Skip to content

chore(ci): bump github/codeql-action from 4.31.5 to 4.31.6 in the gh-actions-packages group#10058

Merged
AlexeyKuznetsov-DD merged 2 commits intomasterfrom
dependabot/github_actions/gh-actions-packages-63f37e560d
Dec 3, 2025
Merged

chore(ci): bump github/codeql-action from 4.31.5 to 4.31.6 in the gh-actions-packages group#10058
AlexeyKuznetsov-DD merged 2 commits intomasterfrom
dependabot/github_actions/gh-actions-packages-63f37e560d

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Dec 1, 2025
edited
Loading

Bumps the gh-actions-packages group with 1 update: github/codeql-action.

Updates github/codeql-action from 4.31.5 to 4.31.6

Release notes

Sourced from github/codeql-action's releases.

v4.31.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.6 - 01 Dec 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.6 - 01 Dec 2025

No user facing changes.

4.31.5 - 24 Nov 2025

  • Update default CodeQL bundle version to 2.23.6. #3321

4.31.4 - 18 Nov 2025

No user facing changes.

4.31.3 - 13 Nov 2025

  • CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see Upcoming deprecation of CodeQL Action v3.
  • Update default CodeQL bundle version to 2.23.5. #3288

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

  • The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

  • Bump minimum CodeQL bundle version to 2.17.6. #3223
  • When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

  • Update default CodeQL bundle version to 2.23.3. #3205
  • Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

  • [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

... (truncated)

Commits
  • fe4161a Merge pull request #3336 from github/update-v4.31.6-ecec1f887
  • 88c2ab5 Update changelog for v4.31.6
  • ecec1f8 Merge pull request #3335 from github/mbg/ci/run-codeql-on-all-prs
  • 23da732 Merge pull request #3334 from github/kaspersv/overlay-minor-comments
  • f7abc74 Remove branch filter for PR event in CodeQL workflow
  • 32ada5e Merge branch 'main' into kaspersv/overlay-minor-comments
  • 75b2f49 Merge pull request #3333 from github/kaspersv/overlay-no-resource-checks-option
  • f036b1c Merge branch 'main' into kaspersv/overlay-no-resource-checks-option
  • 58c5954 Add comment to runnerSupportsOverlayAnalysis
  • b02fa13 Order feature flags alphabetically
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(ci): bump github/codeql-action in the gh-actions-packages group
7a004a8 
Bumps the gh-actions-packages group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 4.31.5 to 4.31.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@fdbfb4d...fe4161a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes labels Dec 1, 2025
@dependabot dependabot Bot requested a review from a team as a code owner December 1, 2025 18:47
@dependabot dependabot Bot added the tag: dependencies Dependencies related changes label Dec 1, 2025
@dependabot dependabot Bot requested review from amarziali and removed request for a team December 1, 2025 18:47
@dependabot dependabot Bot added the comp: tooling Build & Tooling label Dec 1, 2025
@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Dec 2, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-63f37e560d
git_commit_date 1764783272 1764787579
git_commit_sha 077bcfb 7fe4a4c
release_version 1.57.0-SNAPSHOT~077bcfba1e 1.57.0-SNAPSHOT~7fe4a4c947
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1764789395 1764789395
ci_job_id 1268815256 1268815256
ci_pipeline_id 84795631 84795631
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-sudf6r9x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-sudf6r9x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 57 metrics, 8 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.049 s) : 0, 1048965
Total [baseline] (8.665 s) : 0, 8664896
Agent [candidate] (1.067 s) : 0, 1066759
Total [candidate] (8.673 s) : 0, 8672964
section iast
Agent [baseline] (1.196 s) : 0, 1196342
Total [baseline] (9.298 s) : 0, 9297850
Agent [candidate] (1.195 s) : 0, 1194828
Total [candidate] (9.278 s) : 0, 9277996
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.049 s -
Agent iast 1.196 s 147.377 ms (14.0%)
Total tracing 8.665 s -
Total iast 9.298 s 632.954 ms (7.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.067 s -
Agent iast 1.195 s 128.069 ms (12.0%)
Total tracing 8.673 s -
Total iast 9.278 s 605.032 ms (7.0%) 
gantt
    title insecure-bank - break down per module: candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.467 ms) : 0, 1467
crashtracking [candidate] (1.501 ms) : 0, 1501
BytebuddyAgent [baseline] (704.84 ms) : 0, 704840
BytebuddyAgent [candidate] (718.919 ms) : 0, 718919
GlobalTracer [baseline] (248.345 ms) : 0, 248345
GlobalTracer [candidate] (251.036 ms) : 0, 251036
AppSec [baseline] (31.977 ms) : 0, 31977
AppSec [candidate] (32.563 ms) : 0, 32563
Debugger [baseline] (6.388 ms) : 0, 6388
Debugger [candidate] (6.541 ms) : 0, 6541
Remote Config [baseline] (668.354 µs) : 0, 668
Remote Config [candidate] (680.028 µs) : 0, 680
Telemetry [baseline] (16.327 ms) : 0, 16327
Telemetry [candidate] (15.265 ms) : 0, 15265
Flare Poller [baseline] (4.139 ms) : 0, 4139
Flare Poller [candidate] (5.007 ms) : 0, 5007
section iast
crashtracking [baseline] (1.491 ms) : 0, 1491
crashtracking [candidate] (1.489 ms) : 0, 1489
BytebuddyAgent [baseline] (834.45 ms) : 0, 834450
BytebuddyAgent [candidate] (831.689 ms) : 0, 831689
GlobalTracer [baseline] (238.115 ms) : 0, 238115
GlobalTracer [candidate] (238.561 ms) : 0, 238561
AppSec [baseline] (30.641 ms) : 0, 30641
AppSec [candidate] (30.843 ms) : 0, 30843
Debugger [baseline] (6.173 ms) : 0, 6173
Debugger [candidate] (6.179 ms) : 0, 6179
Remote Config [baseline] (608.19 µs) : 0, 608
Remote Config [candidate] (613.619 µs) : 0, 614
Telemetry [baseline] (8.066 ms) : 0, 8066
Telemetry [candidate] (8.111 ms) : 0, 8111
Flare Poller [baseline] (10.804 ms) : 0, 10804
Flare Poller [candidate] (10.976 ms) : 0, 10976
IAST [baseline] (30.952 ms) : 0, 30952
IAST [candidate] (31.422 ms) : 0, 31422
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.052 s) : 0, 1052411
Total [baseline] (10.774 s) : 0, 10774373
Agent [candidate] (1.052 s) : 0, 1052464
Total [candidate] (10.77 s) : 0, 10770057
section appsec
Agent [baseline] (1.235 s) : 0, 1235222
Total [baseline] (10.907 s) : 0, 10906665
Agent [candidate] (1.235 s) : 0, 1234852
Total [candidate] (10.854 s) : 0, 10854280
section iast
Agent [baseline] (1.19 s) : 0, 1189886
Total [baseline] (11.14 s) : 0, 11139556
Agent [candidate] (1.19 s) : 0, 1190159
Total [candidate] (11.164 s) : 0, 11163961
section profiling
Agent [baseline] (1.196 s) : 0, 1196294
Total [baseline] (10.878 s) : 0, 10878018
Agent [candidate] (1.198 s) : 0, 1197640
Total [candidate] (10.902 s) : 0, 10901870
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.052 s -
Agent appsec 1.235 s 182.81 ms (17.4%)
Agent iast 1.19 s 137.475 ms (13.1%)
Agent profiling 1.196 s 143.883 ms (13.7%)
Total tracing 10.774 s -
Total appsec 10.907 s 132.292 ms (1.2%)
Total iast 11.14 s 365.182 ms (3.4%)
Total profiling 10.878 s 103.645 ms (1.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.052 s -
Agent appsec 1.235 s 182.388 ms (17.3%)
Agent iast 1.19 s 137.694 ms (13.1%)
Agent profiling 1.198 s 145.175 ms (13.8%)
Total tracing 10.77 s -
Total appsec 10.854 s 84.223 ms (0.8%)
Total iast 11.164 s 393.904 ms (3.7%)
Total profiling 10.902 s 131.813 ms (1.2%) 
gantt
    title petclinic - break down per module: candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.476 ms) : 0, 1476
crashtracking [candidate] (1.481 ms) : 0, 1481
BytebuddyAgent [baseline] (707.714 ms) : 0, 707714
BytebuddyAgent [candidate] (707.428 ms) : 0, 707428
GlobalTracer [baseline] (248.999 ms) : 0, 248999
GlobalTracer [candidate] (249.34 ms) : 0, 249340
AppSec [baseline] (32.028 ms) : 0, 32028
AppSec [candidate] (32.193 ms) : 0, 32193
Debugger [baseline] (6.369 ms) : 0, 6369
Debugger [candidate] (6.434 ms) : 0, 6434
Remote Config [baseline] (682.013 µs) : 0, 682
Remote Config [candidate] (670.958 µs) : 0, 671
Telemetry [baseline] (16.293 ms) : 0, 16293
Telemetry [candidate] (16.064 ms) : 0, 16064
Flare Poller [baseline] (4.062 ms) : 0, 4062
Flare Poller [candidate] (4.162 ms) : 0, 4162
section appsec
crashtracking [baseline] (1.489 ms) : 0, 1489
crashtracking [candidate] (1.486 ms) : 0, 1486
BytebuddyAgent [baseline] (736.159 ms) : 0, 736159
BytebuddyAgent [candidate] (734.59 ms) : 0, 734590
GlobalTracer [baseline] (243.137 ms) : 0, 243137
GlobalTracer [candidate] (242.604 ms) : 0, 242604
AppSec [baseline] (175.135 ms) : 0, 175135
AppSec [candidate] (176.574 ms) : 0, 176574
Debugger [baseline] (6.293 ms) : 0, 6293
Debugger [candidate] (6.259 ms) : 0, 6259
Remote Config [baseline] (694.669 µs) : 0, 695
Remote Config [candidate] (686.716 µs) : 0, 687
Telemetry [baseline] (8.21 ms) : 0, 8210
Telemetry [candidate] (8.193 ms) : 0, 8193
Flare Poller [baseline] (4.088 ms) : 0, 4088
Flare Poller [candidate] (4.001 ms) : 0, 4001
IAST [baseline] (24.959 ms) : 0, 24959
IAST [candidate] (25.355 ms) : 0, 25355
section iast
crashtracking [baseline] (1.491 ms) : 0, 1491
crashtracking [candidate] (1.481 ms) : 0, 1481
BytebuddyAgent [baseline] (829.256 ms) : 0, 829256
BytebuddyAgent [candidate] (829.229 ms) : 0, 829229
GlobalTracer [baseline] (237.394 ms) : 0, 237394
GlobalTracer [candidate] (237.545 ms) : 0, 237545
AppSec [baseline] (29.983 ms) : 0, 29983
AppSec [candidate] (31.339 ms) : 0, 31339
Debugger [baseline] (6.055 ms) : 0, 6055
Debugger [candidate] (6.099 ms) : 0, 6099
Remote Config [baseline] (602.621 µs) : 0, 603
Remote Config [candidate] (612.47 µs) : 0, 612
Telemetry [baseline] (7.942 ms) : 0, 7942
Telemetry [candidate] (8.062 ms) : 0, 8062
Flare Poller [baseline] (10.648 ms) : 0, 10648
Flare Poller [candidate] (11.055 ms) : 0, 11055
IAST [baseline] (31.699 ms) : 0, 31699
IAST [candidate] (29.939 ms) : 0, 29939
section profiling
crashtracking [baseline] (1.432 ms) : 0, 1432
crashtracking [candidate] (1.426 ms) : 0, 1426
BytebuddyAgent [baseline] (731.83 ms) : 0, 731830
BytebuddyAgent [candidate] (734.334 ms) : 0, 734334
GlobalTracer [baseline] (222.807 ms) : 0, 222807
GlobalTracer [candidate] (222.308 ms) : 0, 222308
AppSec [baseline] (32.085 ms) : 0, 32085
AppSec [candidate] (32.133 ms) : 0, 32133
Debugger [baseline] (6.832 ms) : 0, 6832
Debugger [candidate] (7.56 ms) : 0, 7560
Remote Config [baseline] (674.155 µs) : 0, 674
Remote Config [candidate] (666.352 µs) : 0, 666
Telemetry [baseline] (16.352 ms) : 0, 16352
Telemetry [candidate] (15.565 ms) : 0, 15565
Flare Poller [baseline] (4.172 ms) : 0, 4172
Flare Poller [candidate] (4.157 ms) : 0, 4157
ProfilingAgent [baseline] (110.981 ms) : 0, 110981
ProfilingAgent [candidate] (110.122 ms) : 0, 110122
Profiling [baseline] (111.59 ms) : 0, 111590
Profiling [candidate] (110.751 ms) : 0, 110751
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-63f37e560d
git_commit_date 1764783272 1764787579
git_commit_sha 077bcfb 7fe4a4c
release_version 1.57.0-SNAPSHOT~077bcfba1e 1.57.0-SNAPSHOT~7fe4a4c947
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1764789886 1764789886
ci_job_id 1268815257 1268815257
ci_pipeline_id 84795631 84795631
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-lxj92fxc 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-lxj92fxc 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 3 performance improvements and 0 performance regressions! Performance is the same for 17 metrics, 16 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:insecure-bank:iast_GLOBAL:high_load better
[-223.811µs; -75.616µs] or [-7.559%; -2.554%]		 better
[-595.737µs; -172.006µs] or [-7.141%; -2.062%]		 unstable
[-75.611op/s; +191.486op/s] or [-6.141%; +15.553%]		 2.811ms 7.959ms 1289.156op/s 2.961ms 8.343ms 1231.219op/s
scenario:load:petclinic:no_agent:high_load better
[-1.759ms; -0.465ms] or [-10.038%; -2.652%]		 unstable
[-3.553ms; -0.158ms] or [-11.864%; -0.529%]		 unstable
[-14.294op/s; +43.107op/s] or [-5.510%; +16.617%]		 16.411ms 28.087ms 273.812op/s 17.523ms 29.943ms 259.406op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.211 ms) : 1199, 1223
.   : milestone, 1211,
iast (3.257 ms) : 3211, 3303
.   : milestone, 3257,
iast_FULL (5.721 ms) : 5664, 5778
.   : milestone, 5721,
iast_GLOBAL (3.727 ms) : 3672, 3782
.   : milestone, 3727,
profiling (2.108 ms) : 2087, 2129
.   : milestone, 2108,
tracing (1.811 ms) : 1796, 1825
.   : milestone, 1811,
section candidate
no_agent (1.209 ms) : 1197, 1221
.   : milestone, 1209,
iast (3.234 ms) : 3190, 3277
.   : milestone, 3234,
iast_FULL (5.719 ms) : 5662, 5776
.   : milestone, 5719,
iast_GLOBAL (3.556 ms) : 3505, 3608
.   : milestone, 3556,
profiling (2.115 ms) : 2096, 2135
.   : milestone, 2115,
tracing (1.803 ms) : 1789, 1818
.   : milestone, 1803,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.211 ms [1.199 ms, 1.223 ms] -
iast 3.257 ms [3.211 ms, 3.303 ms] 2.046 ms (168.9%)
iast_FULL 5.721 ms [5.664 ms, 5.778 ms] 4.509 ms (372.3%)
iast_GLOBAL 3.727 ms [3.672 ms, 3.782 ms] 2.515 ms (207.7%)
profiling 2.108 ms [2.087 ms, 2.129 ms] 896.889 µs (74.1%)
tracing 1.811 ms [1.796 ms, 1.825 ms] 599.47 µs (49.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.209 ms [1.197 ms, 1.221 ms] -
iast 3.234 ms [3.19 ms, 3.277 ms] 2.025 ms (167.4%)
iast_FULL 5.719 ms [5.662 ms, 5.776 ms] 4.51 ms (373.0%)
iast_GLOBAL 3.556 ms [3.505 ms, 3.608 ms] 2.347 ms (194.1%)
profiling 2.115 ms [2.096 ms, 2.135 ms] 906.097 µs (74.9%)
tracing 1.803 ms [1.789 ms, 1.818 ms] 594.305 µs (49.2%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e
    dateFormat X
    axisFormat %s
section baseline
no_agent (17.987 ms) : 17799, 18175
.   : milestone, 17987,
appsec (18.385 ms) : 18196, 18573
.   : milestone, 18385,
code_origins (17.664 ms) : 17488, 17841
.   : milestone, 17664,
iast (17.623 ms) : 17449, 17798
.   : milestone, 17623,
profiling (18.86 ms) : 18673, 19048
.   : milestone, 18860,
tracing (17.562 ms) : 17389, 17735
.   : milestone, 17562,
section candidate
no_agent (17.038 ms) : 16865, 17210
.   : milestone, 17038,
appsec (18.814 ms) : 18619, 19010
.   : milestone, 18814,
code_origins (17.665 ms) : 17490, 17840
.   : milestone, 17665,
iast (17.458 ms) : 17282, 17634
.   : milestone, 17458,
profiling (18.659 ms) : 18473, 18845
.   : milestone, 18659,
tracing (17.627 ms) : 17455, 17798
.   : milestone, 17627,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.987 ms [17.799 ms, 18.175 ms] -
appsec 18.385 ms [18.196 ms, 18.573 ms] 397.662 µs (2.2%)
code_origins 17.664 ms [17.488 ms, 17.841 ms] -322.563 µs (-1.8%)
iast 17.623 ms [17.449 ms, 17.798 ms] -363.703 µs (-2.0%)
profiling 18.86 ms [18.673 ms, 19.048 ms] 873.265 µs (4.9%)
tracing 17.562 ms [17.389 ms, 17.735 ms] -424.876 µs (-2.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.038 ms [16.865 ms, 17.21 ms] -
appsec 18.814 ms [18.619 ms, 19.01 ms] 1.777 ms (10.4%)
code_origins 17.665 ms [17.49 ms, 17.84 ms] 627.732 µs (3.7%)
iast 17.458 ms [17.282 ms, 17.634 ms] 420.617 µs (2.5%)
profiling 18.659 ms [18.473 ms, 18.845 ms] 1.621 ms (9.5%)
tracing 17.627 ms [17.455 ms, 17.798 ms] 588.992 µs (3.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-63f37e560d
git_commit_date 1764783272 1764787579
git_commit_sha 077bcfb 7fe4a4c
release_version 1.57.0-SNAPSHOT~077bcfba1e 1.57.0-SNAPSHOT~7fe4a4c947
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1764789619 1764789619
ci_job_id 1268815258 1268815258
ci_pipeline_id 84795631 84795631
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-xwnq7jwy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-xwnq7jwy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 2 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.477 ms) : 1465, 1489
.   : milestone, 1477,
appsec (3.714 ms) : 3494, 3934
.   : milestone, 3714,
iast (2.217 ms) : 2152, 2282
.   : milestone, 2217,
iast_GLOBAL (2.262 ms) : 2196, 2327
.   : milestone, 2262,
profiling (2.481 ms) : 2324, 2638
.   : milestone, 2481,
tracing (2.054 ms) : 2003, 2106
.   : milestone, 2054,
section candidate
no_agent (1.479 ms) : 1467, 1490
.   : milestone, 1479,
appsec (3.709 ms) : 3491, 3928
.   : milestone, 3709,
iast (2.211 ms) : 2146, 2276
.   : milestone, 2211,
iast_GLOBAL (2.26 ms) : 2195, 2326
.   : milestone, 2260,
profiling (2.076 ms) : 2023, 2129
.   : milestone, 2076,
tracing (2.046 ms) : 1995, 2098
.   : milestone, 2046,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.477 ms [1.465 ms, 1.489 ms] -
appsec 3.714 ms [3.494 ms, 3.934 ms] 2.237 ms (151.4%)
iast 2.217 ms [2.152 ms, 2.282 ms] 740.023 µs (50.1%)
iast_GLOBAL 2.262 ms [2.196 ms, 2.327 ms] 784.815 µs (53.1%)
profiling 2.481 ms [2.324 ms, 2.638 ms] 1.004 ms (68.0%)
tracing 2.054 ms [2.003 ms, 2.106 ms] 577.229 µs (39.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.479 ms [1.467 ms, 1.49 ms] -
appsec 3.709 ms [3.491 ms, 3.928 ms] 2.23 ms (150.8%)
iast 2.211 ms [2.146 ms, 2.276 ms] 732.354 µs (49.5%)
iast_GLOBAL 2.26 ms [2.195 ms, 2.326 ms] 781.703 µs (52.9%)
profiling 2.076 ms [2.023 ms, 2.129 ms] 597.462 µs (40.4%)
tracing 2.046 ms [1.995 ms, 2.098 ms] 567.708 µs (38.4%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.57.0-SNAPSHOT~7fe4a4c947, baseline=1.57.0-SNAPSHOT~077bcfba1e
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.094 s) : 15094000, 15094000
.   : milestone, 15094000,
appsec (14.896 s) : 14896000, 14896000
.   : milestone, 14896000,
iast (18.445 s) : 18445000, 18445000
.   : milestone, 18445000,
iast_GLOBAL (18.217 s) : 18217000, 18217000
.   : milestone, 18217000,
profiling (14.957 s) : 14957000, 14957000
.   : milestone, 14957000,
tracing (14.458 s) : 14458000, 14458000
.   : milestone, 14458000,
section candidate
no_agent (15.276 s) : 15276000, 15276000
.   : milestone, 15276000,
appsec (14.486 s) : 14486000, 14486000
.   : milestone, 14486000,
iast (19.081 s) : 19081000, 19081000
.   : milestone, 19081000,
iast_GLOBAL (18.373 s) : 18373000, 18373000
.   : milestone, 18373000,
profiling (15.592 s) : 15592000, 15592000
.   : milestone, 15592000,
tracing (14.735 s) : 14735000, 14735000
.   : milestone, 14735000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.094 s [15.094 s, 15.094 s] -
appsec 14.896 s [14.896 s, 14.896 s] -198.0 ms (-1.3%)
iast 18.445 s [18.445 s, 18.445 s] 3.351 s (22.2%)
iast_GLOBAL 18.217 s [18.217 s, 18.217 s] 3.123 s (20.7%)
profiling 14.957 s [14.957 s, 14.957 s] -137.0 ms (-0.9%)
tracing 14.458 s [14.458 s, 14.458 s] -636.0 ms (-4.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.276 s [15.276 s, 15.276 s] -
appsec 14.486 s [14.486 s, 14.486 s] -790.0 ms (-5.2%)
iast 19.081 s [19.081 s, 19.081 s] 3.805 s (24.9%)
iast_GLOBAL 18.373 s [18.373 s, 18.373 s] 3.097 s (20.3%)
profiling 15.592 s [15.592 s, 15.592 s] 316.0 ms (2.1%)
tracing 14.735 s [14.735 s, 14.735 s] -541.0 ms (-3.5%)

@PerfectSlayer PerfectSlayer enabled auto-merge (squash) December 2, 2025 18:27
@AlexeyKuznetsov-DD AlexeyKuznetsov-DD enabled auto-merge (squash) December 3, 2025 19:27
@AlexeyKuznetsov-DD AlexeyKuznetsov-DD merged commit 00864b3 into master Dec 3, 2025
539 checks passed
@AlexeyKuznetsov-DD AlexeyKuznetsov-DD deleted the dependabot/github_actions/gh-actions-packages-63f37e560d branch December 3, 2025 19:43
@github-actions github-actions Bot added this to the 1.57.0 milestone Dec 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

@amarziali amarziali Awaiting requested review from amarziali amarziali is a code owner automatically assigned from DataDog/apm-lang-platform-java

Assignees

No one assigned

Labels

comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes

Projects

None yet

Milestone

1.57.0

Development

Successfully merging this pull request may close these issues.

2 participants

@PerfectSlayer @AlexeyKuznetsov-DD