Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(iast): add django to the allowlist #12039

Merged
merged 1 commit into from
Jan 24, 2025
Merged

chore(iast): add django to the allowlist #12039

merged 1 commit into from
Jan 24, 2025

Conversation

juanjux
Copy link
Collaborator

@juanjux juanjux commented Jan 23, 2025
edited
Loading

Description

Add django modules by default to the allowlist. This will still deny the django submodules in the denylist.

Checklist

  • PR author has checked that all the criteria below are met
  • The PR description includes an overview of the change
  • The PR description articulates the motivation for the change
  • The change includes tests OR the PR description describes a testing strategy
  • The PR description notes risks associated with the change, if any
  • Newly-added code is easy to change
  • The change follows the library release note guidelines
  • The change includes or references documentation updates if necessary
  • Backport labels are set (if applicable)

Reviewer Checklist

  • Reviewer has checked that all the criteria below are met
  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Newly-added code is easy to change
  • Release note makes sense to a user of the library
  • If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@juanjux
Add django to the allowlist
d150800 
Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>
@juanjux juanjux added changelog/no-changelog A changelog entry is not required for this PR. ASM Application Security Monitoring labels Jan 23, 2025
@juanjux juanjux self-assigned this Jan 23, 2025
@juanjux juanjux requested a review from a team as a code owner January 23, 2025 11:11
@github-actions GitHub Actions
Copy link
Contributor

CODEOWNERS have been resolved as:

ddtrace/appsec/_iast/_ast/ast_patching.py                               @DataDog/asm-python

@datadog-dd-trace-py-rkomorn
Copy link

Datadog Report

Branch report: juanjux/add-django-allowlist
Commit report: d150800
Test service: dd-trace-py

✅ 0 Failed, 130 Passed, 1468 Skipped, 4m 34.03s Total duration (35m 35.21s time saved)

@pr-commenter
Copy link

pr-commenter bot commented Jan 23, 2025

Benchmarks

Benchmark execution time: 2025-01-23 11:52:24

Comparing candidate commit d150800 in PR branch juanjux/add-django-allowlist with baseline commit 2f52abb in branch main.

Found 4 performance improvements and 1 performance regressions! Performance is the same for 389 metrics, 2 unstable metrics.

scenario:iast_aspects-ljust_aspect

  • 🟥 execution_time [+0.982µs; +1.093µs] or [+7.097%; +7.899%]

scenario:iast_aspects-ospathjoin_aspect

  • 🟩 execution_time [-600.620ns; -539.437ns] or [-10.665%; -9.579%]

scenario:iast_aspects-ospathnormcase_aspect

  • 🟩 execution_time [-235.185ns; -194.808ns] or [-8.504%; -7.044%]

scenario:iast_aspects-ospathsplit_aspect

  • 🟩 execution_time [-430.265ns; -363.249ns] or [-10.028%; -8.466%]

scenario:iast_aspects-rsplit_aspect

  • 🟩 execution_time [-173.503ns; -140.971ns] or [-9.072%; -7.371%]

@avara1986 avara1986 merged commit 361cb94 into main Jan 24, 2025
276 of 277 checks passed
@avara1986 avara1986 deleted the juanjux/add-django-allowlist branch January 24, 2025 08:47
ZStriker19 pushed a commit that referenced this pull request Jan 30, 2025
@juanjux @ZStriker19
chore(iast): add django to the allowlist (#12039)
8811740 
## Description

Add django modules by default to the allowlist. This will still deny the
django submodules in the denylist.

## Checklist
- [X] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met 
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gnufede gnufede gnufede approved these changes

Assignees

@juanjux juanjux

Labels
ASM Application Security Monitoring changelog/no-changelog A changelog entry is not required for this PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@juanjux @gnufede @avara1986