Bump ddtrace from 2.9.2 to 2.9.3

[dependabot]

Bumps ddtrace from 2.9.2 to 2.9.3.

Release notes

Sourced from ddtrace's releases.

2.9.3

Bug Fixes

• Code Security: Adds encodings.idna to the IAST patching denylist to avoid problems with gevent.
• Code Security: Adds the boto package to the IAST patching denylist.
• celery: Changes error.message span tag to no longer include the traceback that is already included in the error.stack span tag.
• CI Visibility: Fixes source file information that would be incorrect in certain decorated / wrapped scenarios, and forces paths to be relative to the repository root if present.
• LLM Observability: Resolves a typing hint error in the ddtrace.llmobs.utils.Documents helper class constructor where type hints did not accept input dictionaries with integer or float values.
• LLM Observability: Resolves an issue where the OpenAI and AWS Bedrock integrations were always setting temperature and max_tokens parameters to LLM invocations. The OpenAI integration in particular was setting the wrong temperature default values. These parameters are now only set if provided in the request.
• profiling: Fixes an issue where task information coming from echion was encoded improperly, which could segfault the application.
• tracing: Fixes a potential crash where using partial flushes and tracer.configure() could result in an IndexError.
• internal: fixes an issue where some pathlib functions return OSError on Windows.
• flask: Fix scenarios when using flask-like frameworks would cause a crash because of patching issues on startup.
• wsgi: Ensures the status of wsgi Spans are not set to error when a StopIteration exception is raised. With this change, StopIteration exceptions in this context will be ignored.
• langchain: Tags non-dict inputs to LCEL chains appropriately. Non-dict inputs are stringified, and dict inputs are tagged by key-value pairs.

Other Changes

• LLM Observability: The SDK allowed users to submit an unsupported numerical evaluation metric type. All evaluation metric types submitted with numerical type will now be automatically converted to a score type. As an alternative to using the numerical type, use score instead.

Commits

• 94fe5ff fix: add encodings.idna to the denylist [backport 2.9] (#9886)
• ccc9a4f chore(llmobs): extract and refactor langchain llmobs tests [backport 2.9] (#9...
• f4324bd fix(celery): ensure error.message tag does not include stacktrace [backport 2...
• 0dbf2d5 fix(ci): add workaround for importlib-resources name discrepancies [backpor...
• ffa42c6 fix(wsgi): don't report stopiteration errors [backport 2.9] (#9828)
• 01291fc fix(llmobs): only set temperature/max_tokens if provided [backport #9756 to 2...
• 975e1e7 fix(internal): catch pathlib OSError in packages.py [backport 2.9] (#9722)
• f51b196 chore(llmobs): backport token metric key name changes to 2.9 (#9807)
• c14159e fix(flask): fix crashes with flask-like frameworks [backport 2.9] (#9749)
• 970f66a chore(ci): add OCI packaging [backport 2.9] (#9802)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)