Skip to content

Adding missing XML request/response schema collection #9432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Adding missing XML request/response schema collection #9432

wants to merge 1 commit into from

Conversation

sezen-datadog
Copy link
Contributor

@sezen-datadog sezen-datadog commented Aug 28, 2025
edited by atlassian bot
Loading

What Does This Do

The instrumentation can digest XML to pass onto WAF

Motivation

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-58618

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from fd35d02 to d4321c4 Compare August 28, 2025 11:42
@datadog-datadog-prod-us1
Copy link
Contributor

datadog-datadog-prod-us1 bot commented Aug 28, 2025
edited by datadog-official bot
Loading

🎯 Code Coverage
Patch Coverage: 87.18%
Total Coverage: 59.72% (-0.10%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 0967f11 | Docs | Was this helpful? Give us feedback!

@pr-commenter
Copy link

pr-commenter bot commented Aug 28, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sezen.leblay/XML-Response-Schema-Collection
git_commit_date 1758219687 1758270067
git_commit_sha 1052f49 0967f11
release_version 1.54.0-SNAPSHOT~1052f4935d 1.54.0-SNAPSHOT~0967f11e2f
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758271861 1758271861
ci_job_id 1137674125 1137674125
ci_pipeline_id 76954552 76954552
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-qqszi2go 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-qqszi2go 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 50 metrics, 9 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.06 s) : 0, 1059829
Total [baseline] (10.796 s) : 0, 10795508
Agent [candidate] (1.072 s) : 0, 1072319
Total [candidate] (10.684 s) : 0, 10683803
section appsec
Agent [baseline] (1.239 s) : 0, 1239393
Total [baseline] (11.027 s) : 0, 11026838
Agent [candidate] (1.234 s) : 0, 1234385
Total [candidate] (11.03 s) : 0, 11029944
section iast
Agent [baseline] (1.191 s) : 0, 1191439
Total [baseline] (11.032 s) : 0, 11031998
Agent [candidate] (1.194 s) : 0, 1193896
Total [candidate] (11.22 s) : 0, 11220285
section profiling
Agent [baseline] (1.213 s) : 0, 1212767
Total [baseline] (10.945 s) : 0, 10944955
Agent [candidate] (1.21 s) : 0, 1209786
Total [candidate] (10.82 s) : 0, 10819514
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.06 s -
Agent appsec 1.239 s 179.564 ms (16.9%)
Agent iast 1.191 s 131.61 ms (12.4%)
Agent profiling 1.213 s 152.938 ms (14.4%)
Total tracing 10.796 s -
Total appsec 11.027 s 231.331 ms (2.1%)
Total iast 11.032 s 236.49 ms (2.2%)
Total profiling 10.945 s 149.448 ms (1.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.072 s -
Agent appsec 1.234 s 162.066 ms (15.1%)
Agent iast 1.194 s 121.577 ms (11.3%)
Agent profiling 1.21 s 137.467 ms (12.8%)
Total tracing 10.684 s -
Total appsec 11.03 s 346.14 ms (3.2%)
Total iast 11.22 s 536.481 ms (5.0%)
Total profiling 10.82 s 135.711 ms (1.3%) 
gantt
    title petclinic - break down per module: candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.461 ms) : 0, 1461
crashtracking [candidate] (1.459 ms) : 0, 1459
BytebuddyAgent [baseline] (731.318 ms) : 0, 731318
BytebuddyAgent [candidate] (740.19 ms) : 0, 740190
GlobalTracer [baseline] (251.99 ms) : 0, 251990
GlobalTracer [candidate] (254.93 ms) : 0, 254930
AppSec [baseline] (30.604 ms) : 0, 30604
AppSec [candidate] (31.001 ms) : 0, 31001
Debugger [baseline] (6.421 ms) : 0, 6421
Debugger [candidate] (6.508 ms) : 0, 6508
Remote Config [baseline] (682.044 µs) : 0, 682
Remote Config [candidate] (685.609 µs) : 0, 686
Telemetry [baseline] (16.271 ms) : 0, 16271
Telemetry [candidate] (16.351 ms) : 0, 16351
section appsec
crashtracking [baseline] (1.506 ms) : 0, 1506
crashtracking [candidate] (1.449 ms) : 0, 1449
BytebuddyAgent [baseline] (758.275 ms) : 0, 758275
BytebuddyAgent [candidate] (755.799 ms) : 0, 755799
GlobalTracer [baseline] (247.057 ms) : 0, 247057
GlobalTracer [candidate] (245.142 ms) : 0, 245142
AppSec [baseline] (170.613 ms) : 0, 170613
AppSec [candidate] (171.758 ms) : 0, 171758
Debugger [baseline] (6.072 ms) : 0, 6072
Debugger [candidate] (6.028 ms) : 0, 6028
Remote Config [baseline] (645.179 µs) : 0, 645
Remote Config [candidate] (622.919 µs) : 0, 623
Telemetry [baseline] (10.063 ms) : 0, 10063
Telemetry [candidate] (8.57 ms) : 0, 8570
IAST [baseline] (23.828 ms) : 0, 23828
IAST [candidate] (23.811 ms) : 0, 23811
section iast
crashtracking [baseline] (1.448 ms) : 0, 1448
crashtracking [candidate] (1.461 ms) : 0, 1461
BytebuddyAgent [baseline] (853.24 ms) : 0, 853240
BytebuddyAgent [candidate] (855.319 ms) : 0, 855319
GlobalTracer [baseline] (245.77 ms) : 0, 245770
GlobalTracer [candidate] (246.659 ms) : 0, 246659
AppSec [baseline] (25.608 ms) : 0, 25608
AppSec [candidate] (25.698 ms) : 0, 25698
Debugger [baseline] (6.092 ms) : 0, 6092
Debugger [candidate] (6.004 ms) : 0, 6004
Remote Config [baseline] (594.909 µs) : 0, 595
Remote Config [candidate] (599.253 µs) : 0, 599
Telemetry [baseline] (8.249 ms) : 0, 8249
Telemetry [candidate] (8.316 ms) : 0, 8316
IAST [baseline] (29.481 ms) : 0, 29481
IAST [candidate] (28.789 ms) : 0, 28789
section profiling
crashtracking [baseline] (1.444 ms) : 0, 1444
crashtracking [candidate] (1.437 ms) : 0, 1437
BytebuddyAgent [baseline] (763.685 ms) : 0, 763685
BytebuddyAgent [candidate] (762.449 ms) : 0, 762449
GlobalTracer [baseline] (233.278 ms) : 0, 233278
GlobalTracer [candidate] (232.519 ms) : 0, 232519
AppSec [baseline] (31.366 ms) : 0, 31366
AppSec [candidate] (31.203 ms) : 0, 31203
Debugger [baseline] (12.881 ms) : 0, 12881
Debugger [candidate] (12.827 ms) : 0, 12827
Remote Config [baseline] (716.508 µs) : 0, 717
Remote Config [candidate] (744.354 µs) : 0, 744
Telemetry [baseline] (9.397 ms) : 0, 9397
Telemetry [candidate] (9.633 ms) : 0, 9633
ProfilingAgent [baseline] (108.683 ms) : 0, 108683
ProfilingAgent [candidate] (107.649 ms) : 0, 107649
Profiling [baseline] (109.307 ms) : 0, 109307
Profiling [candidate] (108.308 ms) : 0, 108308
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.062 s) : 0, 1061743
Total [baseline] (8.617 s) : 0, 8616534
Agent [candidate] (1.063 s) : 0, 1063271
Total [candidate] (8.617 s) : 0, 8616754
section iast
Agent [baseline] (1.191 s) : 0, 1191420
Total [baseline] (9.297 s) : 0, 9297168
Agent [candidate] (1.191 s) : 0, 1191267
Total [candidate] (9.279 s) : 0, 9278592
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent iast 1.191 s 129.677 ms (12.2%)
Total tracing 8.617 s -
Total iast 9.297 s 680.634 ms (7.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.063 s -
Agent iast 1.191 s 127.995 ms (12.0%)
Total tracing 8.617 s -
Total iast 9.279 s 661.839 ms (7.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.455 ms) : 0, 1455
crashtracking [candidate] (1.46 ms) : 0, 1460
BytebuddyAgent [baseline] (733.221 ms) : 0, 733221
BytebuddyAgent [candidate] (734.189 ms) : 0, 734189
GlobalTracer [baseline] (252.211 ms) : 0, 252211
GlobalTracer [candidate] (252.498 ms) : 0, 252498
AppSec [baseline] (30.521 ms) : 0, 30521
AppSec [candidate] (30.587 ms) : 0, 30587
Debugger [baseline] (6.39 ms) : 0, 6390
Debugger [candidate] (6.432 ms) : 0, 6432
Remote Config [baseline] (699.97 µs) : 0, 700
Remote Config [candidate] (675.957 µs) : 0, 676
Telemetry [baseline] (16.282 ms) : 0, 16282
Telemetry [candidate] (16.428 ms) : 0, 16428
section iast
crashtracking [baseline] (1.456 ms) : 0, 1456
crashtracking [candidate] (1.465 ms) : 0, 1465
BytebuddyAgent [baseline] (852.9 ms) : 0, 852900
BytebuddyAgent [candidate] (853.434 ms) : 0, 853434
GlobalTracer [baseline] (246.947 ms) : 0, 246947
GlobalTracer [candidate] (248.265 ms) : 0, 248265
AppSec [baseline] (25.693 ms) : 0, 25693
AppSec [candidate] (24.671 ms) : 0, 24671
Debugger [baseline] (6.043 ms) : 0, 6043
Debugger [candidate] (5.992 ms) : 0, 5992
Remote Config [baseline] (593.166 µs) : 0, 593
Remote Config [candidate] (588.549 µs) : 0, 589
Telemetry [baseline] (8.168 ms) : 0, 8168
Telemetry [candidate] (8.132 ms) : 0, 8132
IAST [baseline] (28.757 ms) : 0, 28757
IAST [candidate] (27.894 ms) : 0, 27894
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sezen.leblay/XML-Response-Schema-Collection
git_commit_date 1758219687 1758270067
git_commit_sha 1052f49 0967f11
release_version 1.54.0-SNAPSHOT~1052f4935d 1.54.0-SNAPSHOT~0967f11e2f
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758271540 1758271540
ci_job_id 1137674126 1137674126
ci_pipeline_id 76954552 76954552
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-8crs1nmu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-8crs1nmu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 1 performance regressions! Performance is the same for 10 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:no_agent:high_load worse
[+1.220ms; +1.859ms] or [+3.336%; +5.085%]		 unstable
[-15.378op/s; +1.841op/s] or [-11.878%; +1.422%]		 38.099ms 122.700op/s 36.560ms 129.468op/s
scenario:load:petclinic:profiling:high_load better
[-2.542ms; -1.617ms] or [-5.204%; -3.309%]		 unstable
[-1.523op/s; +12.429op/s] or [-1.589%; +12.972%]		 46.773ms 101.266op/s 48.852ms 95.812op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.392 ms) : 4340, 4443
.   : milestone, 4392,
iast (9.707 ms) : 9546, 9868
.   : milestone, 9707,
iast_FULL (14.187 ms) : 13904, 14471
.   : milestone, 14187,
iast_GLOBAL (10.838 ms) : 10646, 11030
.   : milestone, 10838,
profiling (9.108 ms) : 8965, 9251
.   : milestone, 9108,
tracing (7.989 ms) : 7866, 8112
.   : milestone, 7989,
section candidate
no_agent (4.414 ms) : 4358, 4471
.   : milestone, 4414,
iast (9.517 ms) : 9360, 9674
.   : milestone, 9517,
iast_FULL (14.237 ms) : 13948, 14525
.   : milestone, 14237,
iast_GLOBAL (10.962 ms) : 10752, 11173
.   : milestone, 10962,
profiling (8.963 ms) : 8819, 9106
.   : milestone, 8963,
tracing (7.849 ms) : 7737, 7961
.   : milestone, 7849,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.392 ms [4.34 ms, 4.443 ms] -
iast 9.707 ms [9.546 ms, 9.868 ms] 5.315 ms (121.0%)
iast_FULL 14.187 ms [13.904 ms, 14.471 ms] 9.796 ms (223.1%)
iast_GLOBAL 10.838 ms [10.646 ms, 11.03 ms] 6.446 ms (146.8%)
profiling 9.108 ms [8.965 ms, 9.251 ms] 4.717 ms (107.4%)
tracing 7.989 ms [7.866 ms, 8.112 ms] 3.597 ms (81.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.414 ms [4.358 ms, 4.471 ms] -
iast 9.517 ms [9.36 ms, 9.674 ms] 5.103 ms (115.6%)
iast_FULL 14.237 ms [13.948 ms, 14.525 ms] 9.823 ms (222.5%)
iast_GLOBAL 10.962 ms [10.752 ms, 11.173 ms] 6.548 ms (148.3%)
profiling 8.963 ms [8.819 ms, 9.106 ms] 4.548 ms (103.0%)
tracing 7.849 ms [7.737 ms, 7.961 ms] 3.435 ms (77.8%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d
    dateFormat X
    axisFormat %s
section baseline
no_agent (36.56 ms) : 36274, 36846
.   : milestone, 36560,
appsec (47.996 ms) : 47578, 48415
.   : milestone, 47996,
code_origins (45.271 ms) : 44876, 45665
.   : milestone, 45271,
iast (44.861 ms) : 44477, 45246
.   : milestone, 44861,
profiling (48.852 ms) : 48405, 49299
.   : milestone, 48852,
tracing (44.77 ms) : 44409, 45132
.   : milestone, 44770,
section candidate
no_agent (38.099 ms) : 37792, 38407
.   : milestone, 38099,
appsec (49.263 ms) : 48830, 49696
.   : milestone, 49263,
code_origins (44.814 ms) : 44442, 45185
.   : milestone, 44814,
iast (44.787 ms) : 44407, 45167
.   : milestone, 44787,
profiling (46.773 ms) : 46360, 47185
.   : milestone, 46773,
tracing (46.016 ms) : 45616, 46416
.   : milestone, 46016,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.56 ms [36.274 ms, 36.846 ms] -
appsec 47.996 ms [47.578 ms, 48.415 ms] 11.436 ms (31.3%)
code_origins 45.271 ms [44.876 ms, 45.665 ms] 8.711 ms (23.8%)
iast 44.861 ms [44.477 ms, 45.246 ms] 8.302 ms (22.7%)
profiling 48.852 ms [48.405 ms, 49.299 ms] 12.292 ms (33.6%)
tracing 44.77 ms [44.409 ms, 45.132 ms] 8.211 ms (22.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 38.099 ms [37.792 ms, 38.407 ms] -
appsec 49.263 ms [48.83 ms, 49.696 ms] 11.164 ms (29.3%)
code_origins 44.814 ms [44.442 ms, 45.185 ms] 6.715 ms (17.6%)
iast 44.787 ms [44.407 ms, 45.167 ms] 6.688 ms (17.6%)
profiling 46.773 ms [46.36 ms, 47.185 ms] 8.673 ms (22.8%)
tracing 46.016 ms [45.616 ms, 46.416 ms] 7.917 ms (20.8%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sezen.leblay/XML-Response-Schema-Collection
git_commit_date 1758219687 1758270067
git_commit_sha 1052f49 0967f11
release_version 1.54.0-SNAPSHOT~1052f4935d 1.54.0-SNAPSHOT~0967f11e2f
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1758272054 1758272054
ci_job_id 1137674127 1137674127
ci_pipeline_id 76954552 76954552
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-92wemjz8 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-92wemjz8 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.49 ms) : 1478, 1501
.   : milestone, 1490,
appsec (3.742 ms) : 3526, 3959
.   : milestone, 3742,
iast (2.21 ms) : 2148, 2273
.   : milestone, 2210,
iast_GLOBAL (2.255 ms) : 2192, 2318
.   : milestone, 2255,
profiling (2.059 ms) : 2008, 2109
.   : milestone, 2059,
tracing (2.048 ms) : 1998, 2097
.   : milestone, 2048,
section candidate
no_agent (1.48 ms) : 1468, 1492
.   : milestone, 1480,
appsec (3.743 ms) : 3525, 3961
.   : milestone, 3743,
iast (2.209 ms) : 2147, 2272
.   : milestone, 2209,
iast_GLOBAL (2.253 ms) : 2191, 2316
.   : milestone, 2253,
profiling (2.079 ms) : 2027, 2131
.   : milestone, 2079,
tracing (2.032 ms) : 1983, 2081
.   : milestone, 2032,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.49 ms [1.478 ms, 1.501 ms] -
appsec 3.742 ms [3.526 ms, 3.959 ms] 2.253 ms (151.2%)
iast 2.21 ms [2.148 ms, 2.273 ms] 720.93 µs (48.4%)
iast_GLOBAL 2.255 ms [2.192 ms, 2.318 ms] 765.625 µs (51.4%)
profiling 2.059 ms [2.008 ms, 2.109 ms] 569.122 µs (38.2%)
tracing 2.048 ms [1.998 ms, 2.097 ms] 558.237 µs (37.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.48 ms [1.468 ms, 1.492 ms] -
appsec 3.743 ms [3.525 ms, 3.961 ms] 2.263 ms (152.9%)
iast 2.209 ms [2.147 ms, 2.272 ms] 729.141 µs (49.3%)
iast_GLOBAL 2.253 ms [2.191 ms, 2.316 ms] 773.133 µs (52.2%)
profiling 2.079 ms [2.027 ms, 2.131 ms] 599.172 µs (40.5%)
tracing 2.032 ms [1.983 ms, 2.081 ms] 551.729 µs (37.3%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~0967f11e2f, baseline=1.54.0-SNAPSHOT~1052f4935d
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.947 s) : 14947000, 14947000
.   : milestone, 14947000,
appsec (14.905 s) : 14905000, 14905000
.   : milestone, 14905000,
iast (18.118 s) : 18118000, 18118000
.   : milestone, 18118000,
iast_GLOBAL (18.278 s) : 18278000, 18278000
.   : milestone, 18278000,
profiling (15.417 s) : 15417000, 15417000
.   : milestone, 15417000,
tracing (14.801 s) : 14801000, 14801000
.   : milestone, 14801000,
section candidate
no_agent (14.97 s) : 14970000, 14970000
.   : milestone, 14970000,
appsec (15.151 s) : 15151000, 15151000
.   : milestone, 15151000,
iast (18.725 s) : 18725000, 18725000
.   : milestone, 18725000,
iast_GLOBAL (18.142 s) : 18142000, 18142000
.   : milestone, 18142000,
profiling (15.403 s) : 15403000, 15403000
.   : milestone, 15403000,
tracing (14.865 s) : 14865000, 14865000
.   : milestone, 14865000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.947 s [14.947 s, 14.947 s] -
appsec 14.905 s [14.905 s, 14.905 s] -42.0 ms (-0.3%)
iast 18.118 s [18.118 s, 18.118 s] 3.171 s (21.2%)
iast_GLOBAL 18.278 s [18.278 s, 18.278 s] 3.331 s (22.3%)
profiling 15.417 s [15.417 s, 15.417 s] 470.0 ms (3.1%)
tracing 14.801 s [14.801 s, 14.801 s] -146.0 ms (-1.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.97 s [14.97 s, 14.97 s] -
appsec 15.151 s [15.151 s, 15.151 s] 181.0 ms (1.2%)
iast 18.725 s [18.725 s, 18.725 s] 3.755 s (25.1%)
iast_GLOBAL 18.142 s [18.142 s, 18.142 s] 3.172 s (21.2%)
profiling 15.403 s [15.403 s, 15.403 s] 433.0 ms (2.9%)
tracing 14.865 s [14.865 s, 14.865 s] -105.0 ms (-0.7%)

@jandro996 jandro996 changed the title Adding missing XML response schema collection Adding missing XML request/response schema collection Aug 29, 2025
@jandro996
Copy link
Member

Looks good! I updated the title of the PR because you’re solving the problem for both request and response.

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch 22 times, most recently from 849c2bb to 104bbbd Compare September 5, 2025 08:06
@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch 3 times, most recently from 92c36be to 5328ef4 Compare September 8, 2025 09:49
@sezen-datadog sezen-datadog added the type: enhancement Enhancements and improvements label Sep 8, 2025
@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from b0bb9b0 to 883c505 Compare September 8, 2025 14:43
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 8, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from 883c505 to dbf8609 Compare September 8, 2025 14:48
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 8, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from dbf8609 to 0f25a53 Compare September 9, 2025 06:25
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 9, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from 0f25a53 to 2d76ec9 Compare September 9, 2025 07:34
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 9, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from 2d76ec9 to 3334659 Compare September 9, 2025 08:49
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 9, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from 3334659 to cb66848 Compare September 9, 2025 09:04
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 9, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from cb66848 to c11840f Compare September 9, 2025 12:42
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 9, 2025

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

@sezen-datadog sezen-datadog marked this pull request as ready for review September 10, 2025 07:34
@sezen-datadog sezen-datadog requested review from a team as code owners September 10, 2025 07:34
@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from c11840f to b47fdf5 Compare September 17, 2025 12:31
@github-actions GitHub Actions
Copy link
Contributor

Hi! 👋 Looks like you updated a Git Submodule.
If this was not intentional please make sure to:

jandro996
jandro996 reviewed Sep 19, 2025
View reviewed changes
...agent/agent-bootstrap/src/main/java/datadog/trace/bootstrap/instrumentation/XmlDomUtils.java
public final class XmlDomUtils {

/** Default maximum recursion depth for XML DOM conversion to prevent stack overflow. */
public static final int DEFAULT_MAX_CONVERSION_DEPTH = 15;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any reason to set the max depth to 15 here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

didn’t want to risk overflowing the client app 😅

jandro996
jandro996 reviewed Sep 19, 2025
View reviewed changes
dd-java-agent/appsec/src/main/java/com/datadog/appsec/event/data/ObjectIntrospection.java
*
* <p>The method applies the same truncation limits as the main conversion logic.
*/
private static Object doConversionXmlDom(Object obj, int depth, State state) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey! Just wondering... would it make sense to preserve the namespace info here?

Right now we are dropping the XML namespaces. Maybe we could keep the full name using something like {namespace}localName?

What do you think, @sezen-datadog, @manuel-alvarez-alvarez?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's a good place to do it as technically all xml conversions pass through here!

jandro996
jandro996 reviewed Sep 19, 2025
View reviewed changes
dd-java-agent/appsec/src/main/java/com/datadog/appsec/event/data/ObjectIntrospection.java
Map<String, Object> newMap = new HashMap<>();

// Add attributes
NamedNodeMap attributes = elem.getAttributes();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make sense to separate element attributes from child elements in the map?
Maybe something like:

newMap.put("@attributes", attributesMap)
newMap.put("elements", elementsMap)

What do you think?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I’m not against it~!

jandro996
jandro996 reviewed Sep 19, 2025
View reviewed changes
dd-java-agent/appsec/src/main/java/com/datadog/appsec/event/data/ObjectIntrospection.java
return new HashMap<>();
} else if (obj instanceof Element) {
Element elem = (Element) obj;
Map<String, Object> newMap = new HashMap<>();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don’t have a strong opinion on this, but I wonder if it could be useful for XML to preserve the order of elements.
Not sure if any WAF rule currently relies on this though, maybe it’s something worth considering? 😅

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i don’t think the order matters on json (it's also a map!) so perhaps no reason to be really concerned with it right now

@sezen-datadog
fix submodule
0967f11 
Signed-off-by: sezen.leblay <[email protected]>
@sezen-datadog sezen-datadog force-pushed the sezen.leblay/XML-Response-Schema-Collection branch from b47fdf5 to 0967f11 Compare September 19, 2025 08:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez left review comments

@jandro996 jandro996 jandro996 left review comments

@robertpi robertpi Awaiting requested review from robertpi robertpi is a code owner automatically assigned from DataDog/asm-java

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
inst: akka Akka instrumentation inst: java Core Java language instrumentation inst: jax-rs JAX-RS instrumentation inst: jax-ws JAX-WS instrumentation inst: others All other instrumentations inst: play framework Play Framework instrumentation inst: spring Spring instrumentation inst: vertx Eclipse Vert.x instrumentation type: enhancement Enhancements and improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sezen-datadog @jandro996 @manuel-alvarez-alvarez