fix(iast): weak hash error if vulnerability is outside the context #15029

avara1986 · 2025-10-24T11:05:46Z

Description

This PR addresses an issue where using weak hashing or cipher algorithms outside of a request context (e.g., during application startup) could raise an unhandled exception. The fix ensures proper error handling when IAST operations are performed without an active request context.

Root Cause

The issue occurred in the has_quota method of the vulnerability base class, which was not properly handling cases where there was no active request context. When IAST operations were performed outside of a request (e.g., during application startup or in unsupported frameworks), the code would attempt to access the vulnerability budget from a non-existent context, leading to an unhandled exception.

Changes

Added null check for IAST context in has_quota method to safely handle cases with no active request
Return False when no context is available, preventing further processing of vulnerabilities
Added test cases to verify the fix works in various scenarios
Updated the release notes to document the fix

github-actions · 2025-10-24T11:06:30Z

CODEOWNERS have been resolved as:

releasenotes/notes/iast-fix-error-with-no-context-4b805f224001601f.yaml  @DataDog/apm-python
ddtrace/appsec/_iast/_span_metrics.py                                   @DataDog/asm-python
ddtrace/appsec/_iast/taint_sinks/_base.py                               @DataDog/asm-python
ddtrace/appsec/_iast/taint_sinks/ast_taint.py                           @DataDog/asm-python
ddtrace/appsec/_iast/taint_sinks/weak_cipher.py                         @DataDog/asm-python
ddtrace/appsec/_iast/taint_sinks/weak_hash.py                           @DataDog/asm-python
tests/appsec/iast/taint_sinks/test_vulnerability_detection.py           @DataDog/asm-python
tests/appsec/iast/taint_sinks/test_weak_cipher.py                       @DataDog/asm-python
tests/appsec/iast/taint_sinks/test_weak_hash.py                         @DataDog/asm-python
tests/contrib/flask/test_flask_pytest_iast.py                           @DataDog/apm-core-python @DataDog/apm-idm-python

github-actions · 2025-10-24T11:32:15Z

Bootstrap import analysis

Comparison of import times between this PR and base.

Summary

The average import time from this PR is: 234 ± 2 ms.

The average import time from base is: 238 ± 2 ms.

The import time difference between this PR and base is: -3.26 ± 0.08 ms.

Import time breakdown

The following import paths have shrunk:

ddtrace.auto 2.111 ms (0.90%)

ddtrace.bootstrap.sitecustomize 1.401 ms (0.60%)

ddtrace.bootstrap.preload 1.401 ms (0.60%)

ddtrace.internal.remoteconfig.client 0.676 ms (0.29%)

ddtrace 0.711 ms (0.30%)

ddtrace.internal._unpatched 0.064 ms (0.03%)

subprocess 0.036 ms (0.02%)

contextlib 0.036 ms (0.02%)

json 0.028 ms (0.01%)

json.decoder 0.028 ms (0.01%)

re 0.028 ms (0.01%)

enum 0.028 ms (0.01%)

types 0.028 ms (0.01%)

ddtrace/appsec/_iast/_span_metrics.py

ddtrace/appsec/_iast/taint_sinks/_base.py

pr-commenter · 2025-10-24T16:31:35Z

Performance SLOs

Comparing candidate avara1986/APPSEC-59771-fix-weakhash-exception (48fe450) with baseline main (26c7507)

📈 Performance Regressions (2 suites)

📈 iast_aspects - 40/40

✅ re_expand_aspect

Time: ✅ 32.155µs (SLO: <40.000µs 📉 -19.6%) vs baseline: +1.0%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_expand_noaspect

Time: ✅ 29.995µs (SLO: <40.000µs 📉 -25.0%) vs baseline: +3.0%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_findall_aspect

Time: ✅ 2.908µs (SLO: <10.000µs 📉 -70.9%) vs baseline: +0.2%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ re_findall_noaspect

Time: ✅ 1.423µs (SLO: <10.000µs 📉 -85.8%) vs baseline: +1.5%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ re_finditer_aspect

Time: ✅ 4.709µs (SLO: <10.000µs 📉 -52.9%) vs baseline: +5.7%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_finditer_noaspect

Time: ✅ 1.415µs (SLO: <10.000µs 📉 -85.8%) vs baseline: -0.5%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_fullmatch_aspect

Time: ✅ 2.642µs (SLO: <10.000µs 📉 -73.6%) vs baseline: -0.5%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_fullmatch_noaspect

Time: ✅ 1.293µs (SLO: <10.000µs 📉 -87.1%) vs baseline: +0.3%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ re_group_aspect

Time: ✅ 2.958µs (SLO: <10.000µs 📉 -70.4%) vs baseline: +1.2%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ re_group_noaspect

Time: ✅ 1.586µs (SLO: <10.000µs 📉 -84.1%) vs baseline: -1.1%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_groups_aspect

Time: ✅ 3.325µs (SLO: <10.000µs 📉 -66.8%) vs baseline: +9.1%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_groups_noaspect

Time: ✅ 1.703µs (SLO: <10.000µs 📉 -83.0%) vs baseline: -0.5%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ re_match_aspect

Time: ✅ 2.979µs (SLO: <10.000µs 📉 -70.2%) vs baseline: 📈 +10.6%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_match_noaspect

Time: ✅ 1.292µs (SLO: <10.000µs 📉 -87.1%) vs baseline: -0.3%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +5.1%

✅ re_search_aspect

Time: ✅ 2.563µs (SLO: <10.000µs 📉 -74.4%) vs baseline: -0.7%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.7%

✅ re_search_noaspect

Time: ✅ 1.197µs (SLO: <10.000µs 📉 -88.0%) vs baseline: +0.6%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ re_sub_aspect

Time: ✅ 3.407µs (SLO: <10.000µs 📉 -65.9%) vs baseline: ~same

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +4.9%

✅ re_sub_noaspect

Time: ✅ 1.530µs (SLO: <10.000µs 📉 -84.7%) vs baseline: -0.2%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ re_subn_aspect

Time: ✅ 3.706µs (SLO: <10.000µs 📉 -62.9%) vs baseline: +0.7%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ re_subn_noaspect

Time: ✅ 1.612µs (SLO: <10.000µs 📉 -83.9%) vs baseline: -0.9%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.8%

📈 telemetryaddmetric - 30/30

✅ 1-count-metric-1-times

Time: ✅ 3.276µs (SLO: <20.000µs 📉 -83.6%) vs baseline: 📈 +10.5%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 1-count-metrics-100-times

Time: ✅ 201.522µs (SLO: <220.000µs -8.4%) vs baseline: +0.7%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 1-distribution-metric-1-times

Time: ✅ 3.356µs (SLO: <20.000µs 📉 -83.2%) vs baseline: +2.7%

Memory: ✅ 32.185MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 1-distribution-metrics-100-times

Time: ✅ 214.072µs (SLO: <220.000µs -2.7%) vs baseline: +0.1%

Memory: ✅ 32.224MB (SLO: <34.000MB -5.2%) vs baseline: +5.0%

✅ 1-gauge-metric-1-times

Time: ✅ 2.175µs (SLO: <20.000µs 📉 -89.1%) vs baseline: +0.4%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 1-gauge-metrics-100-times

Time: ✅ 138.910µs (SLO: <150.000µs -7.4%) vs baseline: +1.3%

Memory: ✅ 32.224MB (SLO: <34.000MB -5.2%) vs baseline: +5.0%

✅ 1-rate-metric-1-times

Time: ✅ 3.197µs (SLO: <20.000µs 📉 -84.0%) vs baseline: +4.2%

Memory: ✅ 32.224MB (SLO: <34.000MB -5.2%) vs baseline: +4.9%

✅ 1-rate-metrics-100-times

Time: ✅ 214.616µs (SLO: <250.000µs 📉 -14.2%) vs baseline: +1.4%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 100-count-metrics-100-times

Time: ✅ 20.272ms (SLO: <22.000ms -7.9%) vs baseline: +1.4%

Memory: ✅ 32.165MB (SLO: <34.000MB -5.4%) vs baseline: +4.9%

✅ 100-distribution-metrics-100-times

Time: ✅ 2.278ms (SLO: <2.300ms 🟡 -1.0%) vs baseline: +2.8%

Memory: ✅ 32.165MB (SLO: <34.000MB -5.4%) vs baseline: +4.7%

✅ 100-gauge-metrics-100-times

Time: ✅ 1.402ms (SLO: <1.550ms -9.6%) vs baseline: ~same

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ 100-rate-metrics-100-times

Time: ✅ 2.209ms (SLO: <2.550ms 📉 -13.4%) vs baseline: +1.7%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ flush-1-metric

Time: ✅ 4.781µs (SLO: <20.000µs 📉 -76.1%) vs baseline: +2.0%

Memory: ✅ 32.185MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ flush-100-metrics

Time: ✅ 174.107µs (SLO: <250.000µs 📉 -30.4%) vs baseline: -1.1%

Memory: ✅ 32.185MB (SLO: <34.000MB -5.3%) vs baseline: +4.7%

✅ flush-1000-metrics

Time: ✅ 2.118ms (SLO: <2.500ms 📉 -15.3%) vs baseline: -0.6%

Memory: ✅ 33.010MB (SLO: <34.500MB -4.3%) vs baseline: +4.9%

🟡 Near SLO Breach (5 suites)

🟡 djangosimple - 30/30

✅ appsec

Time: ✅ 20.525ms (SLO: <22.300ms -8.0%) vs baseline: +0.2%

Memory: ✅ 65.254MB (SLO: <67.000MB -2.6%) vs baseline: +4.8%

✅ exception-replay-enabled

Time: ✅ 1.346ms (SLO: <1.450ms -7.2%) vs baseline: +0.3%

Memory: ✅ 64.693MB (SLO: <67.000MB -3.4%) vs baseline: +4.9%

✅ iast

Time: ✅ 20.566ms (SLO: <22.250ms -7.6%) vs baseline: +0.3%

Memory: ✅ 65.233MB (SLO: <67.000MB -2.6%) vs baseline: +4.8%

✅ profiler

Time: ✅ 15.547ms (SLO: <16.550ms -6.1%) vs baseline: -0.2%

Memory: ✅ 54.162MB (SLO: <54.500MB 🟡 -0.6%) vs baseline: +5.0%

✅ resource-renaming

Time: ✅ 20.572ms (SLO: <21.750ms -5.4%) vs baseline: -0.3%

Memory: ✅ 65.293MB (SLO: <67.000MB -2.5%) vs baseline: +4.9%

✅ span-code-origin

Time: ✅ 25.399ms (SLO: <28.200ms -9.9%) vs baseline: -0.3%

Memory: ✅ 67.303MB (SLO: <69.500MB -3.2%) vs baseline: +4.5%

✅ tracer

Time: ✅ 20.525ms (SLO: <21.750ms -5.6%) vs baseline: +0.3%

Memory: ✅ 65.333MB (SLO: <67.000MB -2.5%) vs baseline: +5.0%

✅ tracer-and-profiler

Time: ✅ 22.626ms (SLO: <23.500ms -3.7%) vs baseline: -0.4%

Memory: ✅ 66.864MB (SLO: <67.500MB 🟡 -0.9%) vs baseline: +5.1%

✅ tracer-dont-create-db-spans

Time: ✅ 19.358ms (SLO: <21.500ms -10.0%) vs baseline: ~same

Memory: ✅ 65.252MB (SLO: <66.000MB 🟡 -1.1%) vs baseline: +4.8%

✅ tracer-minimal

Time: ✅ 16.589ms (SLO: <17.500ms -5.2%) vs baseline: -0.5%

Memory: ✅ 65.234MB (SLO: <66.000MB 🟡 -1.2%) vs baseline: +4.7%

✅ tracer-native

Time: ✅ 20.514ms (SLO: <21.750ms -5.7%) vs baseline: -0.2%

Memory: ✅ 71.280MB (SLO: <72.500MB 🟡 -1.7%) vs baseline: +4.8%

✅ tracer-no-caches

Time: ✅ 18.470ms (SLO: <19.650ms -6.0%) vs baseline: -0.2%

Memory: ✅ 65.312MB (SLO: <67.000MB -2.5%) vs baseline: +5.0%

✅ tracer-no-databases

Time: ✅ 18.752ms (SLO: <20.100ms -6.7%) vs baseline: ~same

Memory: ✅ 65.293MB (SLO: <67.000MB -2.5%) vs baseline: +4.8%

✅ tracer-no-middleware

Time: ✅ 20.247ms (SLO: <21.500ms -5.8%) vs baseline: +0.2%

Memory: ✅ 65.263MB (SLO: <67.000MB -2.6%) vs baseline: +4.9%

✅ tracer-no-templates

Time: ✅ 20.405ms (SLO: <22.000ms -7.3%) vs baseline: +0.4%

Memory: ✅ 65.236MB (SLO: <67.000MB -2.6%) vs baseline: +4.8%

🟡 errortrackingdjangosimple - 6/6

✅ errortracking-enabled-all

Time: ✅ 18.059ms (SLO: <19.850ms -9.0%) vs baseline: -0.4%

Memory: ✅ 65.204MB (SLO: <66.500MB 🟡 -1.9%) vs baseline: +4.8%

✅ errortracking-enabled-user

Time: ✅ 18.112ms (SLO: <19.400ms -6.6%) vs baseline: +0.3%

Memory: ✅ 65.263MB (SLO: <66.500MB 🟡 -1.9%) vs baseline: +4.9%

✅ tracer-enabled

Time: ✅ 18.043ms (SLO: <19.450ms -7.2%) vs baseline: -0.1%

Memory: ✅ 65.214MB (SLO: <66.500MB 🟡 -1.9%) vs baseline: +4.8%

🟡 errortrackingflasksqli - 6/6

✅ errortracking-enabled-all

Time: ✅ 2.070ms (SLO: <2.300ms -10.0%) vs baseline: +0.1%

Memory: ✅ 52.062MB (SLO: <53.500MB -2.7%) vs baseline: +4.5%

✅ errortracking-enabled-user

Time: ✅ 2.073ms (SLO: <2.250ms -7.9%) vs baseline: ~same

Memory: ✅ 52.101MB (SLO: <53.500MB -2.6%) vs baseline: +4.6%

✅ tracer-enabled

Time: ✅ 2.070ms (SLO: <2.300ms 📉 -10.0%) vs baseline: +0.1%

Memory: ✅ 52.514MB (SLO: <53.500MB 🟡 -1.8%) vs baseline: +5.3%

🟡 flasksimple - 18/18

✅ appsec-get

Time: ✅ 4.597ms (SLO: <4.750ms -3.2%) vs baseline: ~same

Memory: ✅ 61.971MB (SLO: <65.000MB -4.7%) vs baseline: +4.9%

✅ appsec-post

Time: ✅ 6.651ms (SLO: <6.750ms 🟡 -1.5%) vs baseline: +0.4%

Memory: ✅ 61.971MB (SLO: <65.000MB -4.7%) vs baseline: +5.0%

✅ appsec-telemetry

Time: ✅ 4.587ms (SLO: <4.750ms -3.4%) vs baseline: ~same

Memory: ✅ 61.892MB (SLO: <65.000MB -4.8%) vs baseline: +4.7%

✅ debugger

Time: ✅ 1.856ms (SLO: <2.000ms -7.2%) vs baseline: -0.1%

Memory: ✅ 45.318MB (SLO: <47.000MB -3.6%) vs baseline: +4.3%

✅ iast-get

Time: ✅ 1.857ms (SLO: <2.000ms -7.2%) vs baseline: +0.2%

Memory: ✅ 42.448MB (SLO: <49.000MB 📉 -13.4%) vs baseline: +4.8%

✅ profiler

Time: ✅ 1.910ms (SLO: <2.100ms -9.1%) vs baseline: ~same

Memory: ✅ 46.478MB (SLO: <47.000MB 🟡 -1.1%) vs baseline: +4.0%

✅ resource-renaming

Time: ✅ 3.375ms (SLO: <3.650ms -7.5%) vs baseline: +0.1%

Memory: ✅ 52.258MB (SLO: <53.500MB -2.3%) vs baseline: +4.9%

✅ tracer

Time: ✅ 3.361ms (SLO: <3.650ms -7.9%) vs baseline: +0.2%

Memory: ✅ 52.258MB (SLO: <53.500MB -2.3%) vs baseline: +4.9%

✅ tracer-native

Time: ✅ 3.365ms (SLO: <3.650ms -7.8%) vs baseline: +0.3%

Memory: ✅ 58.203MB (SLO: <60.000MB -3.0%) vs baseline: +5.0%

🟡 flasksqli - 6/6

✅ appsec-enabled

Time: ✅ 3.972ms (SLO: <4.200ms -5.4%) vs baseline: +0.3%

Memory: ✅ 62.226MB (SLO: <66.000MB -5.7%) vs baseline: +5.1%

✅ iast-enabled

Time: ✅ 2.444ms (SLO: <2.800ms 📉 -12.7%) vs baseline: -0.2%

Memory: ✅ 58.845MB (SLO: <60.000MB 🟡 -1.9%) vs baseline: +4.6%

✅ tracer-enabled

Time: ✅ 2.064ms (SLO: <2.250ms -8.3%) vs baseline: -0.3%

Memory: ✅ 52.219MB (SLO: <54.500MB -4.2%) vs baseline: +4.7%

⚠️ Unstable Tests (1 suite)

⚠️

coreapiscenario - 10/10 (1 unstable)

⚠️ context_with_data_listeners

Time: ⚠️ 13.297µs (SLO: <20.000µs 📉 -33.5%) vs baseline: +0.3%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +5.1%

✅ context_with_data_no_listeners

Time: ✅ 3.306µs (SLO: <10.000µs 📉 -66.9%) vs baseline: +0.2%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ get_item_exists

Time: ✅ 0.586µs (SLO: <10.000µs 📉 -94.1%) vs baseline: +1.4%

Memory: ✅ 32.145MB (SLO: <33.500MB -4.0%) vs baseline: +4.7%

✅ get_item_missing

Time: ✅ 0.634µs (SLO: <10.000µs 📉 -93.7%) vs baseline: ~same

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ set_item

Time: ✅ 24.166µs (SLO: <30.000µs 📉 -19.4%) vs baseline: +0.8%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ All Tests Passing (16 suites)

✅ httppropagationextract - 60/60

✅ all_styles_all_headers

Time: ✅ 81.658µs (SLO: <100.000µs 📉 -18.3%) vs baseline: +0.8%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ b3_headers

Time: ✅ 14.203µs (SLO: <20.000µs 📉 -29.0%) vs baseline: +0.5%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ b3_single_headers

Time: ✅ 13.223µs (SLO: <20.000µs 📉 -33.9%) vs baseline: ~same

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ datadog_tracecontext_tracestate_not_propagated_on_trace_id_no_match

Time: ✅ 64.050µs (SLO: <80.000µs 📉 -19.9%) vs baseline: +0.4%

Memory: ✅ 32.185MB (SLO: <33.500MB -3.9%) vs baseline: +4.7%

✅ datadog_tracecontext_tracestate_propagated_on_trace_id_match

Time: ✅ 65.917µs (SLO: <80.000µs 📉 -17.6%) vs baseline: +0.5%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ empty_headers

Time: ✅ 1.594µs (SLO: <10.000µs 📉 -84.1%) vs baseline: -0.6%

Memory: ✅ 32.165MB (SLO: <33.500MB -4.0%) vs baseline: +4.7%

✅ full_t_id_datadog_headers

Time: ✅ 22.982µs (SLO: <30.000µs 📉 -23.4%) vs baseline: ~same

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ invalid_priority_header

Time: ✅ 6.519µs (SLO: <10.000µs 📉 -34.8%) vs baseline: -0.3%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ invalid_span_id_header

Time: ✅ 6.543µs (SLO: <10.000µs 📉 -34.6%) vs baseline: +0.5%

Memory: ✅ 32.185MB (SLO: <33.500MB -3.9%) vs baseline: +4.8%

✅ invalid_tags_header

Time: ✅ 6.544µs (SLO: <10.000µs 📉 -34.6%) vs baseline: +0.3%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ invalid_trace_id_header

Time: ✅ 6.530µs (SLO: <10.000µs 📉 -34.7%) vs baseline: +0.5%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ large_header_no_matches

Time: ✅ 27.578µs (SLO: <30.000µs -8.1%) vs baseline: -0.4%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ large_valid_headers_all

Time: ✅ 28.866µs (SLO: <40.000µs 📉 -27.8%) vs baseline: +0.3%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ medium_header_no_matches

Time: ✅ 9.859µs (SLO: <20.000µs 📉 -50.7%) vs baseline: -0.2%

Memory: ✅ 32.185MB (SLO: <33.500MB -3.9%) vs baseline: +4.8%

✅ medium_valid_headers_all

Time: ✅ 11.215µs (SLO: <20.000µs 📉 -43.9%) vs baseline: -0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.8%

✅ none_propagation_style

Time: ✅ 1.714µs (SLO: <10.000µs 📉 -82.9%) vs baseline: +0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ tracecontext_headers

Time: ✅ 34.459µs (SLO: <40.000µs 📉 -13.9%) vs baseline: +0.2%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ valid_headers_all

Time: ✅ 6.545µs (SLO: <10.000µs 📉 -34.6%) vs baseline: -0.3%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ valid_headers_basic

Time: ✅ 6.117µs (SLO: <10.000µs 📉 -38.8%) vs baseline: +0.9%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_empty_headers

Time: ✅ 1.615µs (SLO: <10.000µs 📉 -83.8%) vs baseline: +1.6%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_invalid_priority_header

Time: ✅ 6.579µs (SLO: <10.000µs 📉 -34.2%) vs baseline: ~same

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_invalid_span_id_header

Time: ✅ 1.590µs (SLO: <10.000µs 📉 -84.1%) vs baseline: +0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.8%

✅ wsgi_invalid_tags_header

Time: ✅ 6.575µs (SLO: <10.000µs 📉 -34.2%) vs baseline: +0.2%

Memory: ✅ 32.204MB (SLO: <33.500MB -3.9%) vs baseline: +4.7%

✅ wsgi_invalid_trace_id_header

Time: ✅ 6.541µs (SLO: <10.000µs 📉 -34.6%) vs baseline: ~same

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_large_header_no_matches

Time: ✅ 28.806µs (SLO: <40.000µs 📉 -28.0%) vs baseline: -0.1%

Memory: ✅ 32.185MB (SLO: <33.500MB -3.9%) vs baseline: +4.7%

✅ wsgi_large_valid_headers_all

Time: ✅ 29.832µs (SLO: <40.000µs 📉 -25.4%) vs baseline: ~same

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_medium_header_no_matches

Time: ✅ 10.150µs (SLO: <20.000µs 📉 -49.3%) vs baseline: +1.8%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +5.0%

✅ wsgi_medium_valid_headers_all

Time: ✅ 11.510µs (SLO: <20.000µs 📉 -42.4%) vs baseline: +0.4%

Memory: ✅ 32.204MB (SLO: <33.500MB -3.9%) vs baseline: +4.8%

✅ wsgi_valid_headers_all

Time: ✅ 6.572µs (SLO: <10.000µs 📉 -34.3%) vs baseline: +0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ wsgi_valid_headers_basic

Time: ✅ 6.184µs (SLO: <10.000µs 📉 -38.2%) vs baseline: +0.9%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ httppropagationinject - 16/16

✅ ids_only

Time: ✅ 21.797µs (SLO: <30.000µs 📉 -27.3%) vs baseline: +0.9%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ with_all

Time: ✅ 28.885µs (SLO: <40.000µs 📉 -27.8%) vs baseline: -0.3%

Memory: ✅ 32.204MB (SLO: <33.500MB -3.9%) vs baseline: +4.8%

✅ with_dd_origin

Time: ✅ 25.555µs (SLO: <30.000µs 📉 -14.8%) vs baseline: +1.3%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +5.1%

✅ with_priority_and_origin

Time: ✅ 25.020µs (SLO: <40.000µs 📉 -37.5%) vs baseline: +0.9%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ with_sampling_priority

Time: ✅ 21.677µs (SLO: <30.000µs 📉 -27.7%) vs baseline: -0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ with_tags

Time: ✅ 27.326µs (SLO: <40.000µs 📉 -31.7%) vs baseline: +0.5%

Memory: ✅ 32.244MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ with_tags_invalid

Time: ✅ 28.615µs (SLO: <40.000µs 📉 -28.5%) vs baseline: +0.1%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ with_tags_max_size

Time: ✅ 27.736µs (SLO: <40.000µs 📉 -30.7%) vs baseline: +1.0%

Memory: ✅ 32.224MB (SLO: <33.500MB -3.8%) vs baseline: +4.9%

✅ iastaspects - 118/118

✅ add_aspect

Time: ✅ 0.403µs (SLO: <10.000µs 📉 -96.0%) vs baseline: -1.9%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ add_inplace_aspect

Time: ✅ 0.409µs (SLO: <10.000µs 📉 -95.9%) vs baseline: +0.9%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ add_inplace_noaspect

Time: ✅ 0.316µs (SLO: <10.000µs 📉 -96.8%) vs baseline: +0.9%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ add_noaspect

Time: ✅ 0.275µs (SLO: <10.000µs 📉 -97.3%) vs baseline: -1.7%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ bytearray_aspect

Time: ✅ 1.345µs (SLO: <10.000µs 📉 -86.6%) vs baseline: -0.6%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ bytearray_extend_aspect

Time: ✅ 1.505µs (SLO: <10.000µs 📉 -85.0%) vs baseline: -0.3%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ bytearray_extend_noaspect

Time: ✅ 0.611µs (SLO: <10.000µs 📉 -93.9%) vs baseline: ~same

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ bytearray_noaspect

Time: ✅ 0.482µs (SLO: <10.000µs 📉 -95.2%) vs baseline: ~same

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ bytes_aspect

Time: ✅ 1.302µs (SLO: <10.000µs 📉 -87.0%) vs baseline: +1.9%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +5.0%

✅ bytes_noaspect

Time: ✅ 0.493µs (SLO: <10.000µs 📉 -95.1%) vs baseline: ~same

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ bytesio_aspect

Time: ✅ 1.353µs (SLO: <10.000µs 📉 -86.5%) vs baseline: -1.4%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ bytesio_noaspect

Time: ✅ 0.494µs (SLO: <10.000µs 📉 -95.1%) vs baseline: -0.6%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ capitalize_aspect

Time: ✅ 0.742µs (SLO: <10.000µs 📉 -92.6%) vs baseline: +1.0%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ capitalize_noaspect

Time: ✅ 0.435µs (SLO: <10.000µs 📉 -95.6%) vs baseline: -0.4%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ casefold_aspect

Time: ✅ 0.736µs (SLO: <10.000µs 📉 -92.6%) vs baseline: ~same

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ casefold_noaspect

Time: ✅ 0.371µs (SLO: <10.000µs 📉 -96.3%) vs baseline: +0.7%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.6%

✅ decode_aspect

Time: ✅ 0.727µs (SLO: <10.000µs 📉 -92.7%) vs baseline: +1.0%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ decode_noaspect

Time: ✅ 0.420µs (SLO: <10.000µs 📉 -95.8%) vs baseline: -1.1%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ encode_aspect

Time: ✅ 0.707µs (SLO: <10.000µs 📉 -92.9%) vs baseline: -0.4%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ encode_noaspect

Time: ✅ 0.395µs (SLO: <10.000µs 📉 -96.0%) vs baseline: -2.4%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ format_aspect

Time: ✅ 3.395µs (SLO: <10.000µs 📉 -66.1%) vs baseline: -0.3%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.1%

✅ format_map_aspect

Time: ✅ 3.689µs (SLO: <10.000µs 📉 -63.1%) vs baseline: ~same

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ format_map_noaspect

Time: ✅ 0.773µs (SLO: <10.000µs 📉 -92.3%) vs baseline: ~same

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.6%

✅ format_noaspect

Time: ✅ 0.595µs (SLO: <10.000µs 📉 -94.1%) vs baseline: -0.8%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +5.0%

✅ index_aspect

Time: ✅ 0.352µs (SLO: <10.000µs 📉 -96.5%) vs baseline: -2.7%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.7%

✅ index_noaspect

Time: ✅ 0.277µs (SLO: <10.000µs 📉 -97.2%) vs baseline: -0.3%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ join_aspect

Time: ✅ 1.363µs (SLO: <10.000µs 📉 -86.4%) vs baseline: +0.2%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +4.9%

✅ join_noaspect

Time: ✅ 0.490µs (SLO: <10.000µs 📉 -95.1%) vs baseline: ~same

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ ljust_aspect

Time: ✅ 2.569µs (SLO: <20.000µs 📉 -87.2%) vs baseline: ~same

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ ljust_noaspect

Time: ✅ 0.406µs (SLO: <10.000µs 📉 -95.9%) vs baseline: +0.4%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.3%

✅ lower_aspect

Time: ✅ 2.173µs (SLO: <10.000µs 📉 -78.3%) vs baseline: -0.1%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ lower_noaspect

Time: ✅ 0.364µs (SLO: <10.000µs 📉 -96.4%) vs baseline: -1.2%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ lstrip_aspect

Time: ✅ 2.216µs (SLO: <20.000µs 📉 -88.9%) vs baseline: +0.6%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ lstrip_noaspect

Time: ✅ 0.384µs (SLO: <10.000µs 📉 -96.2%) vs baseline: +1.9%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.9%

✅ modulo_aspect

Time: ✅ 0.993µs (SLO: <10.000µs 📉 -90.1%) vs baseline: +0.2%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ modulo_aspect_for_bytearray_bytearray

Time: ✅ 1.558µs (SLO: <10.000µs 📉 -84.4%) vs baseline: +0.5%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ modulo_aspect_for_bytes

Time: ✅ 0.984µs (SLO: <10.000µs 📉 -90.2%) vs baseline: +0.8%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.6%

✅ modulo_aspect_for_bytes_bytearray

Time: ✅ 1.230µs (SLO: <10.000µs 📉 -87.7%) vs baseline: -0.5%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ modulo_noaspect

Time: ✅ 0.630µs (SLO: <10.000µs 📉 -93.7%) vs baseline: -0.7%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.8%

✅ replace_aspect

Time: ✅ 4.911µs (SLO: <10.000µs 📉 -50.9%) vs baseline: -0.4%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ replace_noaspect

Time: ✅ 0.459µs (SLO: <10.000µs 📉 -95.4%) vs baseline: ~same

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.1%

✅ repr_aspect

Time: ✅ 0.910µs (SLO: <10.000µs 📉 -90.9%) vs baseline: +0.1%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ repr_noaspect

Time: ✅ 0.420µs (SLO: <10.000µs 📉 -95.8%) vs baseline: +1.5%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ rstrip_aspect

Time: ✅ 1.911µs (SLO: <20.000µs 📉 -90.4%) vs baseline: +0.4%

Memory: ✅ 38.024MB (SLO: <39.000MB -2.5%) vs baseline: +4.5%

✅ rstrip_noaspect

Time: ✅ 0.381µs (SLO: <10.000µs 📉 -96.2%) vs baseline: -0.3%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ slice_aspect

Time: ✅ 0.495µs (SLO: <10.000µs 📉 -95.0%) vs baseline: -0.8%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ slice_noaspect

Time: ✅ 0.449µs (SLO: <10.000µs 📉 -95.5%) vs baseline: +0.4%

Memory: ✅ 38.142MB (SLO: <39.000MB -2.2%) vs baseline: +5.0%

✅ stringio_aspect

Time: ✅ 1.568µs (SLO: <10.000µs 📉 -84.3%) vs baseline: +0.4%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ stringio_noaspect

Time: ✅ 0.712µs (SLO: <10.000µs 📉 -92.9%) vs baseline: -1.2%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ strip_aspect

Time: ✅ 2.191µs (SLO: <20.000µs 📉 -89.0%) vs baseline: -0.4%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ strip_noaspect

Time: ✅ 0.382µs (SLO: <10.000µs 📉 -96.2%) vs baseline: -0.8%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ swapcase_aspect

Time: ✅ 2.382µs (SLO: <10.000µs 📉 -76.2%) vs baseline: -0.5%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +5.1%

✅ swapcase_noaspect

Time: ✅ 0.535µs (SLO: <10.000µs 📉 -94.7%) vs baseline: -0.9%

Memory: ✅ 38.004MB (SLO: <39.000MB -2.6%) vs baseline: +4.7%

✅ title_aspect

Time: ✅ 2.316µs (SLO: <10.000µs 📉 -76.8%) vs baseline: ~same

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +5.1%

✅ title_noaspect

Time: ✅ 0.499µs (SLO: <10.000µs 📉 -95.0%) vs baseline: -1.0%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ translate_aspect

Time: ✅ 3.269µs (SLO: <10.000µs 📉 -67.3%) vs baseline: +0.8%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ translate_noaspect

Time: ✅ 1.035µs (SLO: <10.000µs 📉 -89.6%) vs baseline: -0.9%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ upper_aspect

Time: ✅ 2.184µs (SLO: <10.000µs 📉 -78.2%) vs baseline: -0.1%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ upper_noaspect

Time: ✅ 0.372µs (SLO: <10.000µs 📉 -96.3%) vs baseline: -0.1%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ iastaspectsospath - 24/24

✅ ospathbasename_aspect

Time: ✅ 4.322µs (SLO: <10.000µs 📉 -56.8%) vs baseline: +2.8%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ ospathbasename_noaspect

Time: ✅ 1.076µs (SLO: <10.000µs 📉 -89.2%) vs baseline: +0.7%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ ospathjoin_aspect

Time: ✅ 6.355µs (SLO: <10.000µs 📉 -36.5%) vs baseline: +4.2%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.7%

✅ ospathjoin_noaspect

Time: ✅ 2.296µs (SLO: <10.000µs 📉 -77.0%) vs baseline: -0.1%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +5.0%

✅ ospathnormcase_aspect

Time: ✅ 3.484µs (SLO: <10.000µs 📉 -65.2%) vs baseline: +0.7%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +4.8%

✅ ospathnormcase_noaspect

Time: ✅ 0.564µs (SLO: <10.000µs 📉 -94.4%) vs baseline: -1.3%

Memory: ✅ 38.044MB (SLO: <39.000MB -2.5%) vs baseline: +4.7%

✅ ospathsplit_aspect

Time: ✅ 4.759µs (SLO: <10.000µs 📉 -52.4%) vs baseline: ~same

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +5.0%

✅ ospathsplit_noaspect

Time: ✅ 1.600µs (SLO: <10.000µs 📉 -84.0%) vs baseline: +0.5%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.7%

✅ ospathsplitdrive_aspect

Time: ✅ 3.686µs (SLO: <10.000µs 📉 -63.1%) vs baseline: +0.9%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +5.0%

✅ ospathsplitdrive_noaspect

Time: ✅ 0.696µs (SLO: <10.000µs 📉 -93.0%) vs baseline: -0.5%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ ospathsplitext_aspect

Time: ✅ 4.506µs (SLO: <10.000µs 📉 -54.9%) vs baseline: -0.3%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.9%

✅ ospathsplitext_noaspect

Time: ✅ 1.386µs (SLO: <10.000µs 📉 -86.1%) vs baseline: +1.1%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +5.0%

✅ iastaspectssplit - 12/12

✅ rsplit_aspect

Time: ✅ 1.450µs (SLO: <10.000µs 📉 -85.5%) vs baseline: ~same

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ rsplit_noaspect

Time: ✅ 0.586µs (SLO: <10.000µs 📉 -94.1%) vs baseline: +0.8%

Memory: ✅ 38.063MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ split_aspect

Time: ✅ 1.404µs (SLO: <10.000µs 📉 -86.0%) vs baseline: ~same

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ split_noaspect

Time: ✅ 0.570µs (SLO: <10.000µs 📉 -94.3%) vs baseline: +0.2%

Memory: ✅ 38.122MB (SLO: <39.000MB -2.3%) vs baseline: +5.2%

✅ splitlines_aspect

Time: ✅ 1.390µs (SLO: <10.000µs 📉 -86.1%) vs baseline: +1.9%

Memory: ✅ 38.083MB (SLO: <39.000MB -2.4%) vs baseline: +4.8%

✅ splitlines_noaspect

Time: ✅ 0.588µs (SLO: <10.000µs 📉 -94.1%) vs baseline: +1.2%

Memory: ✅ 38.103MB (SLO: <39.000MB -2.3%) vs baseline: +4.9%

✅ iastpropagation - 2/2

✅ no-propagation

Time: ✅ 48.565µs (SLO: <60.000µs 📉 -19.1%) vs baseline: +0.6%

Memory: ✅ 37.749MB (SLO: <39.000MB -3.2%) vs baseline: +4.9%

✅ otelsdkspan - 24/24

✅ add-event

Time: ✅ 40.573ms (SLO: <42.000ms -3.4%) vs baseline: +0.2%

Memory: ✅ 34.937MB (SLO: <39.000MB 📉 -10.4%) vs baseline: +4.9%

✅ add-link

Time: ✅ 36.293ms (SLO: <38.550ms -5.9%) vs baseline: -0.5%

Memory: ✅ 34.859MB (SLO: <39.000MB 📉 -10.6%) vs baseline: +4.6%

✅ add-metrics

Time: ✅ 219.288ms (SLO: <232.000ms -5.5%) vs baseline: -1.0%

Memory: ✅ 34.937MB (SLO: <39.000MB 📉 -10.4%) vs baseline: +4.8%

✅ add-tags

Time: ✅ 211.909ms (SLO: <221.600ms -4.4%) vs baseline: +0.3%

Memory: ✅ 34.898MB (SLO: <39.000MB 📉 -10.5%) vs baseline: +4.9%

✅ get-context

Time: ✅ 29.223ms (SLO: <31.300ms -6.6%) vs baseline: ~same

Memory: ✅ 34.800MB (SLO: <39.000MB 📉 -10.8%) vs baseline: +4.6%

✅ is-recording

Time: ✅ 29.253ms (SLO: <31.000ms -5.6%) vs baseline: +0.3%

Memory: ✅ 34.800MB (SLO: <39.000MB 📉 -10.8%) vs baseline: +4.6%

✅ record-exception

Time: ✅ 62.974ms (SLO: <65.850ms -4.4%) vs baseline: ~same

Memory: ✅ 34.898MB (SLO: <39.000MB 📉 -10.5%) vs baseline: +4.9%

✅ set-status

Time: ✅ 31.868ms (SLO: <34.150ms -6.7%) vs baseline: -0.1%

Memory: ✅ 34.878MB (SLO: <39.000MB 📉 -10.6%) vs baseline: +4.8%

✅ start

Time: ✅ 28.872ms (SLO: <30.150ms -4.2%) vs baseline: ~same

Memory: ✅ 34.583MB (SLO: <39.000MB 📉 -11.3%) vs baseline: +5.2%

✅ start-finish

Time: ✅ 33.761ms (SLO: <35.350ms -4.5%) vs baseline: -0.8%

Memory: ✅ 34.977MB (SLO: <39.000MB 📉 -10.3%) vs baseline: +5.1%

✅ start-finish-telemetry

Time: ✅ 33.918ms (SLO: <35.450ms -4.3%) vs baseline: -1.1%

Memory: ✅ 34.839MB (SLO: <39.000MB 📉 -10.7%) vs baseline: +4.6%

✅ update-name

Time: ✅ 30.954ms (SLO: <33.400ms -7.3%) vs baseline: -0.2%

Memory: ✅ 34.937MB (SLO: <39.000MB 📉 -10.4%) vs baseline: +5.0%

✅ otelspan - 22/22

✅ add-event

Time: ✅ 40.414ms (SLO: <47.150ms 📉 -14.3%) vs baseline: +0.9%

Memory: ✅ 43.787MB (SLO: <47.000MB -6.8%) vs baseline: +5.0%

✅ add-metrics

Time: ✅ 318.692ms (SLO: <344.800ms -7.6%) vs baseline: +1.0%

Memory: ✅ 652.726MB (SLO: <675.000MB -3.3%) vs baseline: +5.0%

✅ add-tags

Time: ✅ 288.255ms (SLO: <314.000ms -8.2%) vs baseline: ~same

Memory: ✅ 654.549MB (SLO: <675.000MB -3.0%) vs baseline: +5.0%

✅ get-context

Time: ✅ 80.398ms (SLO: <92.350ms 📉 -12.9%) vs baseline: +0.3%

Memory: ✅ 39.701MB (SLO: <46.500MB 📉 -14.6%) vs baseline: +5.0%

✅ is-recording

Time: ✅ 37.877ms (SLO: <44.500ms 📉 -14.9%) vs baseline: +0.1%

Memory: ✅ 43.236MB (SLO: <47.500MB -9.0%) vs baseline: +5.0%

✅ record-exception

Time: ✅ 58.022ms (SLO: <67.650ms 📉 -14.2%) vs baseline: ~same

Memory: ✅ 39.816MB (SLO: <47.000MB 📉 -15.3%) vs baseline: +4.5%

✅ set-status

Time: ✅ 43.868ms (SLO: <50.400ms 📉 -13.0%) vs baseline: +0.1%

Memory: ✅ 43.213MB (SLO: <47.000MB -8.1%) vs baseline: +4.9%

✅ start

Time: ✅ 37.357ms (SLO: <43.450ms 📉 -14.0%) vs baseline: +0.5%

Memory: ✅ 43.202MB (SLO: <47.000MB -8.1%) vs baseline: +5.0%

✅ start-finish

Time: ✅ 82.295ms (SLO: <88.000ms -6.5%) vs baseline: +0.3%

Memory: ✅ 34.544MB (SLO: <46.500MB 📉 -25.7%) vs baseline: +4.8%

✅ start-finish-telemetry

Time: ✅ 83.504ms (SLO: <89.000ms -6.2%) vs baseline: -0.1%

Memory: ✅ 34.544MB (SLO: <46.500MB 📉 -25.7%) vs baseline: +4.9%

✅ update-name

Time: ✅ 38.788ms (SLO: <45.150ms 📉 -14.1%) vs baseline: +0.6%

Memory: ✅ 43.502MB (SLO: <47.000MB -7.4%) vs baseline: +4.7%

✅ packagespackageforrootmodulemapping - 4/4

✅ cache_off

Time: ✅ 343.597ms (SLO: <354.300ms -3.0%) vs baseline: -0.4%

Memory: ✅ 37.668MB (SLO: <40.000MB -5.8%) vs baseline: +3.6%

✅ cache_on

Time: ✅ 0.383µs (SLO: <10.000µs 📉 -96.2%) vs baseline: -0.4%

Memory: ✅ 35.925MB (SLO: <39.000MB -7.9%) vs baseline: +4.9%

✅ packagesupdateimporteddependencies - 24/24

✅ import_many

Time: ✅ 154.998µs (SLO: <170.000µs -8.8%) vs baseline: ~same

Memory: ✅ 37.060MB (SLO: <38.500MB -3.7%) vs baseline: +5.1%

✅ import_many_cached

Time: ✅ 121.106µs (SLO: <130.000µs -6.8%) vs baseline: +0.2%

Memory: ✅ 37.196MB (SLO: <38.500MB -3.4%) vs baseline: +4.3%

✅ import_many_stdlib

Time: ✅ 1.618ms (SLO: <1.750ms -7.5%) vs baseline: -0.8%

Memory: ✅ 37.330MB (SLO: <38.500MB -3.0%) vs baseline: +5.6%

✅ import_many_stdlib_cached

Time: ✅ 0.975ms (SLO: <1.100ms 📉 -11.4%) vs baseline: -0.3%

Memory: ✅ 37.135MB (SLO: <38.500MB -3.5%) vs baseline: +5.0%

✅ import_many_unknown

Time: ✅ 828.836µs (SLO: <890.000µs -6.9%) vs baseline: -0.2%

Memory: ✅ 37.627MB (SLO: <38.500MB -2.3%) vs baseline: +6.4%

✅ import_many_unknown_cached

Time: ✅ 790.617µs (SLO: <870.000µs -9.1%) vs baseline: -1.1%

Memory: ✅ 37.182MB (SLO: <38.500MB -3.4%) vs baseline: +5.4%

✅ import_one

Time: ✅ 19.865µs (SLO: <30.000µs 📉 -33.8%) vs baseline: +0.5%

Memory: ✅ 37.054MB (SLO: <39.000MB -5.0%) vs baseline: +4.9%

✅ import_one_cache

Time: ✅ 6.248µs (SLO: <10.000µs 📉 -37.5%) vs baseline: -0.3%

Memory: ✅ 37.081MB (SLO: <38.500MB -3.7%) vs baseline: +3.9%

✅ import_one_stdlib

Time: ✅ 18.605µs (SLO: <20.000µs -7.0%) vs baseline: -0.2%

Memory: ✅ 37.065MB (SLO: <38.500MB -3.7%) vs baseline: +3.8%

✅ import_one_stdlib_cache

Time: ✅ 6.343µs (SLO: <10.000µs 📉 -36.6%) vs baseline: +1.3%

Memory: ✅ 37.063MB (SLO: <38.500MB -3.7%) vs baseline: +5.2%

✅ import_one_unknown

Time: ✅ 45.416µs (SLO: <50.000µs -9.2%) vs baseline: +0.2%

Memory: ✅ 36.981MB (SLO: <38.500MB -3.9%) vs baseline: +5.0%

✅ import_one_unknown_cache

Time: ✅ 6.327µs (SLO: <10.000µs 📉 -36.7%) vs baseline: +1.0%

Memory: ✅ 37.075MB (SLO: <38.500MB -3.7%) vs baseline: +5.0%

✅ ratelimiter - 12/12

✅ defaults

Time: ✅ 2.344µs (SLO: <10.000µs 📉 -76.6%) vs baseline: -0.3%

Memory: ✅ 31.792MB (SLO: <34.000MB -6.5%) vs baseline: +4.8%

✅ high_rate_limit

Time: ✅ 2.418µs (SLO: <10.000µs 📉 -75.8%) vs baseline: +0.6%

Memory: ✅ 31.772MB (SLO: <34.000MB -6.6%) vs baseline: +5.1%

✅ long_window

Time: ✅ 2.354µs (SLO: <10.000µs 📉 -76.5%) vs baseline: -0.2%

Memory: ✅ 31.713MB (SLO: <34.000MB -6.7%) vs baseline: +4.7%

✅ low_rate_limit

Time: ✅ 2.365µs (SLO: <10.000µs 📉 -76.3%) vs baseline: +0.6%

Memory: ✅ 31.693MB (SLO: <34.000MB -6.8%) vs baseline: +4.5%

✅ no_rate_limit

Time: ✅ 0.833µs (SLO: <10.000µs 📉 -91.7%) vs baseline: +0.8%

Memory: ✅ 31.733MB (SLO: <34.000MB -6.7%) vs baseline: +4.9%

✅ short_window

Time: ✅ 2.492µs (SLO: <10.000µs 📉 -75.1%) vs baseline: ~same

Memory: ✅ 31.752MB (SLO: <34.000MB -6.6%) vs baseline: +4.7%

✅ recursivecomputation - 8/8

✅ deep

Time: ✅ 309.380ms (SLO: <320.950ms -3.6%) vs baseline: +0.2%

Memory: ✅ 32.991MB (SLO: <34.500MB -4.4%) vs baseline: +4.9%

✅ deep-profiled

Time: ✅ 328.481ms (SLO: <359.150ms -8.5%) vs baseline: +0.2%

Memory: ✅ 37.316MB (SLO: <39.000MB -4.3%) vs baseline: +4.8%

✅ medium

Time: ✅ 7.037ms (SLO: <7.400ms -4.9%) vs baseline: -0.2%

Memory: ✅ 32.126MB (SLO: <34.000MB -5.5%) vs baseline: +4.7%

✅ shallow

Time: ✅ 0.951ms (SLO: <1.050ms -9.4%) vs baseline: +0.5%

Memory: ✅ 32.244MB (SLO: <34.000MB -5.2%) vs baseline: +5.1%

✅ samplingrules - 8/8

✅ average_match

Time: ✅ 137.560µs (SLO: <290.000µs 📉 -52.6%) vs baseline: -0.3%

Memory: ✅ 32.165MB (SLO: <34.000MB -5.4%) vs baseline: +4.8%

✅ high_match

Time: ✅ 173.468µs (SLO: <480.000µs 📉 -63.9%) vs baseline: -0.3%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.9%

✅ low_match

Time: ✅ 98.933µs (SLO: <120.000µs 📉 -17.6%) vs baseline: -0.3%

Memory: ✅ 601.011MB (SLO: <700.000MB 📉 -14.1%) vs baseline: +4.9%

✅ very_low_match

Time: ✅ 2.659ms (SLO: <8.500ms 📉 -68.7%) vs baseline: -0.4%

Memory: ✅ 68.303MB (SLO: <75.000MB -8.9%) vs baseline: +4.8%

✅ sethttpmeta - 32/32

✅ all-disabled

Time: ✅ 10.562µs (SLO: <20.000µs 📉 -47.2%) vs baseline: +0.8%

Memory: ✅ 32.598MB (SLO: <34.000MB -4.1%) vs baseline: +4.8%

✅ all-enabled

Time: ✅ 40.258µs (SLO: <50.000µs 📉 -19.5%) vs baseline: +0.2%

Memory: ✅ 32.598MB (SLO: <34.000MB -4.1%) vs baseline: +4.8%

✅ collectipvariant_exists

Time: ✅ 40.771µs (SLO: <50.000µs 📉 -18.5%) vs baseline: ~same

Memory: ✅ 32.519MB (SLO: <34.000MB -4.4%) vs baseline: +4.5%

✅ no-collectipvariant

Time: ✅ 40.743µs (SLO: <50.000µs 📉 -18.5%) vs baseline: +1.0%

Memory: ✅ 32.657MB (SLO: <34.000MB -4.0%) vs baseline: +4.9%

✅ no-useragentvariant

Time: ✅ 38.556µs (SLO: <50.000µs 📉 -22.9%) vs baseline: -0.6%

Memory: ✅ 32.598MB (SLO: <34.000MB -4.1%) vs baseline: +4.9%

✅ obfuscation-no-query

Time: ✅ 40.469µs (SLO: <50.000µs 📉 -19.1%) vs baseline: +0.2%

Memory: ✅ 32.558MB (SLO: <34.000MB -4.2%) vs baseline: +4.7%

✅ obfuscation-regular-case-explicit-query

Time: ✅ 75.868µs (SLO: <90.000µs 📉 -15.7%) vs baseline: +0.4%

Memory: ✅ 32.971MB (SLO: <34.000MB -3.0%) vs baseline: +4.7%

✅ obfuscation-regular-case-implicit-query

Time: ✅ 76.608µs (SLO: <90.000µs 📉 -14.9%) vs baseline: +0.6%

Memory: ✅ 32.971MB (SLO: <34.000MB -3.0%) vs baseline: +4.8%

✅ obfuscation-send-querystring-disabled

Time: ✅ 154.459µs (SLO: <170.000µs -9.1%) vs baseline: +0.2%

Memory: ✅ 32.991MB (SLO: <34.500MB -4.4%) vs baseline: +4.7%

✅ obfuscation-worst-case-explicit-query

Time: ✅ 148.693µs (SLO: <160.000µs -7.1%) vs baseline: +0.3%

Memory: ✅ 33.050MB (SLO: <34.500MB -4.2%) vs baseline: +5.0%

✅ obfuscation-worst-case-implicit-query

Time: ✅ 154.929µs (SLO: <170.000µs -8.9%) vs baseline: +0.3%

Memory: ✅ 33.050MB (SLO: <34.500MB -4.2%) vs baseline: +5.1%

✅ useragentvariant_exists_1

Time: ✅ 39.303µs (SLO: <50.000µs 📉 -21.4%) vs baseline: -0.3%

Memory: ✅ 32.558MB (SLO: <34.000MB -4.2%) vs baseline: +4.6%

✅ useragentvariant_exists_2

Time: ✅ 40.748µs (SLO: <50.000µs 📉 -18.5%) vs baseline: +0.5%

Memory: ✅ 32.598MB (SLO: <34.000MB -4.1%) vs baseline: +4.9%

✅ useragentvariant_exists_3

Time: ✅ 39.924µs (SLO: <50.000µs 📉 -20.2%) vs baseline: +0.2%

Memory: ✅ 32.578MB (SLO: <34.000MB -4.2%) vs baseline: +4.8%

✅ useragentvariant_not_exists_1

Time: ✅ 39.330µs (SLO: <50.000µs 📉 -21.3%) vs baseline: -0.2%

Memory: ✅ 32.578MB (SLO: <34.000MB -4.2%) vs baseline: +4.9%

✅ useragentvariant_not_exists_2

Time: ✅ 39.397µs (SLO: <50.000µs 📉 -21.2%) vs baseline: +0.1%

Memory: ✅ 32.539MB (SLO: <34.000MB -4.3%) vs baseline: +4.7%

✅ span - 26/26

✅ add-event

Time: ✅ 20.037ms (SLO: <22.500ms 📉 -10.9%) vs baseline: +0.4%

Memory: ✅ 48.840MB (SLO: <53.000MB -7.8%) vs baseline: +4.8%

✅ add-metrics

Time: ✅ 90.033ms (SLO: <93.500ms -3.7%) vs baseline: +0.7%

Memory: ✅ 735.839MB (SLO: <961.000MB 📉 -23.4%) vs baseline: +4.9%

✅ add-tags

Time: ✅ 146.149ms (SLO: <155.000ms -5.7%) vs baseline: -0.5%

Memory: ✅ 736.297MB (SLO: <962.500MB 📉 -23.5%) vs baseline: +5.0%

✅ get-context

Time: ✅ 18.812ms (SLO: <20.500ms -8.2%) vs baseline: +2.8%

Memory: ✅ 47.610MB (SLO: <53.000MB 📉 -10.2%) vs baseline: +4.8%

✅ is-recording

Time: ✅ 18.654ms (SLO: <20.500ms -9.0%) vs baseline: +0.9%

Memory: ✅ 47.624MB (SLO: <53.000MB 📉 -10.1%) vs baseline: +4.9%

✅ record-exception

Time: ✅ 37.987ms (SLO: <40.000ms -5.0%) vs baseline: +1.8%

Memory: ✅ 42.026MB (SLO: <53.000MB 📉 -20.7%) vs baseline: +4.7%

✅ set-status

Time: ✅ 20.109ms (SLO: <22.000ms -8.6%) vs baseline: -0.2%

Memory: ✅ 47.582MB (SLO: <53.000MB 📉 -10.2%) vs baseline: +4.8%

✅ start

Time: ✅ 18.268ms (SLO: <20.500ms 📉 -10.9%) vs baseline: +0.4%

Memory: ✅ 47.622MB (SLO: <53.000MB 📉 -10.1%) vs baseline: +4.8%

✅ start-finish

Time: ✅ 50.927ms (SLO: <52.500ms -3.0%) vs baseline: +1.0%

Memory: ✅ 32.126MB (SLO: <34.000MB -5.5%) vs baseline: +4.7%

✅ start-finish-telemetry

Time: ✅ 51.899ms (SLO: <54.500ms -4.8%) vs baseline: ~same

Memory: ✅ 32.165MB (SLO: <34.000MB -5.4%) vs baseline: +4.7%

✅ start-finish-traceid128

Time: ✅ 54.300ms (SLO: <57.000ms -4.7%) vs baseline: +1.0%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +4.8%

✅ start-traceid128

Time: ✅ 19.055ms (SLO: <22.500ms 📉 -15.3%) vs baseline: +3.3%

Memory: ✅ 47.597MB (SLO: <53.000MB 📉 -10.2%) vs baseline: +4.7%

✅ update-name

Time: ✅ 19.188ms (SLO: <22.000ms 📉 -12.8%) vs baseline: +3.1%

Memory: ✅ 48.178MB (SLO: <53.000MB -9.1%) vs baseline: +4.8%

✅ tracer - 6/6

✅ large

Time: ✅ 29.494ms (SLO: <32.950ms 📉 -10.5%) vs baseline: -0.1%

Memory: ✅ 33.266MB (SLO: <34.500MB -3.6%) vs baseline: +4.8%

✅ medium

Time: ✅ 2.952ms (SLO: <3.200ms -7.8%) vs baseline: +1.2%

Memory: ✅ 32.126MB (SLO: <34.000MB -5.5%) vs baseline: +4.8%

✅ small

Time: ✅ 328.688µs (SLO: <370.000µs 📉 -11.2%) vs baseline: -0.2%

Memory: ✅ 32.204MB (SLO: <34.000MB -5.3%) vs baseline: +5.2%

ℹ️ Scenarios Missing SLO Configuration (9 scenarios)

The following scenarios exist in candidate data but have no SLO thresholds configured:

coreapiscenario-core_dispatch_listeners
coreapiscenario-core_dispatch_no_listeners
coreapiscenario-core_dispatch_with_results_listeners
coreapiscenario-core_dispatch_with_results_no_listeners
djangosimple-baseline
errortrackingdjangosimple-baseline
errortrackingflasksqli-baseline
flasksimple-baseline
flasksqli-baseline

…15029) ## Description This PR addresses an issue where using weak hashing or cipher algorithms outside of a request context (e.g., during application startup) could raise an unhandled exception. The fix ensures proper error handling when IAST operations are performed without an active request context. ### Root Cause The issue occurred in the [has_quota](cci:1://file:///home/alberto.vara/projects/dd-python/dd-trace-py/ddtrace/appsec/_iast/taint_sinks/_base.py:7:4-12:20) method of the vulnerability base class, which was not properly handling cases where there was no active request context. When IAST operations were performed outside of a request (e.g., during application startup or in unsupported frameworks), the code would attempt to access the vulnerability budget from a non-existent context, leading to an unhandled exception. ### Changes 1. Added null check for IAST context in [has_quota](cci:1://file:///home/alberto.vara/projects/dd-python/dd-trace-py/ddtrace/appsec/_iast/taint_sinks/_base.py:7:4-12:20) method to safely handle cases with no active request 2. Return `False` when no context is available, preventing further processing of vulnerabilities 3. Added test cases to verify the fix works in various scenarios 4. Updated the release notes to document the fix (cherry picked from commit 8940186)

…15029)

…ackport 3.17] (#15038) Backport 8940186 from #15029 to 3.17. ## Description This PR addresses an issue where using weak hashing or cipher algorithms outside of a request context (e.g., during application startup) could raise an unhandled exception. The fix ensures proper error handling when IAST operations are performed without an active request context. ### Root Cause The issue occurred in the [has_quota](cci:1://file:///home/alberto.vara/projects/dd-python/dd-trace-py/ddtrace/appsec/_iast/taint_sinks/_base.py:7:4-12:20) method of the vulnerability base class, which was not properly handling cases where there was no active request context. When IAST operations were performed outside of a request (e.g., during application startup or in unsupported frameworks), the code would attempt to access the vulnerability budget from a non-existent context, leading to an unhandled exception. ### Changes 1. Added null check for IAST context in [has_quota](cci:1://file:///home/alberto.vara/projects/dd-python/dd-trace-py/ddtrace/appsec/_iast/taint_sinks/_base.py:7:4-12:20) method to safely handle cases with no active request 2. Return `False` when no context is available, preventing further processing of vulnerabilities 3. Added test cases to verify the fix works in various scenarios 4. Updated the release notes to document the fix Co-authored-by: Alberto Vara <[email protected]>

avara1986 added 2 commits October 24, 2025 12:55

fix weak hash error if vulnerability is outside the context

2bf42ae

fix weak hash error if vulnerability is outside the context

0720c2f

avara1986 added ASM Application Security Monitoring backport 3.17 labels Oct 24, 2025

gnufede reviewed Oct 24, 2025

View reviewed changes

ddtrace/appsec/_iast/_span_metrics.py Outdated Show resolved Hide resolved

gnufede reviewed Oct 24, 2025

View reviewed changes

ddtrace/appsec/_iast/taint_sinks/_base.py Outdated Show resolved Hide resolved

gnufede approved these changes Oct 24, 2025

View reviewed changes

avara1986 added 3 commits October 24, 2025 16:33

Merge branch 'main' into avara1986/APPSEC-59771-fix-weakhash-exception

8501c64

fix weak hash error if vulnerability is outside the context

827a1e1

Merge branch 'main' into avara1986/APPSEC-59771-fix-weakhash-exception

48fe450

avara1986 marked this pull request as ready for review October 24, 2025 15:42

avara1986 requested review from a team as code owners October 24, 2025 15:42

avara1986 requested review from emmettbutler and wconti27 October 24, 2025 15:42

emmettbutler approved these changes Oct 24, 2025

View reviewed changes

christophe-papazian approved these changes Oct 27, 2025

View reviewed changes

avara1986 merged commit 8940186 into main Oct 27, 2025
607 checks passed

avara1986 deleted the avara1986/APPSEC-59771-fix-weakhash-exception branch October 27, 2025 09:01

dd-octo-sts bot mentioned this pull request Oct 27, 2025

fix(iast): weak hash error if vulnerability is outside the context [backport 3.17] #15038

Merged

avara1986 added a commit that referenced this pull request Oct 27, 2025

fix(iast): weak hash error if vulnerability is outside the context (#…

11b9fbd

…15029)

Uh oh!

fix(iast): weak hash error if vulnerability is outside the context #15029

fix(iast): weak hash error if vulnerability is outside the context #15029

Uh oh!

Conversation

avara1986 commented Oct 24, 2025

Description

Root Cause

Changes

Uh oh!

github-actions bot commented Oct 24, 2025

Uh oh!

github-actions bot commented Oct 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Bootstrap import analysis

Summary

Import time breakdown

Uh oh!

Uh oh!

Uh oh!

pr-commenter bot commented Oct 24, 2025

Performance SLOs

✅ re_expand_aspect

✅ re_expand_noaspect

✅ re_findall_aspect

✅ re_findall_noaspect

✅ re_finditer_aspect

✅ re_finditer_noaspect

✅ re_fullmatch_aspect

✅ re_fullmatch_noaspect

✅ re_group_aspect

✅ re_group_noaspect

✅ re_groups_aspect

✅ re_groups_noaspect

✅ re_match_aspect

✅ re_match_noaspect

✅ re_search_aspect

✅ re_search_noaspect

✅ re_sub_aspect

✅ re_sub_noaspect

✅ re_subn_aspect

✅ re_subn_noaspect

✅ 1-count-metric-1-times

✅ 1-count-metrics-100-times

✅ 1-distribution-metric-1-times

✅ 1-distribution-metrics-100-times

✅ 1-gauge-metric-1-times

✅ 1-gauge-metrics-100-times

✅ 1-rate-metric-1-times

✅ 1-rate-metrics-100-times

✅ 100-count-metrics-100-times

✅ 100-distribution-metrics-100-times

✅ 100-gauge-metrics-100-times

✅ 100-rate-metrics-100-times

✅ flush-1-metric

✅ flush-100-metrics

✅ flush-1000-metrics

✅ appsec

✅ exception-replay-enabled

✅ iast

✅ profiler

✅ resource-renaming

✅ span-code-origin

✅ tracer

✅ tracer-and-profiler

✅ tracer-dont-create-db-spans

✅ tracer-minimal

✅ tracer-native

✅ tracer-no-caches

✅ tracer-no-databases

✅ tracer-no-middleware

✅ tracer-no-templates

✅ errortracking-enabled-all

✅ errortracking-enabled-user

✅ tracer-enabled

✅ errortracking-enabled-all

✅ errortracking-enabled-user

✅ tracer-enabled

✅ appsec-get

✅ appsec-post

github-actions bot commented Oct 24, 2025 •

edited

Loading