] (815.558 ms) : 0, 815558
BytebuddyAgent [candidate] (815.319 ms) : 0, 815319
GlobalTracer [baseline] (233.694 ms) : 0, 233694
GlobalTracer [candidate] (233.683 ms) : 0, 233683
AppSec [baseline] (34.918 ms) : 0, 34918
AppSec [candidate] (35.595 ms) : 0, 35595
Debugger [baseline] (6.148 ms) : 0, 6148
Debugger [candidate] (6.114 ms) : 0, 6114
Remote Config [baseline] (590.896 µs) : 0, 591
Remote Config [candidate] (592.295 µs) : 0, 592
Telemetry [baseline] (8.548 ms) : 0, 8548
Telemetry [candidate] (8.56 ms) : 0, 8560
Flare Poller [baseline] (4.21 ms) : 0, 4210
Flare Poller [candidate] (4.189 ms) : 0, 4189
IAST [baseline] (26.315 ms) : 0, 26315
IAST [candidate] (26.361 ms) : 0, 26361
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.021 s) : 0, 1021361
Total [baseline] (10.772 s) : 0, 10771643
Agent [candidate] (1.021 s) : 0, 1021237
Total [candidate] (10.746 s) : 0, 10746033
section appsec
Agent [baseline] (1.195 s) : 0, 1194591
Total [baseline] (11.05 s) : 0, 11050381
Agent [candidate] (1.194 s) : 0, 1194296
Total [candidate] (11.039 s) : 0, 11039012
section iast
Agent [baseline] (1.161 s) : 0, 1161056
Total [baseline] (10.966 s) : 0, 10965504
Agent [candidate] (1.165 s) : 0, 1164809
Total [candidate] (10.971 s) : 0, 10970837
section profiling
Agent [baseline] (1.164 s) : 0, 1164087
Total [baseline] (11.094 s) : 0, 11094258
Agent [candidate] (1.165 s) : 0, 1165455
Total [candidate] (11.03 s) : 0, 11030130
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.021 s -
Agent appsec 1.195 s 173.231 ms (17.0%)
Agent iast 1.161 s 139.695 ms (13.7%)
Agent profiling 1.164 s 142.727 ms (14.0%)
Total tracing 10.772 s -
Total appsec 11.05 s 278.738 ms (2.6%)
Total iast 10.966 s 193.86 ms (1.8%)
Total profiling 11.094 s 322.614 ms (3.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.021 s -
Agent appsec 1.194 s 173.059 ms (16.9%)
Agent iast 1.165 s 143.572 ms (14.1%)
Agent profiling 1.165 s 144.218 ms (14.1%)
Total tracing 10.746 s -
Total appsec 11.039 s 292.979 ms (2.7%)
Total iast 10.971 s 224.804 ms (2.1%)
Total profiling 11.03 s 284.097 ms (2.6%) 
gantt
    title petclinic - break down per module: candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.462 ms) : 0, 1462
crashtracking [candidate] (1.462 ms) : 0, 1462
BytebuddyAgent [baseline] (695.156 ms) : 0, 695156
BytebuddyAgent [candidate] (695.92 ms) : 0, 695920
GlobalTracer [baseline] (243.968 ms) : 0, 243968
GlobalTracer [candidate] (243.695 ms) : 0, 243695
AppSec [baseline] (32.966 ms) : 0, 32966
AppSec [candidate] (32.54 ms) : 0, 32540
Debugger [baseline] (6.383 ms) : 0, 6383
Debugger [candidate] (6.37 ms) : 0, 6370
Remote Config [baseline] (704.697 µs) : 0, 705
Remote Config [candidate] (666.676 µs) : 0, 667
Telemetry [baseline] (9.422 ms) : 0, 9422
Telemetry [candidate] (9.291 ms) : 0, 9291
Flare Poller [baseline] (10.056 ms) : 0, 10056
Flare Poller [candidate] (10.039 ms) : 0, 10039
section appsec
crashtracking [baseline] (1.46 ms) : 0, 1460
crashtracking [candidate] (1.467 ms) : 0, 1467
BytebuddyAgent [baseline] (717.247 ms) : 0, 717247
BytebuddyAgent [candidate] (717.346 ms) : 0, 717346
GlobalTracer [baseline] (235.638 ms) : 0, 235638
GlobalTracer [candidate] (235.608 ms) : 0, 235608
IAST [baseline] (25.099 ms) : 0, 25099
IAST [candidate] (24.808 ms) : 0, 24808
AppSec [baseline] (173.127 ms) : 0, 173127
AppSec [candidate] (173.258 ms) : 0, 173258
Debugger [baseline] (6.09 ms) : 0, 6090
Debugger [candidate] (6.088 ms) : 0, 6088
Remote Config [baseline] (636.07 µs) : 0, 636
Remote Config [candidate] (624.954 µs) : 0, 625
Telemetry [baseline] (9.395 ms) : 0, 9395
Telemetry [candidate] (10.026 ms) : 0, 10026
Flare Poller [baseline] (4.804 ms) : 0, 4804
Flare Poller [candidate] (3.983 ms) : 0, 3983
section iast
crashtracking [baseline] (1.496 ms) : 0, 1496
crashtracking [candidate] (1.477 ms) : 0, 1477
BytebuddyAgent [baseline] (821.639 ms) : 0, 821639
BytebuddyAgent [candidate] (823.984 ms) : 0, 823984
GlobalTracer [baseline] (235.152 ms) : 0, 235152
GlobalTracer [candidate] (235.972 ms) : 0, 235972
IAST [baseline] (26.434 ms) : 0, 26434
IAST [candidate] (26.696 ms) : 0, 26696
AppSec [baseline] (35.444 ms) : 0, 35444
AppSec [candidate] (35.513 ms) : 0, 35513
Debugger [baseline] (6.148 ms) : 0, 6148
Debugger [candidate] (6.226 ms) : 0, 6226
Remote Config [baseline] (599.697 µs) : 0, 600
Remote Config [candidate] (625.583 µs) : 0, 626
Telemetry [baseline] (8.537 ms) : 0, 8537
Telemetry [candidate] (8.787 ms) : 0, 8787
Flare Poller [baseline] (4.237 ms) : 0, 4237
Flare Poller [candidate] (4.252 ms) : 0, 4252
section profiling
crashtracking [baseline] (1.423 ms) : 0, 1423
crashtracking [candidate] (1.414 ms) : 0, 1414
BytebuddyAgent [baseline] (722.784 ms) : 0, 722784
BytebuddyAgent [candidate] (722.931 ms) : 0, 722931
GlobalTracer [baseline] (219.058 ms) : 0, 219058
GlobalTracer [candidate] (219.593 ms) : 0, 219593
AppSec [baseline] (32.743 ms) : 0, 32743
AppSec [candidate] (32.825 ms) : 0, 32825
Debugger [baseline] (6.516 ms) : 0, 6516
Debugger [candidate] (6.472 ms) : 0, 6472
Remote Config [baseline] (768.587 µs) : 0, 769
Remote Config [candidate] (791.544 µs) : 0, 792
Telemetry [baseline] (16.826 ms) : 0, 16826
Telemetry [candidate] (16.706 ms) : 0, 16706
Flare Poller [baseline] (4.107 ms) : 0, 4107
Flare Poller [candidate] (4.223 ms) : 0, 4223
ProfilingAgent [baseline] (106.874 ms) : 0, 106874
ProfilingAgent [candidate] (107.658 ms) : 0, 107658
Profiling [baseline] (107.987 ms) : 0, 107987
Profiling [candidate] (108.588 ms) : 0, 108588
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-okhttp3
git_commit_date 1759475869 1759476001
git_commit_sha c442de6 31dd984
release_version 1.54.0-SNAPSHOT~c442de6541 1.54.0-SNAPSHOT~31dd984c23
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1759477513 1759477513
ci_job_id 1161497283 1161497283
ci_pipeline_id 78272949 78272949
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-3-i4oh673b 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-3-i4oh673b 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 3 performance regressions! Performance is the same for 8 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:iast_FULL:high_load worse
[+0.785ms; +1.411ms] or [+5.617%; +10.100%]		 unstable
[-64.028op/s; +15.653op/s] or [-19.190%; +4.691%]		 15.064ms 309.469op/s 13.967ms 333.656op/s
scenario:load:insecure-bank:iast:high_load better
[-582.465µs; -235.977µs] or [-5.855%; -2.372%]		 unstable
[-39.804op/s; +79.554op/s] or [-8.524%; +17.036%]		 9.539ms 486.844op/s 9.948ms 466.969op/s
scenario:load:insecure-bank:profiling:high_load worse
[+470.870µs; +769.691µs] or [+5.466%; +8.934%]		 unstable
[-106.626op/s; +35.564op/s] or [-19.807%; +6.606%]		 9.235ms 502.781op/s 8.615ms 538.312op/s
scenario:load:petclinic:iast:high_load worse
[+2.555ms; +3.425ms] or [+5.763%; +7.724%]		 unstable
[-14.332op/s; +1.082op/s] or [-13.588%; +1.026%]		 47.334ms 98.850op/s 44.344ms 105.475op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.339 ms) : 4283, 4395
.   : milestone, 4339,
iast (9.948 ms) : 9784, 10112
.   : milestone, 9948,
iast_FULL (13.967 ms) : 13687, 14246
.   : milestone, 13967,
iast_GLOBAL (10.681 ms) : 10493, 10870
.   : milestone, 10681,
profiling (8.615 ms) : 8480, 8750
.   : milestone, 8615,
tracing (7.752 ms) : 7634, 7870
.   : milestone, 7752,
section candidate
no_agent (4.228 ms) : 4181, 4276
.   : milestone, 4228,
iast (9.539 ms) : 9381, 9697
.   : milestone, 9539,
iast_FULL (15.064 ms) : 14763, 15366
.   : milestone, 15064,
iast_GLOBAL (10.62 ms) : 10428, 10812
.   : milestone, 10620,
profiling (9.235 ms) : 9093, 9377
.   : milestone, 9235,
tracing (7.75 ms) : 7632, 7867
.   : milestone, 7750,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.339 ms [4.283 ms, 4.395 ms] -
iast 9.948 ms [9.784 ms, 10.112 ms] 5.609 ms (129.3%)
iast_FULL 13.967 ms [13.687 ms, 14.246 ms] 9.627 ms (221.9%)
iast_GLOBAL 10.681 ms [10.493 ms, 10.87 ms] 6.342 ms (146.2%)
profiling 8.615 ms [8.48 ms, 8.75 ms] 4.276 ms (98.5%)
tracing 7.752 ms [7.634 ms, 7.87 ms] 3.413 ms (78.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.228 ms [4.181 ms, 4.276 ms] -
iast 9.539 ms [9.381 ms, 9.697 ms] 5.311 ms (125.6%)
iast_FULL 15.064 ms [14.763 ms, 15.366 ms] 10.836 ms (256.3%)
iast_GLOBAL 10.62 ms [10.428 ms, 10.812 ms] 6.391 ms (151.2%)
profiling 9.235 ms [9.093 ms, 9.377 ms] 5.007 ms (118.4%)
tracing 7.75 ms [7.632 ms, 7.867 ms] 3.521 ms (83.3%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.192 ms) : 36897, 37487
.   : milestone, 37192,
appsec (48.232 ms) : 47808, 48656
.   : milestone, 48232,
code_origins (44.39 ms) : 43999, 44781
.   : milestone, 44390,
iast (44.344 ms) : 43956, 44731
.   : milestone, 44344,
profiling (47.351 ms) : 46898, 47804
.   : milestone, 47351,
tracing (44.365 ms) : 43999, 44731
.   : milestone, 44365,
section candidate
no_agent (36.427 ms) : 36128, 36725
.   : milestone, 36427,
appsec (49.032 ms) : 48594, 49471
.   : milestone, 49032,
code_origins (43.929 ms) : 43550, 44309
.   : milestone, 43929,
iast (47.334 ms) : 46914, 47754
.   : milestone, 47334,
profiling (47.494 ms) : 47049, 47938
.   : milestone, 47494,
tracing (44.805 ms) : 44426, 45184
.   : milestone, 44805,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.192 ms [36.897 ms, 37.487 ms] -
appsec 48.232 ms [47.808 ms, 48.656 ms] 11.04 ms (29.7%)
code_origins 44.39 ms [43.999 ms, 44.781 ms] 7.198 ms (19.4%)
iast 44.344 ms [43.956 ms, 44.731 ms] 7.152 ms (19.2%)
profiling 47.351 ms [46.898 ms, 47.804 ms] 10.159 ms (27.3%)
tracing 44.365 ms [43.999 ms, 44.731 ms] 7.173 ms (19.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.427 ms [36.128 ms, 36.725 ms] -
appsec 49.032 ms [48.594 ms, 49.471 ms] 12.606 ms (34.6%)
code_origins 43.929 ms [43.55 ms, 44.309 ms] 7.503 ms (20.6%)
iast 47.334 ms [46.914 ms, 47.754 ms] 10.908 ms (29.9%)
profiling 47.494 ms [47.049 ms, 47.938 ms] 11.067 ms (30.4%)
tracing 44.805 ms [44.426 ms, 45.184 ms] 8.378 ms (23.0%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-okhttp3
git_commit_date 1759475869 1759476001
git_commit_sha c442de6 31dd984
release_version 1.54.0-SNAPSHOT~c442de6541 1.54.0-SNAPSHOT~31dd984c23
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1759478039 1759478039
ci_job_id 1161497284 1161497284
ci_pipeline_id 78272949 78272949
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-41pctalo 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-41pctalo 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:dacapo:tomcat:appsec better
[-1.416ms; -1.073ms] or [-38.004%; -28.807%]		 2.481ms 3.725ms
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.478 ms) : 1467, 1490
.   : milestone, 1478,
appsec (3.725 ms) : 3506, 3944
.   : milestone, 3725,
iast (2.222 ms) : 2157, 2286
.   : milestone, 2222,
iast_GLOBAL (2.268 ms) : 2203, 2333
.   : milestone, 2268,
profiling (2.084 ms) : 2031, 2138
.   : milestone, 2084,
tracing (2.04 ms) : 1990, 2091
.   : milestone, 2040,
section candidate
no_agent (1.48 ms) : 1469, 1492
.   : milestone, 1480,
appsec (2.481 ms) : 2428, 2533
.   : milestone, 2481,
iast (2.224 ms) : 2159, 2288
.   : milestone, 2224,
iast_GLOBAL (2.255 ms) : 2191, 2320
.   : milestone, 2255,
profiling (2.056 ms) : 2004, 2108
.   : milestone, 2056,
tracing (2.03 ms) : 1979, 2080
.   : milestone, 2030,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.478 ms [1.467 ms, 1.49 ms] -
appsec 3.725 ms [3.506 ms, 3.944 ms] 2.247 ms (152.0%)
iast 2.222 ms [2.157 ms, 2.286 ms] 743.377 µs (50.3%)
iast_GLOBAL 2.268 ms [2.203 ms, 2.333 ms] 789.874 µs (53.4%)
profiling 2.084 ms [2.031 ms, 2.138 ms] 605.855 µs (41.0%)
tracing 2.04 ms [1.99 ms, 2.091 ms] 561.906 µs (38.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.48 ms [1.469 ms, 1.492 ms] -
appsec 2.481 ms [2.428 ms, 2.533 ms] 1.0 ms (67.6%)
iast 2.224 ms [2.159 ms, 2.288 ms] 743.31 µs (50.2%)
iast_GLOBAL 2.255 ms [2.191 ms, 2.32 ms] 774.966 µs (52.3%)
profiling 2.056 ms [2.004 ms, 2.108 ms] 575.546 µs (38.9%)
tracing 2.03 ms [1.979 ms, 2.08 ms] 549.086 µs (37.1%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~31dd984c23, baseline=1.54.0-SNAPSHOT~c442de6541
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.029 s) : 15029000, 15029000
.   : milestone, 15029000,
appsec (14.972 s) : 14972000, 14972000
.   : milestone, 14972000,
iast (18.367 s) : 18367000, 18367000
.   : milestone, 18367000,
iast_GLOBAL (18.235 s) : 18235000, 18235000
.   : milestone, 18235000,
profiling (15.493 s) : 15493000, 15493000
.   : milestone, 15493000,
tracing (15.057 s) : 15057000, 15057000
.   : milestone, 15057000,
section candidate
no_agent (14.814 s) : 14814000, 14814000
.   : milestone, 14814000,
appsec (15.069 s) : 15069000, 15069000
.   : milestone, 15069000,
iast (18.671 s) : 18671000, 18671000
.   : milestone, 18671000,
iast_GLOBAL (18.0 s) : 18000000, 18000000
.   : milestone, 18000000,
profiling (15.296 s) : 15296000, 15296000
.   : milestone, 15296000,
tracing (14.916 s) : 14916000, 14916000
.   : milestone, 14916000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.029 s [15.029 s, 15.029 s] -
appsec 14.972 s [14.972 s, 14.972 s] -57.0 ms (-0.4%)
iast 18.367 s [18.367 s, 18.367 s] 3.338 s (22.2%)
iast_GLOBAL 18.235 s [18.235 s, 18.235 s] 3.206 s (21.3%)
profiling 15.493 s [15.493 s, 15.493 s] 464.0 ms (3.1%)
tracing 15.057 s [15.057 s, 15.057 s] 28.0 ms (0.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.814 s [14.814 s, 14.814 s] -
appsec 15.069 s [15.069 s, 15.069 s] 255.0 ms (1.7%)
iast 18.671 s [18.671 s, 18.671 s] 3.857 s (26.0%)
iast_GLOBAL 18.0 s [18.0 s, 18.0 s] 3.186 s (21.5%)
profiling 15.296 s [15.296 s, 15.296 s] 482.0 ms (3.3%)
tracing 14.916 s [14.916 s, 14.916 s] 102.0 ms (0.7%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-downstream-okhttp3 branch from 843aa9a to 31dd984 Compare October 3, 2025 07:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smola smola Awaiting requested review from smola smola is a code owner automatically assigned from DataDog/asm-java

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 is a code owner automatically assigned from DataDog/asm-java

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) inst: others All other instrumentations type: enhancement Enhancements and improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@manuel-alvarez-alvarez