Releases: DataDog/dd-trace-java
Releases · DataDog/dd-trace-java
1.35.0-RC1
Warning
This is a release candidate and is not intended for use in production.
Please open an issue regarding any problems in this release candidate.
Components
Application Security Management (IAST)
- Add XSS support for JSP (#6944 - @jandro996)
- Detect a vulnerability when a default application is deployed (#6885 - @jandro996)
Application Security Management (WAF)
- 🐛 Fix HandleVisitor instrumentation for jetty >= 11.16.0 (avoids logged error) (#7100 - @manuel-alvarez-alvarez)
- 🐛 Fix IP denylist parsing when expiration date does not fit an integer (#7097 - @smola)
- 🐛 Prevent AppSec context from being closed more than once on partial flush (#7059 - @smola)
- Added support for SQLi exploit prevention (#7051 - @ValentinZakharov)
- Add support for meta_struct field in API v4 (#7031 - @manuel-alvarez-alvarez)
- Collect WAF headers on user sdk events (#7014 - @manuel-alvarez-alvarez)
- Collect common WAF request header values by default (#7010 - @manuel-alvarez-alvarez)
- Always collect accept, content-type and user-agent when appsec is enabled (#7009 - @manuel-alvarez-alvarez)
- Upgrade to libddwaf 1.18.0 (libddwaf-java 10.0.0) (#7006 - @ValentinZakharov)
Build & Tooling
- ✨ Update lib-injection docker image tags (#7057 - @andrewlock)
Cloud Workload Security (CWS)
Configuration at Runtime
Continuous Integration Visibility
- Fix 'polynomial regular expression used on uncontrolled data' vulnerability in Git config parsing logic (#7053 - @nikita-tkachenko-datadog)
- 🐛 Do not transform Mockito-generated classes (#7048 - @nikita-tkachenko-datadog)
- 🐛 Fix JUnit 4 integration to support PowerMock (#7046 - @nikita-tkachenko-datadog)
- 🐛 Fix Gradle instrumentation: do not fail if Jacoco excluded CL list is immutable (#7044 - @nikita-tkachenko-datadog)
- 🐛 Fix instrumentation for legacy JUnit 3.8 tests (#7041 - @nikita-tkachenko-datadog)
Database Monitoring
Data Streams Monitoring (DSM)
- Add poll span for kafka when DSM is enabled (#6969 - @piochelepiotr)
- Tag every span with the product tag if it is enabled (#7011 - @kr-igor)
- Add product tags to each span if products are enabled (#6990 - @kr-igor)
Dynamic Instrumentation
- 🐛 Ensure locals are in scope when generating metrics (#7121 - @jpbempel)
- Remove too generic redaction keywords (#7117 - @jpbempel)
- 🐛 Fix line probe in method with inline lambdas (#7099 - @jpbempel)
- Report exception when deserializing config (#7092 - @jpbempel)
- Add option to limit number of frames captured (#7083 - @jpbempel)
- Add circuit breaker for Exception Debugging (#7074 - @jpbempel)
- 🐛 Fix short circuiting of boolean expressions (#7060 - @jpbempel)
- Add
EXCEPTION_REPLAY_ENABLED
config token (#7054 - @jpbempel) - 🐛⚡ Fix perf issue when accessing fields by reflection (#7052 - @jpbempel)
- ✨ Add Throwable capturing fields support for JDK16+ (#7047 - @jpbempel)
- 🔍 Add fingerprint info into Tracer flare (#7043 - @jpbempel)
- 🐛⚡ Fix expensive folding only in debug level (#7042 - @jpbempel)
- Protect Map and Set accesses to be only in-memory (#7032 - @jpbempel)
- Remove debug log on sampling (#7021 - @jpbempel)
- 🐛 Fix support of literals in Expression Language (#7018 - @jpbempel)
- Fix log level and message for SymDB extraction (#7016 - @jpbempel)
- 🐛 Fix ArrayIndexOutOfBoundsException in adjustLocalVarsBasedOnArgs (#7013 - @jpbempel)
- Filter out Errors for Exception Debugging (#6997 - @jpbempel)
- Add support of Set in Expression Language (#6992 - @jpbempel)
GraalVM native-image
Metrics
OpenTracing
- Add a TracingFactory (since opentracing-tracerresolver 0.1.5) which resolves our tracer (#7102 - @mcculls)
- Bump opentracing-tracerresolver to 0.1.6 (#7093 - @fedefernandez - thanks for the contribution!)
Profiling
- 🔍 Add detailed debug logging for tracing/profiler context integration (#7115 - @richardstartin)
- Emit rate limited JFR events when RejectedExecutionHandlers run (#7076 - @richardstartin)
- 🐛 Fix the ddprof safety check (#7037 - @jbachorik)
- Upgrade ddprof to 1.7.0 (#7033 - @richardstartin)
- Extend gRPC context propagation into
WriteQueue
, add queue timing toWriteQueue
commands (#7110 - @richardstartin)
Telemetry
- Report updated
trace.sampling.rules
to telemetry (#7106 - @mcculls) - Enable telemetry logs for IAST, CI Visibility and Dynamic Instrumentation users (#7017 - @smola)
- Adding support for reporting remote config id (#7012 - @stanistan)
- ✨ Add log file if size is not too big (#6993 - @cecile75)
Tracer core
- 🔍 Improve agentServiceCheck to handle scenarios where the tracer is configured to use UDS (#7098 - @mcculls)
- Preserve
unix:
agent URLs (#7094 - @mcculls) - Move backend communication logic to common module (#7081 - @nikita-tkachenko-datadog)
- Bump byte-buddy to 1.14.16 (#7077 - @mcculls)
- Add support for meta_struct field in API v4 (#7031 - @manuel-alvarez-alvarez)
- 💡 Support loading trace extensions from a comma-separated list of jars, or directories containing jars (#7030 - @mcculls)
- Implement span origin for JVM applications (#7001 - @evanchooly)
- Add tracer log file to tracer flare if datadog.slf4j.simpleLogger.logFile is defined (#6999 - @cecile75)
Instrumentations
AWS SDK instrumentation
- Add aws sns instrumentation for AWS lambda (#6908 - @joeyzhao2018)
Core Java language instrumentation
- ✨ Disable URL instrumentation by default (#7073 - @mcculls)
- ✨🧹 Improve loom features support (#7045 - @PerfectSlayer)
JDBC instrumentation
Kafka instrumentation
- Add poll span for kafka when DSM is enabled (#6969 - @piochelepiotr)
Micronaut instrumentation
- Support micronaut 4.x (#7035 - @amarziali)
Netty instrumentation
- 🐛 Don't finish parent span when instrumenting a client (#7126 - @amarziali)
OpenTelemetry instrumentation
- Support custom OpenTelemetry context (#7118 - @mcculls)
- ⚡ Avoid creating unnecessary OtelSpanContext when extracting context from OTel wrapper around Datadog span (#7116 - @mcculls)
- Track OpenTelemetry propagated context (#7114 - @mcculls)
- Runtime drop-in support for OpenTelemetry instrumentations (#7086 - @mcculls)
Spring instrumentation
⚠️ Enable spring boot service name detection from spring.application.name (#7029 - @amarziali)
1.34.0
Components
Application Security Management (IAST)
- Report servlet misconfiguration vulnerabilities with opt-out configuration (#6970 - @jandro996)
- ⚡ Only enable byte[] or char[] call sites in full detection mode (#6960 - @manuel-alvarez-alvarez)
- 🔍 Report via telemetry if _dd.iast.json tag exceeds max tag size (#6930 - @jandro996)
- Add environment variable to activate SCA (#6902 - @jandro996)
- 🐛 Add option to disable IAST instrumenter for anonymous classes (#6898 - @manuel-alvarez-alvarez)
- 🧹 Refactor propagation module with APIs for strings and objects (#6820 - @manuel-alvarez-alvarez)
Application Security Management (WAF)
- Exclude non username and password authentication from user tracking (#6995 - @manuel-alvarez-alvarez)
- Skip auto user events when sign-up logic fails (#6964 - @manuel-alvarez-alvarez)
Configuration
- Add single parameter
dd.data.jobs.enabled
to enable DJM (#6972 - @paul-laffon-dd)
Configuration at Runtime
Continuous Integration Visibility
- 🐛 Flush on tracer close if CI Visibility enabled (#6985 - @nikita-tkachenko-datadog)
- 🐛 Fix Selenium instrumentation to avoid trying to set cookies for about:blank and other similar pages (#6973 - @nikita-tkachenko-datadog)
- 🐛 Do not trace processes spawned by internal shell command executor (#6927 - @nikita-tkachenko-datadog)
- 🐛 Fix CI Visibility Gradle plugin to be compatible with Gradle build scans (#6913 - @nikita-tkachenko-datadog)
Data Streams Monitoring (DSM)
Dynamic Instrumentation
- Capture exception snapshots only once an hour (#6983 - @jpbempel)
- Consolidate PII redaction keys for all libraries. (#6980 - @shurivich)
- Add coordinated sampling for Exception Debugging (#6974 - @jpbempel)
- Only capture stacktrace for snapshot probes (#6955 - @jpbempel)
- Optimize Redaction detection when capturing values (#6947 - @jpbempel)
- Integrate initial list of third party libraries (#6928 - @ojung)
OpenTracing
Profiling
- Upgrade to ddprof 1.5.0 (#6978 - @richardstartin)
- Remove unnecessary cache for custom context encodings by @richardstartin in DataDog/java-profiler#86
- Prevent race condition in LivenessTracker by @jbachorik in DataDog/java-profiler#88
- Drop bad queue time events by @richardstartin in DataDog/java-profiler#89
- Trust ticks parameters by @richardstartin in DataDog/java-profiler#90
- Make tasks wrapped by grpc-context unwrappable (#6977 - @richardstartin)
- Use real time threshold for queue times (#6976 - @richardstartin)
- Unwrap akka
TaskInvocation
and scalaCallbackRunnable
(#6975 - @richardstartin) - Ensure time waiting for
CyclicBarrier
andCountDownLatch
is eligible for wallclock profiling (#6941 - @richardstartin)
Testing
- Add test set for tomcat 11 (#6966 - @amarziali)
Tracer core
- 💡 Adding sampling provenance/mechanism to SamplingRules (#6989 - @dougqh)
- ⚡ Check target super-class implements
FieldBackedContextAccessor
before delegating to it (#6950 - @mcculls) - 🧪 Support deferred matching and transformation for particular class-loaders (#6887 - @mcculls)
- Add enabledProducts tag to all spans (APM / DSM / DJM) (#6967 - @kr-igor)
Instrumentations
Akka instrumentation
- Anwrap akka
TaskInvocation
and scalaCallbackRunnable
(#6975 - @richardstartin)
Apache Spark instrumentation
- Increase spark listener max collection size (#6979 - @paul-laffon-dd)
- Finish pyspark-shell trace using SparkListenerApplicationEnd (#6956 - @paul-laffon-dd)
- Add logs on datadog spark listener lifecycle (#6943 - @paul-laffon-dd)
OpenTelemetry instrumentation
Protobuf Instrumentation
- Instrument Google protobuf serialization/deserialization (#6865 - @piochelepiotr)
Scala instrumentation
- Unwrap akka
TaskInvocation
and scalaCallbackRunnable
(#6975 - @richardstartin)
Other changes
1.33.0
Components
Application Security Management (IAST)
- Admin Console Active vulnerability hash calculation (#6897 - @jandro996)
- Remove deduplication for session rewriting vulnerability report (#6895 - @jandro996)
- Exclude oracle.j2ee from vulnerability locations (#6888 - @smola)
- Add directory listing support to WEBLOGIC, WEBSPHERE and JETTY (#6871 - @jandro996)
- Detect Tomcat's host manager tomcat application as admin console (#6867 - @jandro996)
- Add session rewriting detection (#6692 - @jandro996)
Application Security Management (WAF)
- Introduced trace post-processing (#6800 - @ValentinZakharov)
Continuous Integration Visibility
- 🐛 Do not abort CI Visibility spans dispatch on interrupt (#6926 - @nikita-tkachenko-datadog)
- Disable retry instrumentations if both Early Flakiness Detection and Flaky Test Retries are turned off (#6925 - @nikita-tkachenko-datadog)
- 🐛 Fix Karate instrumentation to handle parallel tests execution (#6924 - @nikita-tkachenko-datadog)
- Increase default timeout for requests made to CI Visibility backend through EVP proxy (#6884 - @nikita-tkachenko-datadog)
- Implement Selenium support in CI Visibility (#6799 - @nikita-tkachenko-datadog)
Data Streams Monitoring
- Enable Data Streams without adding context into Kafka headers (#6533 - @piochelepiotr)
GraalVM native-image
- Register SpanLinkAdapter and SpanLinkJson for reflection (#6892 - @luneo7 - thanks for the contribution!)
Profiling
- Update ddprof to 1.4.0 (#6914 - @jbachorik)
Tracer core
- Introduced trace post-processing (#6800 - @ValentinZakharov)
Instrumentations
Kafka instrumentation
- Enable Data Streams without adding context into Kafka headers (#6533 - @piochelepiotr)
1.32.0
Components
Application Security Management (IAST)
- ⚡ Improve IAST metric unwrapping logic (#6831 - @manuel-alvarez-alvarez)
- Ensure no IAST advices are added unless appsec is fully enabled (#6813 - @manuel-alvarez-alvarez)
- ⚡ Add request sampling back in http sources (#6810 - @manuel-alvarez-alvarez)
- ✨ Improve coverage of application vulnerabilities for servlet (#6803 - @jandro996)
- Add support for kafka bytebuffers in 3.x (#6736 - @manuel-alvarez-alvarez)
Application Security Management (WAF)
- Upgrade to libddwaf-java 9.1.1 (#6846 - @smola)
- Minify AppSec rules (#6773 - @smola)
- ⚡ Improved API Security schema computation performance (#6765 - @ValentinZakharov)
- Upgrade to AppSec rules v1.11.0 (#6754 - @smola)
- Replace ASM transient mechanism with WAF ephemeral addresses (#6687 - @ValentinZakharov)
- Added GraphQL monitoring support (#6375 - @ValentinZakharov)
Configuration at Runtime
- Allow for disablement of tracing via remote config (#6827 - @nayeem-kamal)
Continuous Integration Visibility
- 🐛 Fix handling skipped features in Karate (#6870 - @nikita-tkachenko-datadog)
- 🐛 Flush pending traces synchronously before terminating child process (#6866 - @nikita-tkachenko-datadog)
- Reduce logging noise in CI Visibility (#6825 - @nikita-tkachenko-datadog)
- Add possibility to retry every failed test when retries are enabled (#6821 - @nikita-tkachenko-datadog)
- 🐛 Fix tracing for tests executed with JUnit Platform Runner (#6818 - @nikita-tkachenko-datadog)
- Optimize in-progress tests and suites lookup (#6728 - @nikita-tkachenko-datadog)
Data Streams Monitoring
Dynamic Instrumentation
- 🐛 Fix inaccessible fields capture (#6883 - @jpbempel)
- Make Exception debugging instrumentation async (#6829 - @jpbempel)
- Add frame tags and send snapshots on addThrowable (#6824 - @jpbempel)
- Filter out bridge methods when instrumenting methods (#6785 - @evanchooly)
GraalVM native-image
- Enhance 'runtime_version' tag to encode graalvm source (#6788 - @jbachorik)
Library Injection
- Update base image used for lib injection (#6814 - @randomanderson)
Metrics
Profiling
- Upgrade ddprof to 1.3.0 (#6845 - @richardstartin)
- Fix spurious context clear when thread detached from wallclock profiling (#6836 - @richardstartin)
- Enable queue time tracing by default (#6833 - @richardstartin)
- Unwrap ForkJoinTask$AdaptedInterruptibleCallable (#6830 - @richardstartin)
- Ensure queue timer is started for RunnableFuture types (#6828 - @richardstartin)
- use JFR timestamping for queue time thresholds (#6703 - @richardstartin)
Tracer core
- 🐛 Fix Datadog-Entity-ID detection paths joining (#6864 - @ygree)
- ⚡ Keep track of public classes in compact filter (#6860 - @mcculls)
- 🐛 Fix Datadog-Entity-ID detection by skipping a root inode (#6858 - @ygree)
- ✨ Support ordering of InstrumenterModules (#6840 - @mcculls)
- ⚡🧹 Re-use helpers across all instrumenters in a module (#6822 - @mcculls)
- 🧹 Update instrumentations to use
InstrumenterModule
as the service type (#6808 - @mcculls)
Instrumentations
Apache Spark instrumentation
- create SpanLink from spark.streaming_batch span to databricks.task.execution span for spark instrumentation if applicable. (#6816 - @yiliangzhou)
JDBC instrumentation
- 🐛 Fix for MySQL multi-host internally_generated connection urls (#6853 - @ygree)
- Handle comment injection for procedure CALLs (#6807 - @sethsamuel)
- Add host and db name to tags injected in SQL comments (#6778 - @vandonr)
All other instrumentations
- Optionally prevent undertow from setting http.route (#6841 - @amarziali)
- 💡 Support JDK-21 virtual thread executor (#6789 - @am312)
Other changes
- Update byte-buddy to 1.14.13 (#6861 - @manuel-alvarez-alvarez)
- Bump java-dogstatsd-client to 4.3.0 (#6851 - @mcculls)
1.31.2
Components
Application Security Management (IAST)
- 🐛 Fix string format when escaped patterns are used (#6795 - @manuel-alvarez-alvarez)
Telemetry
1.31.1
Components
Continuous Integration Visibility
- 🐛 Fix source path calculation for classes in default package (#6781 - @nikita-tkachenko-datadog)
- Update Spock ITR instrumentation to skip spec setup methods if all features in a spec are skipped (#6780 - @nikita-tkachenko-datadog)
1.31.0
Potentially Breaking Changes
Warning
Setting propagation style to None should extract headers and baggage (#6718 - @amarziali)
Components
Application Security Management (IAST)
- Add support for precise tainting of byte array objects (#6741 - @manuel-alvarez-alvarez)
- Add Lookup api support for reflection injection (#6708 - @jandro996)
- ⚡ Add bounds to all range related operations (#6698 - @manuel-alvarez-alvarez)
- ⚡ Optimizations to check if string arrays can be tainted (#6690 - @manuel-alvarez-alvarez)
- Attach values to sources coming from non char sequences (#6675 - @manuel-alvarez-alvarez)
- ⚡ Improve application module performance and security bounds (#6647 - @manuel-alvarez-alvarez)
- Add Reflection Injection support (#6622 - @jandro996)
- Partial IAST opt-out when AppSec is enabled (#6621 - @manuel-alvarez-alvarez)
Application Security Management (WAF)
- Added API Security option DD_API_SECURITY_ENABLED (#6735 - @ValentinZakharov)
Continuous Integration Visibility
- Update JUnit 4 method name extraction logic to properly handle Kotlin test names (#6751 - @nikita-tkachenko-datadog)
- Implement telemetry for early flakiness detection (#6746 - @nikita-tkachenko-datadog)
- Implement early flakiness detection (#6727 - @nikita-tkachenko-datadog)
- Make signal client timeout configurable (#6724 - @nikita-tkachenko-datadog)
- Add ITR correlator to test events (#6674 - @nikita-tkachenko-datadog)
- Implement telemetry for CI Visibility events (#6669 - @nikita-tkachenko-datadog)
- Implement telemetry for CI Visibility intakes (#6668 - @nikita-tkachenko-datadog)
- Implement telemetry for CI Visibility APIs (#6667 - @nikita-tkachenko-datadog)
Data Streams Monitoring
Dynamic Instrumentation
JMX fetch
Profiling
- Collapse implementations of timer and checkpointer interfaces into profiling context (#6738 - @richardstartin)
- Add failure to load dd profiler as periodic JFR event (#6726 - @richardstartin)
- Refactor profiling module initialisation and composition (#6719 - @richardstartin)
- Avoid permission issues for the crash uploader script (#6697 - @jbachorik)
Configuration at Runtime
- 🐛 Fix NPE on traceState() in DDSpanLink.java (#6758 - @cecile75)
- Custom Tags via Remote Config for Tracing (#6649 - @nayeem-kamal)
- Implement extra_services for remote config (#6130 - @jandro996)
Telemetry
- Implement telemetry for early flakiness detection (#6746 - @nikita-tkachenko-datadog)
- ✨ Improve dependency resolver heuristics for MANIFEST.MF (#6744 - @smola)
- 🐛 Limit DependencyResolverQueue size with a config flag (#6729 - @nayeem-kamal)
- 🐛 Fix dependency resolution for nested JARs (with fix for Spring Boot) (#6720 - @smola)
- Standardize common configuration telemetry (#6694 - @ygree)
Trace context propagation
- Support context propagation over WebSphere Axis2 transports (#6745 - @mcculls)
⚠️ Setting propagation style to None should extract headers and baggage (#6718 - @amarziali)
Tracer core
- 🐛 Ensure span links trace ids and attributes can't be null (#6766 - @PerfectSlayer)
⚠️ Setting propagation style to None should extract headers and baggage (#6718 - @amarziali)- ⚡ Ensure superclasses and interfaces are loaded before classes that extend/implement them (#6677 - @mcculls)
- ⚡ Configure byte-buddy to use simpler method-graph (#6579 - @mcculls)
Instrumentations
Apache Spark instrumentation
- Spark Executor Tasks Instrumentation (#6515 - @paul-laffon-dd)
AWS SDK instrumentation
- Add
aws.object.key
tag for aws-sdk-2 (#6709 - @paul-laffon-dd)
Couchbase instrumentation
- Add option to not include Couchbase internal spans (#6763 - @brentm5 - thanks for the contribution!)
JAX-WS instrumentation
JDBC instrumentation
- 🐛 Don't inject comment for callable JDBC statements (#6743 - @sethsamuel)
OpenTelemetry instrumentation
- 🧪 Do not generate contextStore() from OTel instrumentation if no context store is used (#6739 - @PerfectSlayer)
- 🧪 Add OpenTelemetry integrations support (#6526 - @PerfectSlayer)
Spring instrumentation
- 🧪 Spring boot: autodetect service name from environment (#6663 - @amarziali)
Other changes
1.30.1
1.30.0
Known Issues
- This release contains two critical bugs that may break applications in the following cases:
- Some Spring Boot applications.
- Applications with ASM enabled (
DD_APPSEC_ENABLED=true
).
- In both cases, it is strongly recommended to upgrade to v1.30.1 or later.
Components
Application Security Management (IAST)
- 🐛 Fix dynamic invoke for string concat in IBM J9 (#6634 - @manuel-alvarez-alvarez)
- ⚡ Move away from soft references in sources (#6631 - @manuel-alvarez-alvarez)
- Add application vulnerabilities to telemetry (#6624 - @manuel-alvarez-alvarez)
- Detect insecure auth protocol (#6614 - @jandro996)
- Fix insecure cookies false positives when unsetting cookies (#6586 - @jandro996)
Application Security Management (WAF)
- Upgrade to libddwaf 1.16.0 (libsqreen 9.0.1) (#6658 - @ValentinZakharov)
- 🧪 Exclude WAF timeout from telemetry logs (#6618 - @smola)
- Add _dd.appsec.waf.timeouts tag (#6597 - @smola)
Continuous Integration Visibility
- 🐛 Fix null test framework name in JUnit 5 instrumentation (#6684 - @nikita-tkachenko-datadog)
- Do not ignore caught exceptions in CI Visibility code (#6671 - @nikita-tkachenko-datadog)
- Implement telemetry for code coverage operations (#6666 - @nikita-tkachenko-datadog)
- Implement telemetry for shell git commands (#6665 - @nikita-tkachenko-datadog)
- Implement telemetry for CI Visibility (#6664 - @nikita-tkachenko-datadog)
Database Monitoring
Dynamic Instrumentation
- ✨ Add class filtering and exception probe conditions (#6641 - @jpbempel)
- ✨ Add instrumentation of exception stacktraces (#6609 - @jpbempel)
Profiling
- Upgrade to ddprof 0.99.0 (#6679 - @richardstartin)
Remote Configuration
- 🐛 Fix remote config activation configuration name (#6642 - @PerfectSlayer)
- Add target service+env check prior configuration activation (#6636 - @ygree)
Telemetry
- 🐛 Fix intake telemetry client URL for EU site (#6683 - @nikita-tkachenko-datadog)
- Update telemetry intake client to use CI Visibility agentless URL, if configured (#6653 - @nikita-tkachenko-datadog)
- Do not switch to agent telemetry client on detecting agent telemetry endpoint availability when intake client is preferred (#6644 - @nikita-tkachenko-datadog)
- Add support for periodic submission of telemetry distribution series (#6643 - @nikita-tkachenko-datadog)
- Use intake telemetry client by default when running in agentless mode (#6607 - @nikita-tkachenko-datadog)
Tracer core
- Implement a mechanism for adding ad-hoc listeners to OKHTTP requests (#6660 - @nikita-tkachenko-datadog)
- Override tracing preferred service name and pin to dynamic config (#6648 - @amarziali)
- 🐛 Fixes to trace agent service rates feedback - e.g. MAX TPS support (#6628 - @dougqh)
- Switching to case insensitive matching (#6613 - @dougqh)
- ✨ Add
scheduledWithFixedDelay
method (#6587 - @jpbempel)
Serverless
- Use connection pool for http communications with extension. (#6417 - @purple4reina)
Instrumentations
Apache Spark instrumentation
- Flush traces when spark application is finished (#6670 - @paul-laffon-dd)
JDBC instrumentation
All other instrumentations
- Align apache http client 5 instrumentation names (#6596 - @amarziali)
1.30.0-RC1
Warning
This is a RELEASE CANDIDATE and is NOT intended for use in production.
Known Issues
- This release contains two critical bugs that may break applications in the following cases:
- Some Spring Boot applications.
- Applications with ASM enabled (DD_APPSEC_ENABLED=true).
- In both cases, it is strongly recommended to upgrade to v1.30.1 or later.
Components
Application Security Management (IAST)
- 🐛 Fix dynamic invoke for string concat in IBM J9 (#6634 - @manuel-alvarez-alvarez)
- Add application vulnerabilities to telemetry (#6624 - @manuel-alvarez-alvarez)
- Detect insecure auth protocol (#6614 - @jandro996)
- Fix insecure cookies false positives when unsetting cookies (#6586 - @jandro996)
Application Security Management (WAF)
- 🧪 Exclude WAF timeout from telemetry logs (#6618 - @smola)
- Add _dd.appsec.waf.timeouts tag (#6597 - @smola)
Database Monitoring
Dynamic Instrumentation
Telemetry
- Add support for periodic submission of telemetry distribution series (#6643 - @nikita-tkachenko-datadog)
- Use intake telemetry client by default when running in agentless mode (#6607 - @nikita-tkachenko-datadog)
Tracer core
- ✨ Add
scheduledWithFixedDelay
method (#6587 - @jpbempel) - 🧹 Introduce concept of an InstrumenterGroup (#6575 - @mcculls)
- 🐛 Fixes to trace agent service rates feedback - e.g. MAX TPS support (#6628 - @dougqh)
- 🐛 Switching to case insensitive matching (#6613 - @dougqh)
Instrumentations
JDBC instrumentation
All other instrumentations
- Align apache http client 5 instrumentation names (#6596 - @amarziali)