cataphract
Repos
28
Followers
51
Following
2

Events

Appsec: create top span for process executions

Created at 1 day ago

Appsec: create top span for process executions

Created at 1 day ago
pull request opened
Appsec: create top span for process executions

What Does This Do

Adds a span for process executions. See the doc "Shell Execution Integration" for the spec. Redactions are not implemented.

Created at 1 day ago
create branch
cataphract create branch glopes/appsec-proceses
Created at 1 day ago
delete branch
cataphract delete branch glopes/blocking
Created at 2 days ago

Implement blocking servlet/tomcat/jetty/undertow

Blocking: json and html responses

Publish http.client_ip address

Add appsec.blocked tag

Subscribe ASM_DATA; proper appsec mod reconfig

Update default blocking responses

Fix NPE when appsec is inactive

Documentation, rem unused field, jetty fix

Merge pull request #3701 from DataDog/glopes/blocking

Implement blocking servlet/tomcat/jetty

Created at 2 days ago
pull request closed
Implement blocking servlet/tomcat/jetty

Implements blocking behavior for servlet/tomcat/jetty. Blocking means a fixed error response is send and request handling is skipped.

Created at 2 days ago
delete branch
cataphract delete branch toggling
Created at 3 days ago
pull request closed
Support rule toggling; full action support; update libddwaf
Created at 3 days ago

Support rule toggling; update libddwaf

Full support for actions

Bump version to 5.0.0

Target mac os x 10.9 (amd64); bump to 5.0.1

Target mac os x 10.9 (amd64) for binding; bump to 5.0.2

New attempt to fix mac os build

Merge pull request #55 from sqreen/toggling

Support rule toggling; full action support; update libddwaf

Created at 3 days ago
pull request opened
IAST/JDBC

What Does This Do

Reports calls to JDBC functions called with tainted strings.

Created at 3 days ago

Add support conditions for duplicated probes

Keep track of capturing probeIds based on condition evaluations before adding snapshots to the sink

Introduced Telemetry heartbeat interval undocumented option.

Disabled flaky tests

fixed accidental duplication in NettyClient and fixed RemoteJDBCInstrumentation test

ran spotlessApply

Add smoke test for probe error status

Fixed heartbeat interval + tests

Servlet2ResponseStatusAdvice expects the first argument of sendError/setStatus to be an integer status code - update the method matcher in Servlet2ResponseStatusInstrumentation to record that constraint (#3888)

Split SQS receive request instrumentation so we can apply structural constraint to the QueueBufferConfig part (#3889)

Remove isCapturing field

Rely on capturingProbeIds set

Better method name to reflect its meaning

Merge pull request #3894 from DataDog/jpbempel/probe-statuses-smoke-tests

Add smoke test for probe error status

Merge pull request #3878 from DataDog/vzakharov/telemetry_interval_option

Telemetry heartbeat interval option.

Merge pull request #3887 from DataDog/nayeem-kamal/ignoreFlakyTests

Disabled flaky tests - Netty38ClientTest, MongoBaseTest

fix: Fix release workflow

Download releases will be updated whene releases are promoted from as non pre-release status.

Additional cases for VulnerabilityType tests (#3898)

Simplify OSGi helper to only check the first-level of bundle wiring, as that's all that is needed in practice (#3899)

byte-buddy 1.12.17 (#3902)

Add defensive check in case future.getChannel() is null, since we use it as a context-store key. (#3901)

Without this check the inserted advice would throw a NPE if future.getChannel() was ever null.

Merge pull request #3905 from DataDog/bbujon/download-release-action

Fix release workflow

Created at 3 days ago
create branch
cataphract create branch glopes/iast-jdbc
Created at 3 days ago
pull request opened
Appsec: support parameterization of blocking responses

What Does This Do

Instead of hardcoding the presumed ids of actions that should elicit blocking a request, the spec is fully implemented. The action returned by the WAF is actually interpreted as an action id and the that id is looked up in the "actions" entry of the WAF configuration. Then the type of the action is looked up, and "block_request" is recognized. The parameters of the action (http response code to send and the content type of the response: one of html, json and out) are also taken into account.

Created at 5 days ago

Simplify Muzzle side-classes to make them easier to unload and remove the need to modify the Instrumenter class (#3854)

Collect error logs and heap dumps during CI build

Merge pull request #3855 from DataDog/ban/collect-errors-and-dumps-during-ci-build

Collect error logs and heap dumps during CI build

Disable flaky test NettyResteasyAppsecTest

Disable flaky KafkaClientTest(s)

Disable flaky KafkaStreamsTest(s)

Merge pull request #3863 from DataDog/ban/disable-tests

Disable flaky tests

Disable flaky RatpackHttpServerTest

Disable flaky PlayNettySmokeTest in play-2.4

Disable flaky RmiTest

disable openliberty flaky test

Merge pull request #3870 from DataDog/ban/disable-more-tests

Disable more flaky tests

Merge pull request #3872 from DataDog/rgs/disable-springboot-openliberty

disable openliberty flaky test

disable flaky test

Merge pull request #3875 from DataDog/rgs/disable-vertx-test

disable flaky test

Avoid these anonymous inner classes as they keep the enclosing instrumenter class alive (#3860)

Upgrade gradle to 7.5.1

Limit heap of forked compilers to 512M

Merge pull request #3866 from DataDog/ban/upgrade-gradle-7.5.1

Upgrade gradle to 7.5.1

disable stacktrace collection by default

Created at 5 days ago

Simplify Muzzle side-classes to make them easier to unload and remove the need to modify the Instrumenter class (#3854)

Collect error logs and heap dumps during CI build

Merge pull request #3855 from DataDog/ban/collect-errors-and-dumps-during-ci-build

Collect error logs and heap dumps during CI build

Disable flaky test NettyResteasyAppsecTest

Disable flaky KafkaClientTest(s)

Disable flaky KafkaStreamsTest(s)

Merge pull request #3863 from DataDog/ban/disable-tests

Disable flaky tests

Disable flaky RatpackHttpServerTest

Disable flaky PlayNettySmokeTest in play-2.4

Disable flaky RmiTest

disable openliberty flaky test

Merge pull request #3870 from DataDog/ban/disable-more-tests

Disable more flaky tests

Merge pull request #3872 from DataDog/rgs/disable-springboot-openliberty

disable openliberty flaky test

disable flaky test

Merge pull request #3875 from DataDog/rgs/disable-vertx-test

disable flaky test

Avoid these anonymous inner classes as they keep the enclosing instrumenter class alive (#3860)

Upgrade gradle to 7.5.1

Limit heap of forked compilers to 512M

Merge pull request #3866 from DataDog/ban/upgrade-gradle-7.5.1

Upgrade gradle to 7.5.1

disable stacktrace collection by default

Created at 5 days ago

Simplify Muzzle side-classes to make them easier to unload and remove the need to modify the Instrumenter class (#3854)

Collect error logs and heap dumps during CI build

Merge pull request #3855 from DataDog/ban/collect-errors-and-dumps-during-ci-build

Collect error logs and heap dumps during CI build

Disable flaky test NettyResteasyAppsecTest

Disable flaky KafkaClientTest(s)

Disable flaky KafkaStreamsTest(s)

Merge pull request #3863 from DataDog/ban/disable-tests

Disable flaky tests

Disable flaky RatpackHttpServerTest

Disable flaky PlayNettySmokeTest in play-2.4

Disable flaky RmiTest

disable openliberty flaky test

Merge pull request #3870 from DataDog/ban/disable-more-tests

Disable more flaky tests

Merge pull request #3872 from DataDog/rgs/disable-springboot-openliberty

disable openliberty flaky test

disable flaky test

Merge pull request #3875 from DataDog/rgs/disable-vertx-test

disable flaky test

Avoid these anonymous inner classes as they keep the enclosing instrumenter class alive (#3860)

Upgrade gradle to 7.5.1

Limit heap of forked compilers to 512M

Merge pull request #3866 from DataDog/ban/upgrade-gradle-7.5.1

Upgrade gradle to 7.5.1

disable stacktrace collection by default

Created at 5 days ago

Documentation, rem unused field, jetty fix

Created at 5 days ago
create branch
cataphract create branch glopes/blocking-param
Created at 5 days ago

aesthetic changes in SharedCommunicationsObjectsSpecification

Created at 1 week ago