Skip to content

Add 12 static checks derived from PR review analysis#10745

Draft
bm1549 wants to merge 17 commits intomasterfrom
brian.marks/pr-review-static-checks
Draft

Add 12 static checks derived from PR review analysis#10745
bm1549 wants to merge 17 commits intomasterfrom
brian.marks/pr-review-static-checks

Conversation

@bm1549
Copy link
Contributor

@bm1549 bm1549 commented Mar 4, 2026

Summary

Analyzed 1,174 PR review comments across 177 PRs over the past 3 months and distilled them into 12 recurring themes. This PR implements automated static checks for each theme to reduce reviewer burden and catch common issues before review.

New Gradle Lint Plugins (buildSrc)

Plugin Task Behavior Theme
EmptyInstrumentationLinter checkEmptyInstrumentations Fails on new empty stubs Empty methodAdvice() with no transform() calls
UnnecessaryElseLinter checkUnnecessaryElse Advisory else after return/throw/break/continue
NamingConventionLinter checkNamingConventions Advisory snake_case method/variable names in Java
JavadocLinter checkJavadocQuality Advisory Empty @return/@param Javadoc tags
CopyPasteDetectorPlugin checkCodeDuplication Advisory Hash-based duplicate method detection
AssertJPreferenceLinter checkAssertJPreference Advisory JUnit assertions in new test files (prefer AssertJ)

All incremental linters use origin/master...HEAD to only check files changed on the branch.

Forbidden APIs Additions

  • Ban Pattern.compile() on hot paths (consistent with existing String.split() ban)
  • Ban explicit Long.valueOf(), Integer.valueOf(), etc. (discourage unnecessary boxing)

CI Checks

  • typos-cli GitHub Action on PRs (.github/workflows/typos.yaml + .typos.toml)
  • check_pr_hygiene GitLab CI job running:
    • scripts/check-ci-debug-flags.sh — catches temp debug flags in CI config
    • scripts/check-extraneous-files.sh — blocks AI-generated reports and stray scripts

ArchUnit Architecture Tests

  • Bootstrap must not depend on core
  • Instrumentations must not reach into core.internal
  • No java.util.logging or javax.management in bootstrap
  • Uses FreezingArchRule to baseline existing violations

Test plan

  • ./gradlew :buildSrc:compileKotlin — all plugins compile
  • ./gradlew checkEmptyInstrumentations — passes (incremental, no new stubs)
  • ./gradlew checkUnnecessaryElse checkNamingConventions checkJavadocQuality checkCodeDuplication checkAssertJPreference — all pass
  • ./gradlew spotlessCheck — formatting clean
  • Full CI pipeline
  • Verify ArchUnit tests pass with FreezingArchRule baseline

🤖 Generated with Claude Code

bm1549 and others added 17 commits March 4, 2026 16:38
@bm1549
feat: ban Pattern.compile() in forbidden APIs for hot-path performance
701b39c
@bm1549
feat: add empty instrumentation stub detector Gradle plugin
1973e62
@bm1549
feat: add typos-cli CI check via GitHub Actions
0c80ea6
@bm1549
feat: add unnecessary else after return linter Gradle plugin
2cd8220
@bm1549
feat: add CI guard for temporary debug flags
fa69470
@bm1549
feat: add extraneous file blocker script
6187b88
@bm1549
feat: add camelCase naming convention linter Gradle plugin
be96cce
@bm1549
Campaign merge: campaign/pr-review-static-checks/task-001
6820e84
@bm1549
Campaign merge: campaign/pr-review-static-checks/task-003
f17bb76
@bm1549
Campaign merge: campaign/pr-review-static-checks/task-004
040412b
@bm1549
Campaign merge: campaign/pr-review-static-checks/task-005
322570b
@bm1549
Campaign merge: campaign/pr-review-static-checks/task-006
4502e1f
@bm1549
Merge task-007: add unnecessary else linter (resolved conflict)
ed5148a
@bm1549
Merge task-008: add camelCase naming convention linter (resolved conf…
2da2eb2 
…lict)
@bm1549 @claude
feat: add Wave 2 static checks — Javadoc linter, CPD, ArchUnit, Asser…
7fdad44 
…tJ preference, boxed primitives

- Task 009: Ban boxed primitive valueOf() in forbidden APIs
- Task 010: JavadocLinter Gradle plugin (empty @return/@param detection)
- Task 011: CopyPasteDetectorPlugin (hash-based duplicate method detection)
- Task 012: ArchUnit architecture tests (bootstrap/core/instrumentation boundaries)
- Task 013: AssertJPreferenceLinter (flag JUnit assertions in new test files)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bm1549 @claude
feat: wire all static check plugins into build.gradle.kts and CI pipe…
e142783 
…line

- Apply 6 new lint plugins in root build.gradle.kts
- Add check_pr_hygiene CI job for shell-based PR checks
- All new checks are advisory (warnings only) except checkEmptyInstrumentations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bm1549 @claude
fix: address code review findings — hardcoded SHA, incremental checks…
f65a67c 
…, FreezingArchRule

- UnnecessaryElseLinter: replace hardcoded SHA with origin/master...HEAD
- JavadocLinter, AssertJPreferenceLinter: use origin/master...HEAD instead of HEAD~1
- EmptyInstrumentationLinter: make incremental (only check changed files)
- ArchitectureTest: wrap rules with FreezingArchRule to baseline existing violations
- EmptyInstrumentationLinter: fix duplicate-line bug in brace tracking

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bm1549 bm1549 added the tag: ai generated Largely based on code generated by an AI or LLM label Mar 4, 2026
@pr-commenter
Copy link

pr-commenter bot commented Mar 4, 2026

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master brian.marks/pr-review-static-checks
git_commit_date 1772556429 1772665287
git_commit_sha 9b93366 f65a67c
release_version 1.61.0-SNAPSHOT~9b93366972 1.61.0-SNAPSHOT~f65a67cfd5
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1772667186 1772667186
ci_job_id 1477385919 1477385919
ci_pipeline_id 100487027 100487027
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-3rkqrqea 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-3rkqrqea 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 68 metrics, 3 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.06 s) : 0, 1059566
Total [baseline] (8.825 s) : 0, 8824844
Agent [candidate] (1.057 s) : 0, 1057191
Total [candidate] (8.822 s) : 0, 8822118
section iast
Agent [baseline] (1.238 s) : 0, 1237667
Total [baseline] (9.554 s) : 0, 9554373
Agent [candidate] (1.229 s) : 0, 1228802
Total [candidate] (9.529 s) : 0, 9529231
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.06 s -
Agent iast 1.238 s 178.101 ms (16.8%)
Total tracing 8.825 s -
Total iast 9.554 s 729.529 ms (8.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.057 s -
Agent iast 1.229 s 171.611 ms (16.2%)
Total tracing 8.822 s -
Total iast 9.529 s 707.113 ms (8.0%) 
gantt
    title insecure-bank - break down per module: candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.197 ms) : 0, 1197
crashtracking [candidate] (1.19 ms) : 0, 1190
BytebuddyAgent [baseline] (631.368 ms) : 0, 631368
BytebuddyAgent [candidate] (629.526 ms) : 0, 629526
AgentMeter [baseline] (28.961 ms) : 0, 28961
AgentMeter [candidate] (29.098 ms) : 0, 29098
GlobalTracer [baseline] (256.68 ms) : 0, 256680
GlobalTracer [candidate] (257.161 ms) : 0, 257161
AppSec [baseline] (31.348 ms) : 0, 31348
AppSec [candidate] (31.473 ms) : 0, 31473
Debugger [baseline] (58.766 ms) : 0, 58766
Debugger [candidate] (58.499 ms) : 0, 58499
Remote Config [baseline] (597.5 µs) : 0, 598
Remote Config [candidate] (582.304 µs) : 0, 582
Telemetry [baseline] (8.694 ms) : 0, 8694
Telemetry [candidate] (8.713 ms) : 0, 8713
Flare Poller [baseline] (5.72 ms) : 0, 5720
Flare Poller [candidate] (4.938 ms) : 0, 4938
section iast
crashtracking [baseline] (1.206 ms) : 0, 1206
crashtracking [candidate] (1.209 ms) : 0, 1209
BytebuddyAgent [baseline] (804.219 ms) : 0, 804219
BytebuddyAgent [candidate] (798.395 ms) : 0, 798395
AgentMeter [baseline] (11.612 ms) : 0, 11612
AgentMeter [candidate] (11.385 ms) : 0, 11385
GlobalTracer [baseline] (249.083 ms) : 0, 249083
GlobalTracer [candidate] (247.507 ms) : 0, 247507
AppSec [baseline] (26.671 ms) : 0, 26671
AppSec [candidate] (26.314 ms) : 0, 26314
Debugger [baseline] (62.808 ms) : 0, 62808
Debugger [candidate] (62.371 ms) : 0, 62371
Remote Config [baseline] (523.588 µs) : 0, 524
Remote Config [candidate] (519.96 µs) : 0, 520
Telemetry [baseline] (14.937 ms) : 0, 14937
Telemetry [candidate] (14.897 ms) : 0, 14897
Flare Poller [baseline] (4.906 ms) : 0, 4906
Flare Poller [candidate] (4.876 ms) : 0, 4876
IAST [baseline] (25.437 ms) : 0, 25437
IAST [candidate] (25.208 ms) : 0, 25208
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.062 s) : 0, 1062241
Total [baseline] (11.011 s) : 0, 11011399
Agent [candidate] (1.065 s) : 0, 1065223
Total [candidate] (11.0 s) : 0, 11000018
section appsec
Agent [baseline] (1.247 s) : 0, 1247475
Total [baseline] (11.227 s) : 0, 11227375
Agent [candidate] (1.246 s) : 0, 1246199
Total [candidate] (11.148 s) : 0, 11147702
section iast
Agent [baseline] (1.228 s) : 0, 1227582
Total [baseline] (11.329 s) : 0, 11328725
Agent [candidate] (1.232 s) : 0, 1231698
Total [candidate] (11.314 s) : 0, 11313720
section profiling
Agent [baseline] (1.18 s) : 0, 1179609
Total [baseline] (11.054 s) : 0, 11053810
Agent [candidate] (1.18 s) : 0, 1179975
Total [candidate] (11.027 s) : 0, 11026764
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent appsec 1.247 s 185.233 ms (17.4%)
Agent iast 1.228 s 165.341 ms (15.6%)
Agent profiling 1.18 s 117.368 ms (11.0%)
Total tracing 11.011 s -
Total appsec 11.227 s 215.976 ms (2.0%)
Total iast 11.329 s 317.326 ms (2.9%)
Total profiling 11.054 s 42.411 ms (0.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.065 s -
Agent appsec 1.246 s 180.976 ms (17.0%)
Agent iast 1.232 s 166.474 ms (15.6%)
Agent profiling 1.18 s 114.752 ms (10.8%)
Total tracing 11.0 s -
Total appsec 11.148 s 147.684 ms (1.3%)
Total iast 11.314 s 313.702 ms (2.9%)
Total profiling 11.027 s 26.745 ms (0.2%) 
gantt
    title petclinic - break down per module: candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.204 ms) : 0, 1204
crashtracking [candidate] (1.188 ms) : 0, 1188
BytebuddyAgent [baseline] (630.014 ms) : 0, 630014
BytebuddyAgent [candidate] (632.674 ms) : 0, 632674
AgentMeter [baseline] (29.199 ms) : 0, 29199
AgentMeter [candidate] (29.259 ms) : 0, 29259
GlobalTracer [baseline] (257.394 ms) : 0, 257394
GlobalTracer [candidate] (258.335 ms) : 0, 258335
AppSec [baseline] (31.556 ms) : 0, 31556
AppSec [candidate] (31.704 ms) : 0, 31704
Debugger [baseline] (59.436 ms) : 0, 59436
Debugger [candidate] (59.621 ms) : 0, 59621
Remote Config [baseline] (584.945 µs) : 0, 585
Remote Config [candidate] (585.961 µs) : 0, 586
Telemetry [baseline] (8.611 ms) : 0, 8611
Telemetry [candidate] (8.678 ms) : 0, 8678
Flare Poller [baseline] (8.132 ms) : 0, 8132
Flare Poller [candidate] (7.18 ms) : 0, 7180
section appsec
crashtracking [baseline] (1.188 ms) : 0, 1188
crashtracking [candidate] (1.191 ms) : 0, 1191
BytebuddyAgent [baseline] (659.166 ms) : 0, 659166
BytebuddyAgent [candidate] (658.746 ms) : 0, 658746
AgentMeter [baseline] (12.094 ms) : 0, 12094
AgentMeter [candidate] (12.069 ms) : 0, 12069
GlobalTracer [baseline] (258.392 ms) : 0, 258392
GlobalTracer [candidate] (258.347 ms) : 0, 258347
AppSec [baseline] (177.329 ms) : 0, 177329
AppSec [candidate] (176.899 ms) : 0, 176899
Debugger [baseline] (65.618 ms) : 0, 65618
Debugger [candidate] (65.492 ms) : 0, 65492
Remote Config [baseline] (578.792 µs) : 0, 579
Remote Config [candidate] (569.019 µs) : 0, 569
Telemetry [baseline] (9.188 ms) : 0, 9188
Telemetry [candidate] (9.112 ms) : 0, 9112
Flare Poller [baseline] (3.592 ms) : 0, 3592
Flare Poller [candidate] (3.641 ms) : 0, 3641
IAST [baseline] (23.971 ms) : 0, 23971
IAST [candidate] (23.914 ms) : 0, 23914
section iast
crashtracking [baseline] (1.204 ms) : 0, 1204
crashtracking [candidate] (1.206 ms) : 0, 1206
BytebuddyAgent [baseline] (797.44 ms) : 0, 797440
BytebuddyAgent [candidate] (801.597 ms) : 0, 801597
AgentMeter [baseline] (11.303 ms) : 0, 11303
AgentMeter [candidate] (11.487 ms) : 0, 11487
GlobalTracer [baseline] (247.113 ms) : 0, 247113
GlobalTracer [candidate] (246.756 ms) : 0, 246756
AppSec [baseline] (26.184 ms) : 0, 26184
AppSec [candidate] (26.231 ms) : 0, 26231
Debugger [baseline] (62.847 ms) : 0, 62847
Debugger [candidate] (63.103 ms) : 0, 63103
Remote Config [baseline] (522.335 µs) : 0, 522
Remote Config [candidate] (528.404 µs) : 0, 528
Telemetry [baseline] (14.841 ms) : 0, 14841
Telemetry [candidate] (14.72 ms) : 0, 14720
Flare Poller [baseline] (4.844 ms) : 0, 4844
Flare Poller [candidate] (4.886 ms) : 0, 4886
IAST [baseline] (25.145 ms) : 0, 25145
IAST [candidate] (25.084 ms) : 0, 25084
section profiling
crashtracking [baseline] (1.161 ms) : 0, 1161
crashtracking [candidate] (1.16 ms) : 0, 1160
BytebuddyAgent [baseline] (681.053 ms) : 0, 681053
BytebuddyAgent [candidate] (681.549 ms) : 0, 681549
AgentMeter [baseline] (8.569 ms) : 0, 8569
AgentMeter [candidate] (8.597 ms) : 0, 8597
GlobalTracer [baseline] (215.335 ms) : 0, 215335
GlobalTracer [candidate] (215.538 ms) : 0, 215538
AppSec [baseline] (31.706 ms) : 0, 31706
AppSec [candidate] (31.905 ms) : 0, 31905
Debugger [baseline] (64.037 ms) : 0, 64037
Debugger [candidate] (64.768 ms) : 0, 64768
Remote Config [baseline] (573.481 µs) : 0, 573
Remote Config [candidate] (574.036 µs) : 0, 574
Telemetry [baseline] (8.988 ms) : 0, 8988
Telemetry [candidate] (8.173 ms) : 0, 8173
Flare Poller [baseline] (3.52 ms) : 0, 3520
Flare Poller [candidate] (3.494 ms) : 0, 3494
ProfilingAgent [baseline] (93.947 ms) : 0, 93947
ProfilingAgent [candidate] (93.52 ms) : 0, 93520
Profiling [baseline] (94.512 ms) : 0, 94512
Profiling [candidate] (94.077 ms) : 0, 94077
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master brian.marks/pr-review-static-checks
git_commit_date 1772556429 1772665287
git_commit_sha 9b93366 f65a67c
release_version 1.61.0-SNAPSHOT~9b93366972 1.61.0-SNAPSHOT~f65a67cfd5
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1772667665 1772667665
ci_job_id 1477385920 1477385920
ci_pipeline_id 100487027 100487027
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-4ewdafxs 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-4ewdafxs 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 18 metrics, 17 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:insecure-bank:iast_FULL:high_load better
[-381.920µs; -151.176µs] or [-7.316%; -2.896%]		 unsure
[-753.854µs; -152.594µs] or [-6.037%; -1.222%]		 unstable
[-48.762op/s; +108.012op/s] or [-6.174%; +13.677%]		 4.954ms 12.033ms 819.375op/s 5.220ms 12.487ms 789.750op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (18.199 ms) : 18009, 18389
.   : milestone, 18199,
appsec (18.729 ms) : 18535, 18922
.   : milestone, 18729,
code_origins (17.836 ms) : 17658, 18015
.   : milestone, 17836,
iast (17.788 ms) : 17611, 17965
.   : milestone, 17788,
profiling (18.71 ms) : 18524, 18895
.   : milestone, 18710,
tracing (17.902 ms) : 17722, 18082
.   : milestone, 17902,
section candidate
no_agent (19.242 ms) : 19040, 19444
.   : milestone, 19242,
appsec (18.915 ms) : 18721, 19109
.   : milestone, 18915,
code_origins (17.954 ms) : 17772, 18135
.   : milestone, 17954,
iast (18.133 ms) : 17954, 18311
.   : milestone, 18133,
profiling (19.249 ms) : 19057, 19442
.   : milestone, 19249,
tracing (17.596 ms) : 17422, 17770
.   : milestone, 17596,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 18.199 ms [18.009 ms, 18.389 ms] -
appsec 18.729 ms [18.535 ms, 18.922 ms] 529.914 µs (2.9%)
code_origins 17.836 ms [17.658 ms, 18.015 ms] -362.374 µs (-2.0%)
iast 17.788 ms [17.611 ms, 17.965 ms] -410.605 µs (-2.3%)
profiling 18.71 ms [18.524 ms, 18.895 ms] 510.788 µs (2.8%)
tracing 17.902 ms [17.722 ms, 18.082 ms] -296.694 µs (-1.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.242 ms [19.04 ms, 19.444 ms] -
appsec 18.915 ms [18.721 ms, 19.109 ms] -327.115 µs (-1.7%)
code_origins 17.954 ms [17.772 ms, 18.135 ms] -1.288 ms (-6.7%)
iast 18.133 ms [17.954 ms, 18.311 ms] -1.109 ms (-5.8%)
profiling 19.249 ms [19.057 ms, 19.442 ms] 7.593 µs (0.0%)
tracing 17.596 ms [17.422 ms, 17.77 ms] -1.646 ms (-8.6%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.177 ms) : 1166, 1189
.   : milestone, 1177,
iast (3.283 ms) : 3237, 3329
.   : milestone, 3283,
iast_FULL (5.854 ms) : 5795, 5913
.   : milestone, 5854,
iast_GLOBAL (3.681 ms) : 3623, 3739
.   : milestone, 3681,
profiling (2.222 ms) : 2201, 2243
.   : milestone, 2222,
tracing (1.758 ms) : 1745, 1772
.   : milestone, 1758,
section candidate
no_agent (1.184 ms) : 1173, 1196
.   : milestone, 1184,
iast (3.277 ms) : 3232, 3322
.   : milestone, 3277,
iast_FULL (5.64 ms) : 5585, 5696
.   : milestone, 5640,
iast_GLOBAL (3.787 ms) : 3736, 3837
.   : milestone, 3787,
profiling (2.182 ms) : 2162, 2203
.   : milestone, 2182,
tracing (1.783 ms) : 1768, 1797
.   : milestone, 1783,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.177 ms [1.166 ms, 1.189 ms] -
iast 3.283 ms [3.237 ms, 3.329 ms] 2.106 ms (178.9%)
iast_FULL 5.854 ms [5.795 ms, 5.913 ms] 4.677 ms (397.3%)
iast_GLOBAL 3.681 ms [3.623 ms, 3.739 ms] 2.504 ms (212.7%)
profiling 2.222 ms [2.201 ms, 2.243 ms] 1.045 ms (88.8%)
tracing 1.758 ms [1.745 ms, 1.772 ms] 581.152 µs (49.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.184 ms [1.173 ms, 1.196 ms] -
iast 3.277 ms [3.232 ms, 3.322 ms] 2.093 ms (176.7%)
iast_FULL 5.64 ms [5.585 ms, 5.696 ms] 4.456 ms (376.3%)
iast_GLOBAL 3.787 ms [3.736 ms, 3.837 ms] 2.602 ms (219.7%)
profiling 2.182 ms [2.162 ms, 2.203 ms] 998.092 µs (84.3%)
tracing 1.783 ms [1.768 ms, 1.797 ms] 598.426 µs (50.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master brian.marks/pr-review-static-checks
git_commit_date 1772556429 1772665287
git_commit_sha 9b93366 f65a67c
release_version 1.61.0-SNAPSHOT~9b93366972 1.61.0-SNAPSHOT~f65a67cfd5
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1772667365 1772667365
ci_job_id 1477385921 1477385921
ci_pipeline_id 100487027 100487027
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-2-w25d370t 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-2-w25d370t 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.746 s) : 14746000, 14746000
.   : milestone, 14746000,
appsec (15.171 s) : 15171000, 15171000
.   : milestone, 15171000,
iast (18.08 s) : 18080000, 18080000
.   : milestone, 18080000,
iast_GLOBAL (17.993 s) : 17993000, 17993000
.   : milestone, 17993000,
profiling (14.779 s) : 14779000, 14779000
.   : milestone, 14779000,
tracing (15.317 s) : 15317000, 15317000
.   : milestone, 15317000,
section candidate
no_agent (15.577 s) : 15577000, 15577000
.   : milestone, 15577000,
appsec (15.283 s) : 15283000, 15283000
.   : milestone, 15283000,
iast (18.265 s) : 18265000, 18265000
.   : milestone, 18265000,
iast_GLOBAL (17.947 s) : 17947000, 17947000
.   : milestone, 17947000,
profiling (15.179 s) : 15179000, 15179000
.   : milestone, 15179000,
tracing (15.066 s) : 15066000, 15066000
.   : milestone, 15066000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.746 s [14.746 s, 14.746 s] -
appsec 15.171 s [15.171 s, 15.171 s] 425.0 ms (2.9%)
iast 18.08 s [18.08 s, 18.08 s] 3.334 s (22.6%)
iast_GLOBAL 17.993 s [17.993 s, 17.993 s] 3.247 s (22.0%)
profiling 14.779 s [14.779 s, 14.779 s] 33.0 ms (0.2%)
tracing 15.317 s [15.317 s, 15.317 s] 571.0 ms (3.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.577 s [15.577 s, 15.577 s] -
appsec 15.283 s [15.283 s, 15.283 s] -294.0 ms (-1.9%)
iast 18.265 s [18.265 s, 18.265 s] 2.688 s (17.3%)
iast_GLOBAL 17.947 s [17.947 s, 17.947 s] 2.37 s (15.2%)
profiling 15.179 s [15.179 s, 15.179 s] -398.0 ms (-2.6%)
tracing 15.066 s [15.066 s, 15.066 s] -511.0 ms (-3.3%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~f65a67cfd5, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.479 ms) : 1467, 1491
.   : milestone, 1479,
appsec (3.751 ms) : 3534, 3968
.   : milestone, 3751,
iast (2.258 ms) : 2189, 2328
.   : milestone, 2258,
iast_GLOBAL (2.307 ms) : 2237, 2377
.   : milestone, 2307,
profiling (2.112 ms) : 2055, 2169
.   : milestone, 2112,
tracing (2.061 ms) : 2007, 2114
.   : milestone, 2061,
section candidate
no_agent (1.475 ms) : 1464, 1487
.   : milestone, 1475,
appsec (3.8 ms) : 3578, 4022
.   : milestone, 3800,
iast (2.257 ms) : 2188, 2326
.   : milestone, 2257,
iast_GLOBAL (2.304 ms) : 2234, 2374
.   : milestone, 2304,
profiling (2.093 ms) : 2038, 2148
.   : milestone, 2093,
tracing (2.064 ms) : 2010, 2118
.   : milestone, 2064,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.479 ms [1.467 ms, 1.491 ms] -
appsec 3.751 ms [3.534 ms, 3.968 ms] 2.272 ms (153.6%)
iast 2.258 ms [2.189 ms, 2.328 ms] 779.348 µs (52.7%)
iast_GLOBAL 2.307 ms [2.237 ms, 2.377 ms] 827.866 µs (56.0%)
profiling 2.112 ms [2.055 ms, 2.169 ms] 632.891 µs (42.8%)
tracing 2.061 ms [2.007 ms, 2.114 ms] 581.814 µs (39.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.475 ms [1.464 ms, 1.487 ms] -
appsec 3.8 ms [3.578 ms, 4.022 ms] 2.325 ms (157.6%)
iast 2.257 ms [2.188 ms, 2.326 ms] 781.896 µs (53.0%)
iast_GLOBAL 2.304 ms [2.234 ms, 2.374 ms] 829.09 µs (56.2%)
profiling 2.093 ms [2.038 ms, 2.148 ms] 617.746 µs (41.9%)
tracing 2.064 ms [2.01 ms, 2.118 ms] 588.698 µs (39.9%)

PerfectSlayer
PerfectSlayer reviewed Mar 5, 2026
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❔ question: ‏Quick question while in draft, what’s the motivation behind this PR? (as the PR does not follow the template, it misses that part).
Some of the linters already exist and are in place, but we do not spend time fixing it.
Would not be better to fix the existing issues rather than adding more linters and complexify the build and tooling?

@bm1549
Copy link
Contributor Author

bm1549 commented Mar 5, 2026

❔ question: ‏Quick question while in draft, what’s the motivation behind this PR? (as the PR does not follow the template, it misses that part). Some of the linters already exist and are in place, but we do not spend time fixing it. Would not be better to fix the existing issues rather than adding more linters and complexify the build and tooling?

@PerfectSlayer this was an exploration from my side where I wanted to see how many PR comments are "routine" and could be codified as static checks, rather than requiring a human to review. The goal here is to reduce the amount of effort spent by reviewers without reducing the code quality of the repo

I opted towards CI checks, rather than updating the AGENTS.md or docs, since this is more predictable, consistent, and environmentally friendly. As for fixing the existing issues, good call out there for sure

While I have you, one question for you - do you think the checks being suggested here are in-line with your expectations as a code reviewer?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PerfectSlayer PerfectSlayer PerfectSlayer left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

tag: ai generated Largely based on code generated by an AI or LLM

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bm1549 @PerfectSlayer