feat(appsec): add metric for unsupported lambda event types

[florentinl]

Motivation

Avoid billing when Appsec is enabled for unsupported lambda events. To keep track of executions with unsupported events, we add a span metric.

Changes

• Selectively skip processing the span based on the event

To make the information available, I used the same pattern as the asm context initialization by storing temporary information inside the ExecutionContext.

The only difference is that in the case of lambda we only have a single global ExecutionContext so we have to clean it up.

Notes

This PR relies on: DataDog/datadog-lambda-python#627

Checklist

• PR author has checked that all the criteria below are met
• The PR description includes an overview of the change
• The PR description articulates the motivation for the change
• The change includes tests OR the PR description describes a testing strategy
• The PR description notes risks associated with the change, if any
• Newly-added code is easy to change
• The change follows the library release note guidelines
• The change includes or references documentation updates if necessary
• Backport labels are set (if applicable)

Reviewer Checklist

• Reviewer has checked that all the criteria below are met
• Title is accurate
• All changes are related to the pull request's stated goal
• Avoids breaking API changes
• Testing strategy adequately addresses listed risks
• Newly-added code is easy to change
• Release note makes sense to a user of the library
• If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
• Backport labels are set in a manner that is consistent with the release branch maintenance policy

[github-actions]

CODEOWNERS have been resolved as:

ddtrace/appsec/_constants.py                                            @DataDog/asm-python
ddtrace/appsec/_processor.py                                            @DataDog/asm-python
ddtrace/settings/asm.py                                                 @DataDog/asm-python
tests/appsec/appsec/test_processor.py                                   @DataDog/asm-python
tests/appsec/utils.py                                                   @DataDog/asm-python

[github-actions]

Bootstrap import analysis

Comparison of import times between this PR and base.

Summary

The average import time from this PR is: 276 ± 3 ms.

The average import time from base is: 278 ± 2 ms.

The import time difference between this PR and base is: -2.2 ± 0.1 ms.

Import time breakdown

The following import paths have shrunk:

ddtrace.auto 1.999 ms (0.72%)

ddtrace.bootstrap.sitecustomize 1.321 ms (0.48%)

ddtrace.bootstrap.preload 1.321 ms (0.48%)

ddtrace.internal.remoteconfig.client 0.661 ms (0.24%)

ddtrace 0.678 ms (0.25%)

ddtrace.internal._unpatched 0.032 ms (0.01%)

json 0.032 ms (0.01%)

json.decoder 0.032 ms (0.01%)

re 0.032 ms (0.01%)

enum 0.032 ms (0.01%)

types 0.032 ms (0.01%)

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-07-03 13:37:26

Comparing candidate commit eac244e in PR branch florentinl/APPSEC-58145/bill-only-supported-events with baseline commit 40bfbe4 in branch main.

Found 0 performance improvements and 2 performance regressions! Performance is the same for 545 metrics, 3 unstable metrics.

scenario:iastaspects-strip_aspect

• 🟥 execution_time [+748.378ns; +815.235ns] or [+7.185%; +7.827%]

scenario:telemetryaddmetric-1-distribution-metric-1-times

• 🟥 execution_time [+411.373ns; +446.152ns] or [+14.138%; +15.333%]