Suspicious Response Blocking

[simon-id]

What does this PR do?

Allows AppSec to replace status code, headers, and body when an attack is detected in the status code or response headers.

system-tests PR: DataDog/system-tests#2105

[github-actions]

Overall package size

Self size: 6.64 MB
Deduped: 61.9 MB
No deduping: 62.18 MB

Dependency sizes

name	version	self size	total size
@datadog/native-appsec	8.0.1	15.59 MB	15.6 MB
@datadog/native-iast-taint-tracking	2.1.0	14.91 MB	14.92 MB
@datadog/pprof	5.3.0	9.85 MB	10.22 MB
protobufjs	7.2.5	2.77 MB	6.56 MB
@datadog/native-iast-rewriter	2.3.1	2.15 MB	2.24 MB
@opentelemetry/core	1.14.0	872.87 kB	1.47 MB
@datadog/native-metrics	2.0.0	898.77 kB	1.3 MB
@opentelemetry/api	1.8.0	1.21 MB	1.21 MB
import-in-the-middle	1.7.4	70.19 kB	739.86 kB
msgpack-lite	0.1.26	201.16 kB	281.59 kB
opentracing	0.14.7	194.81 kB	194.81 kB
semver	7.5.4	93.4 kB	123.8 kB
pprof-format	2.1.0	111.69 kB	111.69 kB
@datadog/sketches-js	2.1.0	109.9 kB	109.9 kB
lodash.sortby	4.7.0	75.76 kB	75.76 kB
lru-cache	7.14.0	74.95 kB	74.95 kB
ignore	5.2.4	51.22 kB	51.22 kB
int64-buffer	0.1.10	49.18 kB	49.18 kB
shell-quote	1.8.1	44.96 kB	44.96 kB
istanbul-lib-coverage	3.2.0	29.34 kB	29.34 kB
tlhunter-sorted-set	0.1.0	24.94 kB	24.94 kB
limiter	1.1.5	23.17 kB	23.17 kB
dc-polyfill	0.1.4	23.1 kB	23.1 kB
retry	0.13.1	18.85 kB	18.85 kB
jest-docblock	29.7.0	8.99 kB	12.76 kB
crypto-randomuuid	1.0.0	11.18 kB	11.18 kB
path-to-regexp	0.1.7	6.78 kB	6.78 kB
koalas	1.0.2	6.47 kB	6.47 kB
module-details-from-path	1.0.3	4.47 kB	4.47 kB

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[codecov]

Codecov Report

Attention: Patch coverage is 84.00000% with 4 lines in your changes missing coverage. Please review.

Project coverage is 76.65%. Comparing base (02dc5ce) to head (ed2a582).
Report is 5 commits behind head on master.

❗ Current head ed2a582 differs from pull request most recent head b813ff2

Please upload reports for the commit b813ff2 to get more accurate results.

Files	Patch %	Lines
packages/dd-trace/src/appsec/index.js	90.47%	2 Missing ⚠️
packages/dd-trace/src/appsec/blocking.js	50.00%	1 Missing ⚠️
...ackages/dd-trace/src/appsec/remote_config/index.js	50.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3837      +/-   ##
==========================================
+ Coverage   69.19%   76.65%   +7.46%     
==========================================
  Files           1      252     +251     
  Lines         198    10774   +10576     
  Branches       33       33              
==========================================
+ Hits          137     8259    +8122     
- Misses         61     2515    +2454     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-06-10 07:56:30

Comparing candidate commit b813ff2 in PR branch suspicious_response_blocking with baseline commit b760111 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 258 metrics, 8 unstable metrics.

[CarlesDD]

LGTM