Skip to content

Forbid methods that mutate final fields #10388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sarahchen6 wants to merge 4 commits into from
Closed

Forbid methods that mutate final fields #10388

sarahchen6 wants to merge 4 commits into from
+17 −2

Conversation

@sarahchen6
Copy link
Contributor

@sarahchen6 sarahchen6 commented Jan 15, 2026
edited
Loading

What Does This Do

Add the Field#set and MethodHandles.Lookup::unreflectSetter methods to the ForbiddenAPIs list in order to discourage further use.

Motivation

Java is headed toward integrity by default, which includes disallowing the mutation of final fields by deep reflection. As of Java 26 (ETA Mar 2026), warnings will be emitted, and in future versions, these mutations will be disallowed by default. We should avoid using these methods going forward.

Additional Notes

References:

Contributor Checklist

Jira ticket: https://datadoghq.atlassian.net/browse/APMLP-594

@sarahchen6 sarahchen6 added type: enhancement Enhancements and improvements tag: no release notes Changes to exclude from release notes comp: tooling Build & Tooling labels Jan 15, 2026
@pr-commenter
Copy link

pr-commenter bot commented Jan 15, 2026

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/forbid-final-field-mutation-methods
git_commit_date 1768498580 1768510137
git_commit_sha 340e03e 9d987f7
release_version 1.59.0-SNAPSHOT~340e03e23d 1.59.0-SNAPSHOT~9d987f7668
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1768512121 1768512121
ci_job_id 1354207691 1354207691
ci_pipeline_id 90983783 90983783
cpu_model Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-vziu67kw 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-vziu67kw 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 55 metrics, 10 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.125 s) : 0, 1125017
Total [baseline] (11.137 s) : 0, 11136848
Agent [candidate] (1.116 s) : 0, 1116381
Total [candidate] (11.206 s) : 0, 11205689
section appsec
Agent [baseline] (1.3 s) : 0, 1300328
Total [baseline] (11.389 s) : 0, 11388843
Agent [candidate] (1.305 s) : 0, 1304715
Total [candidate] (11.43 s) : 0, 11430057
section iast
Agent [baseline] (1.273 s) : 0, 1273099
Total [baseline] (11.459 s) : 0, 11459068
Agent [candidate] (1.269 s) : 0, 1269003
Total [candidate] (11.474 s) : 0, 11473682
section profiling
Agent [baseline] (1.235 s) : 0, 1234900
Total [baseline] (11.23 s) : 0, 11229852
Agent [candidate] (1.233 s) : 0, 1233163
Total [candidate] (11.189 s) : 0, 11188565
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.125 s -
Agent appsec 1.3 s 175.31 ms (15.6%)
Agent iast 1.273 s 148.082 ms (13.2%)
Agent profiling 1.235 s 109.883 ms (9.8%)
Total tracing 11.137 s -
Total appsec 11.389 s 251.995 ms (2.3%)
Total iast 11.459 s 322.22 ms (2.9%)
Total profiling 11.23 s 93.004 ms (0.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.116 s -
Agent appsec 1.305 s 188.334 ms (16.9%)
Agent iast 1.269 s 152.621 ms (13.7%)
Agent profiling 1.233 s 116.781 ms (10.5%)
Total tracing 11.206 s -
Total appsec 11.43 s 224.367 ms (2.0%)
Total iast 11.474 s 267.992 ms (2.4%)
Total profiling 11.189 s -17.125 ms (-0.2%) 
gantt
    title petclinic - break down per module: candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.26 ms) : 0, 1260
crashtracking [candidate] (1.246 ms) : 0, 1246
BytebuddyAgent [baseline] (674.389 ms) : 0, 674389
BytebuddyAgent [candidate] (668.559 ms) : 0, 668559
GlobalTracer [baseline] (293.802 ms) : 0, 293802
GlobalTracer [candidate] (291.904 ms) : 0, 291904
AppSec [baseline] (33.945 ms) : 0, 33945
AppSec [candidate] (33.678 ms) : 0, 33678
Debugger [baseline] (71.069 ms) : 0, 71069
Debugger [candidate] (70.818 ms) : 0, 70818
Remote Config [baseline] (683.824 µs) : 0, 684
Remote Config [candidate] (686.215 µs) : 0, 686
Telemetry [baseline] (9.49 ms) : 0, 9490
Telemetry [candidate] (9.306 ms) : 0, 9306
Flare Poller [baseline] (3.903 ms) : 0, 3903
Flare Poller [candidate] (3.907 ms) : 0, 3907
section appsec
crashtracking [baseline] (1.239 ms) : 0, 1239
crashtracking [candidate] (1.241 ms) : 0, 1241
BytebuddyAgent [baseline] (707.21 ms) : 0, 707210
BytebuddyAgent [candidate] (710.637 ms) : 0, 710637
GlobalTracer [baseline] (267.635 ms) : 0, 267635
GlobalTracer [candidate] (268.16 ms) : 0, 268160
IAST [baseline] (25.767 ms) : 0, 25767
IAST [candidate] (25.936 ms) : 0, 25936
AppSec [baseline] (178.333 ms) : 0, 178333
AppSec [candidate] (175.613 ms) : 0, 175613
Debugger [baseline] (69.459 ms) : 0, 69459
Debugger [candidate] (72.339 ms) : 0, 72339
Remote Config [baseline] (811.297 µs) : 0, 811
Remote Config [candidate] (808.879 µs) : 0, 809
Telemetry [baseline] (9.739 ms) : 0, 9739
Telemetry [candidate] (9.801 ms) : 0, 9801
Flare Poller [baseline] (3.959 ms) : 0, 3959
Flare Poller [candidate] (3.934 ms) : 0, 3934
section iast
crashtracking [baseline] (1.253 ms) : 0, 1253
crashtracking [candidate] (1.247 ms) : 0, 1247
BytebuddyAgent [baseline] (819.893 ms) : 0, 819893
BytebuddyAgent [candidate] (819.232 ms) : 0, 819232
GlobalTracer [baseline] (269.169 ms) : 0, 269169
GlobalTracer [candidate] (266.992 ms) : 0, 266992
IAST [baseline] (28.553 ms) : 0, 28553
IAST [candidate] (28.313 ms) : 0, 28313
AppSec [baseline] (35.519 ms) : 0, 35519
AppSec [candidate] (35.195 ms) : 0, 35195
Debugger [baseline] (69.21 ms) : 0, 69210
Debugger [candidate] (68.554 ms) : 0, 68554
Remote Config [baseline] (636.818 µs) : 0, 637
Remote Config [candidate] (605.615 µs) : 0, 606
Telemetry [baseline] (8.87 ms) : 0, 8870
Telemetry [candidate] (8.81 ms) : 0, 8810
Flare Poller [baseline] (3.683 ms) : 0, 3683
Flare Poller [candidate] (3.762 ms) : 0, 3762
section profiling
crashtracking [baseline] (1.266 ms) : 0, 1266
crashtracking [candidate] (1.265 ms) : 0, 1265
BytebuddyAgent [baseline] (717.938 ms) : 0, 717938
BytebuddyAgent [candidate] (717.575 ms) : 0, 717575
GlobalTracer [baseline] (229.794 ms) : 0, 229794
GlobalTracer [candidate] (229.797 ms) : 0, 229797
AppSec [baseline] (33.272 ms) : 0, 33272
AppSec [candidate] (33.158 ms) : 0, 33158
Debugger [baseline] (70.931 ms) : 0, 70931
Debugger [candidate] (69.43 ms) : 0, 69430
Remote Config [baseline] (673.146 µs) : 0, 673
Remote Config [candidate] (664.771 µs) : 0, 665
Telemetry [baseline] (9.457 ms) : 0, 9457
Telemetry [candidate] (9.266 ms) : 0, 9266
Flare Poller [baseline] (3.891 ms) : 0, 3891
Flare Poller [candidate] (3.887 ms) : 0, 3887
ProfilingAgent [baseline] (96.873 ms) : 0, 96873
ProfilingAgent [candidate] (97.12 ms) : 0, 97120
Profiling [baseline] (97.468 ms) : 0, 97468
Profiling [candidate] (97.717 ms) : 0, 97717
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.113 s) : 0, 1113044
Total [baseline] (9.369 s) : 0, 9368881
Agent [candidate] (1.113 s) : 0, 1113372
Total [candidate] (9.401 s) : 0, 9401282
section iast
Agent [baseline] (1.257 s) : 0, 1256987
Total [baseline] (9.974 s) : 0, 9973821
Agent [candidate] (1.269 s) : 0, 1268707
Total [candidate] (9.939 s) : 0, 9938975
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.113 s -
Agent iast 1.257 s 143.943 ms (12.9%)
Total tracing 9.369 s -
Total iast 9.974 s 604.939 ms (6.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.113 s -
Agent iast 1.269 s 155.335 ms (14.0%)
Total tracing 9.401 s -
Total iast 9.939 s 537.693 ms (5.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.247 ms) : 0, 1247
crashtracking [candidate] (1.241 ms) : 0, 1241
BytebuddyAgent [baseline] (667.192 ms) : 0, 667192
BytebuddyAgent [candidate] (666.879 ms) : 0, 666879
GlobalTracer [baseline] (290.924 ms) : 0, 290924
GlobalTracer [candidate] (291.603 ms) : 0, 291603
AppSec [baseline] (33.674 ms) : 0, 33674
AppSec [candidate] (33.545 ms) : 0, 33545
Debugger [baseline] (70.117 ms) : 0, 70117
Debugger [candidate] (70.012 ms) : 0, 70012
Remote Config [baseline] (682.338 µs) : 0, 682
Remote Config [candidate] (703.703 µs) : 0, 704
Telemetry [baseline] (9.254 ms) : 0, 9254
Telemetry [candidate] (9.392 ms) : 0, 9392
Flare Poller [baseline] (3.87 ms) : 0, 3870
Flare Poller [candidate] (3.872 ms) : 0, 3872
section iast
crashtracking [baseline] (1.236 ms) : 0, 1236
crashtracking [candidate] (1.252 ms) : 0, 1252
BytebuddyAgent [baseline] (810.188 ms) : 0, 810188
BytebuddyAgent [candidate] (818.825 ms) : 0, 818825
GlobalTracer [baseline] (266.08 ms) : 0, 266080
GlobalTracer [candidate] (268.068 ms) : 0, 268068
IAST [baseline] (28.1 ms) : 0, 28100
IAST [candidate] (28.408 ms) : 0, 28408
AppSec [baseline] (32.268 ms) : 0, 32268
AppSec [candidate] (36.886 ms) : 0, 36886
Debugger [baseline] (70.148 ms) : 0, 70148
Debugger [candidate] (65.81 ms) : 0, 65810
Remote Config [baseline] (590.41 µs) : 0, 590
Remote Config [candidate] (605.549 µs) : 0, 606
Telemetry [baseline] (8.656 ms) : 0, 8656
Telemetry [candidate] (8.838 ms) : 0, 8838
Flare Poller [baseline] (3.63 ms) : 0, 3630
Flare Poller [candidate] (3.762 ms) : 0, 3762
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/forbid-final-field-mutation-methods
git_commit_date 1768498580 1768510137
git_commit_sha 340e03e 9d987f7
release_version 1.59.0-SNAPSHOT~340e03e23d 1.59.0-SNAPSHOT~9d987f7668
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1768512478 1768512478
ci_job_id 1354207692 1354207692
ci_pipeline_id 90983783 90983783
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-fz4grj1n 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-fz4grj1n 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 3 performance improvements and 2 performance regressions! Performance is the same for 14 metrics, 17 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:insecure-bank:iast_GLOBAL:high_load worse
[+258.738µs; +363.439µs] or [+10.001%; +14.048%]		 worse
[+410.594µs; +845.639µs] or [+5.521%; +11.371%]		 unstable
[-267.721op/s; +20.971op/s] or [-19.295%; +1.511%]		 2.898ms 8.065ms 1264.125op/s 2.587ms 7.437ms 1387.500op/s
scenario:load:petclinic:profiling:high_load better
[-1327.772µs; -533.662µs] or [-6.863%; -2.758%]		 better
[-2.266ms; -0.901ms] or [-7.298%; -2.901%]		 unstable
[-14.748op/s; +38.998op/s] or [-6.221%; +16.451%]		 18.416ms 29.464ms 249.188op/s 19.346ms 31.048ms 237.062op/s
scenario:load:petclinic:tracing:high_load better
[-758.282µs; -388.721µs] or [-4.273%; -2.190%]		 unsure
[-1.624ms; -0.420ms] or [-5.492%; -1.419%]		 unstable
[-20.066op/s; +36.941op/s] or [-7.795%; +14.350%]		 17.173ms 28.546ms 265.875op/s 17.747ms 29.567ms 257.438op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d
    dateFormat X
    axisFormat %s
section baseline
no_agent (17.366 ms) : 17192, 17540
.   : milestone, 17366,
appsec (18.703 ms) : 18510, 18897
.   : milestone, 18703,
code_origins (17.906 ms) : 17726, 18087
.   : milestone, 17906,
iast (18.152 ms) : 17969, 18334
.   : milestone, 18152,
profiling (19.693 ms) : 19497, 19889
.   : milestone, 19693,
tracing (18.128 ms) : 17943, 18313
.   : milestone, 18128,
section candidate
no_agent (19.295 ms) : 19093, 19497
.   : milestone, 19295,
appsec (18.826 ms) : 18636, 19017
.   : milestone, 18826,
code_origins (17.69 ms) : 17513, 17866
.   : milestone, 17690,
iast (17.818 ms) : 17640, 17996
.   : milestone, 17818,
profiling (18.729 ms) : 18543, 18914
.   : milestone, 18729,
tracing (17.55 ms) : 17376, 17723
.   : milestone, 17550,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.366 ms [17.192 ms, 17.54 ms] -
appsec 18.703 ms [18.51 ms, 18.897 ms] 1.337 ms (7.7%)
code_origins 17.906 ms [17.726 ms, 18.087 ms] 540.102 µs (3.1%)
iast 18.152 ms [17.969 ms, 18.334 ms] 785.229 µs (4.5%)
profiling 19.693 ms [19.497 ms, 19.889 ms] 2.327 ms (13.4%)
tracing 18.128 ms [17.943 ms, 18.313 ms] 761.547 µs (4.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.295 ms [19.093 ms, 19.497 ms] -
appsec 18.826 ms [18.636 ms, 19.017 ms] -468.632 µs (-2.4%)
code_origins 17.69 ms [17.513 ms, 17.866 ms] -1.605 ms (-8.3%)
iast 17.818 ms [17.64 ms, 17.996 ms] -1.477 ms (-7.7%)
profiling 18.729 ms [18.543 ms, 18.914 ms] -566.229 µs (-2.9%)
tracing 17.55 ms [17.376 ms, 17.723 ms] -1.745 ms (-9.0%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.191 ms) : 1179, 1203
.   : milestone, 1191,
iast (3.159 ms) : 3116, 3202
.   : milestone, 3159,
iast_FULL (5.719 ms) : 5663, 5776
.   : milestone, 5719,
iast_GLOBAL (3.3 ms) : 3257, 3344
.   : milestone, 3300,
profiling (2.059 ms) : 2039, 2079
.   : milestone, 2059,
tracing (1.833 ms) : 1817, 1849
.   : milestone, 1833,
section candidate
no_agent (1.206 ms) : 1195, 1218
.   : milestone, 1206,
iast (3.023 ms) : 2987, 3059
.   : milestone, 3023,
iast_FULL (5.621 ms) : 5566, 5676
.   : milestone, 5621,
iast_GLOBAL (3.63 ms) : 3574, 3685
.   : milestone, 3630,
profiling (2.06 ms) : 2040, 2081
.   : milestone, 2060,
tracing (1.841 ms) : 1825, 1856
.   : milestone, 1841,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.191 ms [1.179 ms, 1.203 ms] -
iast 3.159 ms [3.116 ms, 3.202 ms] 1.968 ms (165.2%)
iast_FULL 5.719 ms [5.663 ms, 5.776 ms] 4.528 ms (380.2%)
iast_GLOBAL 3.3 ms [3.257 ms, 3.344 ms] 2.109 ms (177.1%)
profiling 2.059 ms [2.039 ms, 2.079 ms] 867.938 µs (72.9%)
tracing 1.833 ms [1.817 ms, 1.849 ms] 641.768 µs (53.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.206 ms [1.195 ms, 1.218 ms] -
iast 3.023 ms [2.987 ms, 3.059 ms] 1.816 ms (150.6%)
iast_FULL 5.621 ms [5.566 ms, 5.676 ms] 4.415 ms (365.9%)
iast_GLOBAL 3.63 ms [3.574 ms, 3.685 ms] 2.423 ms (200.9%)
profiling 2.06 ms [2.04 ms, 2.081 ms] 853.72 µs (70.8%)
tracing 1.841 ms [1.825 ms, 1.856 ms] 634.191 µs (52.6%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master sarahchen6/forbid-final-field-mutation-methods
git_commit_date 1768498580 1768510137
git_commit_sha 340e03e 9d987f7
release_version 1.59.0-SNAPSHOT~340e03e23d 1.59.0-SNAPSHOT~9d987f7668
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1768512183 1768512183
ci_job_id 1354207693 1354207693
ci_pipeline_id 90983783 90983783
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-k490dhby 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-k490dhby 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.476 ms) : 1464, 1487
.   : milestone, 1476,
appsec (3.727 ms) : 3508, 3947
.   : milestone, 3727,
iast (2.215 ms) : 2150, 2281
.   : milestone, 2215,
iast_GLOBAL (2.267 ms) : 2201, 2333
.   : milestone, 2267,
profiling (2.067 ms) : 2014, 2121
.   : milestone, 2067,
tracing (2.051 ms) : 1999, 2102
.   : milestone, 2051,
section candidate
no_agent (1.475 ms) : 1463, 1486
.   : milestone, 1475,
appsec (3.645 ms) : 3430, 3860
.   : milestone, 3645,
iast (2.223 ms) : 2158, 2289
.   : milestone, 2223,
iast_GLOBAL (2.261 ms) : 2195, 2327
.   : milestone, 2261,
profiling (2.1 ms) : 2045, 2155
.   : milestone, 2100,
tracing (2.039 ms) : 1987, 2091
.   : milestone, 2039,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.476 ms [1.464 ms, 1.487 ms] -
appsec 3.727 ms [3.508 ms, 3.947 ms] 2.252 ms (152.6%)
iast 2.215 ms [2.15 ms, 2.281 ms] 739.78 µs (50.1%)
iast_GLOBAL 2.267 ms [2.201 ms, 2.333 ms] 791.208 µs (53.6%)
profiling 2.067 ms [2.014 ms, 2.121 ms] 591.836 µs (40.1%)
tracing 2.051 ms [1.999 ms, 2.102 ms] 575.073 µs (39.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.475 ms [1.463 ms, 1.486 ms] -
appsec 3.645 ms [3.43 ms, 3.86 ms] 2.171 ms (147.2%)
iast 2.223 ms [2.158 ms, 2.289 ms] 748.875 µs (50.8%)
iast_GLOBAL 2.261 ms [2.195 ms, 2.327 ms] 786.288 µs (53.3%)
profiling 2.1 ms [2.045 ms, 2.155 ms] 625.52 µs (42.4%)
tracing 2.039 ms [1.987 ms, 2.091 ms] 564.398 µs (38.3%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.59.0-SNAPSHOT~9d987f7668, baseline=1.59.0-SNAPSHOT~340e03e23d
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.39 s) : 15390000, 15390000
.   : milestone, 15390000,
appsec (14.81 s) : 14810000, 14810000
.   : milestone, 14810000,
iast (17.993 s) : 17993000, 17993000
.   : milestone, 17993000,
iast_GLOBAL (17.789 s) : 17789000, 17789000
.   : milestone, 17789000,
profiling (15.245 s) : 15245000, 15245000
.   : milestone, 15245000,
tracing (14.827 s) : 14827000, 14827000
.   : milestone, 14827000,
section candidate
no_agent (15.077 s) : 15077000, 15077000
.   : milestone, 15077000,
appsec (14.695 s) : 14695000, 14695000
.   : milestone, 14695000,
iast (17.967 s) : 17967000, 17967000
.   : milestone, 17967000,
iast_GLOBAL (18.017 s) : 18017000, 18017000
.   : milestone, 18017000,
profiling (14.775 s) : 14775000, 14775000
.   : milestone, 14775000,
tracing (14.876 s) : 14876000, 14876000
.   : milestone, 14876000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.39 s [15.39 s, 15.39 s] -
appsec 14.81 s [14.81 s, 14.81 s] -580.0 ms (-3.8%)
iast 17.993 s [17.993 s, 17.993 s] 2.603 s (16.9%)
iast_GLOBAL 17.789 s [17.789 s, 17.789 s] 2.399 s (15.6%)
profiling 15.245 s [15.245 s, 15.245 s] -145.0 ms (-0.9%)
tracing 14.827 s [14.827 s, 14.827 s] -563.0 ms (-3.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.077 s [15.077 s, 15.077 s] -
appsec 14.695 s [14.695 s, 14.695 s] -382.0 ms (-2.5%)
iast 17.967 s [17.967 s, 17.967 s] 2.89 s (19.2%)
iast_GLOBAL 18.017 s [18.017 s, 18.017 s] 2.94 s (19.5%)
profiling 14.775 s [14.775 s, 14.775 s] -302.0 ms (-2.0%)
tracing 14.876 s [14.876 s, 14.876 s] -201.0 ms (-1.3%)

@sarahchen6 sarahchen6 marked this pull request as ready for review January 15, 2026 21:38
@sarahchen6 sarahchen6 requested review from a team as code owners January 15, 2026 21:38
AlexeyKuznetsov-DD
AlexeyKuznetsov-DD reviewed Jan 15, 2026
View reviewed changes
Copy link
Contributor

@AlexeyKuznetsov-DD AlexeyKuznetsov-DD left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this PR is useful...
How it will help to stop mutating final fields?
Reflection is not always mutating final fields.
I would better to have CI settings to use something --illegal-final-field-mutation=deny and fix all failed tests.
WDYT?

@sarahchen6
Copy link
Contributor Author

sarahchen6 commented Jan 15, 2026
edited
Loading

Not sure if this PR is useful...
How it will help to stop mutating final fields?
Reflection is not always mutating final fields.
I would better to have CI settings to use something --illegal-final-field-mutation=deny and fix all failed tests.
WDYT?

@AlexeyKuznetsov-DD Right it won't stop our current usage of mutating final fields, which would be a follow-up task. The goal of this PR would be to prevent further use of methods that are mutating final fields.

I updated the PR description to be a bit more clear about this!

PerfectSlayer
PerfectSlayer reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @sarahchen6
There is already a PR for this initiative: #9557 Would you like to take it over?

@PerfectSlayer
Copy link
Contributor

PerfectSlayer commented Jan 16, 2026

I would better to have CI settings to use something --illegal-final-field-mutation=deny and fix all failed tests.

I did a first pass at identifying the (soon to be) illegal mutations and there aren't much to fix. It should be fixed nonetheless. And adding the flag for latest as soon as 26 is available in CI seems a good idea too!

@sarahchen6
Copy link
Contributor Author

sarahchen6 commented Jan 16, 2026

There is already a PR for this initiative: #9557 Would you like to take it over?

Oh great sure! Totally missed it sorry - I'll close this one then.

@sarahchen6 sarahchen6 closed this Jan 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer left review comments

@AlexeyKuznetsov-DD AlexeyKuznetsov-DD AlexeyKuznetsov-DD left review comments

@daniel-mohedano daniel-mohedano Awaiting requested review from daniel-mohedano daniel-mohedano is a code owner automatically assigned from DataDog/ci-app-libraries-java

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

@claponcet claponcet Awaiting requested review from claponcet claponcet is a code owner automatically assigned from DataDog/asm-java

Assignees

No one assigned

Labels

comp: tooling Build & Tooling tag: no release notes Changes to exclude from release notes type: enhancement Enhancements and improvements

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sarahchen6 @PerfectSlayer @AlexeyKuznetsov-DD