Add helper rewrite in rust

[cataphract]

Description

Passing integration and system-tests.

Further integration into sidecar and protocol changes pending.

Reviewer checklist

• Test coverage seems ok.
• Appropriate labels assigned.

[datadog-datadog-prod-us1]

⚠️ Tests

✨ Fix all issues with BitsAI or with Cursor

⚠️ Warnings

❄️ 2 New flaky tests detected

Rasp telemetry is generated() from com.datadog.appsec.php.integration.TelemetryTests (Datadog) (Fix with Cursor)

Assertion failed: 

assert wafReq1 != null
       |       |
       null    false

Assertion failed: 

assert wafReq1 != null
       |       |
...

telemetry log for failed application of config() from com.datadog.appsec.php.integration.TelemetryTests (Datadog) (Fix with Cursor)

Assertion failed: 

assert messages.any { it.level == 'ERROR' && it.message == "bad cast, expected 'array', obtained 'string'" && it.parsedTags == [ log_type: 'rc::asm_data::diagnostic', appsec_config_key: 'rules_data', rc_config_id: 'bad_config', ] }
       |        |
       |        false

Assertion failed: 

assert messages.any { it.level == 'ERROR' && it.message == "bad cast, expected 'array', obtained 'string'" && it.parsedTags == [ log_type: 'rc::asm_data::diagnostic', appsec_config_key: 'rules_data', rc_config_id: 'bad_config', ] }
       |        |
...

🧪 1058 Tests failed

❄️ Known flaky: testCommandWithArgument from cakephp-28-test.DDTrace\Tests\Integrations\CLI\CakePHP\V2_8\CommonScenariosTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integrations\CLI\CakePHP\V2_8\CommonScenariosTest::testCommandWithArgument
TypeError: Argument 1 passed to DDTrace\Tests\Common\SpanChecker::DDTrace\Tests\Common\{closure}() must be of the type array, string given

tests/Common/SpanChecker.php:599
tests/Common/SpanChecker.php:601
tests/Common/SpanChecker.php:346
tests/Common/SpanAssertionTrait.php:19
tests/Common/IntegrationTestCase.php:197
tests/Integrations/CLI/CakePHP/V2_8/CommonScenariosTest.php:51
tests/Common/RetryTraitVersionGeneric.php:28
...

❄️ Known flaky: testCommandWithNoArguments from cakephp-28-test.DDTrace\Tests\Integrations\CLI\CakePHP\V2_8\CommonScenariosTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integrations\CLI\CakePHP\V2_8\CommonScenariosTest::testCommandWithNoArguments
TypeError: Argument 1 passed to DDTrace\Tests\Common\SpanChecker::DDTrace\Tests\Common\{closure}() must be of the type array, string given

tests/Common/SpanChecker.php:599
tests/Common/SpanChecker.php:601
tests/Common/SpanChecker.php:346
tests/Common/SpanAssertionTrait.php:19
tests/Common/IntegrationTestCase.php:197
tests/Integrations/CLI/CakePHP/V2_8/CommonScenariosTest.php:35
tests/Common/RetryTraitVersionGeneric.php:28
...

❄️ Known flaky: testCommandWithArgument from cakephp-45-test.DDTrace\Tests\Integrations\CLI\CakePHP\V4_5\CommonScenariosTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integrations\CLI\CakePHP\V4_5\CommonScenariosTest::testCommandWithArgument
TypeError: DDTrace\Tests\Common\SpanChecker::DDTrace\Tests\Common\{closure}(): Argument #1 ($span) must be of type array, string given

tests/Common/SpanChecker.php:599
tests/Common/SpanChecker.php:346
tests/Common/SpanAssertionTrait.php:19
tests/Common/IntegrationTestCase.php:197
tests/Integrations/CLI/CakePHP/V3_10/CommonScenariosTest.php:44
tests/Common/RetryTraitVersionGeneric.php:28

View all

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 7a764ea | Docs | Datadog PR Page | Was this helpful? Give us feedback!}

[codecov-commenter]

Codecov Report

❌ Patch coverage is 86.30228% with 619 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.30%. Comparing base (21d2f00) to head (a645d2e).
⚠️ Report is 18 commits behind head on master.

Files with missing lines	Patch %	Lines
appsec/helper-rust/src/client.rs	85.23%	93 Missing ⚠️
appsec/helper-rust/src/lib.rs	51.61%	90 Missing ⚠️
appsec/helper-rust/src/rc.rs	85.71%	68 Missing ⚠️
appsec/helper-rust/src/telemetry/sidecar.rs	78.62%	56 Missing ⚠️
appsec/helper-rust/src/service/sampler.rs	90.76%	34 Missing ⚠️
appsec/helper-rust/src/client/protocol.rs	92.43%	33 Missing ⚠️
appsec/helper-rust/src/lock.rs	72.07%	31 Missing ⚠️
appsec/helper-rust/src/service/waf_diag.rs	87.96%	29 Missing ⚠️
appsec/helper-rust/src/ffi.rs	79.69%	27 Missing ⚠️
appsec/helper-rust/src/service/waf_ruleset.rs	66.23%	26 Missing ⚠️
... and 11 more

❌ Your patch status has failed because the patch coverage (86.30%) is below the target coverage (90.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #3581       +/-   ##
===========================================
+ Coverage   62.24%   86.30%   +24.05%     
===========================================
  Files         141       22      -119     
  Lines       13387     4519     -8868     
  Branches     1753        0     -1753     
===========================================
- Hits         8333     3900     -4433     
+ Misses       4257      619     -3638     
+ Partials      797        0      -797     

Flag	Coverage Δ
helper-rust-integration	78.79% <78.79%> (?)
helper-rust-unit	46.51% <46.51%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
appsec/helper-rust/src/service/metrics.rs	100.00% <100.00%> (ø)
appsec/helper-rust/src/config.rs	97.56% <97.56%> (ø)
appsec/helper-rust/src/client/attributes.rs	97.76% <97.76%> (ø)
appsec/helper-rust/src/service/limiter.rs	91.66% <91.66%> (ø)
appsec/helper-rust/src/service/updateable_waf.rs	96.17% <96.17%> (ø)
appsec/helper-rust/src/client/log.rs	41.17% <41.17%> (ø)
appsec/helper-rust/src/client/metrics.rs	93.10% <93.10%> (ø)
appsec/helper-rust/src/service/config_manager.rs	90.07% <90.07%> (ø)
appsec/helper-rust/src/server.rs	59.09% <59.09%> (ø)
appsec/helper-rust/src/rc_notify.rs	77.90% <77.90%> (ø)
... and 12 more

... and 141 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 21d2f00...a645d2e. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[pr-commenter]

Benchmarks [ appsec ]

Benchmark execution time: 2026-02-11 15:07:37

Comparing candidate commit a645d2e in PR branch glopes/helper-rust with baseline commit 21d2f00 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

[pr-commenter]

Benchmarks [ tracer ]

Benchmark execution time: 2026-02-11 15:27:23

Comparing candidate commit a645d2e in PR branch glopes/helper-rust with baseline commit 21d2f00 in branch master.

Found 0 performance improvements and 6 performance regressions! Performance is the same for 184 metrics, 4 unstable metrics.

scenario:ComposerTelemetryBench/benchTelemetryParsing

• 🟥 execution_time [+461.739ns; +1338.261ns] or [+4.050%; +11.739%]

scenario:MessagePackSerializationBench/benchMessagePackSerialization-opcache

• 🟥 execution_time [+2.855µs; +4.605µs] or [+2.783%; +4.488%]

scenario:SamplingRuleMatchingBench/benchRegexMatching1

• 🟥 execution_time [+102.468ns; +155.132ns] or [+8.891%; +13.460%]

scenario:SamplingRuleMatchingBench/benchRegexMatching2

• 🟥 execution_time [+110.125ns; +146.275ns] or [+9.622%; +12.781%]

scenario:SamplingRuleMatchingBench/benchRegexMatching3

• 🟥 execution_time [+106.348ns; +148.852ns] or [+9.166%; +12.830%]

scenario:SamplingRuleMatchingBench/benchRegexMatching4

• 🟥 execution_time [+73.441ns; +130.759ns] or [+6.320%; +11.252%]

[morrisonlevi]

This PR is so large that github will only permit me to review it one file at a time. I didn't even know that was a thing! You're going to need to break it down into a series of smaller PRs, probably.

[bwoebi]

@morrisonlevi I've had success for very big PRs with the PHPStorm/CLion github integrations in the past. Doesn't matter for small PRs, but can definitely recommend it for extra-large PRs :-)