Skip to content

chore(iast): split wrapped_view hook [backport 3.2] #12725

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 15, 2025
Merged

chore(iast): split wrapped_view hook [backport 3.2] #12725

merged 2 commits into from
Mar 15, 2025

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Mar 14, 2025

Backport 8670015 from #12706 to 3.2.

_on_wrapped_view contains the logic to block requests for AppSec and to taint path parameters for IAST. However, since the _on_wrapped_view hook function is in load_appsec, the IAST logic doesn’t run if AppSec isn’t enabled.

This PR splits that logic and creates two separate hooks.

This PR is a cherry-pick of one of the commits of this PR #12639

Checklist

  • PR author has checked that all the criteria below are met
  • The PR description includes an overview of the change
  • The PR description articulates the motivation for the change
  • The change includes tests OR the PR description describes a testing strategy
  • The PR description notes risks associated with the change, if any
  • Newly-added code is easy to change
  • The change follows the library release note guidelines
  • The change includes or references documentation updates if necessary
  • Backport labels are set (if applicable)

Reviewer Checklist

  • Reviewer has checked that all the criteria below are met
  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Newly-added code is easy to change
  • Release note makes sense to a user of the library
  • If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@avara1986 @github-actions
chore(iast): split wrapped_view hook (#12706)
2db9620 
`_on_wrapped_view` contains the logic to block requests for AppSec and
to taint path parameters for IAST. However, since the `_on_wrapped_view`
hook function is in `load_appsec`, the IAST logic doesn’t run if AppSec
isn’t enabled.

This PR splits that logic and creates two separate hooks.

This PR is a cherry-pick of one of the commits of this PR
#12639

## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

(cherry picked from commit 8670015)
@github-actions github-actions bot added changelog/no-changelog A changelog entry is not required for this PR. ASM Application Security Monitoring labels Mar 14, 2025
@github-actions github-actions bot requested review from a team as code owners March 14, 2025 07:48
@github-actions github-actions bot requested review from erikayasuda and wantsui March 14, 2025 07:48
@pr-commenter
Copy link

pr-commenter bot commented Mar 14, 2025
edited
Loading

Benchmarks

Benchmark execution time: 2025-03-15 11:36:09

Comparing candidate commit 4015256 in PR branch backport-12706-to-3.2 with baseline commit dca500f in branch 3.2.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 430 metrics, 2 unstable metrics.

@avara1986 avara1986 closed this Mar 15, 2025
@avara1986 avara1986 reopened this Mar 15, 2025
@avara1986 avara1986 merged commit 313e56c into 3.2 Mar 15, 2025
400 of 409 checks passed
@avara1986 avara1986 deleted the backport-12706-to-3.2 branch March 15, 2025 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brettlangdon brettlangdon brettlangdon approved these changes

@avara1986 avara1986 avara1986 approved these changes

@erikayasuda erikayasuda Awaiting requested review from erikayasuda erikayasuda is a code owner automatically assigned from DataDog/apm-core-python

@wantsui wantsui Awaiting requested review from wantsui wantsui is a code owner automatically assigned from DataDog/apm-idm-python

Assignees

No one assigned

Labels

ASM Application Security Monitoring changelog/no-changelog A changelog entry is not required for this PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@brettlangdon @avara1986