Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(iast): add more modules to the IAST patching denylist to improve startup time [backport 2.17] #11908

Merged
merged 2 commits into from
Jan 14, 2025
Merged

fix(iast): add more modules to the IAST patching denylist to improve startup time [backport 2.17] #11908

merged 2 commits into from
Jan 14, 2025

Conversation

github-actions[bot]
Copy link
Contributor

Backport 30e3b76 from #11907 to 2.17.

Description

Adds a bunch of image handling, scientific/numerical computing, linting and other modules where propagation doesn't matter to the IAST denylist.

Checklist

  • PR author has checked that all the criteria below are met
  • The PR description includes an overview of the change
  • The PR description articulates the motivation for the change
  • The change includes tests OR the PR description describes a testing strategy
  • The PR description notes risks associated with the change, if any
  • Newly-added code is easy to change
  • The change follows the library release note guidelines
  • The change includes or references documentation updates if necessary
  • Backport labels are set (if applicable)

Reviewer Checklist

  • Reviewer has checked that all the criteria below are met
  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Newly-added code is easy to change
  • Release note makes sense to a user of the library
  • If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@juanjux @github-actions
fix(iast): add more modules to the IAST patching denylist to improve …
122d4e8 
…startup time (#11907)

## Description

Adds a bunch of image handling, scientific/numerical computing, linting
and other modules where propagation doesn't matter to the IAST denylist.

## Checklist
- [X] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

---------

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>
(cherry picked from commit 30e3b76)
@github-actions github-actions bot added the ASM Application Security Monitoring label Jan 13, 2025
@github-actions github-actions bot requested review from a team as code owners January 13, 2025 14:42
@juanjux juanjux enabled auto-merge (squash) January 13, 2025 15:13
@pr-commenter
Copy link

pr-commenter bot commented Jan 13, 2025
edited
Loading

Benchmarks

Benchmark execution time: 2025-01-14 09:05:57

Comparing candidate commit 5760821 in PR branch backport-11907-to-2.17 with baseline commit adf547d in branch 2.17.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 364 metrics, 2 unstable metrics.

@juanjux juanjux disabled auto-merge January 13, 2025 16:35
@juanjux juanjux added the manual merge Do not automatically merge label Jan 13, 2025
@mabdinur mabdinur enabled auto-merge (squash) January 13, 2025 18:51
@juanjux juanjux removed the manual merge Do not automatically merge label Jan 14, 2025
@github-actions GitHub Actions
Copy link
Contributor Author

CODEOWNERS have been resolved as:

releasenotes/notes/denylist-extend-more-f0d96917c50d43cf.yaml           @DataDog/apm-python
ddtrace/appsec/_iast/_ast/ast_patching.py                               @DataDog/asm-python
tests/appsec/iast_packages/test_packages.py                             @DataDog/asm-python

@mabdinur mabdinur merged commit dad208e into 2.17 Jan 14, 2025
293 of 297 checks passed
@mabdinur mabdinur deleted the backport-11907-to-2.17 branch January 14, 2025 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@avara1986 avara1986 avara1986 approved these changes

@Kyle-Verhoog Kyle-Verhoog Awaiting requested review from Kyle-Verhoog Kyle-Verhoog is a code owner automatically assigned from DataDog/apm-python

@mabdinur mabdinur Awaiting requested review from mabdinur mabdinur is a code owner automatically assigned from DataDog/apm-python

Assignees
No one assigned
Labels
ASM Application Security Monitoring
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@avara1986 @juanjux @mabdinur @gnufede