Increase SCA vulnerability test coverage

[bric3]

What Does This Do

Expands the test coverage for SCA (Software Composition Analysis) vulnerabilities.

Motivation

Additional Notes

Contributor Checklist

• Format the title according to the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any other useful labels
• Avoid using close, fix, or any linking keywords when referencing an issue
  Use solves instead, and assign the PR milestone to the issue
• Update the CODEOWNERS file on source file addition, migration, or deletion
• Update public documentation with any new configuration flags or behaviors
• Add your completed PR to the merge queue by commenting /merge. You can also:
  • Customize the commit message associated with the merge with /merge --commit-message "..."
  • Remove your PR from the merge queue with /merge -c
  • Skip all merge queue checks with /merge -f --reason "reason"; please use this judiciously, as some checks do not run at the PR-level (note: the PR still needs to be mergeable, this will only skip the pre-merge build)
  • Get more information in this doc

Jira ticket: [PROJ-IDENT]

[dd-octo-sts]

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

• Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

[AlexeyKuznetsov-DD]

Left minor comments.

[dd-octo-sts]

🟢 Java Benchmark SLOs — All performance SLOs passed

Suite	Status
Startup	🟢 pass

SLO thresholds are defined here based on automatically generated metrics. A warning is raised when results are within 5% of the threshold.

PR vs. master results

Scenario	Candidate	master	Δ (95% CI of mean)
startup:insecure-bank:iast:Agent	14.00 s	13.95 s	[-0.5%; +1.1%] (no difference)
startup:insecure-bank:tracing:Agent	12.89 s	12.92 s	[-0.8%; +0.3%] (no difference)
startup:petclinic:appsec:Agent	16.88 s	16.10 s	[+0.5%; +9.2%] (maybe worse)
startup:petclinic:iast:Agent	16.29 s	16.93 s	[-8.1%; +0.5%] (no difference)
startup:petclinic:profiling:Agent	16.67 s	16.84 s	[-2.0%; +0.0%] (no difference)
startup:petclinic:sca:Agent	16.87 s	16.71 s	[-0.0%; +2.0%] (no difference)
startup:petclinic:tracing:Agent	16.00 s	16.35 s	[-3.1%; -1.2%] (significantly better)

Commit: 3d56b60e · CI Pipeline · Benchmarking Platform UI

---

Load and DaCapo benchmarks can be triggered manually in the GitLab pipeline. Results will appear in the Benchmarking Platform UI after completion.