chore(ci): bump github/codeql-action from 3.28.17 to 3.28.18 in the gh-actions-packages group #8850

dependabot · 2025-05-19T17:39:13Z

Bumps the gh-actions-packages group with 1 update: github/codeql-action.

Updates github/codeql-action from 3.28.17 to 3.28.18

Release notes

Sourced from github/codeql-action's releases.

v3.28.18

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025

Update default CodeQL bundle version to 2.21.3. #2893

Skip validating SARIF produced by CodeQL for improved performance. #2894

The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.18 - 16 May 2025

Update default CodeQL bundle version to 2.21.3. #2893

Skip validating SARIF produced by CodeQL for improved performance. #2894

The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

3.28.17 - 02 May 2025

Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

Update default CodeQL bundle version to 2.20.5. #2772

Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

... (truncated)

Commits

ff0a06e Merge pull request #2896 from github/update-v3.28.18-b86edfc27
a41e084 Update changelog for v3.28.18
b86edfc Merge pull request #2893 from github/update-bundle/codeql-bundle-v2.21.3
e93b900 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.3
510dfa3 Merge pull request #2894 from github/henrymercer/skip-validating-codeql-sarif
492d783 Merge branch 'main' into henrymercer/skip-validating-codeql-sarif
83bdf3b Merge pull request #2859 from github/update-supported-enterprise-server-versions
cffc916 Merge pull request #2891 from austinpray-mixpanel/patch-1
4420887 Add deprecation warning for CodeQL 2.16.5 and earlier
4e178c5 Update supported versions table in README
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gh-actions-packages group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.28.17 to 3.28.18 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@60168ef...ff0a06e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages ... Signed-off-by: dependabot[bot] <support@github.com>

pr-commenter · 2025-05-19T18:22:57Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	dependabot/github_actions/gh-actions-packages-ced721f930
git_commit_date	1747667730	1747676352
git_commit_sha	`872388f`	`707740c`
release_version	1.50.0-SNAPSHOT~872388f75c	1.50.0-SNAPSHOT~707740cc7a

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1747678812	1747678812
ci_job_id	944498841	944498841
ci_pipeline_id	65517744	65517744
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-pgbceyrs-project-304-concurrent-0-3l52dh7e 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-pgbceyrs-project-304-concurrent-0-3l52dh7e 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 58 metrics, 13 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.021 s) : 0, 1020520
Total [baseline] (10.557 s) : 0, 10556625
Agent [candidate] (1.02 s) : 0, 1020102
Total [candidate] (10.508 s) : 0, 10507917
section appsec
Agent [baseline] (1.163 s) : 0, 1163395
Total [baseline] (10.661 s) : 0, 10660726
Agent [candidate] (1.161 s) : 0, 1160727
Total [candidate] (10.662 s) : 0, 10662360
section iast
Agent [baseline] (1.149 s) : 0, 1148611
Total [baseline] (10.881 s) : 0, 10880588
Agent [candidate] (1.155 s) : 0, 1154768
Total [candidate] (10.985 s) : 0, 10984995
section profiling
Agent [baseline] (1.276 s) : 0, 1275991
Total [baseline] (10.83 s) : 0, 10829997
Agent [candidate] (1.283 s) : 0, 1283395
Total [candidate] (10.855 s) : 0, 10854694

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.021 s	-
Agent	appsec	1.163 s	142.875 ms (14.0%)
Agent	iast	1.149 s	128.091 ms (12.6%)
Agent	profiling	1.276 s	255.47 ms (25.0%)
Total	tracing	10.557 s	-
Total	appsec	10.661 s	104.101 ms (1.0%)
Total	iast	10.881 s	323.963 ms (3.1%)
Total	profiling	10.83 s	273.372 ms (2.6%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.02 s	-
Agent	appsec	1.161 s	140.625 ms (13.8%)
Agent	iast	1.155 s	134.666 ms (13.2%)
Agent	profiling	1.283 s	263.293 ms (25.8%)
Total	tracing	10.508 s	-
Total	appsec	10.662 s	154.443 ms (1.5%)
Total	iast	10.985 s	477.079 ms (4.5%)
Total	profiling	10.855 s	346.777 ms (3.3%)

gantt
    title petclinic - break down per module: candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (684.252 ms) : 0, 684252
BytebuddyAgent [candidate] (682.066 ms) : 0, 682066
GlobalTracer [baseline] (239.106 ms) : 0, 239106
GlobalTracer [candidate] (240.073 ms) : 0, 240073
AppSec [baseline] (54.228 ms) : 0, 54228
AppSec [candidate] (54.505 ms) : 0, 54505
Debugger [baseline] (9.353 ms) : 0, 9353
Debugger [candidate] (10.118 ms) : 0, 10118
Remote Config [baseline] (714.405 µs) : 0, 714
Remote Config [candidate] (690.887 µs) : 0, 691
Telemetry [baseline] (9.121 ms) : 0, 9121
Telemetry [candidate] (9.061 ms) : 0, 9061
section appsec
BytebuddyAgent [baseline] (702.468 ms) : 0, 702468
BytebuddyAgent [candidate] (699.713 ms) : 0, 699713
GlobalTracer [baseline] (236.864 ms) : 0, 236864
GlobalTracer [candidate] (236.794 ms) : 0, 236794
AppSec [baseline] (175.658 ms) : 0, 175658
AppSec [candidate] (175.822 ms) : 0, 175822
Debugger [baseline] (5.947 ms) : 0, 5947
Debugger [candidate] (5.963 ms) : 0, 5963
Remote Config [baseline] (641.226 µs) : 0, 641
Remote Config [candidate] (626.954 µs) : 0, 627
Telemetry [baseline] (7.405 ms) : 0, 7405
Telemetry [candidate] (7.419 ms) : 0, 7419
IAST [baseline] (21.641 ms) : 0, 21641
IAST [candidate] (21.749 ms) : 0, 21749
section iast
BytebuddyAgent [baseline] (802.375 ms) : 0, 802375
BytebuddyAgent [candidate] (807.71 ms) : 0, 807710
GlobalTracer [baseline] (230.213 ms) : 0, 230213
GlobalTracer [candidate] (230.425 ms) : 0, 230425
AppSec [baseline] (49.03 ms) : 0, 49030
AppSec [candidate] (50.375 ms) : 0, 50375
Debugger [baseline] (5.872 ms) : 0, 5872
Debugger [candidate] (5.874 ms) : 0, 5874
Remote Config [baseline] (598.507 µs) : 0, 599
Remote Config [candidate] (594.344 µs) : 0, 594
Telemetry [baseline] (7.844 ms) : 0, 7844
Telemetry [candidate] (7.798 ms) : 0, 7798
IAST [baseline] (29.206 ms) : 0, 29206
IAST [candidate] (27.677 ms) : 0, 27677
section profiling
ProfilingAgent [baseline] (102.213 ms) : 0, 102213
ProfilingAgent [candidate] (102.448 ms) : 0, 102448
BytebuddyAgent [baseline] (672.516 ms) : 0, 672516
BytebuddyAgent [candidate] (677.346 ms) : 0, 677346
GlobalTracer [baseline] (373.762 ms) : 0, 373762
GlobalTracer [candidate] (375.643 ms) : 0, 375643
AppSec [baseline] (61.809 ms) : 0, 61809
AppSec [candidate] (61.948 ms) : 0, 61948
Debugger [baseline] (6.194 ms) : 0, 6194
Debugger [candidate] (6.232 ms) : 0, 6232
Remote Config [baseline] (640.657 µs) : 0, 641
Remote Config [candidate] (642.674 µs) : 0, 643
Telemetry [baseline] (8.13 ms) : 0, 8130
Telemetry [candidate] (8.185 ms) : 0, 8185
Profiling [baseline] (102.236 ms) : 0, 102236
Profiling [candidate] (102.472 ms) : 0, 102472

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.02 s) : 0, 1019803
Total [baseline] (8.665 s) : 0, 8664711
Agent [candidate] (1.017 s) : 0, 1016930
Total [candidate] (8.637 s) : 0, 8636835
section iast
Agent [baseline] (1.149 s) : 0, 1149279
Total [baseline] (9.23 s) : 0, 9229968
Agent [candidate] (1.157 s) : 0, 1156768
Total [candidate] (9.278 s) : 0, 9278426
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.148 s) : 0, 1148191
Total [baseline] (9.173 s) : 0, 9173119
Agent [candidate] (1.146 s) : 0, 1146406
Total [candidate] (9.17 s) : 0, 9170481
section iast_TELEMETRY_OFF
Agent [baseline] (1.146 s) : 0, 1145714
Total [baseline] (9.213 s) : 0, 9212695
Agent [candidate] (1.155 s) : 0, 1154847
Total [candidate] (9.262 s) : 0, 9262470

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.02 s	-
Agent	iast	1.149 s	129.477 ms (12.7%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.148 s	128.388 ms (12.6%)
Agent	iast_TELEMETRY_OFF	1.146 s	125.911 ms (12.3%)
Total	tracing	8.665 s	-
Total	iast	9.23 s	565.257 ms (6.5%)
Total	iast_HARDCODED_SECRET_DISABLED	9.173 s	508.408 ms (5.9%)
Total	iast_TELEMETRY_OFF	9.213 s	547.984 ms (6.3%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.017 s	-
Agent	iast	1.157 s	139.838 ms (13.8%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.146 s	129.476 ms (12.7%)
Agent	iast_TELEMETRY_OFF	1.155 s	137.917 ms (13.6%)
Total	tracing	8.637 s	-
Total	iast	9.278 s	641.591 ms (7.4%)
Total	iast_HARDCODED_SECRET_DISABLED	9.17 s	533.646 ms (6.2%)
Total	iast_TELEMETRY_OFF	9.262 s	625.635 ms (7.2%)

gantt
    title insecure-bank - break down per module: candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (681.389 ms) : 0, 681389
BytebuddyAgent [candidate] (680.625 ms) : 0, 680625
GlobalTracer [baseline] (239.174 ms) : 0, 239174
GlobalTracer [candidate] (239.563 ms) : 0, 239563
AppSec [baseline] (55.695 ms) : 0, 55695
AppSec [candidate] (54.262 ms) : 0, 54262
Debugger [baseline] (9.633 ms) : 0, 9633
Debugger [candidate] (7.637 ms) : 0, 7637
Remote Config [baseline] (687.24 µs) : 0, 687
Remote Config [candidate] (698.883 µs) : 0, 699
Telemetry [baseline] (9.721 ms) : 0, 9721
Telemetry [candidate] (10.617 ms) : 0, 10617
section iast
BytebuddyAgent [baseline] (802.002 ms) : 0, 802002
BytebuddyAgent [candidate] (807.445 ms) : 0, 807445
GlobalTracer [baseline] (230.644 ms) : 0, 230644
GlobalTracer [candidate] (231.738 ms) : 0, 231738
IAST [baseline] (29.301 ms) : 0, 29301
IAST [candidate] (27.903 ms) : 0, 27903
AppSec [baseline] (49.507 ms) : 0, 49507
AppSec [candidate] (51.527 ms) : 0, 51527
Debugger [baseline] (5.897 ms) : 0, 5897
Debugger [candidate] (5.95 ms) : 0, 5950
Remote Config [baseline] (596.247 µs) : 0, 596
Remote Config [candidate] (598.773 µs) : 0, 599
Telemetry [baseline] (7.916 ms) : 0, 7916
Telemetry [candidate] (7.989 ms) : 0, 7989
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (800.561 ms) : 0, 800561
BytebuddyAgent [candidate] (798.684 ms) : 0, 798684
GlobalTracer [baseline] (230.592 ms) : 0, 230592
GlobalTracer [candidate] (230.592 ms) : 0, 230592
IAST [baseline] (27.844 ms) : 0, 27844
IAST [candidate] (26.984 ms) : 0, 26984
AppSec [baseline] (51.219 ms) : 0, 51219
AppSec [candidate] (52.113 ms) : 0, 52113
Debugger [baseline] (5.923 ms) : 0, 5923
Debugger [candidate] (5.965 ms) : 0, 5965
Remote Config [baseline] (598.77 µs) : 0, 599
Remote Config [candidate] (605.216 µs) : 0, 605
Telemetry [baseline] (7.936 ms) : 0, 7936
Telemetry [candidate] (8.012 ms) : 0, 8012
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (799.272 ms) : 0, 799272
BytebuddyAgent [candidate] (805.184 ms) : 0, 805184
GlobalTracer [baseline] (230.104 ms) : 0, 230104
GlobalTracer [candidate] (232.717 ms) : 0, 232717
IAST [baseline] (23.074 ms) : 0, 23074
IAST [candidate] (22.723 ms) : 0, 22723
AppSec [baseline] (55.412 ms) : 0, 55412
AppSec [candidate] (56.107 ms) : 0, 56107
Debugger [baseline] (5.949 ms) : 0, 5949
Debugger [candidate] (6.059 ms) : 0, 6059
Remote Config [baseline] (590.196 µs) : 0, 590
Remote Config [candidate] (611.213 µs) : 0, 611
Telemetry [baseline] (7.764 ms) : 0, 7764
Telemetry [candidate] (7.83 ms) : 0, 7830

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2025-05-19T17:48:39	2025-05-19T17:56:25
git_branch	master	dependabot/github_actions/gh-actions-packages-ced721f930
git_commit_date	1747667730	1747676352
git_commit_sha	`872388f`	`707740c`
release_version	1.50.0-SNAPSHOT~872388f75c	1.50.0-SNAPSHOT~707740cc7a
start_time	2025-05-19T17:48:25	2025-05-19T17:56:11

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1747677786	1747677786
ci_job_id	944498843	944498843
ci_pipeline_id	65517744	65517744
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-uus1uqpw-project-304-concurrent-0-vpw702uy 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-uus1uqpw-project-304-concurrent-0-vpw702uy 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 18 unstable metrics.

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.371 ms) : 1352, 1391
.   : milestone, 1371,
appsec (1.747 ms) : 1724, 1771
.   : milestone, 1747,
appsec_no_iast (1.744 ms) : 1720, 1768
.   : milestone, 1744,
code_origins (1.665 ms) : 1638, 1692
.   : milestone, 1665,
iast (1.534 ms) : 1510, 1558
.   : milestone, 1534,
profiling (1.53 ms) : 1506, 1554
.   : milestone, 1530,
tracing (1.506 ms) : 1481, 1531
.   : milestone, 1506,
section candidate
no_agent (1.377 ms) : 1356, 1397
.   : milestone, 1377,
appsec (1.74 ms) : 1716, 1764
.   : milestone, 1740,
appsec_no_iast (1.728 ms) : 1705, 1752
.   : milestone, 1728,
code_origins (1.662 ms) : 1635, 1689
.   : milestone, 1662,
iast (1.531 ms) : 1506, 1556
.   : milestone, 1531,
profiling (1.545 ms) : 1520, 1569
.   : milestone, 1545,
tracing (1.512 ms) : 1487, 1536
.   : milestone, 1512,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.371 ms [1.352 ms, 1.391 ms]	-
appsec	1.747 ms [1.724 ms, 1.771 ms]	375.731 µs (27.4%)
appsec_no_iast	1.744 ms [1.72 ms, 1.768 ms]	372.668 µs (27.2%)
code_origins	1.665 ms [1.638 ms, 1.692 ms]	293.616 µs (21.4%)
iast	1.534 ms [1.51 ms, 1.558 ms]	162.465 µs (11.8%)
profiling	1.53 ms [1.506 ms, 1.554 ms]	158.634 µs (11.6%)
tracing	1.506 ms [1.481 ms, 1.531 ms]	134.576 µs (9.8%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.377 ms [1.356 ms, 1.397 ms]	-
appsec	1.74 ms [1.716 ms, 1.764 ms]	362.666 µs (26.3%)
appsec_no_iast	1.728 ms [1.705 ms, 1.752 ms]	351.316 µs (25.5%)
code_origins	1.662 ms [1.635 ms, 1.689 ms]	284.611 µs (20.7%)
iast	1.531 ms [1.506 ms, 1.556 ms]	153.951 µs (11.2%)
profiling	1.545 ms [1.52 ms, 1.569 ms]	167.728 µs (12.2%)
tracing	1.512 ms [1.487 ms, 1.536 ms]	134.767 µs (9.8%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c
    dateFormat X
    axisFormat %s
section baseline
no_agent (387.162 µs) : 367, 408
.   : milestone, 387,
iast (524.814 µs) : 502, 548
.   : milestone, 525,
iast_FULL (737.478 µs) : 716, 759
.   : milestone, 737,
iast_GLOBAL (575.399 µs) : 553, 598
.   : milestone, 575,
iast_HARDCODED_SECRET_DISABLED (526.096 µs) : 503, 549
.   : milestone, 526,
iast_INACTIVE (465.707 µs) : 444, 488
.   : milestone, 466,
iast_TELEMETRY_OFF (515.3 µs) : 492, 539
.   : milestone, 515,
tracing (466.726 µs) : 444, 490
.   : milestone, 467,
section candidate
no_agent (377.755 µs) : 358, 398
.   : milestone, 378,
iast (522.051 µs) : 500, 544
.   : milestone, 522,
iast_FULL (743.858 µs) : 722, 766
.   : milestone, 744,
iast_GLOBAL (565.066 µs) : 543, 587
.   : milestone, 565,
iast_HARDCODED_SECRET_DISABLED (529.88 µs) : 507, 553
.   : milestone, 530,
iast_INACTIVE (464.222 µs) : 442, 486
.   : milestone, 464,
iast_TELEMETRY_OFF (524.304 µs) : 501, 547
.   : milestone, 524,
tracing (468.396 µs) : 446, 491
.   : milestone, 468,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	387.162 µs [366.801 µs, 407.524 µs]	-
iast	524.814 µs [501.648 µs, 547.98 µs]	137.651 µs (35.6%)
iast_FULL	737.478 µs [715.548 µs, 759.407 µs]	350.315 µs (90.5%)
iast_GLOBAL	575.399 µs [552.655 µs, 598.142 µs]	188.236 µs (48.6%)
iast_HARDCODED_SECRET_DISABLED	526.096 µs [503.18 µs, 549.012 µs]	138.934 µs (35.9%)
iast_INACTIVE	465.707 µs [443.58 µs, 487.834 µs]	78.545 µs (20.3%)
iast_TELEMETRY_OFF	515.3 µs [492.003 µs, 538.596 µs]	128.138 µs (33.1%)
tracing	466.726 µs [443.943 µs, 489.51 µs]	79.564 µs (20.6%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	377.755 µs [357.647 µs, 397.864 µs]	-
iast	522.051 µs [499.933 µs, 544.17 µs]	144.296 µs (38.2%)
iast_FULL	743.858 µs [721.759 µs, 765.957 µs]	366.102 µs (96.9%)
iast_GLOBAL	565.066 µs [542.948 µs, 587.184 µs]	187.311 µs (49.6%)
iast_HARDCODED_SECRET_DISABLED	529.88 µs [507.215 µs, 552.545 µs]	152.125 µs (40.3%)
iast_INACTIVE	464.222 µs [442.22 µs, 486.225 µs]	86.467 µs (22.9%)
iast_TELEMETRY_OFF	524.304 µs [501.205 µs, 547.402 µs]	146.548 µs (38.8%)
tracing	468.396 µs [445.976 µs, 490.816 µs]	90.641 µs (24.0%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	dependabot/github_actions/gh-actions-packages-ced721f930
git_commit_date	1747667730	1747676352
git_commit_sha	`872388f`	`707740c`
release_version	1.50.0-SNAPSHOT~872388f75c	1.50.0-SNAPSHOT~707740cc7a

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1747678463	1747678463
ci_job_id	944498846	944498846
ci_pipeline_id	65517744	65517744
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-pgbceyrs-project-304-concurrent-1-905jnzt1 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-pgbceyrs-project-304-concurrent-1-905jnzt1 6.8.0-1028-aws #30~22.04.1-Ubuntu SMP Sun Apr 20 06:03:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.483 ms) : 1471, 1494
.   : milestone, 1483,
appsec (2.416 ms) : 2367, 2465
.   : milestone, 2416,
iast (2.201 ms) : 2139, 2263
.   : milestone, 2201,
iast_GLOBAL (2.251 ms) : 2188, 2313
.   : milestone, 2251,
profiling (2.066 ms) : 2015, 2117
.   : milestone, 2066,
tracing (2.014 ms) : 1966, 2062
.   : milestone, 2014,
section candidate
no_agent (1.483 ms) : 1471, 1494
.   : milestone, 1483,
appsec (2.426 ms) : 2376, 2475
.   : milestone, 2426,
iast (2.202 ms) : 2140, 2264
.   : milestone, 2202,
iast_GLOBAL (2.242 ms) : 2180, 2304
.   : milestone, 2242,
profiling (2.07 ms) : 2019, 2121
.   : milestone, 2070,
tracing (2.029 ms) : 1980, 2077
.   : milestone, 2029,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.483 ms [1.471 ms, 1.494 ms]	-
appsec	2.416 ms [2.367 ms, 2.465 ms]	933.735 µs (63.0%)
iast	2.201 ms [2.139 ms, 2.263 ms]	718.488 µs (48.5%)
iast_GLOBAL	2.251 ms [2.188 ms, 2.313 ms]	768.064 µs (51.8%)
profiling	2.066 ms [2.015 ms, 2.117 ms]	583.236 µs (39.3%)
tracing	2.014 ms [1.966 ms, 2.062 ms]	531.438 µs (35.8%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.483 ms [1.471 ms, 1.494 ms]	-
appsec	2.426 ms [2.376 ms, 2.475 ms]	943.027 µs (63.6%)
iast	2.202 ms [2.14 ms, 2.264 ms]	719.682 µs (48.5%)
iast_GLOBAL	2.242 ms [2.18 ms, 2.304 ms]	759.197 µs (51.2%)
profiling	2.07 ms [2.019 ms, 2.121 ms]	586.976 µs (39.6%)
tracing	2.029 ms [1.98 ms, 2.077 ms]	546.192 µs (36.8%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~707740cc7a, baseline=1.50.0-SNAPSHOT~872388f75c
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.447 s) : 15447000, 15447000
.   : milestone, 15447000,
appsec (14.947 s) : 14947000, 14947000
.   : milestone, 14947000,
iast (19.088 s) : 19088000, 19088000
.   : milestone, 19088000,
iast_GLOBAL (17.752 s) : 17752000, 17752000
.   : milestone, 17752000,
profiling (14.968 s) : 14968000, 14968000
.   : milestone, 14968000,
tracing (15.184 s) : 15184000, 15184000
.   : milestone, 15184000,
section candidate
no_agent (15.375 s) : 15375000, 15375000
.   : milestone, 15375000,
appsec (14.978 s) : 14978000, 14978000
.   : milestone, 14978000,
iast (18.854 s) : 18854000, 18854000
.   : milestone, 18854000,
iast_GLOBAL (18.057 s) : 18057000, 18057000
.   : milestone, 18057000,
profiling (15.002 s) : 15002000, 15002000
.   : milestone, 15002000,
tracing (15.202 s) : 15202000, 15202000
.   : milestone, 15202000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.447 s [15.447 s, 15.447 s]	-
appsec	14.947 s [14.947 s, 14.947 s]	-500.0 ms (-3.2%)
iast	19.088 s [19.088 s, 19.088 s]	3.641 s (23.6%)
iast_GLOBAL	17.752 s [17.752 s, 17.752 s]	2.305 s (14.9%)
profiling	14.968 s [14.968 s, 14.968 s]	-479.0 ms (-3.1%)
tracing	15.184 s [15.184 s, 15.184 s]	-263.0 ms (-1.7%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.375 s [15.375 s, 15.375 s]	-
appsec	14.978 s [14.978 s, 14.978 s]	-397.0 ms (-2.6%)
iast	18.854 s [18.854 s, 18.854 s]	3.479 s (22.6%)
iast_GLOBAL	18.057 s [18.057 s, 18.057 s]	2.682 s (17.4%)
profiling	15.002 s [15.002 s, 15.002 s]	-373.0 ms (-2.4%)
tracing	15.202 s [15.202 s, 15.202 s]	-173.0 ms (-1.1%)

dependabot bot added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes labels May 19, 2025

dependabot bot requested a review from a team as a code owner May 19, 2025 17:39

dependabot bot added tag: no release notes Changes to exclude from release notes tag: dependencies Dependencies related changes comp: tooling Build & Tooling labels May 19, 2025

PerfectSlayer approved these changes May 22, 2025

View reviewed changes

PerfectSlayer merged commit 8e7b515 into master May 22, 2025
585 of 591 checks passed

PerfectSlayer deleted the dependabot/github_actions/gh-actions-packages-ced721f930 branch May 22, 2025 08:08

github-actions bot added this to the 1.50.0 milestone May 22, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(ci): bump github/codeql-action from 3.28.17 to 3.28.18 in the gh-actions-packages group #8850

chore(ci): bump github/codeql-action from 3.28.17 to 3.28.18 in the gh-actions-packages group #8850

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

chore(ci): bump github/codeql-action from 3.28.17 to 3.28.18 in the gh-actions-packages group #8850

chore(ci): bump github/codeql-action from 3.28.17 to 3.28.18 in the gh-actions-packages group #8850

Uh oh!

Conversation

v3.28.18

CodeQL Action Changelog

3.28.18 - 16 May 2025

CodeQL Action Changelog

[UNRELEASED]

3.28.18 - 16 May 2025

3.28.17 - 02 May 2025

3.28.16 - 23 Apr 2025

3.28.15 - 07 Apr 2025

3.28.14 - 07 Apr 2025

3.28.13 - 24 Mar 2025

3.28.12 - 19 Mar 2025

3.28.11 - 07 Mar 2025

3.28.10 - 21 Feb 2025

3.28.9 - 07 Feb 2025

Uh oh!

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

Uh oh!

Uh oh!

Uh oh!