Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump ddtrace from 2.1.7 to 2.7.5 #24

Closed
wants to merge 1 commit into from
Closed

Bump ddtrace from 2.1.7 to 2.7.5 #24

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 29, 2024

Bumps ddtrace from 2.1.7 to 2.7.5.

Release notes

Sourced from ddtrace's releases.

2.7.5

New Features

  • kafka: Adds tracing and DSM support for confluent_kafka.Consumer.consume(). Previously only confluent_kafka.Consumer.poll was instrumented.

Bug Fixes

  • ASM: always clear the DDWaf context at the end of the span to avoid gc-induced latency spikes at the end of some requests.
  • internal: This fix resolves an issue where importing the ddtrace.contrib.botocore.services module would fail raising an ImportError
  • setuptools_scm version: Updates the setuptools_scm versioning method to "guess-next-dev" from "release-branch-semver", which was affecting the CI
  • structlog: Fixes error where multiple loggers would duplicate processors. Also adds processors injection when resetting to defaults.

2.7.4

Bug Fixes

  • ASM: This fix resolves an issue where a valid user may trigger a failed login event.
  • propagation: This fix resolves an issue where the sampling decision-maker tag in tracestate propagation headers was clobbered by a default value.
  • langchain: Ensures langchain vision APIs are correctly instrumented
  • ASM: This fix resolves an issue where the asgi middleware could crash with a RuntimeError "Unexpected message received".
  • kafka: This fix resolves an issue where None messages from confluent-kafka could cause crashes in the Kafka integration.

2.7.3

Bug Fixes

  • otel: Ensures that the last datadog parent_id is added to w3c distributed tracing headers generated by the OpenTelemetry API.
  • internal telemetry: Ensures heartbeat events are sent at regular intervals even when no other events are being sent.
  • Fix an incompatibility between the handling of namespace module imports and parts of the functionalities of the standard library importlib module.
  • Fix for the declaration of dependencies for the package.
  • appsec: This fix resolves an issue in which the library attempted to finalize twice a context object used by the Application Security Management product.
  • profiling: This fixes a free(): invalid pointer error which would arise as a result of incorrectly linking the C++ runtime.

2.7.2

Bug Fixes

  • profiling: handle unexpected stack data to prevent the profiler from stopping.
  • profiling: implement an experimental stack sampling feature, which can be enabled by setting DD_PROFILING_STACK_V2_ENABLED=true. This new sampler should resolve segfault issues on Python 3.11 and later, while also decreasing the latency contribution of the profiler in many situations, and also improving the accuracy of stack-sampling data. This feature is currently only available on Linux using CPython 3.8 or greater. Requires DD_PROFILING_EXPORT_LIBDD_ENABLED=true to be set.
  • ASM: This fix resolves an issue with Flask instrumentation causing CPU leak with ASM, API Security and Telemetry enabled.
  • starlette: Ensures correct URL tag is set for starlette v0.34.0 and above.

2.7.1

Bug Fixes

  • CI Visibility: fixes an issue where git author or committer names containing commas (eg: "Lastname, Firstname") would not work (and log an error) due to the use of comma as a separator.
  • Vulnerability Management for Code-level (IAST): Addresses an issue where the IAST native module was imported even though IAST was not enabled.
  • Vulnerability Management for Code-level (IAST): Fixes an issue where an atexit handler could lead to a segmentation fault.

... (truncated)

Changelog

Sourced from ddtrace's changelog.

Changelog

Changelogs for versions not listed here can be found at https://github.com/DataDog/dd-trace-py/releases

2.6.9

Bug Fixes

  • propagation: This fix resolves an issue where the sampling decision-maker tag in tracestate propagation headers was clobbered by a default value.
  • langchain: Ensures langchain vision APIs are correctly instrumented
  • ASM: This fix resolves an issue where the asgi middleware could crash with a RuntimeError "Unexpected message received".
  • kafka: This fix resolves an issue where None messages from confluent-kafka could cause crashes in the Kafka integration.

v2.6.0

Upgrade Notes

  • CI Visibility: DD_CIVISIBILITY_ITR_ENABLED now defaults to true, and the Datadog API (configured via the Datadog dashboard) now determines whether code coverage and test skipping are enabled.
  • CI Visibility: the CI Visibility service is no longer enabled when the initial query to the Datadog test service settings API fails due to a 403 status code.

New Features

  • botocore: Adds optional feature to propagate context between producers and consumers for AWS SQS, AWS SNS, and AWS Kinesis via DD_BOTOCORE_PROPAGATION_ENABLED environment variable. Adds optional feature to disable tracing of AWS SQS poll() operation and AWS Kinesis 'get_records()' operation when no data is consumed via DD_BOTOCORE_EMPTY_POLL_ENABLED environment variable.

  • tracing: Adds new tag python_main_package containing the name of the main package of the application. profiling: Adds new tag python_main_package containing the name of the main package of the application.

  • ASM: API Security schema collection is now officially supported for Django, Flask and FastAPI. It can be enabled in the tracer using environment variable DD_API_SECURITY_ENABLED=true It will only be active when ASM is also enabled.

  • elasticsearch: This allows custom tags to be set on Elasticsearch spans via the Pin interface.

  • botocore: This introduces tracing support for bedrock-runtime operations. See the docs for more information.

  • datastreams: this change adds kombu auto-instrumentation for datastreams monitoring. tracing: this change adds the DD_KOMBU_DISTRIBUTED_TRACING flag (default True)

  • Vulnerability Management for Code-level (IAST): Add support for CMDi in langchain.

  • botocore: Add the ability to inject trace context into the input field of botocore stepfunction start_execution and start_sync_execution calls.

  • Removes another place where we always load instrumentation telemetry, even if it is disabled

  • tracing: This introduces the ability to disable tracing at runtime based on configuration values sent from the Datadog frontend. Disabling tracing in this way also disables instrumentation telemetry.

  • tracing: Adds support for remote configuration of DD_TRACE_HEADER_TAGS

... (truncated)

Commits
  • 623a2af fix: ddtrace.contrib.botocore.services module by adding a __init__.py f...
  • 1ffb660 fix(setuptools_scm): backport setuptools_scm version scheme to guess-next-dev...
  • 1776fd0 ci: update starlette environments [backport 2.7] (#8756)
  • 52856c5 fix(structlog): ensures processor injection is not duplicated [backport 2.7] ...
  • a8d0b73 feat: kafka trace consume [backport 2.7] (#8757)
  • 94ded6f fix(asm): clear ddwaf contexts on span finish [backport 2.7] (#8729)
  • 8431c43 fix(propagation): never clobber extracted decisionmaker tags... [backport 2.7...
  • c08e8a7 fix(langchain): addresses compatibility with vision API [backport #8681 to 2....
  • 2984b59 fix(kafka): do identity checks on kafka messages to work around... [backport ...
  • c927d02 fix(asm): improve django login events logic [backport 2.7] (#8705)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump ddtrace from 2.1.7 to 2.7.5
b61a0ee 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-py) from 2.1.7 to 2.7.5.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/main/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v2.1.7...v2.7.5)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 29, 2024
@dependabot dependabot bot mentioned this pull request Mar 29, 2024
Closed
@github-actions GitHub Actions
Copy link

Thank you for your pull request! We could not find a changelog entry for this change. For details on how to document a change, see the contributing guide.

@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Apr 3, 2024

Superseded by #25.

@dependabot dependabot bot closed this Apr 3, 2024
@dependabot dependabot bot deleted the dependabot/pip/ddtrace-2.7.5 branch April 3, 2024 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants