Merge branch 'master' into alejandro.gonzalez/xss_jsp_filename

DataDog · Jun 26, 2024 · 81b6989 · 81b6989
2 parents 08e2166 + 04cda74
commit 81b6989
Show file tree

Hide file tree

Showing 693 changed files with 16,966 additions and 10,030 deletions.
diff --git a/.circleci/config.continue.yml.j2 b/.circleci/config.continue.yml.j2
@@ -36,7 +36,7 @@ instrumentation_modules: &instrumentation_modules "dd-java-agent/instrumentation
 debugger_modules: &debugger_modules "dd-java-agent/agent-debugger|dd-java-agent/agent-bootstrap|dd-java-agent/agent-builder|internal-api|communication|dd-trace-core"
 profiling_modules: &profiling_modules "dd-java-agent/agent-profiling"
 
-default_system_tests_commit: &default_system_tests_commit 4d979bdcab25754d38a8d190525bef87dad66a6e
+default_system_tests_commit: &default_system_tests_commit 0f27f203c90bba8bce7b58e2b75ff9d7035169eb
 
 parameters:
   nightly:
@@ -304,7 +304,7 @@ jobs:
           name: Build Project
           command: >-
             MAVEN_OPTS="-Xms64M -Xmx256M"
-            GRADLE_OPTS="-Dorg.gradle.jvmargs='-Xmx2G -Xms2G -XX:ErrorFile=/tmp/hs_err_pid%p.log -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp'"
+            GRADLE_OPTS="-Dorg.gradle.jvmargs='-Xmx2560M -Xms2560M -XX:ErrorFile=/tmp/hs_err_pid%p.log -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp'"
             ./gradlew clean
             << parameters.gradleTarget >>
             -PskipTests
@@ -879,6 +879,40 @@ jobs:
       - store_artifacts:
           path: system-tests/logs_integrations
 
+  debugger-system-tests:
+    machine:
+      image: ubuntu-2004:current
+    resource_class: medium
+    steps:
+      - setup_system_tests
+
+      - run:
+          name: Copy jar file to system test binaries folder
+          command: |
+            ls -la ~/dd-trace-java/workspace/dd-java-agent/build/libs
+            cp ~/dd-trace-java/workspace/dd-java-agent/build/libs/*.jar system-tests/binaries/
+
+      - run:
+          name: Build
+          # Build the default framework, which is springboot
+          command: |
+            cd system-tests
+            ./build.sh java
+
+      - run:
+          name: Run Dynamic Instrumentation system tests
+          # Stop the job after 5m to avoid excessive overhead. Will need adjustment as more tests are added.
+          no_output_timeout: 5m
+          command: |
+            cd system-tests
+            DD_SITE=datadoghq.com DD_API_KEY=$SYSTEM_TESTS_E2E_DD_API_KEY DD_APPLICATION_KEY=$SYSTEM_TESTS_E2E_DD_APP_KEY ./run.sh DEBUGGER_SCENARIOS
+
+      - store_test_results:
+          path: system-tests/logs_debugger*
+
+      - store_artifacts:
+          path: system-tests/logs_debugger*
+
   parametric-tests:
     machine:
       # https://support.circleci.com/hc/en-us/articles/360007324514-How-can-I-use-Docker-volume-mounting-on-CircleCI-
@@ -1297,6 +1331,10 @@ build_test_jobs: &build_test_jobs
       requires:
         - ok_to_test
 
+  - debugger-system-tests:
+      requires:
+        - ok_to_test
+
   - parametric-tests:
       requires:
         - ok_to_test

diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -40,7 +40,7 @@ _Actions:_
 
 _Recovery:_ Manually trigger the action again on the relevant tag.
 
-## increment-milestones-on-tag [🔗](increment-milestones-on-tag.yaml)
+### increment-milestones-on-tag [🔗](increment-milestones-on-tag.yaml)
 
 _Trigger:_ When creating a tag. Release Candidate tags containing "-RC" or "-rc" will skip this.
 
@@ -53,7 +53,7 @@ _Recovery:_ Manually close the related milestone and create a new one.
 _Notes:_ This actions will handle _minor_ releases only.
 As there is no milestone for _patch_ releases, it won't close and create _patch_ releated milestone.
 
-## update-download-releases [🔗](update-download-releases.yaml)
+### update-download-releases [🔗](update-download-releases.yaml)
 
 _Trigger:_ When a release is published.
 
@@ -63,7 +63,7 @@ _Recovery:_ Download artifacts and upload them manually to the related _download
 
 _Notes:_ _Download releases_ are special GitHub releases with fixed URL and tags, but rolling artifacts to provided stable download links (ex [latest](https://github.com/DataDog/dd-trace-java/releases/tag/download-latest) and [latest-v1](https://github.com/DataDog/dd-trace-java/releases/tag/download-latest-v1)).
 
-## update-issues-on-release [🔗](update-issues-on-release.yaml)
+### update-issues-on-release [🔗](update-issues-on-release.yaml)
 
 _Trigger:_ When a release is published. Releases of type `prereleased` should skip this.
 
@@ -94,6 +94,14 @@ _Trigger:_ When pushing commits to `master`.
 
 _Action:_ Run GitHub CodeQL action, upload result to GitHub security tab and DataDog Code Analysis.
 
+### update-gradle-dependencies [🔗](trivy-analysis.yml)
+
+_Trigger:_ Every week or manually.
+
+_Action:_ Update the Grade dependencies and their locking files.
+
+_Recovery:_ Manually trigger the action again.
+
 ### trivy-analysis [🔗](trivy-analysis.yml)
 
 _Trigger:_ When pushing commits to `master` or any pull request to `master`.

diff --git a/.github/workflows/add-release-to-cloudfoundry.yaml b/.github/workflows/add-release-to-cloudfoundry.yaml
@@ -19,10 +19,16 @@ jobs:
       - name: Append release to Cloud Foundry repository
         env:
             VERSION: ${{ steps.get-release-version.outputs.VERSION }}
+            GH_TOKEN: ${{ github.token }}
         run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git checkout -b ci/cloudfoundry
           echo "${VERSION}: https://repo1.maven.org/maven2/com/datadoghq/dd-java-agent/${VERSION}/dd-java-agent-${VERSION}.jar" >> index.yml
           git add index.yml
           git commit -m "chore: Add version ${VERSION} to Cloud Foundry"
           git push -u origin ci/cloudfoundry
-          gh pr create --title "Add version ${VERSION} to Cloud Foundry" --body "This PR add the version ${VERSION} to Cloud Foundry.  Make sure [the JAR is online](https://repo1.maven.org/maven2/com/datadoghq/dd-java-agent/${VERSION}/dd-java-agent-${VERSION}.jar) before merging." --base cloudfoundry
+          gh pr create \
+            --title "Add version ${VERSION} to Cloud Foundry" \
+            --body "This PR add the version ${VERSION} to Cloud Foundry.  Make sure [the JAR is online](https://repo1.maven.org/maven2/com/datadoghq/dd-java-agent/${VERSION}/dd-java-agent-${VERSION}.jar) before merging." \
+            --base cloudfoundry
diff --git a/.github/workflows/update-gradle-dependencies.yaml b/.github/workflows/update-gradle-dependencies.yaml
@@ -0,0 +1,43 @@
+name: Update Gradle dependencies
+on:
+  schedule:
+    - cron: '0 4 * * 0'
+  workflow_dispatch:
+
+jobs:
+  update-gradle-dependencies:
+    runs-on: ubuntu-latest
+    name: Update Gradle dependencies
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # 4.1.6
+        with:
+          submodules: 'recursive'
+      - name: Pick a branch name
+        run: echo "BRANCH_NAME=ci/update-gradle-dependencies-$(date +'%Y%m%d')" >> $GITHUB_ENV
+      - name: Create branch
+        run: |
+          git checkout -b $BRANCH_NAME
+      - name: Update Gradle dependencies
+        run: |
+          GRADLE_OPTS="-Dorg.gradle.jvmargs='-Xmx2G -Xms2G'" \
+          JAVA_HOME=$JAVA_HOME_8_X64 \
+          JAVA_8_HOME=$JAVA_HOME_8_X64 \
+          JAVA_11_HOME=$JAVA_HOME_11_X64 \
+          JAVA_17_HOME=$JAVA_HOME_17_X64 \
+          JAVA_21_HOME=$JAVA_HOME_21_X64 \
+          ./gradlew resolveAndLockAll --write-locks --parallel --stacktrace --no-daemon --max-workers=4
+      - name: Create pull request
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add **/gradle.lockfile
+          git commit -m "chore: Update Gradle dependencies"
+          git push -u origin $BRANCH_NAME
+          gh pr create --title "Update Gradle dependencies" \
+            --body "This PR updates the Gradle dependencies" \
+            --base master \
+            --label "tag: dependencies" \
+            --label "tag: no release notes"
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -18,7 +18,6 @@ stages:
 
 variables:
   REGISTRY: 486234852809.dkr.ecr.us-east-1.amazonaws.com
-  SONATYPE_USERNAME: robot-sonatype-apm-java
   DOWNSTREAM_BRANCH:
     value: "master"
     description: "Run a specific datadog-reliability-env branch downstream"
@@ -190,6 +189,7 @@ deploy_to_sonatype:
     - when: manual
       allow_failure: true
   script:
+    - export SONATYPE_USERNAME=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.sonatype_username --with-decryption --query "Parameter.Value" --out text)
     - export SONATYPE_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.sonatype_password --with-decryption --query "Parameter.Value" --out text)
     - export GPG_PRIVATE_KEY=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_private_key --with-decryption --query "Parameter.Value" --out text)
     - export GPG_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-trace-java.signing.gpg_passphrase --with-decryption --query "Parameter.Value" --out text)

diff --git a/communication/build.gradle b/communication/build.gradle
@@ -1,26 +1,26 @@
 apply from: "$rootDir/gradle/java.gradle"
 
 dependencies {
-  implementation deps.slf4j
+  implementation libs.slf4j
 
   api project(':remote-config')
   implementation project(':internal-api')
   implementation project(':utils:container-utils')
   implementation project(':utils:socket-utils')
   implementation project(':utils:version-utils')
 
-  api deps.okio
-  api deps.okhttp
-  api group: 'com.squareup.moshi', name: 'moshi', version: versions.moshi
-  implementation group: 'com.datadoghq', name: 'java-dogstatsd-client', version: "${versions.dogstatsd}"
+  api libs.okio
+  api libs.okhttp
+  api libs.moshi
+  implementation libs.dogstatsd
 
   testImplementation project(':utils:test-utils')
-  testImplementation deps.junit5
-  testImplementation deps.truth
-  testImplementation deps.bytebuddy
+  testImplementation libs.bundles.junit5
+  testImplementation libs.truth
+  testImplementation libs.bytebuddy
   testImplementation group: 'org.msgpack', name: 'msgpack-core', version: '0.8.20'
   testImplementation group: 'org.msgpack', name: 'jackson-dataformat-msgpack', version: '0.8.20'
-  testImplementation group: 'com.squareup.okhttp3', name: 'mockwebserver', version: versions.okhttp_legacy
+  testImplementation group: 'com.squareup.okhttp3', name: 'mockwebserver', version: libs.versions.okhttp.legacy.get()
 }
 
 ext {

diff --git a/communication/gradle.lockfile b/communication/gradle.lockfile
@@ -9,24 +9,24 @@ com.beust:jcommander:1.78=testRuntimeClasspath
 com.datadoghq.okhttp3:okhttp:3.12.15=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.datadoghq.okio:okio:1.17.6=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.datadoghq:dd-javac-plugin-client:0.1.7=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
-com.datadoghq:java-dogstatsd-client:4.2.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.datadoghq:java-dogstatsd-client:4.4.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-annotations:2.9.0=testCompileClasspath,testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-core:2.9.9=testCompileClasspath,testRuntimeClasspath
 com.fasterxml.jackson.core:jackson-databind:2.9.9.3=testCompileClasspath,testRuntimeClasspath
 com.github.javaparser:javaparser-core:3.25.1=testCompileClasspath,testRuntimeClasspath
 com.github.jnr:jffi:1.2.23=compileClasspath,testCompileClasspath
-com.github.jnr:jffi:1.3.12=runtimeClasspath,testRuntimeClasspath
+com.github.jnr:jffi:1.3.13=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-a64asm:1.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.github.jnr:jnr-constants:0.10.4=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-constants:0.9.17=compileClasspath,testCompileClasspath
 com.github.jnr:jnr-enxio:0.30=compileClasspath,testCompileClasspath
-com.github.jnr:jnr-enxio:0.32.16=runtimeClasspath,testRuntimeClasspath
+com.github.jnr:jnr-enxio:0.32.17=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-ffi:2.1.16=compileClasspath,testCompileClasspath
-com.github.jnr:jnr-ffi:2.2.15=runtimeClasspath,testRuntimeClasspath
+com.github.jnr:jnr-ffi:2.2.16=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-posix:3.0.61=compileClasspath,testCompileClasspath
-com.github.jnr:jnr-posix:3.1.18=runtimeClasspath,testRuntimeClasspath
+com.github.jnr:jnr-posix:3.1.19=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-unixsocket:0.36=compileClasspath,testCompileClasspath
-com.github.jnr:jnr-unixsocket:0.38.21=runtimeClasspath,testRuntimeClasspath
+com.github.jnr:jnr-unixsocket:0.38.22=runtimeClasspath,testRuntimeClasspath
 com.github.jnr:jnr-x86asm:1.0.2=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.github.spotbugs:spotbugs-annotations:4.2.0=compileClasspath,testCompileClasspath,testRuntimeClasspath
 com.github.spotbugs:spotbugs-annotations:4.7.3=spotbugs
@@ -42,6 +42,8 @@ com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava=test
 com.google.j2objc:j2objc-annotations:1.3=testCompileClasspath,testRuntimeClasspath
 com.google.truth:truth:1.1.3=testCompileClasspath,testRuntimeClasspath
 com.squareup.moshi:moshi:1.11.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
+com.squareup.okhttp3:mockwebserver:3.12.12=testCompileClasspath,testRuntimeClasspath
+com.squareup.okhttp3:okhttp:3.12.12=testCompileClasspath,testRuntimeClasspath
 com.squareup.okio:okio:1.17.5=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
 com.thoughtworks.qdox:qdox:1.12.1=testRuntimeClasspath
 commons-codec:commons-codec:1.15=spotbugs
@@ -53,8 +55,8 @@ jaxen:jaxen:1.2.0=spotbugs
 jline:jline:2.14.6=testRuntimeClasspath
 junit:junit-dep:4.11=testCompileClasspath,testRuntimeClasspath
 junit:junit:4.13.2=testCompileClasspath,testRuntimeClasspath
-net.bytebuddy:byte-buddy-agent:1.14.9=testCompileClasspath,testRuntimeClasspath
-net.bytebuddy:byte-buddy:1.14.9=testCompileClasspath,testRuntimeClasspath
+net.bytebuddy:byte-buddy-agent:1.14.16=testCompileClasspath,testRuntimeClasspath
+net.bytebuddy:byte-buddy:1.14.16=testCompileClasspath,testRuntimeClasspath
 net.jcip:jcip-annotations:1.0=compileClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
 net.sf.saxon:Saxon-HE:11.4=spotbugs
 org.apache.ant:ant-antlr:1.10.12=testRuntimeClasspath
@@ -71,7 +73,7 @@ org.apache.httpcomponents.core5:httpcore5-h2:5.1.3=spotbugs
 org.apache.httpcomponents.core5:httpcore5:5.1.3=spotbugs
 org.apache.logging.log4j:log4j-api:2.19.0=spotbugs
 org.apache.logging.log4j:log4j-core:2.19.0=spotbugs
-org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath,testRuntimeClasspath
+org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
 org.checkerframework:checker-compat-qual:2.5.5=testCompileClasspath,testRuntimeClasspath
 org.checkerframework:checker-qual:3.13.0=testCompileClasspath,testRuntimeClasspath
 org.codehaus.groovy:groovy-all:3.0.17=testCompileClasspath,testRuntimeClasspath
@@ -117,12 +119,10 @@ org.junit.jupiter:junit-jupiter-engine:5.9.2=testRuntimeClasspath
 org.junit.jupiter:junit-jupiter-params:5.9.2=testCompileClasspath,testRuntimeClasspath
 org.junit.jupiter:junit-jupiter:5.9.2=testCompileClasspath,testRuntimeClasspath
 org.junit.platform:junit-platform-commons:1.9.2=testCompileClasspath,testRuntimeClasspath
-org.junit.platform:junit-platform-engine:1.9.0=testCompileClasspath
-org.junit.platform:junit-platform-engine:1.9.2=testRuntimeClasspath
+org.junit.platform:junit-platform-engine:1.9.2=testCompileClasspath,testRuntimeClasspath
 org.junit.platform:junit-platform-launcher:1.9.2=testRuntimeClasspath
-org.junit:junit-bom:5.9.0=testCompileClasspath
 org.junit:junit-bom:5.9.1=spotbugs
-org.junit:junit-bom:5.9.2=testRuntimeClasspath
+org.junit:junit-bom:5.9.2=testCompileClasspath,testRuntimeClasspath
 org.msgpack:jackson-dataformat-msgpack:0.8.20=testCompileClasspath,testRuntimeClasspath
 org.msgpack:msgpack-core:0.8.20=testCompileClasspath,testRuntimeClasspath
 org.objenesis:objenesis:3.3=testCompileClasspath,testRuntimeClasspath

diff --git a/dd-java-agent/agent-bootstrap/build.gradle b/dd-java-agent/agent-bootstrap/build.gradle
@@ -21,7 +21,7 @@ dependencies {
   api project(':internal-api')
   api project(':internal-api:internal-api-9')
   api project(':dd-java-agent:agent-logging')
-  api deps.slf4j
+  api libs.slf4j
   // ^ Generally a bad idea for libraries, but we're shadowing.
 
   testImplementation project(':dd-java-agent:testing')