Missing http.response.headers.content-type span tag on blocking responses

[jandro996]

What Does This Do

Ensures http.response.headers.content-type and http.response.headers.content-length span tags are set on blocking responses (HTTP 403).

When GatewayBridge.maybePublishRequestData() or maybePublishResponseData() returns a RequestBlockingAction, the blocking content-type and content-length are now computed deterministically from the action's BlockingContentType + the request Accept header (using BlockingActionHelper), stored on AppSecRequestContext, and written as span tags in onRequestEnded().

Motivation

Blocking handlers short-circuit the normal request/response flow, bypassing the IG responseHeader callbacks. As a result, AppSecRequestContext.responseHeaders is never populated for blocking responses, and onRequestEnded() has nothing to write — causing http.response.headers.content-type to be missing.

Additional Notes

• The fix is fully centralized in GatewayBridge — no per-framework changes required.
• agent-bootstrap is added as compileOnly to the appsec module so BlockingActionHelper is available at compile time. At runtime it is always accessible via the bootstrap classloader.
• Content-length mirrors the exact byte count of the template the framework sends, includingsecurityResponseId substitution.

Contributor Checklist

• Format the title according to the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any other useful labels
• Avoid using close, fix, or any linking keywords when referencing an issue
  Use solves instead, and assign the PR milestone to the issue
• Update the CODEOWNERS file on source file addition, migration, or deletion
• Update public documentation with any new configuration flags or behaviors

Jira ticket: APPSEC-61447

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61447-bug-blocking
git_commit_date	1772631867	1772633334
git_commit_sha	70410da	e1f4173
release_version	1.61.0-SNAPSHOT~70410da0e2	1.61.0-SNAPSHOT~e1f41734a9

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1772635160	1772635160
ci_job_id	1475104375	1475104375
ci_pipeline_id	100331365	100331365
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-0z3ndvc6 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-0z3ndvc6 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 65 metrics, 6 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.055 s) : 0, 1055029
Total [baseline] (11.049 s) : 0, 11048526
Agent [candidate] (1.065 s) : 0, 1065121
Total [candidate] (11.056 s) : 0, 11055586
section appsec
Agent [baseline] (1.244 s) : 0, 1244441
Total [baseline] (11.138 s) : 0, 11138023
Agent [candidate] (1.243 s) : 0, 1243126
Total [candidate] (11.139 s) : 0, 11139457
section iast
Agent [baseline] (1.223 s) : 0, 1223195
Total [baseline] (11.306 s) : 0, 11306484
Agent [candidate] (1.235 s) : 0, 1234614
Total [candidate] (11.339 s) : 0, 11338661
section profiling
Agent [baseline] (1.187 s) : 0, 1186879
Total [baseline] (11.058 s) : 0, 11057599
Agent [candidate] (1.188 s) : 0, 1188160
Total [candidate] (11.025 s) : 0, 11025276

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.055 s	-
Agent	appsec	1.244 s	189.412 ms (18.0%)
Agent	iast	1.223 s	168.166 ms (15.9%)
Agent	profiling	1.187 s	131.85 ms (12.5%)
Total	tracing	11.049 s	-
Total	appsec	11.138 s	89.497 ms (0.8%)
Total	iast	11.306 s	257.958 ms (2.3%)
Total	profiling	11.058 s	9.073 ms (0.1%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.065 s	-
Agent	appsec	1.243 s	178.004 ms (16.7%)
Agent	iast	1.235 s	169.493 ms (15.9%)
Agent	profiling	1.188 s	123.039 ms (11.6%)
Total	tracing	11.056 s	-
Total	appsec	11.139 s	83.871 ms (0.8%)
Total	iast	11.339 s	283.075 ms (2.6%)
Total	profiling	11.025 s	-30.31 ms (-0.3%)

gantt
    title petclinic - break down per module: candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.196 ms) : 0, 1196
crashtracking [candidate] (1.202 ms) : 0, 1202
BytebuddyAgent [baseline] (626.615 ms) : 0, 626615
BytebuddyAgent [candidate] (631.26 ms) : 0, 631260
AgentMeter [baseline] (28.992 ms) : 0, 28992
AgentMeter [candidate] (29.354 ms) : 0, 29354
GlobalTracer [baseline] (256.155 ms) : 0, 256155
GlobalTracer [candidate] (258.332 ms) : 0, 258332
AppSec [baseline] (31.327 ms) : 0, 31327
AppSec [candidate] (31.836 ms) : 0, 31836
Debugger [baseline] (59.193 ms) : 0, 59193
Debugger [candidate] (59.78 ms) : 0, 59780
Remote Config [baseline] (589.463 µs) : 0, 589
Remote Config [candidate] (591.028 µs) : 0, 591
Telemetry [baseline] (8.583 ms) : 0, 8583
Telemetry [candidate] (8.695 ms) : 0, 8695
Flare Poller [baseline] (6.418 ms) : 0, 6418
Flare Poller [candidate] (7.973 ms) : 0, 7973
section appsec
crashtracking [baseline] (1.213 ms) : 0, 1213
crashtracking [candidate] (1.204 ms) : 0, 1204
BytebuddyAgent [baseline] (657.219 ms) : 0, 657219
BytebuddyAgent [candidate] (656.723 ms) : 0, 656723
AgentMeter [baseline] (11.96 ms) : 0, 11960
AgentMeter [candidate] (12.02 ms) : 0, 12020
GlobalTracer [baseline] (257.976 ms) : 0, 257976
GlobalTracer [candidate] (257.396 ms) : 0, 257396
IAST [baseline] (23.896 ms) : 0, 23896
IAST [candidate] (23.858 ms) : 0, 23858
AppSec [baseline] (177.284 ms) : 0, 177284
AppSec [candidate] (177.247 ms) : 0, 177247
Debugger [baseline] (65.451 ms) : 0, 65451
Debugger [candidate] (64.553 ms) : 0, 64553
Remote Config [baseline] (575.216 µs) : 0, 575
Remote Config [candidate] (571.05 µs) : 0, 571
Telemetry [baseline] (9.054 ms) : 0, 9054
Telemetry [candidate] (9.762 ms) : 0, 9762
Flare Poller [baseline] (3.559 ms) : 0, 3559
Flare Poller [candidate] (3.567 ms) : 0, 3567
section iast
crashtracking [baseline] (1.187 ms) : 0, 1187
crashtracking [candidate] (1.197 ms) : 0, 1197
BytebuddyAgent [baseline] (793.847 ms) : 0, 793847
BytebuddyAgent [candidate] (801.085 ms) : 0, 801085
AgentMeter [baseline] (11.299 ms) : 0, 11299
AgentMeter [candidate] (11.6 ms) : 0, 11600
GlobalTracer [baseline] (246.137 ms) : 0, 246137
GlobalTracer [candidate] (248.403 ms) : 0, 248403
IAST [baseline] (25.043 ms) : 0, 25043
IAST [candidate] (25.268 ms) : 0, 25268
AppSec [baseline] (26.176 ms) : 0, 26176
AppSec [candidate] (26.614 ms) : 0, 26614
Debugger [baseline] (63.1 ms) : 0, 63100
Debugger [candidate] (63.84 ms) : 0, 63840
Remote Config [baseline] (525.416 µs) : 0, 525
Remote Config [candidate] (534.956 µs) : 0, 535
Telemetry [baseline] (14.905 ms) : 0, 14905
Telemetry [candidate] (14.892 ms) : 0, 14892
Flare Poller [baseline] (4.945 ms) : 0, 4945
Flare Poller [candidate] (5.041 ms) : 0, 5041
section profiling
crashtracking [baseline] (1.16 ms) : 0, 1160
crashtracking [candidate] (1.191 ms) : 0, 1191
BytebuddyAgent [baseline] (684.957 ms) : 0, 684957
BytebuddyAgent [candidate] (686.955 ms) : 0, 686955
AgentMeter [baseline] (8.689 ms) : 0, 8689
AgentMeter [candidate] (8.609 ms) : 0, 8609
GlobalTracer [baseline] (216.631 ms) : 0, 216631
GlobalTracer [candidate] (216.438 ms) : 0, 216438
AppSec [baseline] (32.088 ms) : 0, 32088
AppSec [candidate] (32.137 ms) : 0, 32137
Debugger [baseline] (64.843 ms) : 0, 64843
Debugger [candidate] (63.849 ms) : 0, 63849
Remote Config [baseline] (588.754 µs) : 0, 589
Remote Config [candidate] (571.2 µs) : 0, 571
Telemetry [baseline] (9.091 ms) : 0, 9091
Telemetry [candidate] (9.727 ms) : 0, 9727
Flare Poller [baseline] (3.501 ms) : 0, 3501
Flare Poller [candidate] (3.54 ms) : 0, 3540
ProfilingAgent [baseline] (94.525 ms) : 0, 94525
ProfilingAgent [candidate] (93.928 ms) : 0, 93928
Profiling [baseline] (95.105 ms) : 0, 95105
Profiling [candidate] (94.481 ms) : 0, 94481

Loading

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.06 s) : 0, 1060468
Total [baseline] (8.842 s) : 0, 8842022
Agent [candidate] (1.064 s) : 0, 1064164
Total [candidate] (8.863 s) : 0, 8862817
section iast
Agent [baseline] (1.223 s) : 0, 1222771
Total [baseline] (9.569 s) : 0, 9569394
Agent [candidate] (1.234 s) : 0, 1234040
Total [candidate] (9.535 s) : 0, 9534797

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.06 s	-
Agent	iast	1.223 s	162.303 ms (15.3%)
Total	tracing	8.842 s	-
Total	iast	9.569 s	727.372 ms (8.2%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.064 s	-
Agent	iast	1.234 s	169.876 ms (16.0%)
Total	tracing	8.863 s	-
Total	iast	9.535 s	671.981 ms (7.6%)

gantt
    title insecure-bank - break down per module: candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.203 ms) : 0, 1203
crashtracking [candidate] (1.221 ms) : 0, 1221
BytebuddyAgent [baseline] (630.777 ms) : 0, 630777
BytebuddyAgent [candidate] (632.891 ms) : 0, 632891
AgentMeter [baseline] (29.395 ms) : 0, 29395
AgentMeter [candidate] (29.4 ms) : 0, 29400
GlobalTracer [baseline] (257.518 ms) : 0, 257518
GlobalTracer [candidate] (258.603 ms) : 0, 258603
AppSec [baseline] (31.544 ms) : 0, 31544
AppSec [candidate] (31.758 ms) : 0, 31758
Debugger [baseline] (58.917 ms) : 0, 58917
Debugger [candidate] (58.877 ms) : 0, 58877
Remote Config [baseline] (591.619 µs) : 0, 592
Remote Config [candidate] (591.44 µs) : 0, 591
Telemetry [baseline] (8.65 ms) : 0, 8650
Telemetry [candidate] (8.727 ms) : 0, 8727
Flare Poller [baseline] (5.672 ms) : 0, 5672
Flare Poller [candidate] (5.848 ms) : 0, 5848
section iast
crashtracking [baseline] (1.195 ms) : 0, 1195
crashtracking [candidate] (1.218 ms) : 0, 1218
BytebuddyAgent [baseline] (793.448 ms) : 0, 793448
BytebuddyAgent [candidate] (802.545 ms) : 0, 802545
AgentMeter [baseline] (11.283 ms) : 0, 11283
AgentMeter [candidate] (11.583 ms) : 0, 11583
GlobalTracer [baseline] (246.555 ms) : 0, 246555
GlobalTracer [candidate] (247.655 ms) : 0, 247655
IAST [baseline] (25.112 ms) : 0, 25112
IAST [candidate] (25.125 ms) : 0, 25125
AppSec [baseline] (26.254 ms) : 0, 26254
AppSec [candidate] (26.415 ms) : 0, 26415
Debugger [baseline] (62.594 ms) : 0, 62594
Debugger [candidate] (62.808 ms) : 0, 62808
Remote Config [baseline] (521.286 µs) : 0, 521
Remote Config [candidate] (520.389 µs) : 0, 520
Telemetry [baseline] (14.807 ms) : 0, 14807
Telemetry [candidate] (14.898 ms) : 0, 14898
Flare Poller [baseline] (4.939 ms) : 0, 4939
Flare Poller [candidate] (5.043 ms) : 0, 5043

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61447-bug-blocking
git_commit_date	1772631867	1772633334
git_commit_sha	70410da	e1f4173
release_version	1.61.0-SNAPSHOT~70410da0e2	1.61.0-SNAPSHOT~e1f41734a9

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1772635640	1772635640
ci_job_id	1475104376	1475104376
ci_pipeline_id	100331365	100331365
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-ht2xak1b 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-ht2xak1b 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 4 performance improvements and 2 performance regressions! Performance is the same for 13 metrics, 17 unstable metrics.

scenario	Δ mean agg_http_req_duration_p50	Δ mean agg_http_req_duration_p95	Δ mean throughput	candidate mean agg_http_req_duration_p50	candidate mean agg_http_req_duration_p95	candidate mean throughput	baseline mean agg_http_req_duration_p50	baseline mean agg_http_req_duration_p95	baseline mean throughput
scenario:load:insecure-bank:iast_GLOBAL:high_load	unsure [-207.467µs; -39.122µs] or [-7.123%; -1.343%]	better [-688.980µs; -211.044µs] or [-8.313%; -2.546%]	unstable [-67.356op/s; +224.481op/s] or [-5.496%; +18.317%]	2.789ms	7.838ms	1304.062op/s	2.913ms	8.288ms	1225.500op/s
scenario:load:petclinic:iast:high_load	better [-887.123µs; -384.957µs] or [-4.882%; -2.119%]	unsure [-1212.530µs; -137.810µs] or [-4.118%; -0.468%]	unstable [-19.724op/s; +33.849op/s] or [-7.774%; +13.341%]	17.534ms	28.768ms	260.781op/s	18.170ms	29.443ms	253.719op/s
scenario:load:petclinic:appsec:high_load	worse [+389.851µs; +1354.268µs] or [+2.130%; +7.398%]	unsure [+173.356µs; +1510.432µs] or [+0.579%; +5.048%]	unstable [-37.642op/s; +14.830op/s] or [-14.948%; +5.889%]	19.177ms	30.762ms	240.406op/s	18.305ms	29.920ms	251.812op/s
scenario:load:petclinic:profiling:high_load	better [-1.690ms; -0.559ms] or [-8.558%; -2.831%]	better [-1.936ms; -0.643ms] or [-6.169%; -2.050%]	unstable [-14.025op/s; +36.838op/s] or [-5.961%; +15.657%]	18.625ms	30.090ms	246.688op/s	19.749ms	31.379ms	235.281op/s
scenario:load:petclinic:code_origins:high_load	worse [+0.527ms; +1.625ms] or [+3.015%; +9.304%]	unsure [+0.368ms; +2.038ms] or [+1.269%; +7.021%]	unstable [-43.957op/s; +10.644op/s] or [-16.654%; +4.033%]	18.542ms	30.227ms	247.281op/s	17.466ms	29.024ms	263.938op/s

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2
    dateFormat X
    axisFormat %s
section baseline
no_agent (17.958 ms) : 17776, 18141
.   : milestone, 17958,
appsec (18.533 ms) : 18345, 18722
.   : milestone, 18533,
code_origins (17.676 ms) : 17499, 17854
.   : milestone, 17676,
iast (18.394 ms) : 18210, 18579
.   : milestone, 18394,
profiling (19.842 ms) : 19641, 20043
.   : milestone, 19842,
tracing (18.261 ms) : 18080, 18441
.   : milestone, 18261,
section candidate
no_agent (17.974 ms) : 17789, 18159
.   : milestone, 17974,
appsec (19.418 ms) : 19219, 19618
.   : milestone, 19418,
code_origins (18.876 ms) : 18687, 19066
.   : milestone, 18876,
iast (17.896 ms) : 17717, 18075
.   : milestone, 17896,
profiling (18.923 ms) : 18732, 19114
.   : milestone, 18923,
tracing (17.735 ms) : 17557, 17913
.   : milestone, 17735,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	17.958 ms [17.776 ms, 18.141 ms]	-
appsec	18.533 ms [18.345 ms, 18.722 ms]	575.153 µs (3.2%)
code_origins	17.676 ms [17.499 ms, 17.854 ms]	-281.817 µs (-1.6%)
iast	18.394 ms [18.21 ms, 18.579 ms]	435.962 µs (2.4%)
profiling	19.842 ms [19.641 ms, 20.043 ms]	1.884 ms (10.5%)
tracing	18.261 ms [18.08 ms, 18.441 ms]	302.384 µs (1.7%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	17.974 ms [17.789 ms, 18.159 ms]	-
appsec	19.418 ms [19.219 ms, 19.618 ms]	1.444 ms (8.0%)
code_origins	18.876 ms [18.687 ms, 19.066 ms]	902.327 µs (5.0%)
iast	17.896 ms [17.717 ms, 18.075 ms]	-78.039 µs (-0.4%)
profiling	18.923 ms [18.732 ms, 19.114 ms]	948.923 µs (5.3%)
tracing	17.735 ms [17.557 ms, 17.913 ms]	-239.204 µs (-1.3%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.18 ms) : 1168, 1191
.   : milestone, 1180,
iast (3.13 ms) : 3088, 3171
.   : milestone, 3130,
iast_FULL (5.905 ms) : 5846, 5965
.   : milestone, 5905,
iast_GLOBAL (3.746 ms) : 3675, 3816
.   : milestone, 3746,
profiling (1.893 ms) : 1877, 1909
.   : milestone, 1893,
tracing (1.778 ms) : 1763, 1793
.   : milestone, 1778,
section candidate
no_agent (1.221 ms) : 1209, 1233
.   : milestone, 1221,
iast (3.104 ms) : 3062, 3146
.   : milestone, 3104,
iast_FULL (5.811 ms) : 5752, 5869
.   : milestone, 5811,
iast_GLOBAL (3.517 ms) : 3462, 3572
.   : milestone, 3517,
profiling (1.985 ms) : 1967, 2002
.   : milestone, 1985,
tracing (1.811 ms) : 1797, 1825
.   : milestone, 1811,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.18 ms [1.168 ms, 1.191 ms]	-
iast	3.13 ms [3.088 ms, 3.171 ms]	1.95 ms (165.2%)
iast_FULL	5.905 ms [5.846 ms, 5.965 ms]	4.726 ms (400.5%)
iast_GLOBAL	3.746 ms [3.675 ms, 3.816 ms]	2.566 ms (217.5%)
profiling	1.893 ms [1.877 ms, 1.909 ms]	712.901 µs (60.4%)
tracing	1.778 ms [1.763 ms, 1.793 ms]	597.887 µs (50.7%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.221 ms [1.209 ms, 1.233 ms]	-
iast	3.104 ms [3.062 ms, 3.146 ms]	1.883 ms (154.3%)
iast_FULL	5.811 ms [5.752 ms, 5.869 ms]	4.59 ms (376.1%)
iast_GLOBAL	3.517 ms [3.462 ms, 3.572 ms]	2.296 ms (188.1%)
profiling	1.985 ms [1.967 ms, 2.002 ms]	763.972 µs (62.6%)
tracing	1.811 ms [1.797 ms, 1.825 ms]	590.406 µs (48.4%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61447-bug-blocking
git_commit_date	1772631867	1772633334
git_commit_sha	70410da	e1f4173
release_version	1.61.0-SNAPSHOT~70410da0e2	1.61.0-SNAPSHOT~e1f41734a9

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1772635357	1772635357
ci_job_id	1475104378	1475104378
ci_pipeline_id	100331365	100331365
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-1-talndp1x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-1-talndp1x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1462, 1484
.   : milestone, 1473,
appsec (3.735 ms) : 3518, 3953
.   : milestone, 3735,
iast (2.25 ms) : 2181, 2319
.   : milestone, 2250,
iast_GLOBAL (2.298 ms) : 2228, 2368
.   : milestone, 2298,
profiling (2.086 ms) : 2031, 2141
.   : milestone, 2086,
tracing (2.05 ms) : 1996, 2103
.   : milestone, 2050,
section candidate
no_agent (1.477 ms) : 1466, 1489
.   : milestone, 1477,
appsec (3.745 ms) : 3529, 3960
.   : milestone, 3745,
iast (2.249 ms) : 2180, 2319
.   : milestone, 2249,
iast_GLOBAL (2.296 ms) : 2227, 2366
.   : milestone, 2296,
profiling (2.088 ms) : 2033, 2143
.   : milestone, 2088,
tracing (2.061 ms) : 2007, 2114
.   : milestone, 2061,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.473 ms [1.462 ms, 1.484 ms]	-
appsec	3.735 ms [3.518 ms, 3.953 ms]	2.262 ms (153.6%)
iast	2.25 ms [2.181 ms, 2.319 ms]	776.791 µs (52.7%)
iast_GLOBAL	2.298 ms [2.228 ms, 2.368 ms]	824.884 µs (56.0%)
profiling	2.086 ms [2.031 ms, 2.141 ms]	613.297 µs (41.6%)
tracing	2.05 ms [1.996 ms, 2.103 ms]	576.767 µs (39.2%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.477 ms [1.466 ms, 1.489 ms]	-
appsec	3.745 ms [3.529 ms, 3.96 ms]	2.267 ms (153.5%)
iast	2.249 ms [2.18 ms, 2.319 ms]	772.164 µs (52.3%)
iast_GLOBAL	2.296 ms [2.227 ms, 2.366 ms]	818.976 µs (55.4%)
profiling	2.088 ms [2.033 ms, 2.143 ms]	611.076 µs (41.4%)
tracing	2.061 ms [2.007 ms, 2.114 ms]	583.506 µs (39.5%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~e1f41734a9, baseline=1.61.0-SNAPSHOT~70410da0e2
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.94 s) : 14940000, 14940000
.   : milestone, 14940000,
appsec (14.808 s) : 14808000, 14808000
.   : milestone, 14808000,
iast (18.232 s) : 18232000, 18232000
.   : milestone, 18232000,
iast_GLOBAL (17.671 s) : 17671000, 17671000
.   : milestone, 17671000,
profiling (14.578 s) : 14578000, 14578000
.   : milestone, 14578000,
tracing (15.088 s) : 15088000, 15088000
.   : milestone, 15088000,
section candidate
no_agent (15.598 s) : 15598000, 15598000
.   : milestone, 15598000,
appsec (15.124 s) : 15124000, 15124000
.   : milestone, 15124000,
iast (18.217 s) : 18217000, 18217000
.   : milestone, 18217000,
iast_GLOBAL (17.765 s) : 17765000, 17765000
.   : milestone, 17765000,
profiling (14.75 s) : 14750000, 14750000
.   : milestone, 14750000,
tracing (15.172 s) : 15172000, 15172000
.   : milestone, 15172000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.94 s [14.94 s, 14.94 s]	-
appsec	14.808 s [14.808 s, 14.808 s]	-132.0 ms (-0.9%)
iast	18.232 s [18.232 s, 18.232 s]	3.292 s (22.0%)
iast_GLOBAL	17.671 s [17.671 s, 17.671 s]	2.731 s (18.3%)
profiling	14.578 s [14.578 s, 14.578 s]	-362.0 ms (-2.4%)
tracing	15.088 s [15.088 s, 15.088 s]	148.0 ms (1.0%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.598 s [15.598 s, 15.598 s]	-
appsec	15.124 s [15.124 s, 15.124 s]	-474.0 ms (-3.0%)
iast	18.217 s [18.217 s, 18.217 s]	2.619 s (16.8%)
iast_GLOBAL	17.765 s [17.765 s, 17.765 s]	2.167 s (13.9%)
profiling	14.75 s [14.75 s, 14.75 s]	-848.0 ms (-5.4%)
tracing	15.172 s [15.172 s, 15.172 s]	-426.0 ms (-2.7%)

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: e1f41734a9

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".