1.42.0
github-actions
released this
04 Nov 17:20
·
157 commits
to master
since this release
Known Issues
This release contains a critical bug that may cause intermittent crashes when using profiler.
To avoid this bug you can either upgrade to v1.42.1
, revert to v1.41.2
, or:
- To greatly reduce the chance of crash, disable native stack collection via
-Ddd.profilng.ddprof.cstack=no
- To completely eliminate the chance of crash, turn off Datadog Java profiler via
-Ddd.profiling.ddprof.enabled=false
and use only JFR, when available
Components
Application Security Management (IAST)
- Limit the visiting of objects for Trust Boundary Violation (#7847 - @manuel-alvarez-alvarez)
- 🐛 Update header injection exclusions (reduce false positives) (#7821 - @manuel-alvarez-alvarez)
- 🐛 Ensure vulnerabilities are reported with taintable values (#7801 - @manuel-alvarez-alvarez)
- Move SSRF support for IAST to HttpClientDecorator (#7792 - @Mariovido)
- 🐛 Fix String subsequence taint tracking bug (#7778 - @jandro996)
- Attach stacktrace to IAST vulnerabilities (#7757 - @jandro996)
Application Security Management (WAF)
- Update ASM rules to 1.13.2 (#7844 - @ValentinZakharov)
- Update ASM rules to 1.13.1 (#7831 - @ValentinZakharov)
- ✨ Upgrade to libddwaf 1.20.1 (libddwaf-java 11.1.0) (#7828 - @ValentinZakharov)
- Propagate AppSec blocking exceptions from bytebuddy supressions (#7516 - @manuel-alvarez-alvarez)
Build & Tooling
- Remove hadoop from the denylist (#7866 - @andrewlock)
Configuration at Runtime
- 🐛 Fix remote config update operation (#7856 - @ValentinZakharov)
- ✨🔍 Fix relying on configId for remote config log level tracer flare change (#7788 - @cecile75)
Continuous Integration Visibility
- Add codeowners tag to test suites (#7861 - @daniel-mohedano)
- 🐛 Fix skippable tests request in headless mode (#7860 - @nikita-tkachenko-datadog)
- 🐛 Fix code coverage percentage reporting for Android projects (#7815 - @nikita-tkachenko-datadog)
- Lower log level for duplicate repo index keys warning (#7814 - @nikita-tkachenko-datadog)
- 🐛 Throw exception when using repo index to resolve source path for classes with identical names (#7793 - @nikita-tkachenko-datadog)
- 🐛 Fix automatic coverage includes calculation for headless test sessions (#7784 - @nikita-tkachenko-datadog)
- 🐛 Fix Jacoco coverage exclusion (#7783 - @nikita-tkachenko-datadog)
- 🐛 Fix module name detection for headless sessions (#7779 - @nikita-tkachenko-datadog)
Database Monitoring
- Add _dd.dbm_trace_injected tag to SQL Server prepared statements (#7863 - @nenadnoveljic)
- Add DBM_TRACE_INJECTED tag to SQL Server (#7849 - @nenadnoveljic)
Dynamic Instrumentation
- Make SymDB upload enabled by default for DI (#7869 - @jpbempel)
- Fix
Where
conversion for CodeOrigin probes (#7858 - @jpbempel) - Add compression support for SymDB paylods (#7851 - @jpbempel)
- Split SymDB payload when too large (#7838 - @jpbempel)
- Add retry policy for uploading requests to agent (#7824 - @jpbempel)
- ⚡ Avoid exception when capturing fields in jdk16+ (#7774 - @jpbempel)
JMX fetch
- Bump JMXFetch to 0.49.5 (#7853 - @carlosroman)
Profiling
- Do not force-disable TLAB allocation events on JDK 8 (#7878 - @jbachorik)
- Bump ddprof to 1.16.0 (#7871 - @jbachorik)
- Improve robustness of the crash signal handler by @jbachorik in DataDog/java-profiler#134
- Remove a looping allocation when updating threads by @r1viollet in DataDog/java-profiler#135
- Add a fail-safe when we encounter double-exit from crash handler by @jbachorik in DataDog/java-profiler#138
- Crash handler recursion protection - Fix by @r1viollet in DataDog/java-profiler#139
- Split java version to 'java version' and 'hotspot version' by @jbachorik in DataDog/java-profiler#142
- Do not patch jmethodIDs for newer than JDK 8 by @jbachorik in DataDog/java-profiler#148
- Delay queue time rate limiting until event is committed (#7867 - @richardstartin)
- 🐛 Apply rate limit to queue events (#7823 - @richardstartin)
- Unwrap netty writetask (#7822 - @richardstartin)
- ✨⚡ Introduce aggregated smap events (enabled by default) (#7820 - @MattAlp)
Telemetry
Tracer core
- 🐛 Prevent NPE setting null span baggage (#7848 - @PerfectSlayer)
- Widen catch blocks to make agent discovery more tolerant (#7796 - @mcculls)
- Fall back to ports when we cannot use auto-discovered unix domain sockets (#7794 - @mcculls)
- Improve isolation of embedded JFFI dependency (#7789 - @mcculls)
- ✨ Support DD_TRACE_<INTEGRATION>_ENABLED (#7718 - @mtoffl01)
- ✨
⚠️ Add support forTRACE_HTTP_CLIENT_TAG_QUERY_STRING
and change default value ofHTTP_CLIENT_TAG_QUERY_STRING
totrue
(#7677 - @mhlidd) - Propagate AppSec blocking exceptions from bytebuddy supressions (#7516 - @manuel-alvarez-alvarez)
Instrumentations
Apache Spark instrumentation
- 🐛 Fix default value for long-running spans with DJM (#7795 - @paul-laffon-dd)
- Support for kafka lag metrics in spark streaming applications (#7474 - @kr-igor)
AWS SDK instrumentation
JAX-WS instrumentation
- Add Jakarta WebService Instrumentation (#7854 - @jordan-wong)
JDBC instrumentation
- 🐛 Avoid metadata access in driver connect advice for Oracle sharded connections (#7812 - @mcculls)
- 🐛 Do not parse DBInfo when no connection (#7800 - @amarziali)
Kafka instrumentation
- Enabled kafka-clients 3.8+ by default (#7818 - @nayeem-kamal)
Lettuce instrumentation
- ✨ Support lettuce 6.5 (#7876 - @amarziali)
Reactor instrumentation
- ✨ Support reactor context span propagation (#7864 - @amarziali)