Upgrade dependencies only if they were released >48h ago

[sarahchen6]

What Does This Do

Only upgrade dependencies if they are at least 48 hours old. This PR specifically addresses the “Update Gradle dependencies” and “Update smoke test latest versions” workflows.

Motivation

Require a 48-hour cooldown on external dependencies to reduce the risk of zero-day vulnerabilities.

Additional Notes

This PR was largely written by AI with my guidance on requirements and testing, followed by my review and tweaks for readability.

Contributor Checklist

• Format the title according to the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any other useful labels
• Avoid using close, fix, or any linking keywords when referencing an issue
  Use solves instead, and assign the PR milestone to the issue
• Update the CODEOWNERS file on source file addition, migration, or deletion
• Update public documentation with any new configuration flags or behaviors

Jira ticket: [PROJ-IDENT]

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

[sarahchen6]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 27b94b1c4c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	sarahchen6/implement-48h-cooldown
git_commit_date	1777386837	1777409524
git_commit_sha	e6cac64	79b5b63
release_version	1.62.0-SNAPSHOT~e6cac64dfd	1.62.0-SNAPSHOT~79b5b639d7

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1777411482	1777411482
ci_job_id	1640030305	1640030305
ci_pipeline_id	110285916	110285916
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-t41zsk6g 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-t41zsk6g 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 62 metrics, 9 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.066 s) : 0, 1065845
Total [baseline] (8.856 s) : 0, 8855998
Agent [candidate] (1.064 s) : 0, 1064149
Total [candidate] (8.822 s) : 0, 8821717
section iast
Agent [baseline] (1.245 s) : 0, 1244777
Total [baseline] (9.531 s) : 0, 9531294
Agent [candidate] (1.245 s) : 0, 1245347
Total [candidate] (9.518 s) : 0, 9518306

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.066 s	-
Agent	iast	1.245 s	178.932 ms (16.8%)
Total	tracing	8.856 s	-
Total	iast	9.531 s	675.296 ms (7.6%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.064 s	-
Agent	iast	1.245 s	181.198 ms (17.0%)
Total	tracing	8.822 s	-
Total	iast	9.518 s	696.589 ms (7.9%)

gantt
    title insecure-bank - break down per module: candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.222 ms) : 0, 1222
crashtracking [candidate] (1.221 ms) : 0, 1221
BytebuddyAgent [baseline] (638.83 ms) : 0, 638830
BytebuddyAgent [candidate] (636.505 ms) : 0, 636505
AgentMeter [baseline] (29.243 ms) : 0, 29243
AgentMeter [candidate] (29.543 ms) : 0, 29543
GlobalTracer [baseline] (248.321 ms) : 0, 248321
GlobalTracer [candidate] (248.763 ms) : 0, 248763
AppSec [baseline] (32.9 ms) : 0, 32900
AppSec [candidate] (32.726 ms) : 0, 32726
Debugger [baseline] (59.847 ms) : 0, 59847
Debugger [candidate] (59.947 ms) : 0, 59947
Remote Config [baseline] (604.303 µs) : 0, 604
Remote Config [candidate] (609.881 µs) : 0, 610
Telemetry [baseline] (9.104 ms) : 0, 9104
Telemetry [candidate] (8.38 ms) : 0, 8380
Flare Poller [baseline] (9.808 ms) : 0, 9808
Flare Poller [candidate] (10.538 ms) : 0, 10538
section iast
crashtracking [baseline] (1.228 ms) : 0, 1228
crashtracking [candidate] (1.221 ms) : 0, 1221
BytebuddyAgent [baseline] (825.181 ms) : 0, 825181
BytebuddyAgent [candidate] (824.692 ms) : 0, 824692
AgentMeter [baseline] (11.274 ms) : 0, 11274
AgentMeter [candidate] (11.328 ms) : 0, 11328
GlobalTracer [baseline] (237.062 ms) : 0, 237062
GlobalTracer [candidate] (237.752 ms) : 0, 237752
IAST [baseline] (27.493 ms) : 0, 27493
IAST [candidate] (26.686 ms) : 0, 26686
AppSec [baseline] (32.032 ms) : 0, 32032
AppSec [candidate] (31.568 ms) : 0, 31568
Debugger [baseline] (62.567 ms) : 0, 62567
Debugger [candidate] (64.086 ms) : 0, 64086
Remote Config [baseline] (529.703 µs) : 0, 530
Remote Config [candidate] (532.498 µs) : 0, 532
Telemetry [baseline] (7.957 ms) : 0, 7957
Telemetry [candidate] (8.001 ms) : 0, 8001
Flare Poller [baseline] (3.377 ms) : 0, 3377
Flare Poller [candidate] (3.429 ms) : 0, 3429

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.071 s) : 0, 1070980
Total [baseline] (11.006 s) : 0, 11005924
Agent [candidate] (1.065 s) : 0, 1064748
Total [candidate] (11.004 s) : 0, 11004405
section appsec
Agent [baseline] (1.266 s) : 0, 1266348
Total [baseline] (11.03 s) : 0, 11029841
Agent [candidate] (1.266 s) : 0, 1265957
Total [candidate] (10.99 s) : 0, 10989579
section iast
Agent [baseline] (1.266 s) : 0, 1266107
Total [baseline] (11.374 s) : 0, 11374199
Agent [candidate] (1.245 s) : 0, 1245341
Total [candidate] (11.219 s) : 0, 11219027
section profiling
Agent [baseline] (1.186 s) : 0, 1185846
Total [baseline] (10.926 s) : 0, 10925971
Agent [candidate] (1.187 s) : 0, 1187047
Total [candidate] (10.999 s) : 0, 10998945

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.071 s	-
Agent	appsec	1.266 s	195.368 ms (18.2%)
Agent	iast	1.266 s	195.127 ms (18.2%)
Agent	profiling	1.186 s	114.866 ms (10.7%)
Total	tracing	11.006 s	-
Total	appsec	11.03 s	23.916 ms (0.2%)
Total	iast	11.374 s	368.275 ms (3.3%)
Total	profiling	10.926 s	-79.954 ms (-0.7%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.065 s	-
Agent	appsec	1.266 s	201.209 ms (18.9%)
Agent	iast	1.245 s	180.593 ms (17.0%)
Agent	profiling	1.187 s	122.299 ms (11.5%)
Total	tracing	11.004 s	-
Total	appsec	10.99 s	-14.826 ms (-0.1%)
Total	iast	11.219 s	214.622 ms (2.0%)
Total	profiling	10.999 s	-5.46 ms (-0.0%)

gantt
    title petclinic - break down per module: candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.233 ms) : 0, 1233
crashtracking [candidate] (1.246 ms) : 0, 1246
BytebuddyAgent [baseline] (640.388 ms) : 0, 640388
BytebuddyAgent [candidate] (635.103 ms) : 0, 635103
AgentMeter [baseline] (29.607 ms) : 0, 29607
AgentMeter [candidate] (29.532 ms) : 0, 29532
GlobalTracer [baseline] (250.148 ms) : 0, 250148
GlobalTracer [candidate] (249.033 ms) : 0, 249033
AppSec [baseline] (32.884 ms) : 0, 32884
AppSec [candidate] (32.877 ms) : 0, 32877
Debugger [baseline] (60.469 ms) : 0, 60469
Debugger [candidate] (60.615 ms) : 0, 60615
Remote Config [baseline] (592.546 µs) : 0, 593
Remote Config [candidate] (590.54 µs) : 0, 591
Telemetry [baseline] (8.317 ms) : 0, 8317
Telemetry [candidate] (9.883 ms) : 0, 9883
Flare Poller [baseline] (11.236 ms) : 0, 11236
Flare Poller [candidate] (9.927 ms) : 0, 9927
section appsec
crashtracking [baseline] (1.217 ms) : 0, 1217
crashtracking [candidate] (1.215 ms) : 0, 1215
BytebuddyAgent [baseline] (676.184 ms) : 0, 676184
BytebuddyAgent [candidate] (675.465 ms) : 0, 675465
AgentMeter [baseline] (12.242 ms) : 0, 12242
AgentMeter [candidate] (12.272 ms) : 0, 12272
GlobalTracer [baseline] (249.732 ms) : 0, 249732
GlobalTracer [candidate] (249.645 ms) : 0, 249645
IAST [baseline] (24.731 ms) : 0, 24731
IAST [candidate] (24.626 ms) : 0, 24626
AppSec [baseline] (185.062 ms) : 0, 185062
AppSec [candidate] (185.312 ms) : 0, 185312
Debugger [baseline] (64.966 ms) : 0, 64966
Debugger [candidate] (64.967 ms) : 0, 64967
Remote Config [baseline] (559.587 µs) : 0, 560
Remote Config [candidate] (588.562 µs) : 0, 589
Telemetry [baseline] (7.838 ms) : 0, 7838
Telemetry [candidate] (7.822 ms) : 0, 7822
Flare Poller [baseline] (6.695 ms) : 0, 6695
Flare Poller [candidate] (6.842 ms) : 0, 6842
section iast
crashtracking [baseline] (1.242 ms) : 0, 1242
crashtracking [candidate] (1.218 ms) : 0, 1218
BytebuddyAgent [baseline] (841.78 ms) : 0, 841780
BytebuddyAgent [candidate] (823.488 ms) : 0, 823488
AgentMeter [baseline] (11.59 ms) : 0, 11590
AgentMeter [candidate] (11.34 ms) : 0, 11340
GlobalTracer [baseline] (240.323 ms) : 0, 240323
GlobalTracer [candidate] (238.27 ms) : 0, 238270
IAST [baseline] (27.634 ms) : 0, 27634
IAST [candidate] (26.64 ms) : 0, 26640
AppSec [baseline] (31.488 ms) : 0, 31488
AppSec [candidate] (33.108 ms) : 0, 33108
Debugger [baseline] (63.634 ms) : 0, 63634
Debugger [candidate] (63.235 ms) : 0, 63235
Remote Config [baseline] (533.054 µs) : 0, 533
Remote Config [candidate] (533.43 µs) : 0, 533
Telemetry [baseline] (7.998 ms) : 0, 7998
Telemetry [candidate] (7.995 ms) : 0, 7995
Flare Poller [baseline] (3.409 ms) : 0, 3409
Flare Poller [candidate] (3.438 ms) : 0, 3438
section profiling
crashtracking [baseline] (1.193 ms) : 0, 1193
crashtracking [candidate] (1.189 ms) : 0, 1189
BytebuddyAgent [baseline] (691.879 ms) : 0, 691879
BytebuddyAgent [candidate] (692.371 ms) : 0, 692371
AgentMeter [baseline] (8.884 ms) : 0, 8884
AgentMeter [candidate] (8.913 ms) : 0, 8913
GlobalTracer [baseline] (207.73 ms) : 0, 207730
GlobalTracer [candidate] (207.699 ms) : 0, 207699
AppSec [baseline] (32.734 ms) : 0, 32734
AppSec [candidate] (32.589 ms) : 0, 32589
Debugger [baseline] (65.78 ms) : 0, 65780
Debugger [candidate] (65.874 ms) : 0, 65874
Remote Config [baseline] (578.757 µs) : 0, 579
Remote Config [candidate] (580.859 µs) : 0, 581
Telemetry [baseline] (8.132 ms) : 0, 8132
Telemetry [candidate] (8.077 ms) : 0, 8077
Flare Poller [baseline] (3.538 ms) : 0, 3538
Flare Poller [candidate] (3.596 ms) : 0, 3596
ProfilingAgent [baseline] (94.057 ms) : 0, 94057
ProfilingAgent [candidate] (94.82 ms) : 0, 94820
Profiling [baseline] (94.608 ms) : 0, 94608
Profiling [candidate] (95.388 ms) : 0, 95388

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	sarahchen6/implement-48h-cooldown
git_commit_date	1777386837	1777409524
git_commit_sha	e6cac64	79b5b63
release_version	1.62.0-SNAPSHOT~e6cac64dfd	1.62.0-SNAPSHOT~79b5b639d7

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1777412068	1777412068
ci_job_id	1640030306	1640030306
ci_pipeline_id	110285916	110285916
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-1-qu76e3p3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-1-qu76e3p3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 3 performance regressions! Performance is the same for 14 metrics, 18 unstable metrics.

scenario	Δ mean agg_http_req_duration_p50	Δ mean agg_http_req_duration_p95	Δ mean throughput	candidate mean agg_http_req_duration_p50	candidate mean agg_http_req_duration_p95	candidate mean throughput	baseline mean agg_http_req_duration_p50	baseline mean agg_http_req_duration_p95	baseline mean throughput
scenario:load:insecure-bank:iast:high_load	worse [+101.524µs; +261.381µs] or [+3.957%; +10.189%]	unstable [-344.770µs; +627.124µs] or [-4.415%; +8.032%]	unstable [-236.585op/s; +72.898op/s] or [-17.170%; +5.290%]	2.747ms	7.949ms	1296.094op/s	2.565ms	7.808ms	1377.938op/s
scenario:load:insecure-bank:iast_FULL:high_load	unsure [-298.100µs; -70.139µs] or [-5.353%; -1.259%]	better [-1146.237µs; -531.464µs] or [-8.526%; -3.953%]	unstable [-44.088op/s; +111.400op/s] or [-5.984%; +15.120%]	5.385ms	12.606ms	770.438op/s	5.569ms	13.444ms	736.781op/s
scenario:load:petclinic:appsec:high_load	worse [+0.910ms; +1.835ms] or [+4.980%; +10.042%]	worse [+0.993ms; +2.394ms] or [+3.372%; +8.132%]	unstable [-43.213op/s; +9.650op/s] or [-17.193%; +3.840%]	19.648ms	31.130ms	234.562op/s	18.275ms	29.437ms	251.344op/s

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.266 ms) : 1253, 1279
.   : milestone, 1266,
iast (3.321 ms) : 3275, 3368
.   : milestone, 3321,
iast_FULL (6.281 ms) : 6215, 6346
.   : milestone, 6281,
iast_GLOBAL (3.76 ms) : 3698, 3823
.   : milestone, 3760,
profiling (2.043 ms) : 2025, 2061
.   : milestone, 2043,
tracing (1.903 ms) : 1887, 1920
.   : milestone, 1903,
section candidate
no_agent (1.261 ms) : 1248, 1274
.   : milestone, 1261,
iast (3.537 ms) : 3481, 3592
.   : milestone, 3537,
iast_FULL (6.004 ms) : 5943, 6064
.   : milestone, 6004,
iast_GLOBAL (3.72 ms) : 3660, 3781
.   : milestone, 3720,
profiling (2.075 ms) : 2056, 2093
.   : milestone, 2075,
tracing (1.881 ms) : 1865, 1896
.   : milestone, 1881,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.266 ms [1.253 ms, 1.279 ms]	-
iast	3.321 ms [3.275 ms, 3.368 ms]	2.055 ms (162.4%)
iast_FULL	6.281 ms [6.215 ms, 6.346 ms]	5.015 ms (396.2%)
iast_GLOBAL	3.76 ms [3.698 ms, 3.823 ms]	2.495 ms (197.1%)
profiling	2.043 ms [2.025 ms, 2.061 ms]	777.201 µs (61.4%)
tracing	1.903 ms [1.887 ms, 1.92 ms]	637.66 µs (50.4%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.261 ms [1.248 ms, 1.274 ms]	-
iast	3.537 ms [3.481 ms, 3.592 ms]	2.276 ms (180.5%)
iast_FULL	6.004 ms [5.943 ms, 6.064 ms]	4.743 ms (376.1%)
iast_GLOBAL	3.72 ms [3.66 ms, 3.781 ms]	2.459 ms (195.0%)
profiling	2.075 ms [2.056 ms, 2.093 ms]	813.56 µs (64.5%)
tracing	1.881 ms [1.865 ms, 1.896 ms]	619.723 µs (49.1%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (18.572 ms) : 18384, 18761
.   : milestone, 18572,
appsec (18.572 ms) : 18386, 18759
.   : milestone, 18572,
code_origins (17.599 ms) : 17425, 17774
.   : milestone, 17599,
iast (17.805 ms) : 17629, 17981
.   : milestone, 17805,
profiling (18.404 ms) : 18222, 18585
.   : milestone, 18404,
tracing (18.092 ms) : 17915, 18270
.   : milestone, 18092,
section candidate
no_agent (18.435 ms) : 18241, 18630
.   : milestone, 18435,
appsec (19.9 ms) : 19700, 20101
.   : milestone, 19900,
code_origins (17.938 ms) : 17761, 18115
.   : milestone, 17938,
iast (17.772 ms) : 17595, 17950
.   : milestone, 17772,
profiling (18.173 ms) : 17994, 18352
.   : milestone, 18173,
tracing (17.657 ms) : 17483, 17831
.   : milestone, 17657,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	18.572 ms [18.384 ms, 18.761 ms]	-
appsec	18.572 ms [18.386 ms, 18.759 ms]	0.031 µs (0.0%)
code_origins	17.599 ms [17.425 ms, 17.774 ms]	-973.13 µs (-5.2%)
iast	17.805 ms [17.629 ms, 17.981 ms]	-767.228 µs (-4.1%)
profiling	18.404 ms [18.222 ms, 18.585 ms]	-168.729 µs (-0.9%)
tracing	18.092 ms [17.915 ms, 18.27 ms]	-479.858 µs (-2.6%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	18.435 ms [18.241 ms, 18.63 ms]	-
appsec	19.9 ms [19.7 ms, 20.101 ms]	1.465 ms (7.9%)
code_origins	17.938 ms [17.761 ms, 18.115 ms]	-497.414 µs (-2.7%)
iast	17.772 ms [17.595 ms, 17.95 ms]	-662.995 µs (-3.6%)
profiling	18.173 ms [17.994 ms, 18.352 ms]	-262.177 µs (-1.4%)
tracing	17.657 ms [17.483 ms, 17.831 ms]	-778.237 µs (-4.2%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	sarahchen6/implement-48h-cooldown
git_commit_date	1777386837	1777409524
git_commit_sha	e6cac64	79b5b63
release_version	1.62.0-SNAPSHOT~e6cac64dfd	1.62.0-SNAPSHOT~79b5b639d7

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1777411798	1777411798
ci_job_id	1640030307	1640030307
ci_pipeline_id	110285916	110285916
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-v6xi8vn3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-v6xi8vn3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 2 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.488 ms) : 1477, 1500
.   : milestone, 1488,
appsec (3.785 ms) : 3567, 4002
.   : milestone, 3785,
iast (2.276 ms) : 2206, 2345
.   : milestone, 2276,
iast_GLOBAL (2.322 ms) : 2252, 2392
.   : milestone, 2322,
profiling (2.097 ms) : 2043, 2152
.   : milestone, 2097,
tracing (2.084 ms) : 2030, 2138
.   : milestone, 2084,
section candidate
no_agent (1.487 ms) : 1476, 1499
.   : milestone, 1487,
appsec (3.772 ms) : 3553, 3991
.   : milestone, 3772,
iast (2.288 ms) : 2218, 2358
.   : milestone, 2288,
iast_GLOBAL (2.329 ms) : 2259, 2399
.   : milestone, 2329,
profiling (2.488 ms) : 2334, 2643
.   : milestone, 2488,
tracing (2.08 ms) : 2026, 2133
.   : milestone, 2080,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.488 ms [1.477 ms, 1.5 ms]	-
appsec	3.785 ms [3.567 ms, 4.002 ms]	2.297 ms (154.3%)
iast	2.276 ms [2.206 ms, 2.345 ms]	787.562 µs (52.9%)
iast_GLOBAL	2.322 ms [2.252 ms, 2.392 ms]	833.47 µs (56.0%)
profiling	2.097 ms [2.043 ms, 2.152 ms]	609.245 µs (40.9%)
tracing	2.084 ms [2.03 ms, 2.138 ms]	595.743 µs (40.0%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.487 ms [1.476 ms, 1.499 ms]	-
appsec	3.772 ms [3.553 ms, 3.991 ms]	2.285 ms (153.6%)
iast	2.288 ms [2.218 ms, 2.358 ms]	800.529 µs (53.8%)
iast_GLOBAL	2.329 ms [2.259 ms, 2.399 ms]	841.912 µs (56.6%)
profiling	2.488 ms [2.334 ms, 2.643 ms]	1.001 ms (67.3%)
tracing	2.08 ms [2.026 ms, 2.133 ms]	592.28 µs (39.8%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.62.0-SNAPSHOT~79b5b639d7, baseline=1.62.0-SNAPSHOT~e6cac64dfd
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.852 s) : 14852000, 14852000
.   : milestone, 14852000,
appsec (14.769 s) : 14769000, 14769000
.   : milestone, 14769000,
iast (18.596 s) : 18596000, 18596000
.   : milestone, 18596000,
iast_GLOBAL (18.23 s) : 18230000, 18230000
.   : milestone, 18230000,
profiling (14.988 s) : 14988000, 14988000
.   : milestone, 14988000,
tracing (15.102 s) : 15102000, 15102000
.   : milestone, 15102000,
section candidate
no_agent (15.548 s) : 15548000, 15548000
.   : milestone, 15548000,
appsec (14.966 s) : 14966000, 14966000
.   : milestone, 14966000,
iast (18.942 s) : 18942000, 18942000
.   : milestone, 18942000,
iast_GLOBAL (17.855 s) : 17855000, 17855000
.   : milestone, 17855000,
profiling (15.761 s) : 15761000, 15761000
.   : milestone, 15761000,
tracing (14.988 s) : 14988000, 14988000
.   : milestone, 14988000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.852 s [14.852 s, 14.852 s]	-
appsec	14.769 s [14.769 s, 14.769 s]	-83.0 ms (-0.6%)
iast	18.596 s [18.596 s, 18.596 s]	3.744 s (25.2%)
iast_GLOBAL	18.23 s [18.23 s, 18.23 s]	3.378 s (22.7%)
profiling	14.988 s [14.988 s, 14.988 s]	136.0 ms (0.9%)
tracing	15.102 s [15.102 s, 15.102 s]	250.0 ms (1.7%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.548 s [15.548 s, 15.548 s]	-
appsec	14.966 s [14.966 s, 14.966 s]	-582.0 ms (-3.7%)
iast	18.942 s [18.942 s, 18.942 s]	3.394 s (21.8%)
iast_GLOBAL	17.855 s [17.855 s, 17.855 s]	2.307 s (14.8%)
profiling	15.761 s [15.761 s, 15.761 s]	213.0 ms (1.4%)
tracing	14.988 s [14.988 s, 14.988 s]	-560.0 ms (-3.6%)

[sarahchen6]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5318987f46

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[sarahchen6]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f7c85866ff

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f598eb4a94

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[sarahchen6]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 028c711657

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Preserve non-violating version changes during reverts

When only some updates for a given group:artifact are violations, this pairing logic assigns every removed predecessor in that GA to the violating coordinate (target = ga_violations[min(i, ...)]). For example, if 1.0.0->1.1.0 is too new but 2.0.0->2.1.0 is old enough, both predecessors get attached to 1.1.0, and the rewrite re-adds 2.0.0 while leaving 2.1.0 in place. That yields duplicate/conflicting lockfile entries and silently rolls back valid updates, so the generated lockfile can be wrong.

Useful? React with 👍 / 👎.