[WIP] Cap and update versions in CI

[bouwkast]

What does this PR do?

Adds outdated.js and latests.json to be used to cap versions pulled in during testing via mocha.js.

To generate or update latests.json:
node scripts/outdated.js fix

To just validate latests.json:
node scripts/outdated.js check

Idea is to use mocha.js to try and enforce these capped versions.

TODO:

• Review/Remove the register/install_plugin_modules from Bryan
  • We don't want to cap the instrumented version at this time which I think these do
• Create script to automatically call node scripts/outdated.js fix and make a PR
• Test this as I don't know how :)

Motivation

We'd like to cap the versions pulled in during testing to keep CI more stable.
We'd like to create a GitHub Action that runs consistently to keep these updated and get better visibility of unsupported versions.

Plugin Checklist

• Unit tests.
• TypeScript definitions.
• TypeScript tests.
• API documentation.
• CircleCI jobs/workflows.
• Plugin is exported.

Additional Notes

[github-actions]

Overall package size

Self size: 8.42 MB
Deduped: 94.89 MB
No deduping: 95.4 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.3.0 | 29.43 MB | 29.43 MB | | @datadog/native-appsec | 8.3.0 | 19.37 MB | 19.38 MB | | @datadog/native-iast-taint-tracking | 3.2.0 | 13.9 MB | 13.91 MB | | @datadog/pprof | 5.4.1 | 9.76 MB | 10.13 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.6.1 | 2.59 MB | 2.73 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 3.1.0 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-12-30 15:27:19

Comparing candidate commit e8869a6 in PR branch steven/cap-and-update with baseline commit 98ceacf in branch master.

Found 68 performance improvements and 0 performance regressions! Performance is the same for 712 metrics, 18 unstable metrics.

scenario:appsec-iast-no-vulnerability-control-18

• 🟩 cpu_user_time [-89.766ms; -76.040ms] or [-15.111%; -12.800%]
• 🟩 execution_time [-100.748ms; -72.755ms] or [-13.111%; -9.468%]
• 🟩 instructions [-169.6M instructions; -163.0M instructions] or [-11.519%; -11.066%]
• 🟩 max_rss_usage [-6.409MB; -5.882MB] or [-7.715%; -7.080%]

scenario:appsec-iast-no-vulnerability-control-20

• 🟩 cpu_user_time [-99.055ms; -86.657ms] or [-16.932%; -14.813%]
• 🟩 execution_time [-110.021ms; -83.823ms] or [-15.275%; -11.638%]
• 🟩 instructions [-153.1M instructions; -143.8M instructions] or [-11.693%; -10.981%]
• 🟩 max_rss_usage [-5.506MB; -4.940MB] or [-6.984%; -6.265%]

scenario:appsec-iast-no-vulnerability-control-22

• 🟩 cpu_user_time [-85.582ms; -76.226ms] or [-16.293%; -14.511%]
• 🟩 execution_time [-93.621ms; -69.336ms] or [-14.052%; -10.407%]
• 🟩 instructions [-156.7M instructions; -148.4M instructions] or [-11.498%; -10.886%]
• 🟩 max_rss_usage [-8.517MB; -7.015MB] or [-9.503%; -7.827%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-18

• 🟩 cpu_user_time [-131.313ms; -113.358ms] or [-9.782%; -8.444%]
• 🟩 execution_time [-155.514ms; -84.293ms] or [-10.176%; -5.516%]
• 🟩 instructions [-191.9M instructions; -177.7M instructions] or [-7.081%; -6.556%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-20

• 🟩 cpu_user_time [-186.449ms; -167.050ms] or [-13.764%; -12.332%]
• 🟩 execution_time [-206.975ms; -152.737ms] or [-13.583%; -10.024%]
• 🟩 instructions [-199.5M instructions; -184.5M instructions] or [-7.468%; -6.907%]

scenario:appsec-iast-no-vulnerability-iast-enabled-always-active-22

• 🟩 cpu_user_time [-104.624ms; -86.846ms] or [-9.913%; -8.228%]
• 🟩 execution_time [-139.215ms; -90.759ms] or [-11.253%; -7.336%]
• 🟩 instructions [-172.0M instructions; -158.4M instructions] or [-6.590%; -6.067%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-18

• 🟩 cpu_user_time [-120.382ms; -101.592ms] or [-9.329%; -7.873%]
• 🟩 instructions [-201.0M instructions; -181.9M instructions] or [-7.888%; -7.139%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-20

• 🟩 cpu_user_time [-171.187ms; -155.450ms] or [-12.959%; -11.768%]
• 🟩 execution_time [-192.264ms; -147.009ms] or [-12.942%; -9.896%]
• 🟩 instructions [-194.8M instructions; -172.0M instructions] or [-7.771%; -6.861%]

scenario:appsec-iast-no-vulnerability-iast-enabled-default-config-22

• 🟩 cpu_user_time [-96.209ms; -79.184ms] or [-9.422%; -7.755%]
• 🟩 execution_time [-128.155ms; -77.703ms] or [-10.639%; -6.450%]
• 🟩 instructions [-178.5M instructions; -156.3M instructions] or [-7.298%; -6.390%]

scenario:appsec-iast-with-vulnerability-control-18

• 🟩 cpu_user_time [-97.937ms; -76.767ms] or [-11.343%; -8.891%]
• 🟩 instructions [-192.9M instructions; -178.9M instructions] or [-7.647%; -7.092%]

scenario:appsec-iast-with-vulnerability-control-20

• 🟩 cpu_user_time [-106.850ms; -90.198ms] or [-12.835%; -10.835%]
• 🟩 execution_time [-122.925ms; -72.743ms] or [-10.515%; -6.223%]
• 🟩 instructions [-146.2M instructions; -132.3M instructions] or [-7.276%; -6.581%]

scenario:appsec-iast-with-vulnerability-control-22

• 🟩 cpu_user_time [-84.669ms; -68.912ms] or [-11.493%; -9.354%]
• 🟩 execution_time [-109.110ms; -59.862ms] or [-10.211%; -5.602%]
• 🟩 instructions [-149.6M instructions; -136.2M instructions] or [-7.295%; -6.638%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-18

• 🟩 cpu_user_time [-237.766ms; -198.506ms] or [-13.367%; -11.160%]
• 🟩 execution_time [-387.791ms; -223.918ms] or [-14.104%; -8.144%]
• 🟩 instructions [-451.4M instructions; -425.4M instructions] or [-10.000%; -9.425%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-20

• 🟩 cpu_user_time [-228.073ms; -190.641ms] or [-12.887%; -10.772%]
• 🟩 execution_time [-292.220ms; -190.573ms] or [-12.345%; -8.051%]
• 🟩 instructions [-347.3M instructions; -321.4M instructions] or [-8.721%; -8.070%]
• 🟩 max_rss_usage [-8.729MB; -6.819MB] or [-6.951%; -5.431%]

scenario:appsec-iast-with-vulnerability-iast-enabled-always-active-22

• 🟩 cpu_user_time [-197.482ms; -152.063ms] or [-13.596%; -10.469%]
• 🟩 execution_time [-259.566ms; -158.277ms] or [-12.831%; -7.824%]
• 🟩 instructions [-361.7M instructions; -331.2M instructions] or [-9.193%; -8.418%]
• 🟩 max_rss_usage [-15.689MB; -11.493MB] or [-11.794%; -8.640%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-18

• 🟩 cpu_user_time [-207.810ms; -164.450ms] or [-12.417%; -9.826%]
• 🟩 execution_time [-322.333ms; -162.278ms] or [-12.668%; -6.378%]
• 🟩 instructions [-319.7M instructions; -278.5M instructions] or [-7.889%; -6.872%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-20

• 🟩 cpu_user_time [-172.347ms; -140.825ms] or [-10.397%; -8.495%]
• 🟩 execution_time [-221.696ms; -136.162ms] or [-10.197%; -6.263%]
• 🟩 instructions [-241.2M instructions; -193.9M instructions] or [-6.797%; -5.464%]

scenario:appsec-iast-with-vulnerability-iast-enabled-default-config-22

• 🟩 cpu_user_time [-125.725ms; -79.266ms] or [-9.636%; -6.075%]
• 🟩 instructions [-240.0M instructions; -203.3M instructions] or [-6.896%; -5.841%]
• 🟩 max_rss_usage [-10.292MB; -6.987MB] or [-8.030%; -5.451%]

scenario:plugin-q-with-tracer-18

• 🟩 cpu_user_time [-140.151ms; -126.337ms] or [-14.805%; -13.345%]
• 🟩 execution_time [-150.203ms; -136.955ms] or [-14.333%; -13.069%]
• 🟩 instructions [-280.1M instructions; -265.3M instructions] or [-14.176%; -13.428%]
• 🟩 max_rss_usage [-10.124MB; -9.423MB] or [-6.649%; -6.189%]

scenario:plugin-q-with-tracer-20

• 🟩 cpu_user_time [-131.978ms; -118.161ms] or [-14.559%; -13.034%]
• 🟩 execution_time [-137.610ms; -124.390ms] or [-13.659%; -12.347%]
• 🟩 instructions [-268.7M instructions; -250.6M instructions] or [-14.913%; -13.906%]
• 🟩 max_rss_usage [-9.563MB; -9.226MB] or [-6.368%; -6.144%]

scenario:plugin-q-with-tracer-22

• 🟩 cpu_user_time [-167.410ms; -151.035ms] or [-18.943%; -17.090%]
• 🟩 execution_time [-176.044ms; -161.356ms] or [-17.732%; -16.253%]
• 🟩 instructions [-306.5M instructions; -288.3M instructions] or [-16.039%; -15.087%]