Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Bump the gh-actions-packages group with 3 updates #8755

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 2, 2025
Merged

Bump the gh-actions-packages group with 3 updates #8755

merged 1 commit into from
May 2, 2025
+5 −5

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2025

Bumps the gh-actions-packages group with 3 updates: planetscale/ghcommit-action, actions/cache and github/codeql-action.

Updates planetscale/ghcommit-action from 0.2.10 to 0.2.13

Release notes

Sourced from planetscale/ghcommit-action's releases.

v0.2.13

What's Changed

🏕 Changes

Full Changelog: planetscale/ghcommit-action@v0.2.12...v0.2.13

v0.2.12

What's Changed

🏕 Changes

Full Changelog: planetscale/ghcommit-action@v0.2.11...v0.2.12

v0.2.11

What's Changed

🏕 Changes

Full Changelog: planetscale/ghcommit-action@v0.2.10...v0.2.11

Commits
  • 5b20c92 🤖 Bump version in Dockerfile
  • 28f4652 Merge pull request #108 from planetscale/renovate/all-minor-patch-digest
  • e02dc0e chore(deps): update all non-major dependencies
  • ad67f0d 🤖 Bump version in Dockerfile
  • 326d179 Merge pull request #107 from planetscale/renovate/all-minor-patch-digest
  • 65ad0f5 chore(deps): update all non-major dependencies
  • cfc84b2 🤖 Bump version in Dockerfile
  • 574c5d1 Merge pull request #106 from planetscale/renovate/all-minor-patch-digest
  • e805c36 chore(deps): update ghcr.io/planetscale/ghcommit docker tag to v0.1.66
  • f11ca55 chore(deps): update planetscale/ghcommit-action action to v0.2.10 (#105)
  • See full diff in compare view

Updates actions/cache from 4.2.2 to 4.2.3

Release notes

Sourced from actions/cache's releases.

v4.2.3

What's Changed

  • Update to use @​actions/cache 4.0.3 package & prepare for new release by @​salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

Full Changelog: actions/cache@v4.2.2...v4.2.3

Changelog

Sourced from actions/cache's changelog.

Releases

4.2.3

  • Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

  • Bump @actions/cache to v4.0.2

4.2.1

  • Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

  • Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
  • Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

  • Restore original behavior of cache-hit output - #1467

4.1.0

  • Ensure cache-hit output is set when a cache is missed - #1404
  • Deprecate save-always input - #1452

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

... (truncated)

Commits

Updates github/codeql-action from 3.28.13 to 3.28.16

Release notes

Sourced from github/codeql-action's releases.

v3.28.16

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

See the full CHANGELOG.md for more information.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

  • Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

... (truncated)

Commits
  • 28deaed Merge pull request #2865 from github/update-v3.28.16-2a8cbadc0
  • 03c5d71 Update changelog for v3.28.16
  • 2a8cbad Merge pull request #2863 from github/update-bundle/codeql-bundle-v2.21.1
  • f76eaf5 Add changelog note
  • e63b3f5 Update default bundle to codeql-bundle-v2.21.1
  • 4c3e536 Merge pull request #2853 from github/dependabot/npm_and_yarn/npm-7d84c66b66
  • 56dd02f Merge pull request #2852 from github/dependabot/github_actions/actions-457587...
  • 192406d Merge branch 'main' into dependabot/github_actions/actions-4575878e06
  • c7dbb20 Merge pull request #2857 from github/nickfyson/address-vulns
  • 9a45cd8 move use of input variables into env vars
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gh-actions-packages group with 3 updates
3f1c705 
Bumps the gh-actions-packages group with 3 updates: [planetscale/ghcommit-action](https://github.com/planetscale/ghcommit-action), [actions/cache](https://github.com/actions/cache) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `planetscale/ghcommit-action` from 0.2.10 to 0.2.13
- [Release notes](https://github.com/planetscale/ghcommit-action/releases)
- [Commits](planetscale/ghcommit-action@b1cac81...5b20c92)

Updates `actions/cache` from 4.2.2 to 4.2.3
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v4.2.2...5a3ec84)

Updates `github/codeql-action` from 3.28.13 to 3.28.16
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@1b549b9...28deaed)

---
updated-dependencies:
- dependency-name: planetscale/ghcommit-action
  dependency-version: 0.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: actions/cache
  dependency-version: 4.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: github/codeql-action
  dependency-version: 3.28.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner May 1, 2025 17:33
@dependabot dependabot bot requested a review from dougqh May 1, 2025 17:33
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 1, 2025
edited
Loading

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@pr-commenter
Copy link

pr-commenter bot commented May 1, 2025

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-af5240faf8
git_commit_date 1746034824 1746120784
git_commit_sha b445667 3f1c705
release_version 1.49.0-SNAPSHOT~b445667208 1.49.0-SNAPSHOT~3f1c705ef8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1746123965 1746123965
ci_job_id 920708080 920708080
ci_pipeline_id 63885046 63885046
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-stvtq5db-project-304-concurrent-0-5ft4dw7j 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-stvtq5db-project-304-concurrent-0-5ft4dw7j 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 62 metrics, 9 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.013 s) : 0, 1012784
Total [baseline] (8.648 s) : 0, 8648312
Agent [candidate] (1.012 s) : 0, 1012474
Total [candidate] (8.666 s) : 0, 8666433
section iast
Agent [baseline] (1.142 s) : 0, 1142143
Total [baseline] (9.191 s) : 0, 9190923
Agent [candidate] (1.138 s) : 0, 1137849
Total [candidate] (9.236 s) : 0, 9235783
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.152 s) : 0, 1151804
Total [baseline] (9.195 s) : 0, 9194757
Agent [candidate] (1.136 s) : 0, 1135533
Total [candidate] (9.157 s) : 0, 9156515
section iast_TELEMETRY_OFF
Agent [baseline] (1.134 s) : 0, 1134373
Total [baseline] (9.206 s) : 0, 9205761
Agent [candidate] (1.156 s) : 0, 1156126
Total [candidate] (9.284 s) : 0, 9283868
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.013 s -
Agent iast 1.142 s 129.359 ms (12.8%)
Agent iast_HARDCODED_SECRET_DISABLED 1.152 s 139.02 ms (13.7%)
Agent iast_TELEMETRY_OFF 1.134 s 121.589 ms (12.0%)
Total tracing 8.648 s -
Total iast 9.191 s 542.611 ms (6.3%)
Total iast_HARDCODED_SECRET_DISABLED 9.195 s 546.445 ms (6.3%)
Total iast_TELEMETRY_OFF 9.206 s 557.449 ms (6.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.012 s -
Agent iast 1.138 s 125.375 ms (12.4%)
Agent iast_HARDCODED_SECRET_DISABLED 1.136 s 123.059 ms (12.2%)
Agent iast_TELEMETRY_OFF 1.156 s 143.652 ms (14.2%)
Total tracing 8.666 s -
Total iast 9.236 s 569.351 ms (6.6%)
Total iast_HARDCODED_SECRET_DISABLED 9.157 s 490.083 ms (5.7%)
Total iast_TELEMETRY_OFF 9.284 s 617.436 ms (7.1%) 
gantt
    title insecure-bank - break down per module: candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (675.617 ms) : 0, 675617
BytebuddyAgent [candidate] (675.557 ms) : 0, 675557
GlobalTracer [baseline] (241.727 ms) : 0, 241727
GlobalTracer [candidate] (241.037 ms) : 0, 241037
AppSec [baseline] (55.014 ms) : 0, 55014
AppSec [candidate] (54.839 ms) : 0, 54839
Debugger [baseline] (6.239 ms) : 0, 6239
Debugger [candidate] (6.876 ms) : 0, 6876
Remote Config [baseline] (715.486 µs) : 0, 715
Remote Config [candidate] (699.647 µs) : 0, 700
Telemetry [baseline] (9.96 ms) : 0, 9960
Telemetry [candidate] (9.889 ms) : 0, 9889
section iast
BytebuddyAgent [baseline] (794.373 ms) : 0, 794373
BytebuddyAgent [candidate] (790.326 ms) : 0, 790326
GlobalTracer [baseline] (230.607 ms) : 0, 230607
GlobalTracer [candidate] (230.421 ms) : 0, 230421
IAST [baseline] (22.92 ms) : 0, 22920
IAST [candidate] (22.802 ms) : 0, 22802
AppSec [baseline] (56.383 ms) : 0, 56383
AppSec [candidate] (56.428 ms) : 0, 56428
Debugger [baseline] (5.924 ms) : 0, 5924
Debugger [candidate] (5.926 ms) : 0, 5926
Remote Config [baseline] (600.388 µs) : 0, 600
Remote Config [candidate] (581.32 µs) : 0, 581
Telemetry [baseline] (7.881 ms) : 0, 7881
Telemetry [candidate] (7.982 ms) : 0, 7982
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (801.254 ms) : 0, 801254
BytebuddyAgent [candidate] (789.231 ms) : 0, 789231
GlobalTracer [baseline] (232.215 ms) : 0, 232215
GlobalTracer [candidate] (229.589 ms) : 0, 229589
IAST [baseline] (24.084 ms) : 0, 24084
IAST [candidate] (22.767 ms) : 0, 22767
AppSec [baseline] (56.071 ms) : 0, 56071
AppSec [candidate] (56.346 ms) : 0, 56346
Debugger [baseline] (5.957 ms) : 0, 5957
Debugger [candidate] (5.858 ms) : 0, 5858
Remote Config [baseline] (596.344 µs) : 0, 596
Remote Config [candidate] (586.112 µs) : 0, 586
Telemetry [baseline] (7.951 ms) : 0, 7951
Telemetry [candidate] (7.837 ms) : 0, 7837
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (788.087 ms) : 0, 788087
BytebuddyAgent [candidate] (803.971 ms) : 0, 803971
GlobalTracer [baseline] (229.607 ms) : 0, 229607
GlobalTracer [candidate] (233.453 ms) : 0, 233453
IAST [baseline] (22.238 ms) : 0, 22238
IAST [candidate] (22.868 ms) : 0, 22868
AppSec [baseline] (56.715 ms) : 0, 56715
AppSec [candidate] (57.331 ms) : 0, 57331
Debugger [baseline] (6.018 ms) : 0, 6018
Debugger [candidate] (6.101 ms) : 0, 6101
Remote Config [baseline] (610.749 µs) : 0, 611
Remote Config [candidate] (630.767 µs) : 0, 631
Telemetry [baseline] (7.761 ms) : 0, 7761
Telemetry [candidate] (7.99 ms) : 0, 7990
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.004 s) : 0, 1004186
Total [baseline] (10.451 s) : 0, 10451489
Agent [candidate] (1.009 s) : 0, 1009399
Total [candidate] (10.493 s) : 0, 10493386
section appsec
Agent [baseline] (1.151 s) : 0, 1151368
Total [baseline] (10.683 s) : 0, 10683240
Agent [candidate] (1.148 s) : 0, 1148242
Total [candidate] (10.677 s) : 0, 10677141
section iast
Agent [baseline] (1.144 s) : 0, 1143864
Total [baseline] (10.832 s) : 0, 10832378
Agent [candidate] (1.136 s) : 0, 1135504
Total [candidate] (10.825 s) : 0, 10825148
section profiling
Agent [baseline] (1.256 s) : 0, 1256363
Total [baseline] (10.824 s) : 0, 10824066
Agent [candidate] (1.262 s) : 0, 1262481
Total [candidate] (10.845 s) : 0, 10845255
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.004 s -
Agent appsec 1.151 s 147.182 ms (14.7%)
Agent iast 1.144 s 139.678 ms (13.9%)
Agent profiling 1.256 s 252.177 ms (25.1%)
Total tracing 10.451 s -
Total appsec 10.683 s 231.752 ms (2.2%)
Total iast 10.832 s 380.889 ms (3.6%)
Total profiling 10.824 s 372.578 ms (3.6%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.009 s -
Agent appsec 1.148 s 138.842 ms (13.8%)
Agent iast 1.136 s 126.105 ms (12.5%)
Agent profiling 1.262 s 253.082 ms (25.1%)
Total tracing 10.493 s -
Total appsec 10.677 s 183.755 ms (1.8%)
Total iast 10.825 s 331.761 ms (3.2%)
Total profiling 10.845 s 351.868 ms (3.4%) 
gantt
    title petclinic - break down per module: candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (669.123 ms) : 0, 669123
BytebuddyAgent [candidate] (673.28 ms) : 0, 673280
GlobalTracer [baseline] (239.634 ms) : 0, 239634
GlobalTracer [candidate] (239.689 ms) : 0, 239689
AppSec [baseline] (54.613 ms) : 0, 54613
AppSec [candidate] (54.551 ms) : 0, 54551
Debugger [baseline] (6.882 ms) : 0, 6882
Debugger [candidate] (6.156 ms) : 0, 6156
Remote Config [baseline] (707.59 µs) : 0, 708
Remote Config [candidate] (703.238 µs) : 0, 703
Telemetry [baseline] (9.796 ms) : 0, 9796
Telemetry [candidate] (11.463 ms) : 0, 11463
section appsec
BytebuddyAgent [baseline] (689.947 ms) : 0, 689947
BytebuddyAgent [candidate] (687.749 ms) : 0, 687749
GlobalTracer [baseline] (236.74 ms) : 0, 236740
GlobalTracer [candidate] (236.296 ms) : 0, 236296
AppSec [baseline] (175.559 ms) : 0, 175559
AppSec [candidate] (175.565 ms) : 0, 175565
Debugger [baseline] (5.899 ms) : 0, 5899
Debugger [candidate] (5.842 ms) : 0, 5842
Remote Config [baseline] (644.171 µs) : 0, 644
Remote Config [candidate] (633.667 µs) : 0, 634
Telemetry [baseline] (8.138 ms) : 0, 8138
Telemetry [candidate] (7.778 ms) : 0, 7778
IAST [baseline] (21.962 ms) : 0, 21962
IAST [candidate] (21.788 ms) : 0, 21788
section iast
BytebuddyAgent [baseline] (795.68 ms) : 0, 795680
BytebuddyAgent [candidate] (789.094 ms) : 0, 789094
GlobalTracer [baseline] (230.964 ms) : 0, 230964
GlobalTracer [candidate] (229.44 ms) : 0, 229440
AppSec [baseline] (56.458 ms) : 0, 56458
AppSec [candidate] (56.344 ms) : 0, 56344
Debugger [baseline] (5.889 ms) : 0, 5889
Debugger [candidate] (5.945 ms) : 0, 5945
Remote Config [baseline] (605.411 µs) : 0, 605
Remote Config [candidate] (581.985 µs) : 0, 582
Telemetry [baseline] (7.901 ms) : 0, 7901
Telemetry [candidate] (7.939 ms) : 0, 7939
IAST [baseline] (22.878 ms) : 0, 22878
IAST [candidate] (22.682 ms) : 0, 22682
section profiling
BytebuddyAgent [baseline] (662.176 ms) : 0, 662176
BytebuddyAgent [candidate] (664.983 ms) : 0, 664983
GlobalTracer [baseline] (377.973 ms) : 0, 377973
GlobalTracer [candidate] (380.697 ms) : 0, 380697
AppSec [baseline] (53.879 ms) : 0, 53879
AppSec [candidate] (54.155 ms) : 0, 54155
Debugger [baseline] (6.87 ms) : 0, 6870
Debugger [candidate] (6.188 ms) : 0, 6188
Remote Config [baseline] (675.79 µs) : 0, 676
Remote Config [candidate] (684.296 µs) : 0, 684
Telemetry [baseline] (8.217 ms) : 0, 8217
Telemetry [candidate] (8.243 ms) : 0, 8243
ProfilingAgent [baseline] (96.535 ms) : 0, 96535
ProfilingAgent [candidate] (97.095 ms) : 0, 97095
Profiling [baseline] (96.559 ms) : 0, 96559
Profiling [candidate] (97.119 ms) : 0, 97119
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-05-01T17:56:28 2025-05-01T18:04:14
git_branch master dependabot/github_actions/gh-actions-packages-af5240faf8
git_commit_date 1746034824 1746120784
git_commit_sha b445667 3f1c705
release_version 1.49.0-SNAPSHOT~b445667208 1.49.0-SNAPSHOT~3f1c705ef8
start_time 2025-05-01T17:56:14 2025-05-01T18:04:00
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1746123052 1746123052
ci_job_id 920708082 920708082
ci_pipeline_id 63885046 63885046
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-stvtq5db-project-304-concurrent-1-rjsqj6d5 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-stvtq5db-project-304-concurrent-1-rjsqj6d5 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 17 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.368 ms) : 1348, 1387
.   : milestone, 1368,
appsec (1.75 ms) : 1726, 1774
.   : milestone, 1750,
appsec_no_iast (1.73 ms) : 1707, 1753
.   : milestone, 1730,
code_origins (1.676 ms) : 1649, 1703
.   : milestone, 1676,
iast (1.52 ms) : 1496, 1544
.   : milestone, 1520,
profiling (1.56 ms) : 1534, 1587
.   : milestone, 1560,
tracing (1.497 ms) : 1472, 1522
.   : milestone, 1497,
section candidate
no_agent (1.354 ms) : 1335, 1373
.   : milestone, 1354,
appsec (1.748 ms) : 1724, 1771
.   : milestone, 1748,
appsec_no_iast (1.724 ms) : 1701, 1747
.   : milestone, 1724,
code_origins (1.706 ms) : 1680, 1733
.   : milestone, 1706,
iast (1.527 ms) : 1502, 1552
.   : milestone, 1527,
profiling (1.53 ms) : 1505, 1555
.   : milestone, 1530,
tracing (1.484 ms) : 1459, 1509
.   : milestone, 1484,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.368 ms [1.348 ms, 1.387 ms] -
appsec 1.75 ms [1.726 ms, 1.774 ms] 382.696 µs (28.0%)
appsec_no_iast 1.73 ms [1.707 ms, 1.753 ms] 362.369 µs (26.5%)
code_origins 1.676 ms [1.649 ms, 1.703 ms] 308.384 µs (22.6%)
iast 1.52 ms [1.496 ms, 1.544 ms] 152.577 µs (11.2%)
profiling 1.56 ms [1.534 ms, 1.587 ms] 192.83 µs (14.1%)
tracing 1.497 ms [1.472 ms, 1.522 ms] 129.673 µs (9.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.354 ms [1.335 ms, 1.373 ms] -
appsec 1.748 ms [1.724 ms, 1.771 ms] 393.705 µs (29.1%)
appsec_no_iast 1.724 ms [1.701 ms, 1.747 ms] 369.492 µs (27.3%)
code_origins 1.706 ms [1.68 ms, 1.733 ms] 352.4 µs (26.0%)
iast 1.527 ms [1.502 ms, 1.552 ms] 172.947 µs (12.8%)
profiling 1.53 ms [1.505 ms, 1.555 ms] 175.55 µs (13.0%)
tracing 1.484 ms [1.459 ms, 1.509 ms] 130.325 µs (9.6%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208
    dateFormat X
    axisFormat %s
section baseline
no_agent (383.819 µs) : 364, 404
.   : milestone, 384,
iast (519.887 µs) : 496, 543
.   : milestone, 520,
iast_FULL (742.98 µs) : 720, 766
.   : milestone, 743,
iast_GLOBAL (587.27 µs) : 562, 612
.   : milestone, 587,
iast_HARDCODED_SECRET_DISABLED (528.331 µs) : 506, 551
.   : milestone, 528,
iast_INACTIVE (465.881 µs) : 445, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (504.784 µs) : 482, 527
.   : milestone, 505,
tracing (462.487 µs) : 440, 485
.   : milestone, 462,
section candidate
no_agent (387.955 µs) : 367, 409
.   : milestone, 388,
iast (527.673 µs) : 505, 551
.   : milestone, 528,
iast_FULL (740.076 µs) : 716, 764
.   : milestone, 740,
iast_GLOBAL (569.474 µs) : 547, 592
.   : milestone, 569,
iast_HARDCODED_SECRET_DISABLED (521.569 µs) : 499, 544
.   : milestone, 522,
iast_INACTIVE (462.243 µs) : 441, 484
.   : milestone, 462,
iast_TELEMETRY_OFF (506.886 µs) : 484, 530
.   : milestone, 507,
tracing (465.299 µs) : 444, 487
.   : milestone, 465,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 383.819 µs [364.026 µs, 403.611 µs] -
iast 519.887 µs [496.403 µs, 543.371 µs] 136.068 µs (35.5%)
iast_FULL 742.98 µs [719.503 µs, 766.457 µs] 359.161 µs (93.6%)
iast_GLOBAL 587.27 µs [562.422 µs, 612.117 µs] 203.451 µs (53.0%)
iast_HARDCODED_SECRET_DISABLED 528.331 µs [505.578 µs, 551.085 µs] 144.513 µs (37.7%)
iast_INACTIVE 465.881 µs [444.695 µs, 487.067 µs] 82.062 µs (21.4%)
iast_TELEMETRY_OFF 504.784 µs [482.458 µs, 527.11 µs] 120.965 µs (31.5%)
tracing 462.487 µs [440.274 µs, 484.7 µs] 78.668 µs (20.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 387.955 µs [367.3 µs, 408.61 µs] -
iast 527.673 µs [504.671 µs, 550.675 µs] 139.718 µs (36.0%)
iast_FULL 740.076 µs [716.378 µs, 763.773 µs] 352.12 µs (90.8%)
iast_GLOBAL 569.474 µs [546.593 µs, 592.355 µs] 181.519 µs (46.8%)
iast_HARDCODED_SECRET_DISABLED 521.569 µs [499.379 µs, 543.759 µs] 133.614 µs (34.4%)
iast_INACTIVE 462.243 µs [440.727 µs, 483.759 µs] 74.288 µs (19.1%)
iast_TELEMETRY_OFF 506.886 µs [484.009 µs, 529.763 µs] 118.931 µs (30.7%)
tracing 465.299 µs [443.888 µs, 486.709 µs] 77.344 µs (19.9%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-af5240faf8
git_commit_date 1746034824 1746120784
git_commit_sha b445667 3f1c705
release_version 1.49.0-SNAPSHOT~b445667208 1.49.0-SNAPSHOT~3f1c705ef8
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1746123440 1746123440
ci_job_id 920708085 920708085
ci_pipeline_id 63885046 63885046
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-df2tp9k5-project-304-concurrent-0-utrrml12 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-df2tp9k5-project-304-concurrent-0-utrrml12 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.472 ms) : 1461, 1484
.   : milestone, 1472,
appsec (2.404 ms) : 2355, 2454
.   : milestone, 2404,
iast (2.188 ms) : 2126, 2250
.   : milestone, 2188,
iast_GLOBAL (2.23 ms) : 2167, 2293
.   : milestone, 2230,
profiling (2.063 ms) : 2011, 2114
.   : milestone, 2063,
tracing (2.006 ms) : 1958, 2054
.   : milestone, 2006,
section candidate
no_agent (1.476 ms) : 1465, 1488
.   : milestone, 1476,
appsec (2.407 ms) : 2357, 2457
.   : milestone, 2407,
iast (2.184 ms) : 2123, 2246
.   : milestone, 2184,
iast_GLOBAL (2.235 ms) : 2172, 2298
.   : milestone, 2235,
profiling (2.061 ms) : 2009, 2113
.   : milestone, 2061,
tracing (2.014 ms) : 1966, 2063
.   : milestone, 2014,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.472 ms [1.461 ms, 1.484 ms] -
appsec 2.404 ms [2.355 ms, 2.454 ms] 932.105 µs (63.3%)
iast 2.188 ms [2.126 ms, 2.25 ms] 715.591 µs (48.6%)
iast_GLOBAL 2.23 ms [2.167 ms, 2.293 ms] 757.686 µs (51.5%)
profiling 2.063 ms [2.011 ms, 2.114 ms] 590.356 µs (40.1%)
tracing 2.006 ms [1.958 ms, 2.054 ms] 534.164 µs (36.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.476 ms [1.465 ms, 1.488 ms] -
appsec 2.407 ms [2.357 ms, 2.457 ms] 930.859 µs (63.1%)
iast 2.184 ms [2.123 ms, 2.246 ms] 708.433 µs (48.0%)
iast_GLOBAL 2.235 ms [2.172 ms, 2.298 ms] 758.772 µs (51.4%)
profiling 2.061 ms [2.009 ms, 2.113 ms] 584.953 µs (39.6%)
tracing 2.014 ms [1.966 ms, 2.063 ms] 538.282 µs (36.5%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.49.0-SNAPSHOT~3f1c705ef8, baseline=1.49.0-SNAPSHOT~b445667208
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.997 s) : 14997000, 14997000
.   : milestone, 14997000,
appsec (14.832 s) : 14832000, 14832000
.   : milestone, 14832000,
iast (18.973 s) : 18973000, 18973000
.   : milestone, 18973000,
iast_GLOBAL (17.987 s) : 17987000, 17987000
.   : milestone, 17987000,
profiling (15.167 s) : 15167000, 15167000
.   : milestone, 15167000,
tracing (14.906 s) : 14906000, 14906000
.   : milestone, 14906000,
section candidate
no_agent (15.224 s) : 15224000, 15224000
.   : milestone, 15224000,
appsec (14.971 s) : 14971000, 14971000
.   : milestone, 14971000,
iast (19.078 s) : 19078000, 19078000
.   : milestone, 19078000,
iast_GLOBAL (18.14 s) : 18140000, 18140000
.   : milestone, 18140000,
profiling (15.506 s) : 15506000, 15506000
.   : milestone, 15506000,
tracing (15.23 s) : 15230000, 15230000
.   : milestone, 15230000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.997 s [14.997 s, 14.997 s] -
appsec 14.832 s [14.832 s, 14.832 s] -165.0 ms (-1.1%)
iast 18.973 s [18.973 s, 18.973 s] 3.976 s (26.5%)
iast_GLOBAL 17.987 s [17.987 s, 17.987 s] 2.99 s (19.9%)
profiling 15.167 s [15.167 s, 15.167 s] 170.0 ms (1.1%)
tracing 14.906 s [14.906 s, 14.906 s] -91.0 ms (-0.6%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.224 s [15.224 s, 15.224 s] -
appsec 14.971 s [14.971 s, 14.971 s] -253.0 ms (-1.7%)
iast 19.078 s [19.078 s, 19.078 s] 3.854 s (25.3%)
iast_GLOBAL 18.14 s [18.14 s, 18.14 s] 2.916 s (19.2%)
profiling 15.506 s [15.506 s, 15.506 s] 282.0 ms (1.9%)
tracing 15.23 s [15.23 s, 15.23 s] 6.0 ms (0.0%)

@PerfectSlayer PerfectSlayer enabled auto-merge (squash) May 2, 2025 08:28
@PerfectSlayer PerfectSlayer added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes and removed dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 2, 2025
@PerfectSlayer PerfectSlayer merged commit 889d878 into master May 2, 2025
256 of 264 checks passed
@PerfectSlayer PerfectSlayer deleted the dependabot/github_actions/gh-actions-packages-af5240faf8 branch May 2, 2025 08:34
@github-actions github-actions bot added this to the 1.49.0 milestone May 2, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

@dougqh dougqh Awaiting requested review from dougqh dougqh is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes
Projects
None yet
Milestone
1.49.0
Development

Successfully merging this pull request may close these issues.
1 participant
@PerfectSlayer