Releases: DataDog/dd-trace-py
Releases · DataDog/dd-trace-py
2.13.2
Bug Fixes
- Code Security
- Ensures IAST propagation does not raise side effects related to
re.finditer
.
- Ensures IAST propagation does not raise side effects related to
- LLM Observability
- botocore: Fixes bedrock model and model provider interpretation from
modelId
when using cross-region inference.
- botocore: Fixes bedrock model and model provider interpretation from
- Profiling
- Fixes an issue where stack v2 couldn't be enabled as pthread was not properly linked on some debian based images for aarch64 architecture.
- Tracing
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
AGENT_CONFIG
remote configuration product.
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
2.12.4
Bug Fixes
- Profiling
- Fixes an issue where stack v2 couldn't be enabled as pthread was not properly linked on some debian based images for aarch64 architecture.
- Tracing
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
AGENT_CONFIG
remote configuration product.
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
2.11.8
Bug Fixes
- Tracing
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
AGENT_CONFIG
remote configuration product.
- Resolves the issue where tracer flares would not be generated if unexpected types were received in the
2.15.0rc1
Deprecation Notes
- Tracing
- The following attributes are now private and should not be accessed directly. The corresponding environment variables should be used instead.
- Use
DD_TRACE_HTTP_CLIENT_TAG_QUERY_STRING
instead ofddtrace.config.http_tag_query_string
- Use
DD_TRACE_HEADER_TAGS
instead ofddtrace.config.trace_http_header_tags
- Use
DD_TRACE_REPORT_HOSTNAME
instead ofddtrace.config.report_hostname
- Use
DD_TRACE_HEALTH_METRICS_ENABLED
instead ofddtrace.config.health_metrics_enabled
- Use
DD_TRACE_ANALYTICS_ENABLED
instead ofddtrace.config.analytics_enabled
- Use
DD_TRACE_CLIENT_IP_HEADER
instead ofddtrace.config.client_ip_header
- Use
DD_TRACE_CLIENT_IP_ENABLED
instead ofddtrace.config.retrieve_client_ip
- Use
DD_TRACE_PROPAGATION_HTTP_BAGGAGE_ENABLED
instead ofddtrace.config.propagation_http_baggage_enabled
- Set
DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP
to an empty string instead of settingddtrace.config.global_query_string_obfuscation_disabled
to True (default value is False) - Use
DD_TRACE_METHODS
instead ofddtrace.config.trace_methods
- Use
DD_CIVISIBILITY_LOG_LEVEL
instead ofddtrace.config.ci_visibility_log_level
- Use
- The following attributes are now private and should not be accessed directly. The corresponding environment variables should be used instead.
New Features
- Tracing
- botocore: Adds span pointers for successful DynamoDB
DeleteItem
spans. - botocore: Adds span pointers for successful DynamoDB
PutItem
spans. Table Primary Keys need to be provided with theddtrace.config.botocore.dynamodb_primary_key_names_for_tables
option or theDD_BOTOCORE_DYNAMODB_TABLE_PRIMARY_KEYS
environment variable. - botocore: Adds span pointers for successful DynamoDB
UpdateItem
spans.
- botocore: Adds span pointers for successful DynamoDB
Bug Fixes
- Code Security
- Resolves an issue where partial matches on function names we aimed to patch were being patched instead of full matches on them.
- Ensures IAST propagation does not raise side effects related to
re.finditer
.
- Profiling
- Fixes an issue where stack v2 couldn't be enabled as pthread was not properly linked on some debian based images for aarch64 architecture.
- Tracing
- botocore: Fixes bedrock model and model provider interpretation from
modelId
when using cross-region inference. - Ensures that
http.url
span tag contains the full query string whenDD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP
is set to an empty string.
- botocore: Fixes bedrock model and model provider interpretation from
Other Changes
- Code Security
- Update default security rules to 1.13.1. This enable Exploit Prevention powered by RASP for LFI and Command Injection by default when ASM is enabled.
2.11.7
Bug Fixes
- LLM Observability
- Fixes an issue where the OpenAI and LangChain integrations would still submit integration metrics even in agentless mode. Integration metrics are now disabled if using agentless mode via
LLMObs.enable(agentless_enabled=True)
or settingDD_LLMOBS_AGENTLESS_ENABLED=1
.
- Fixes an issue where the OpenAI and LangChain integrations would still submit integration metrics even in agentless mode. Integration metrics are now disabled if using agentless mode via
- Code Security
- Resolves an issue where exploit prevention was not properly blocking requests with custom redirection actions.
- Resolves an issue where partial matches on function names we aimed to patch were being patched instead of full matches on them.
- Ensures the
Initializer
object is always reset and freed before the Python runtime.
- Profiling
- Improves the error message when the native exporter fails to load and stops profiling from starting if ddtrace is also being injected.
- Fixes endpoint profiling when using libdatadog exporter, either with
DD_PROFILING_EXPORT_LIBDD_ENABLED
orDD_PROFILING_TIMELINE_ENABLED
.
2.14.3
Bug Fixes
- Code Security (IAST)
- Ensures that only the IAST propagation context is cleared instead of all contexts, which could otherwise cause propagation loss in multithreaded applications. Additionally, it improves validations in both the Processor and Vulnerability Reporter, depending on whether IAST is active or not.
- Profiling
- Fixes endpoint profiling for stack v2, when
DD_PROFILING_STACK_V2_ENABLED
is set.
- Fixes endpoint profiling for stack v2, when
- Tracing
- Ensures
DD_TRACE_RATE_LIMIT
environment variable is only applied to spans for which tracer sampling is configured. For spans not matching sampling rules default rate limits should be applied by the Datadog Agent.
- Ensures
2.13.1
Bug Fixes
-
Code Security (IAST)
- Always report a telemetry log error when an IAST propagation error raises, regardless of whether the
_DD_IAST_DEBUG
environment variable is enabled or not. - Code Security: Fixes potential memory leak on IAST exception handling.
- Always report a telemetry log error when an IAST propagation error raises, regardless of whether the
-
Profiling:
- Updates filenames for all files with platform-dependent code to reflect the platform they are for. This fixes issues where the wrong file would be used on a given platform.
- Enables endpoint profiling for stack v2,
DD_PROFILING_STACK_V2_ENABLED
is set. - Fixes endpoint profiling when using libdatadog exporter, either with
DD_PROFILING_EXPORT_LIBDD_ENABLED
orDD_PROFILING_TIMELINE_ENABLED
. - Enables code provenance when using libdatadog exporter,
DD_PROFILING_EXPORT_LIBDD_ENABLED
,DD_PROFILING_STACK_V2_ENABLED
, orDD_PROFILING_TIMELINE_ENABLED
. - Fixes an issue where the flamegraph was upside down for stack v2 when enabling
DD_PROFILING_STACK_V2_ENABLED
.
-
Tracing
- Fixes an issue where
celery.apply
spans didn't close if theafter_task_publish
ortask_postrun
signals didn't get sent when usingapply_async
, which can happen if there is an internal exception during the handling of the task. This update also marks the span as an error if an exception occurs. - Fixes an issue where
celery.apply
spans using task_protocol 1 didn't close by improving the check for the task id in the body. - Removes a reference cycle that caused unnecessary garbage collection for top-level spans.
- Fixes an issue where
2.12.3
Bug Fixes
-
Code Security
- This fix resolves an issue where exploit prevention was not properly blocking requests with custom redirection actions.
- Ensure the
Initializer
object is always reset and freed before the Python runtime.
-
LLM Observability
- Fixes an issue where the OpenAI and LangChain integrations would still submit integration metrics even in agentless mode. Integration metrics are now disabled if using agentless mode via
LLMObs.enable(agentless_enabled=True)
or settingDD_LLMOBS_AGENTLESS_ENABLED=1
. - Resolves an issue in the
LLMObs.annotate()
method where non-JSON serializable arguments were discarded entirely. Now, theLLMObs.annotate()
method safely handles non-JSON-serializable arguments by defaulting to a placeholder text. - Resolves an issue where attempting to tag non-JSON serializable request/response parameters resulted in a
TypeError
in the OpenAI, LangChain, Bedrock, and Anthropic integrations. - Resolves an issue where attempting to tag non-JSON serializable request arguments caused a
TypeError
. The Anthropic integration now safely tags non-JSON serializable arguments with a default placeholder text. - Resolves an issue where attempting to tag non-JSON serializable tool config arguments resulted in a
TypeError
. The LangChain integration now safely tags non-JSON serializable arguments with a default placeholder text.
- Fixes an issue where the OpenAI and LangChain integrations would still submit integration metrics even in agentless mode. Integration metrics are now disabled if using agentless mode via
-
Profiling
- All files with platform-dependent code have had their filenames updated to reflect the platform they are for. This fixes issues where the wrong file would be used on a given platform.
- Improves the error message when the native exporter fails to load and stops profiling from starting if ddtrace is also being injected.
- Enables endpoint profiling for stack v2,
DD_PROFILING_STACK_V2_ENABLED
is set. - Fixes endpoint profiling when using libdatadog exporter, either with
DD_PROFILING_EXPORT_LIBDD_ENABLED
orDD_PROFILING_TIMELINE_ENABLED
. - Enables code provenance when using libdatadog exporter,
DD_PROFILING_EXPORT_LIBDD_ENABLED
,DD_PROFILING_STACK_V2_ENABLED
, orDD_PROFILING_TIMELINE_ENABLED
. - Fixes an issue where flamegraph was upside down for stack v2,
DD_PROFILING_STACK_V2_ENABLED
.
-
Tracing
- Fixes an issue where
celery.apply
spans didn't close if theafter_task_publish
ortask_postrun
signals didn't get sent when usingapply_async
, which can happen if there is an internal exception during the handling of the task. This update also marks the span as an error if an exception occurs. - Fixes an issue where
celery.apply
spans using task_protocol 1 didn't close by improving the check for the task id in the body. - Fixes circular imports raised when psycopg automatic instrumentation is enabled.
- Removes a reference cycle that caused unnecessary garbage collection for top-level spans.
- Fixed an issue where a
TypeError
exception would be raised if the first message'stopic()
returnedNone
during consumption. - Kinesis: Resolves an issue where unparsable data in a Kinesis record would cause a NoneType error.
- Fixes an issue where
2.14.2
Bug Fixes
-
Tracing
- celery: Fixes an issue where
celery.apply
spans didn't close if theafter_task_publish
ortask_postrun
signals didn't get sent when usingapply_async
, which can happen if there is an internal exception during the handling of the task. This update also marks the span as an error if an exception occurs. - celery: Fixes an issue where
celery.apply
spans using task_protocol 1 didn't close by improving the check for the task id in the body.
- celery: Fixes an issue where
-
Profiling
- All files with platform-dependent code have had their filenames updated to reflect the platform they are for. This fixes issues where the wrong file would be used on a given platform.
- Enables code provenance when using libdatadog exporter,
DD_PROFILING_EXPORT_LIBDD_ENABLED
,DD_PROFILING_STACK_V2_ENABLED
, orDD_PROFILING_TIMELINE_ENABLED
. - Fixes an issue where flamegraph was upside down for stack v2,
DD_PROFILING_STACK_V2_ENABLED
.
2.14.1
New Features
- Code Security (IAST): Always report a telemetry log error when an IAST propagation error raises, regardless of whether the _DD_IAST_DEBUG environment variable is enabled or not.
Bug Fixes
- tracing: Removes a reference cycle that caused unnecessary garbage collection for top-level spans.
- Code Security: fix potential memory leak on IAST exception handling.
- profiling: Fixes endpoint profiling when using libdatadog exporter, either with
DD_PROFILING_EXPORT_LIBDD_ENABLED
orDD_PROFILING_TIMELINE_ENABLED
.